URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Submission: On August 03 via manual from IN — Scanned from DE

Summary

This website contacted 46 IPs in 7 countries across 36 domains to perform 364 HTTP transactions. The main IP is 2a00:1450:4001:800::2001, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is speakdoor.blogspot.com.
TLS certificate: Issued by GTS CA 1C3 on July 11th 2022. Valid for: 3 months.
This is the only time speakdoor.blogspot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 2a00:1450:400... 15169 (GOOGLE)
27 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700::68... 13335 (CLOUDFLAR...)
12 2a00:1450:400... 15169 (GOOGLE)
25 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
4 151.139.128.11 20446 (STACKPATH...)
27 2a00:1450:400... 15169 (GOOGLE)
6 104.75.88.126 16625 (AKAMAI-AS)
1 2a04:4e42:6f:... 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 23.47.209.169 16625 (AKAMAI-AS)
1 46.105.201.240 16276 (OVH)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 184.73.100.94 14618 (AMAZON-AES)
1 192.99.0.58 16276 (OVH)
4 54.154.223.183 16509 (AMAZON-02)
2 2a03:2880:f00... 32934 (FACEBOOK)
2 35.171.122.58 14618 (AMAZON-AES)
1 142.250.185.98 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 107.20.147.136 14618 (AMAZON-AES)
6 2a00:1450:400... 15169 (GOOGLE)
4 2a02:2638:1::2 44788 (ASN-CRITE...)
5 2a02:2638::b 44788 (ASN-CRITE...)
2 3.208.36.4 14618 (AMAZON-AES)
2 2a02:2638::2 44788 (ASN-CRITE...)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
35 2a02:2638:1::3 44788 (ASN-CRITE...)
6 178.250.0.160 44788 (ASN-CRITE...)
4 2600:9000:206... 16509 (AMAZON-02)
12 178.250.2.150 44788 (ASN-CRITE...)
38 178.250.0.139 44788 (ASN-CRITE...)
1 23.111.9.35 33438 (STACKPATH)
3 2a00:1828:a01... 34240 (MANITU)
1 2405:8a00:601... 55824 (NKN-CORE-...)
7 20.192.98.160 8075 (MICROSOFT...)
1 151.101.1.91 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
33 101.53.156.127 132420 (E2E-NETWO...)
5 151.101.2.133 54113 (FASTLY)
364 46
Apex Domain
Subdomains
Transfer
85 criteo.net
static.criteo.net — Cisco Umbrella Rank: 643
csm.eu.criteo.net — Cisco Umbrella Rank: 6792
pix.eu.criteo.net — Cisco Umbrella Rank: 6594
201 KB
33 vismuseum.gov.in
www.vismuseum.gov.in
23 MB
25 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 154
blogger.googleusercontent.com — Cisco Umbrella Rank: 14427
3 MB
22 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 126
tpc.googlesyndication.com — Cisco Umbrella Rank: 164
295 KB
20 blogspot.com
speakdoor.blogspot.com
4.bp.blogspot.com — Cisco Umbrella Rank: 12732
1.bp.blogspot.com — Cisco Umbrella Rank: 9707
2.bp.blogspot.com — Cisco Umbrella Rank: 13243
916 KB
17 criteo.com
rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 10333
ads.eu.criteo.com — Cisco Umbrella Rank: 6543
rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 12568
cat.fr.eu.criteo.com — Cisco Umbrella Rank: 8743
245 KB
16 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 63
170 KB
12 gstatic.com
fonts.gstatic.com
www.gstatic.com
459 KB
12 blogger.com
www.blogger.com — Cisco Umbrella Rank: 8124
272 KB
7 indiancancersociety.org
www.indiancancersociety.org
119 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 196
258 KB
6 google.com
adservice.google.com — Cisco Umbrella Rank: 104
play.google.com — Cisco Umbrella Rank: 52
www.google.com — Cisco Umbrella Rank: 15
24 KB
6 viglink.com
cdn.viglink.com — Cisco Umbrella Rank: 6969
api.viglink.com — Cisco Umbrella Rank: 9500
58 KB
5 mit.edu
scratch.mit.edu — Cisco Umbrella Rank: 61067
339 KB
5 shareaholic.com
analytics.shareaholic.com — Cisco Umbrella Rank: 23058
partner.shareaholic.com — Cisco Umbrella Rank: 27985
recs.shareaholic.com — Cisco Umbrella Rank: 52479
go.shareaholic.com — Cisco Umbrella Rank: 105764
4 KB
5 addthis.com
s7.addthis.com — Cisco Umbrella Rank: 1645
m.addthis.com — Cisco Umbrella Rank: 1577
218 KB
4 imrworldwide.com
secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1531
3 KB
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 250
171 KB
3 libreoffice.org
www.libreoffice.org — Cisco Umbrella Rank: 442215
354 KB
3 stackpathcdn.com
m9m6e2w5.stackpathcdn.com — Cisco Umbrella Rank: 24786
55 KB
2 google.de
adservice.google.de — Cisco Umbrella Rank: 6709
914 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 160
88 KB
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 15194
s4.histats.com — Cisco Umbrella Rank: 12371
5 KB
2 shareaholic.net
cdn.shareaholic.net — Cisco Umbrella Rank: 25920
www.shareaholic.net — Cisco Umbrella Rank: 22506
6 KB
1 pexels.com
images.pexels.com — Cisco Umbrella Rank: 52746
33 KB
1 entrepreneur.com
assets.entrepreneur.com — Cisco Umbrella Rank: 130095
36 KB
1 tmc.gov.in
tmc.gov.in
6 KB
1 soft112.com
cdn.soft112.com
17 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 61
20 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 885
645 B
1 addthisedge.com
v1.addthisedge.com — Cisco Umbrella Rank: 1894
891 B
1 cuelinks.com
cdn0.cuelinks.com
2 KB
1 moatads.com
z.moatads.com — Cisco Umbrella Rank: 455
1 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 262
34 KB
1 twimg.com
pbs.twimg.com — Cisco Umbrella Rank: 625
1 KB
0 nhp.gov.in Failed
ab-hwc.nhp.gov.in Failed
364 36
Domain Requested by
38 pix.eu.criteo.net ads.eu.criteo.com
googleads.g.doubleclick.net
35 static.criteo.net ads.eu.criteo.com
33 www.vismuseum.gov.in speakdoor.blogspot.com
16 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
speakdoor.blogspot.com
14 tpc.googlesyndication.com googleads.g.doubleclick.net
14 lh3.googleusercontent.com speakdoor.blogspot.com
12 csm.eu.criteo.net ads.eu.criteo.com
12 www.blogger.com speakdoor.blogspot.com
www.blogger.com
ajax.googleapis.com
11 blogger.googleusercontent.com speakdoor.blogspot.com
9 1.bp.blogspot.com speakdoor.blogspot.com
8 pagead2.googlesyndication.com speakdoor.blogspot.com
pagead2.googlesyndication.com
www.googletagservices.com
7 www.indiancancersociety.org speakdoor.blogspot.com
7 speakdoor.blogspot.com speakdoor.blogspot.com
ajax.googleapis.com
6 cat.fr.eu.criteo.com ads.eu.criteo.com
googleads.g.doubleclick.net
6 www.gstatic.com googleads.g.doubleclick.net
www.google.com
www.gstatic.com
6 www.googletagservices.com googleads.g.doubleclick.net
6 fonts.gstatic.com speakdoor.blogspot.com
www.google.com
5 scratch.mit.edu speakdoor.blogspot.com
5 ads.eu.criteo.com googleads.g.doubleclick.net
4 secure-gl.imrworldwide.com ads.eu.criteo.com
4 rtb.nl.eu.criteo.com googleads.g.doubleclick.net
speakdoor.blogspot.com
4 api.viglink.com cdn.viglink.com
speakdoor.blogspot.com
4 s7.addthis.com speakdoor.blogspot.com
s7.addthis.com
4 cdnjs.cloudflare.com speakdoor.blogspot.com
cdnjs.cloudflare.com
3 www.libreoffice.org speakdoor.blogspot.com
3 www.google.com www.blogger.com
www.gstatic.com
www.google.com
3 m9m6e2w5.stackpathcdn.com cdn.shareaholic.net
2 rtb.fr.eu.criteo.com googleads.g.doubleclick.net
2 recs.shareaholic.com m9m6e2w5.stackpathcdn.com
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 connect.facebook.net speakdoor.blogspot.com
connect.facebook.net
2 cdn.viglink.com speakdoor.blogspot.com
m9m6e2w5.stackpathcdn.com
2 2.bp.blogspot.com speakdoor.blogspot.com
2 4.bp.blogspot.com speakdoor.blogspot.com
1 images.pexels.com speakdoor.blogspot.com
1 assets.entrepreneur.com speakdoor.blogspot.com
1 tmc.gov.in speakdoor.blogspot.com
1 go.shareaholic.com m9m6e2w5.stackpathcdn.com
1 cdn.soft112.com speakdoor.blogspot.com
1 play.google.com www.blogger.com
1 partner.shareaholic.com m9m6e2w5.stackpathcdn.com
1 www.google-analytics.com speakdoor.blogspot.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 m.addthis.com s7.addthis.com
1 v1.addthisedge.com s7.addthis.com
1 analytics.shareaholic.com m9m6e2w5.stackpathcdn.com
1 s4.histats.com s10.histats.com
1 www.shareaholic.net cdn.shareaholic.net
1 cdn0.cuelinks.com speakdoor.blogspot.com
1 s10.histats.com speakdoor.blogspot.com
1 z.moatads.com s7.addthis.com
1 ajax.googleapis.com speakdoor.blogspot.com
1 pbs.twimg.com speakdoor.blogspot.com
1 cdn.shareaholic.net speakdoor.blogspot.com
0 ab-hwc.nhp.gov.in Failed speakdoor.blogspot.com
364 56
Subject Issuer Validity Valid
misc-sni.blogspot.com
GTS CA 1C3
2022-07-11 -
2022-10-03
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-07-11 -
2022-10-03
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-09-21 -
2022-09-20
a year crt.sh
*.blogger.com
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh
*.googleusercontent.com
GTS CA 1C3
2022-07-11 -
2022-10-03
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh
cdn.shareaholic.net
R3
2022-07-10 -
2022-10-08
3 months crt.sh
odc-addthis-prod-01.oracle.com
DigiCert SHA2 Secure Server CA
2022-02-27 -
2023-02-28
a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1
2022-07-21 -
2023-08-21
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-07-11 -
2022-10-03
3 months crt.sh
*.stackpathcdn.com
Sectigo RSA Domain Validation Secure Server CA
2022-05-04 -
2023-05-31
a year crt.sh
moatads.com
DigiCert SHA2 Secure Server CA
2021-11-27 -
2022-11-29
a year crt.sh
histats.com
R3
2022-07-11 -
2022-10-09
3 months crt.sh
ssl1029306.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2022-06-01 -
2022-12-08
6 months crt.sh
*.shareaholic.net
R3
2022-07-23 -
2022-10-21
3 months crt.sh
viglink.com
Amazon
2021-11-13 -
2022-12-11
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-05-12 -
2022-08-10
3 months crt.sh
shareaholic.com
Amazon
2022-06-01 -
2023-06-29
a year crt.sh
*.googleadservices.com
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh
*.google.de
GTS CA 1C3
2022-07-11 -
2022-10-03
3 months crt.sh
*.google.com
GTS CA 1C3
2022-07-11 -
2022-10-03
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-07-11 -
2022-10-03
3 months crt.sh
*.shareaholic.com
R3
2022-07-19 -
2022-10-17
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-07-11 -
2022-10-03
3 months crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-08-02 -
2022-11-01
3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-08-03 -
2022-11-05
3 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-07-22 -
2022-10-19
3 months crt.sh
www.google.com
GTS CA 1C3
2022-07-11 -
2022-10-03
3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-06-21 -
2022-09-23
3 months crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1
2022-01-04 -
2023-02-03
a year crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-06-12 -
2022-09-12
3 months crt.sh
soft112.com
R3
2022-06-19 -
2022-09-17
3 months crt.sh
libreoffice.org
R3
2022-07-03 -
2022-10-01
3 months crt.sh
*.tmc.gov.in
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2022-03-09 -
2023-04-09
a year crt.sh
www.indiancancersociety.org
AlphaSSL CA - SHA256 - G2
2022-06-09 -
2023-07-11
a year crt.sh
*.entrepreneur.com
GlobalSign Atlas R3 DV TLS CA 2022 Q1
2022-01-23 -
2023-02-24
a year crt.sh
vismuseum.gov.in
cPanel, Inc. Certification Authority
2022-07-20 -
2022-10-18
3 months crt.sh
*.scratch.mit.edu
Sectigo RSA Domain Validation Secure Server CA
2021-10-07 -
2022-10-11
a year crt.sh

This page contains 21 frames:

Primary Page: https://speakdoor.blogspot.com/2021/05/mypaint.html
Frame ID: 744CB4A2F1787980BCA3DB69C3D84FA2
Requests: 197 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220728/r20190131/zrt_lookup.html
Frame ID: BD4256D8DD53970D44EC6D41050FFAA6
Requests: 1 HTTP requests in this frame

Frame: https://www.blogger.com/comment/frame/8022190083811535766?po=5427073714583874335&hl=en-GB&skin=contempo&blogspotRpcToken=3120113
Frame ID: 370B8EC53128E162A2E1998563DD7B82
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 0646911F4C8EBB26070A14B5E753CF23
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 6030ED5C08A1C9ADAD5123D27C500012
Requests: 1 HTTP requests in this frame

Frame: https://www.blogger.com/comment/frame/8022190083811535766?po=5427073714583874335&hl=en-GB&skin=contempo&blogspotRpcToken=3120113
Frame ID: B2D4D3C1B3D770F5B532574F346B3B0B
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2284510269158892&output=html&adk=1812271804&adf=3025194257&lmt=1659493775&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2Fspeakdoor.blogspot.com%2F2021%2F05%2Fmypaint.html&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659495531392&bpp=4&bdt=270&idt=287&shv=r20220728&mjsv=m202207280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2793839140486&frm=20&pv=2&ga_vid=1415982526.1659495532&ga_sid=1659495532&ga_hid=1944273415&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531607%2C44769661&oid=2&pvsid=4218468948237186&tmod=440477505&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=300
Frame ID: 7038CFCCACD438CCAD4B1D82A87E5FC0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2284510269158892&output=html&h=280&slotname=6199451114&adk=3515622465&adf=3804959376&pi=t.ma~as.6199451114&w=970&fwrn=4&fwrnh=100&lmt=1659493775&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fspeakdoor.blogspot.com%2F2021%2F05%2Fmypaint.html&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659495531396&bpp=2&bdt=273&idt=318&shv=r20220728&mjsv=m202207280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2793839140486&frm=20&pv=1&ga_vid=1415982526.1659495532&ga_sid=1659495532&ga_hid=1944273415&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531607%2C44769661&oid=2&pvsid=4218468948237186&tmod=440477505&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9SnV2ElN33&p=https%3A//speakdoor.blogspot.com&dtd=323
Frame ID: 0822EB8CC61DA02A3E15E8CFE72C64EA
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2284510269158892&output=html&h=280&slotname=6199451114&adk=3235462141&adf=3329327272&pi=t.ma~as.6199451114&w=588&fwrn=4&fwrnh=100&lmt=1659493775&rafmt=1&psa=0&format=588x280&url=https%3A%2F%2Fspeakdoor.blogspot.com%2F2021%2F05%2Fmypaint.html&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659495531398&bpp=1&bdt=275&idt=357&shv=r20220728&mjsv=m202207280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=2793839140486&frm=20&pv=1&ga_vid=1415982526.1659495532&ga_sid=1659495532&ga_hid=1944273415&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=653&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531607%2C44769661&oid=2&pvsid=4218468948237186&tmod=440477505&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=lGLnwDGDA3&p=https%3A//speakdoor.blogspot.com&dtd=360
Frame ID: 3D5E23A2ECE5140245660ADB3CA4A2FF
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2284510269158892&output=html&h=280&slotname=6199451114&adk=3235462141&adf=212795810&pi=t.ma~as.6199451114&w=588&fwrn=4&fwrnh=100&lmt=1659493775&rafmt=1&psa=0&format=588x280&url=https%3A%2F%2Fspeakdoor.blogspot.com%2F2021%2F05%2Fmypaint.html&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659495531399&bpp=1&bdt=276&idt=377&shv=r20220728&mjsv=m202207280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C588x280&nras=1&correlator=2793839140486&frm=20&pv=1&ga_vid=1415982526.1659495532&ga_sid=1659495532&ga_hid=1944273415&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=1845&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531607%2C44769661&oid=2&pvsid=4218468948237186&tmod=440477505&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=aIuctpEWfI&p=https%3A//speakdoor.blogspot.com&dtd=382
Frame ID: D98386A2FA1A6E175E8B5E2233927B75
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2284510269158892&output=html&h=352&slotname=6655585604&adk=1606311184&adf=2466936919&pi=t.ma~as.6655585604&w=588&cr_col=4&cr_row=2&fwrn=2&lmt=1659493775&rafmt=9&psa=0&format=588x352&url=https%3A%2F%2Fspeakdoor.blogspot.com%2F2021%2F05%2Fmypaint.html&host=ca-host-pub-1556223355139109&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659495531400&bpp=1&bdt=277&idt=391&shv=r20220728&mjsv=m202207280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C588x280%2C588x280&nras=1&correlator=2793839140486&frm=20&pv=1&ga_vid=1415982526.1659495532&ga_sid=1659495532&ga_hid=1944273415&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=2125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531607%2C44769661&oid=2&pvsid=4218468948237186&tmod=440477505&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=DMG7eA7igE&p=https%3A//speakdoor.blogspot.com&dtd=393
Frame ID: AB084631846E8E84EA3157B3EFD91046
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2284510269158892&output=html&h=600&slotname=6199451114&adk=1087211778&adf=882022816&pi=t.ma~as.6199451114&w=278&fwrn=4&fwrnh=100&lmt=1659493775&rafmt=1&psa=0&format=278x600&url=https%3A%2F%2Fspeakdoor.blogspot.com%2F2021%2F05%2Fmypaint.html&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659495531471&bpp=2&bdt=349&idt=345&shv=r20220728&mjsv=m202207280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C588x280%2C588x280%2C588x352&nras=1&correlator=2793839140486&frm=20&pv=1&ga_vid=1415982526.1659495532&ga_sid=1659495532&ga_hid=1944273415&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=986&ady=514&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531607%2C44769661&oid=2&pvsid=4218468948237186&tmod=440477505&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=vzVIQEasG2&p=https%3A//speakdoor.blogspot.com&dtd=347
Frame ID: 3587C51D07C1C9889D15720761741010
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawALVmcIu-WTAAJ55SNfpvOurZVgviooRg&u=%7CPcGAtcajvHPHlPb2UcmyndfF4v3nimGRG7Aqw%2BnV8l8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-EmSBxF9gVT5n1MXNKzDdgZj0YA9-KFVsubJ8ETM2ZS1JSHu-xkc1vdtSyaueNzr69KpbsnxWtt3aP2RtSz_85tcohTt9MA4pDFO068EMt8BKXEA4aAzOLSC70s8qpltRCopz7JZIny7Y5wCge_9Gk8i7SdMWQ8FPz2haBqC6WAVnXyxuMAVOm6ue6p74CuAo2ijY5cCt8JN80XIBkqrKWMTMRbK68ejmSwP-mJwDljnCjSgNhLepZAoP-xkbqtYlwI5XYFSt91Ou4hdPrN5TxY_IKGI6yG1nonOEMgJsCp7dt40OSlVC1WgZG2587eNW1sFwlJfVa7CJSTfOD2H2cM3a-gLuVXchA3r7qabEkX5f_tch-kQsZV19fTrdzTHNyd7IyKNdcym-RpWvdpLxZcAtAj28kjwlS5&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCytnPa-TpYuesLZPL7_UP5fOJyA3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ7M9XT6Q2xPqgDAaoE7AFP0F0fQPcR5RJb0NKNRzAvjYwAe7wKpZUQcnQftbUK99-eJhhnpn6ltNAqfk2-BakdV_OclIh9DSixtSW8G_cBEP2VwstCmEkC22xGX7nfwN_A_HZFXW5XihwHRXeiGszqw8rsxGA86TdwpT4hq9OSc011k96trKUwJcvFHS03lQOouE6cT6HyHOoE3sUZwcQqYOHGvmgO36AEPN_HiAJzBN2Mv9PArauUf9-P6QaX2iST1tDZ8RnzDScRe8gce0XerF23fTI7mVCZpqBUxg26A9YMZ7c0qFYM7C50d8akEjH_qRJVeafGG-tEe4AGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1pj0x13NEUlCCZNvBgB5e5bYP1lQ%26client%3Dca-pub-2284510269158892%26adurl%3D
Frame ID: 210EA4816A388B2F73D67A88262F6A29
Requests: 21 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAL7rsH_YuJAAje5IgFp06GvEgKDiclow&u=%7CPcGAtcajvHO0ANmpo881aJ3jiaqrA5SOsPafE6vvrWo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-Em2JF7kAG8z86GXLEmVN-29o0JqLNUc-JiAckm9GsDG4wavTlTTCXlwAUgpELson0EH0bvtLj2Xw7LuOdyFv1jKvYfBgEv-H7pX7LVs1RouGindVCSYP0ev6FPYCPF_qQzhlutXktRyaeSeznNz1jj66izBj3AKdjgg09sSe68lhXlILWM8wZk62f6qMWiBfpXP6W1qL2KZtl3kw1cpXHk9apjIYEby6GYThApiOJIQk5yZYI9Wllry0--jhAZQdugHDeotZ0QQ5Ceca6xaKwBnQ5epX8dNrZThUiJ3ncGM83uz0Po6YLhcQVFjV0bXDXsfMMyfmOAVGQ0riYSjhouw4wJpwNMvmRnzj7YQXHe_9mJ6CA3N9PT-i0TlKNx-sW6r1BnE1w3-iuxL1Ly2_EEjg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgYP3a-TpYrvdL4mX9u8P5L2j6AvJntKxXMWymPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ1U99zWw6xPqgDAcgDAqoE7AFP0NUFJfelGsRwfl1_3u-FNITxSHGNV0-edjYnoqFebCw3Wx8hIVl401hU8TGc2-PV9YvaVc29CplWcEBzKqk2K5cK7EMMc1InoFx66T5dXP1xwMl-57KJJEBENy2JQ7Hjts51ObKA7Lnsv9NVtSgDS3aFE1DmLD_f2FxLqMpJiSKTF2g5vh4fhxugdOS8ndf8DL3dTRYtbIETcIr-f9BcbWgftyOXOBD11Of-OR_T5zWwUbHUFHMdwJERB1UhrnFrsoM2UsOwZiWEsLPcgdykFfOdQdzKEyI8qHypZ9O58-NiSPVEpU30iGHEyoAGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0j4KqIk7RLVJsLTnxwK5xyCt79hw%26client%3Dca-pub-2284510269158892%26adurl%3D
Frame ID: DE5B4AAC430D99D1400DC38B1E589006
Requests: 23 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAMTHYH_ZJvAAGC92w4eK7GZS48co8Liw&u=%7CPcGAtcajvHPNj%2B6rggXbeU8jZxiIx20958XyO8mplQw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-Em2JF7kAG8z86GXLEmVN-29ssmfspfyGhVzisVULS66n2dGaP1V9j8atLVX_QLF-rwnGWDQlNEZNXHyFf49GyU1si658_1gtc_NbQP26ZQTdC0ww9KGo383AlvAc5Kdxz7tF5AOIXU3RdAb2oL0b869FNQqnn0pouotKHww_OLLFabz534Ja-_kbyGm9boabrtQdl-3IChVuwUt4xjEuUvZrAuMLBerLpy8NEJD2hb2RYiHTu4-x-SG_mq5zRIEghVQaPxCPQijxoYaV764LSyft3-iV8EO7y6cTWmE4WEbtidaG-Ywvef_o6-ysjZpJHuCPCLl6uRQ3eG76qX5b05Iq1LkX5gx6TvhUARexGehQ8z9VqVOqrpXyzcaYNW60JCzik9egwVfCU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfXJDa-TpYvaYMe-k9u8P94WG-A_JntKxXPXalvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ1U99zWw6xPqgDAaoE8QFP0KultPC5yhQyMqU3-dMSMKtQK0XUA5HT3E8v4wZcrjf7xl0pJcy6MsEw3FilyMS3y8kA3reECVY2sdr1GHCX4bOF3lV7s3SYTDyKoB3YV8vOgDuZCW0JttfBaaGpM40FaOdA65VorSRnpWvHv0F2kozJVJsG5WfRk-DVyYEXHNQrNn5uTIi5Mxj0HBq1guwwWkC4mJQX11BQbHCg5AmnMB1mz3ySJJ6iXDfaVAmrc9oXLjjEiGUegb_lubephG3KjJqLk2Ed_h8VcCjB17bxJ9c4WAttBmp8Xih_ysG3SYFMb0Ojjv9Cfb-VLmhZ2U75gAaeoLeMwZmgsm6gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3DaoepKe97xl6MMSpE1oAnEgfSPA%26client%3Dca-pub-2284510269158892%26adurl%3D
Frame ID: D3B447277D0239D46F916CBDBD7DEE93
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=ClgSOa-TpYoe4M7fD7_UPoeCQ4AnJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ7M9XT6Q2xPqgDAaoE6QFP0CpH2LmOJ5Rgz4SotV3QeWwW5aVlxwhc26not56ZYiIr_91ikjubn-x-vuM_PVgTFDWdls01pwcK1gBQ-cCrlEwqA9DX-AzTXYt6__Xczd5EXsNigttSUSVhrYkTpGZX-qn0IaswZb7qFHcMC4tefZJHTd3GAPFCD4FyjT9Cs4ucwKkXfjKaqHTb3HRQsj4Fa1fxE3u8XBc9nUnJy_JIuZlX-UIvB6G5_kiDgdDQLjSlDU-KPjsl5HKSVdPN9pvu0zgQQFat7h_gjN5DoTFHOjx_Z4FRFvTupYInV2AjoZaULmF7aemXSYAGh_mR8dqPjtUUoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yMjg0NTEwMjY5MTU4ODkyGAA&sigh=Y9sijWT-zuU&uach_m=[UACH]&cid=CAQSGwCsnQUxEJ8U89zQasSFFBUpm5EP-OWSFi9MDRgB
Frame ID: D501178BBA17F320C616CE6BA7EA7704
Requests: 7 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAM3AcIu-G3AAQwIR3unTy4LpRgBjET1g&u=%7CPcGAtcajvHP9sF5nffzrog4nkOEK169emKuPBEkhJ3g%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgN28ygJ6EDhxdQI20RAwqy4lxuDNMTGFUkOWP8zlyBsbJY-zLVbz_2taJdYygYpDCfFFeLi3aW0ZqLTfR5Rwn47WNzAaYN7T32DpeHdlF9WvkUf6hbA5AZuC0NRd-0dE8wXGW5kAVTpq4K4nApfba2kUBwK-XZmgP2dnjWoSH8f1JSzFJaDJGrcY9KDvCyKlX1ouUkoJXk-i6VPLERU8uapkjFl_E4zy8NYIcaUx0rS7BUAYRwK7bUvpV6WPWpPbYGIoIxg1Lv1efFOUUwdb_dloCPdFTLBfUqi-93OGlmh4IsWiHjGwgKusgmISoaxyrDKQZ9q6LvVisHZmfeg-iCEWOHAffiGE41H71RHzhXlYOAcVkN4w1G9n1N3whfIn0ZQOtadfb7hP0tjtm_q5NRCB7GbEJgdoXCR03Da7-OXBg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfvZEa-TpYoe4M7fD7_UPoeCQ4AnJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ7M9XT6Q2xPqgDAaoE7AFP0CpH2LmOJ5Rgz4SotV3QeWwW5aVlxwhc26not56ZYiIr_91ikjubn-x-vuM_PVgTFDWdls01pwcK1gBQ-cCrlEwqA9DX-AzTXYt6__Xczd5EXsNigttSUSVhrYkTpGZX-qn0IaswZb7qFHcMC4tefZJHTd3GAPFCD4FyjT9Cs4ucwKkXfjKaqHTb3HRQsj4Fa1fxE3u8XBc9nUnJy_JIuZlX-UIvB6G5_kiDgdDQLjSlDU-KPjsl5HKSVdPN9pvu0zhSQnc_aZB8n2HftZKXB5qHbpVboP7AvQCTn12FUymKAnn-w22E9gYA54AGh_mR8dqPjtUUoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_08Wv_zMKpbPws_Xnqrn6KQQxw-yw%26client%3Dca-pub-2284510269158892%26adurl%3D
Frame ID: EE39F9953D377365BCDA1D869BF11CE2
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220728/r20110914/zrt_lookup.html?fsb=1
Frame ID: E2DEE95DA477B7D4851002F0BE1F9760
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAK85QH_YFIAAWQn8gq7HM3HqJvduWHmQ&u=%7CPcGAtcajvHPFLl9ZX%2BtSdoT1aVRby0QxXaCnjV%2BJAOY%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-EmeEBKDJIlZExN5DTY5nQePSLhPFm1S_J63JJCCtFmg6yo0P9kgGOr3Gk9jK_dEK6UjOqyoRh7PrM9WL2tCezjYT6DeNI1Xitg8hAK4xl_QH4YVd-oLQGME2Se8q3aRAHD5qQFwvGb0yJ3V--47RAbnIAzBXqKo-NjDrcXCsS-pfkYVxdXfhju6FQgrVMPuNEd5TGdut2rb8XNhK9pawL9OYboHJUVdZGVDTiebYtkrchzqaTb-BUsuzq3KMzfZa_xl4pH1YYjlnuWWMjeenDCHEwMSn7vizQg5nHC3jvG2M4avVKDD4hbRw1RsbXZhOxKMM7wZS8REWtB7A0sSLd_m7a1RkBldL7fx59v1bUlZOHUQgdn-lqRALFTIamNN6KL&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCitWNa-TpYpTnK8iC9u8Pn6GW-A3JntKxXKX8k_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTLIAQmpAnsz1dPpDbE-qAMBqgTtAU_Qr_lCYk7IwTAsMWJBQvtEGaApgHzLLL8HmbidYDIwr1KG1CWZjcBV44yxckdodafOWOMd_HRKmISfVj_ZvBrx27bjU14BxWvGq31qAfPPi901VDFqs8bTiJtDZ97bWj_WvdXxRAQCto6N-jce3sSnd1c5bA2pyBhTk_CMK1yn95RBqPAgD701NXEHNd4ZRsPdqr0N2yEd-covAMx76MdtXMMQtoLnSRwwjCDuEqDBm8QgCd_cuy_jvfl3BUyZm-FDm6thmNhBGYbFje5tfTby-LT2V-znuLJdAPeJeU2cb_WeyQH7JTCbZULFYYAGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_09OgULVkQrnQvEtkCGoqNs89iIQQ%26client%3Dca-pub-2284510269158892%26adurl%3D
Frame ID: 1F12B91F513EFCBFEBF65D3088F7164E
Requests: 20 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=de&v=5JGZgxkKwe0uOXDdUvSaNtk_&size=invisible&cb=bkr3va8c1m5p
Frame ID: 72233D8BA73DF752DC486912AC549495
Requests: 7 HTTP requests in this frame

Frame: https://www.blogger.com/_/BloggerCommentUi/cspreport
Frame ID: 01F492A62C7923D4EDD93ABC1F1FCDFB
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

MyPaintPinterestFacebookEmailCopy LinkFacebookTwitterPrintEmailPinterest

Detected technologies

Overall confidence: 100%
Detected patterns
  • ^https?://[^/]+\.(?:blogspot|blogger)\.com

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • addthis\.com/js/

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • moatads\.com


Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

364
Requests

87 %
HTTPS

58 %
IPv6

36
Domains

56
Subdomains

46
IPs

7
Countries

31746 kB
Transfer

37598 kB
Size

17
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

364 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request mypaint.html
speakdoor.blogspot.com/2021/05/
425 KB
66 KB
Document
General
Full URL
https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
65b9adfa57197d0ace575ed09ccd04e10008227bf2f192f5f245152d5312ed53
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
gzip
content-length
67132
content-security-policy
upgrade-insecure-requests
content-security-policy-report-only
default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; report-uri https://www.blogger.com/cspreport
content-type
text/html; charset=UTF-8
date
Wed, 03 Aug 2022 02:58:51 GMT
etag
W/"5a67cd3ef887f663e7a27cb26541c26e82eb5def5a536ead8369e4af55d7abd9"
expires
Wed, 03 Aug 2022 02:58:51 GMT
last-modified
Wed, 03 Aug 2022 02:29:35 GMT
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
169 KB
57 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2284510269158892
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53e619915ed5b611160b88380ea4f9cd992ad13b6ce17c3817f88183eb58cf35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://speakdoor.blogspot.com/
Origin
https://speakdoor.blogspot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57344
x-xss-protection
0
server
cafe
etag
1176740721581111152
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 03 Aug 2022 02:58:51 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/css/
54 KB
10 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/css/all.min.css
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06d6e10886ed7de5561acab1935bce1c46174baa9cbd0bcb319aa3b69594131f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
379699
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9802
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-d78f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t1hFhMRE2V10pNh6PGmh2SMSG7AkVEJ8cokmsLHgRVO4t8b6VF4IEsgbPzBaqMHqGf3hzcJZUjplq8E8vSKKihNtGx2wffRnm1YCDh8rNmWxoNiqEoQhip%2BBh%2B%2BC4y%2BlZmJ6emW75mspduVvDQUpcHML"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
734bcb3dbfee9bb8-FRA
expires
Mon, 24 Jul 2023 02:58:51 GMT
authorization.css
www.blogger.com/dyn-css/
1 B
684 B
Stylesheet
General
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=8022190083811535766&zx=a4aa2133-da9f-4b29-a7d8-c94ff3010a72
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 03 Aug 2022 02:58:51 GMT
server
GSE
date
Wed, 03 Aug 2022 02:58:51 GMT
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-type
text/css; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
ANbyha22r56zPkYzBPpSdXwbw9dBuVMJCe-zTCFgMBlIn5jUT6N-hD4t1rMv2ly1HbGSLsc9mPpj106AIrSVCtoNuWTIwwlaroqEwWH_xe8UkWmz5W2gaihEwCNJ81WKvDR3p82jiCks-g
lh3.googleusercontent.com/blogger_img_proxy/
964 B
1 KB
Image
General
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/ANbyha22r56zPkYzBPpSdXwbw9dBuVMJCe-zTCFgMBlIn5jUT6N-hD4t1rMv2ly1HbGSLsc9mPpj106AIrSVCtoNuWTIwwlaroqEwWH_xe8UkWmz5W2gaihEwCNJ81WKvDR3p82jiCks-g
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
4eb8d36e8cf815a9337b2e41642e4f7e04540b7d7525bec13ac9b9c621e80c8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Aug 2022 02:58:51 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
no-cache, must-revalidate, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
964
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mypaint.html
speakdoor.blogspot.com/2021/05/
27 KB
27 KB
Image
General
Full URL
https://speakdoor.blogspot.com/2021/05/mypaint.html
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/2021/05/mypaint.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 03 Aug 2022 02:29:35 GMT
server
GSE
etag
W/"5a67cd3ef887f663e7a27cb26541c26e82eb5def5a536ead8369e4af55d7abd9"
content-type
text/html; charset=UTF-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67132
x-xss-protection
1; mode=block
expires
Wed, 03 Aug 2022 02:58:51 GMT
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/webfonts/
73 KB
73 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
091c8d18b18ad6979e690fbebe9cab8362beef4fbfc810b8170020013debec8d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/css/all.min.css
Origin
https://speakdoor.blogspot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:51 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
376345
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
74328
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-12258"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UTDCiJwg6DCJ0eSisEmLdiqXXqxsR7Pn%2FwIaioDn9IfZjeoJes%2FFedS0upb7aZ3QeGZxAJR5eev2h6NQCULhIGC%2Ba56rGxcwEqv65y7dQgW%2FLkv1HsZENmvwE%2BD0pLVBBWem9wxw9KEye1qyHrofwuEV"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
734bcb3e68bf9968-FRA
expires
Mon, 24 Jul 2023 02:58:51 GMT
va9E4kDNxMZdWfMOD5Vvl4jL.woff2
fonts.gstatic.com/s/firasans/v10/
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/firasans/v10/va9E4kDNxMZdWfMOD5Vvl4jL.woff2
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca0b35aa0f48d8359e7fce9feec83f90ed60c0b857cdf29784f0803b70de4e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://speakdoor.blogspot.com/
Origin
https://speakdoor.blogspot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 01 Aug 2022 18:16:37 GMT
x-content-type-options
nosniff
age
117734
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21244
x-xss-protection
0
last-modified
Mon, 22 Jul 2019 19:21:29 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 01 Aug 2023 18:16:37 GMT
va9C4kDNxMZdWfMOD5VvkrjJYTI.woff2
fonts.gstatic.com/s/firasans/v10/
22 KB
22 KB
Font
General
Full URL
https://fonts.gstatic.com/s/firasans/v10/va9C4kDNxMZdWfMOD5VvkrjJYTI.woff2
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88f34d90cb970c712d57f802cb4fd4fdcf3ba9a247a359b1c255f2b503b30766
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://speakdoor.blogspot.com/
Origin
https://speakdoor.blogspot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 01 Aug 2022 23:09:17 GMT
x-content-type-options
nosniff
age
100174
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22100
x-xss-protection
0
last-modified
Mon, 22 Jul 2019 19:22:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 01 Aug 2023 23:09:17 GMT
ANbyha04XuE3R3fYTtpFsth553Y2Jy9GEj0-N1d2GEi1gArMN1ZxKev2Gs4BO6SK1i3l_PY6_ZSvucfYZfdckP3EnSrE4o-_IsNbi1e6jllgj13g9DfyBwh6O19ryOX5SAL1jwnF8PA=s0-d
lh3.googleusercontent.com/blogger_img_proxy/
99 KB
100 KB
Image
General
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/ANbyha04XuE3R3fYTtpFsth553Y2Jy9GEj0-N1d2GEi1gArMN1ZxKev2Gs4BO6SK1i3l_PY6_ZSvucfYZfdckP3EnSrE4o-_IsNbi1e6jllgj13g9DfyBwh6O19ryOX5SAL1jwnF8PA=s0-d
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
622763fd5e9148c1e40b0ae71618ac93c2b539ba5fb8faeab1ee4863309a7cc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:51 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
attachment;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
101849
x-xss-protection
0
expires
Thu, 04 Aug 2022 02:58:51 GMT
shareaholic.js
cdn.shareaholic.net/assets/pub/
10 KB
5 KB
Script
General
Full URL
https://cdn.shareaholic.net/assets/pub/shareaholic.js
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
e2f40b3a8aaf4a2abb1987007547690206251ee187f7594db715cfaebad6b654

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:51 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 20:54:56 GMT
server
nginx
x-amz-request-id
NFB7ZCJPM44TS91J
etag
"879749224dc6aafa8a42879dc68cad9f"
x-hw
1659495531.cds111.am5.hn,1659495531.cds263.am5.c
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1200, public
x-hello-human
Join the fun! Apply at www.shareaholic.com/jobs
accept-ranges
bytes
content-length
4284
x-amz-id-2
4kvex6lrJkM+aTytWOfNT6Je6KYJg6J9UBEKwNzws5hP/smfGZxA4FmE5YFbb3tZ14M4E/MO4Go=
avatar.png
4.bp.blogspot.com/-uCjYgVFIh70/VuOLn-mL7PI/AAAAAAAADUs/Kcu9wJbv790hIo83rI_s7lLW3zkLY01EA/s100/
4 KB
5 KB
Image
General
Full URL
https://4.bp.blogspot.com/-uCjYgVFIh70/VuOLn-mL7PI/AAAAAAAADUs/Kcu9wJbv790hIo83rI_s7lLW3zkLY01EA/s100/avatar.png
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
4a68cace09422fdece37206780f5d02f7af5d262f3d882504aea3a6b16b66ff6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 01:57:56 GMT
x-content-type-options
nosniff
age
3655
content-disposition
inline;filename="avatar.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4411
x-xss-protection
0
server
fife
etag
"vd4c"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 13 Nov 2021 13:24:55 GMT
va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2
fonts.gstatic.com/s/firasans/v10/
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/firasans/v10/va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0803fe007fad869e084745368c965e8d55f9be108559cfd8a3d802cde1fe34c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://speakdoor.blogspot.com/
Origin
https://speakdoor.blogspot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 17:19:33 GMT
x-content-type-options
nosniff
age
34758
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21304
x-xss-protection
0
last-modified
Mon, 22 Jul 2019 19:21:15 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 02 Aug 2023 17:19:33 GMT
va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2
fonts.gstatic.com/s/firasans/v10/
22 KB
22 KB
Font
General
Full URL
https://fonts.gstatic.com/s/firasans/v10/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92bf2667e3434750097f9212feca904c5e7ac36d9155463d25d79f1415018219
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://speakdoor.blogspot.com/
Origin
https://speakdoor.blogspot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 08:46:19 GMT
x-content-type-options
nosniff
age
65552
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22336
x-xss-protection
0
last-modified
Mon, 22 Jul 2019 19:22:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Aug 2023 08:46:19 GMT
fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/webfonts/
73 KB
74 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/webfonts/fa-brands-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e6435769dea358b59b3472298f81ca14ea97c5de7fdda93aa1e01708d14cc44
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/css/all.min.css
Origin
https://speakdoor.blogspot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:51 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5997334
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
74656
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-123a0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fon4m%2B2mS8alETHbiwUpb7CG%2BU7a4qRdQ4DzFKEX%2BX%2FzPdKWi3yrknBYU0b40i4hcKm8RDkceeNGvbqSp%2Fo4yMKAfW%2FRMNMTPkYyfwZw81aviPnkqPO8SDmaoKMLcL6dSmE%2BI9OeZdXMMQH44cggJNTP"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
734bcb3e78d69968-FRA
expires
Mon, 24 Jul 2023 02:58:51 GMT
fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/webfonts/
13 KB
14 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/webfonts/fa-regular-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bca595b1e3228fcfa8edc95a7c4ae364c4589e7e6e440a426cf4bbdc6687088
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/css/all.min.css
Origin
https://speakdoor.blogspot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:51 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1142865
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13584
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-3510"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2F6BNrAyILN27bpgPMHF2uHo1qeGD1t0cKq%2FGI%2FaFX%2BvgJCvYZknzsa309T8ckf4Dnn4mAdIHuEjL02HiCysiXfPoqoimjYVm72WSq9wFbLw5tkn3d6ch1GZ93ieR1IhDejsB4WucjItNlTbVktnAxSj"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
734bcb3e78d79968-FRA
expires
Mon, 24 Jul 2023 02:58:51 GMT
3262169375-comment_from_post_iframe.js
www.blogger.com/static/v1/jsbin/
17 KB
7 KB
Script
General
Full URL
https://www.blogger.com/static/v1/jsbin/3262169375-comment_from_post_iframe.js
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28fdda1121b007f5a8046e069c155aea681e7a77be87ead36bb46f5f518584a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 18:47:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
547877
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6499
x-xss-protection
0
last-modified
Tue, 26 Jul 2022 17:54:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Thu, 27 Jul 2023 18:47:34 GMT
addthis_widget.js
s7.addthis.com/js/300/
353 KB
114 KB
Script
General
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
cache-control
public, max-age=600
date
Wed, 03 Aug 2022 02:58:51 GMT
x-host
s7.addthis.com
content-length
116423
thumbs.php.jpg
1.bp.blogspot.com/-pBBDqC4Po2I/X0FYsYKFsFI/AAAAAAAARMw/AKwOnSa1x2gq5S1RHSXxqUebocK0fQzoACLcBGAsYHQ/w72-h72-p-k-no-nu/
5 KB
5 KB
Image
General
Full URL
https://1.bp.blogspot.com/-pBBDqC4Po2I/X0FYsYKFsFI/AAAAAAAARMw/AKwOnSa1x2gq5S1RHSXxqUebocK0fQzoACLcBGAsYHQ/w72-h72-p-k-no-nu/thumbs.php.jpg
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
1a3a1fe85d2444a49a47761a34e95c126b5d82daa1a11dc4cb17bae30ce5e995
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:43:37 GMT
x-content-type-options
nosniff
age
914
content-disposition
inline;filename="thumbs.php.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4679
x-xss-protection
0
server
fife
etag
"v44cd"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 04 Aug 2022 02:43:37 GMT
ANbyha3K1p9UV1ibAldHhVtjyiitvUYiarLpbAd1uv3Tu-DCqVYm62_a4KVLjCF8c26klNqiGX9-DYtY5kdzPXhNesp2do7p92jLa5wPnnqVV5RH-OQd3Wpd0-a32LWcFH-A1NujJJz03FyQ7l8z8mOWIB0-KW2SbBCtTKJmq6KAyhXEFr3DwoFE9KsaUWSWXQvoA...
lh3.googleusercontent.com/blogger_img_proxy/
0
0
Image
General
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/ANbyha3K1p9UV1ibAldHhVtjyiitvUYiarLpbAd1uv3Tu-DCqVYm62_a4KVLjCF8c26klNqiGX9-DYtY5kdzPXhNesp2do7p92jLa5wPnnqVV5RH-OQd3Wpd0-a32LWcFH-A1NujJJz03FyQ7l8z8mOWIB0-KW2SbBCtTKJmq6KAyhXEFr3DwoFE9KsaUWSWXQvoAO6Z1R56=w72-h72-p-k-no-nu
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

ANbyha2vPrMeS21WBCxLB2TvfTGch38-3Al4DwI-bSp2qbKI1gKBc9W9nFfdYdIGMG79rQiGnBod_iNxsoDs_9FWMuvWH4jyDgxrMKxAZ6M3ZW3omKq3sLtNXCCdHIUgqhtazQ4n5Se4MBnKcaJoGzeFekrhdLQHRt1-p7kSTwYRuBKK4FLk91LsbVCzjCaxAW2WH...
lh3.googleusercontent.com/blogger_img_proxy/
3 KB
3 KB
Image
General
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/ANbyha2vPrMeS21WBCxLB2TvfTGch38-3Al4DwI-bSp2qbKI1gKBc9W9nFfdYdIGMG79rQiGnBod_iNxsoDs_9FWMuvWH4jyDgxrMKxAZ6M3ZW3omKq3sLtNXCCdHIUgqhtazQ4n5Se4MBnKcaJoGzeFekrhdLQHRt1-p7kSTwYRuBKK4FLk91LsbVCzjCaxAW2WHSWR=w72-h72-p-k-no-nu
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
71df315dcc2246dd411ac9e3198e8e0717ab889bc13c690b66b7d8b50b95ef9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Aug 2022 02:58:51 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
no-cache, must-revalidate, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2632
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ANbyha1rx6s9CvRJXm2FgJ7GAQjNGmCH5fYCcwv18Yt6g3JTLiWdHfpxxk69bk0FJMO5TfcOX6sw9qymIzia5qBV4_c9crBrnZH_KCu_iZTRpMRYuH__3e5HYt1KZ6gGJGmdxHFGiEscVY-zBv0CkrTg19T-gMBPcLrn9UMzmeY=w72-h72-p-k-no-nu
lh3.googleusercontent.com/blogger_img_proxy/
11 KB
11 KB
Image
General
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/ANbyha1rx6s9CvRJXm2FgJ7GAQjNGmCH5fYCcwv18Yt6g3JTLiWdHfpxxk69bk0FJMO5TfcOX6sw9qymIzia5qBV4_c9crBrnZH_KCu_iZTRpMRYuH__3e5HYt1KZ6gGJGmdxHFGiEscVY-zBv0CkrTg19T-gMBPcLrn9UMzmeY=w72-h72-p-k-no-nu
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
1bfadef87734f2dca7f2e6fca45fee23b2113ccae2fd0de80850484055fb7647
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:50:13 GMT
x-content-type-options
nosniff
server
fife
age
518
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10858
x-xss-protection
0
expires
Thu, 04 Aug 2022 02:50:13 GMT
%25E0%25A4%25AE%25E0%25A4%25A7%25E0%25A5%2581%25E0%25A4%25AE%25E0%25A5%2587%25E0%25A4%25B9%2B%25E0%25A4%2595%25E0%25A4%25BE%2B%25E0%25A4%2585%25E0%25A4%259A%25E0%25A5%2582%25E0%25A4%2595%2B%25E0%25...
1.bp.blogspot.com/-FTIycfD3Jzo/WVYGfkcnQFI/AAAAAAAAFmA/g41C_ND8tsYTwt-uu10wyE7MCGukzw5JQCLcBGAs/w72-h72-p-k-no-nu/
3 KB
3 KB
Image
General
Full URL
https://1.bp.blogspot.com/-FTIycfD3Jzo/WVYGfkcnQFI/AAAAAAAAFmA/g41C_ND8tsYTwt-uu10wyE7MCGukzw5JQCLcBGAs/w72-h72-p-k-no-nu/%25E0%25A4%25AE%25E0%25A4%25A7%25E0%25A5%2581%25E0%25A4%25AE%25E0%25A5%2587%25E0%25A4%25B9%2B%25E0%25A4%2595%25E0%25A4%25BE%2B%25E0%25A4%2585%25E0%25A4%259A%25E0%25A5%2582%25E0%25A4%2595%2B%25E0%25A4%2594%25E0%25A4%25B0%2B%25E0%25A4%25B8%25E0%25A4%25AB%25E0%25A4%25B2%2B%25E0%25A4%2589%25E0%25A4%25AA%25E0%25A4%259A%25E0%25A4%25BE%25E0%25A4%25B0%2B%25E0%25A4%2595%25E0%25A5%258D%25E0%25A4%25AF%25E0%25A4%25BE%2B%25E0%25A4%25B9%25E0%25A5%2588.jpg
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
7e7d255192a1412b92862071022468a10917dd6c99e51d30613cbc8262fda29d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:53:08 GMT
x-content-type-options
nosniff
age
343
content-disposition
inline;filename="______ __ ____ __ ___ _____ ____ __.jpg";filename*=UTF-8''%E0%A4%AE%E0%A4%A7%E0%A5%81%E0%A4%AE%E0%A5%87%E0%A4%B9%20%E0%A4%95%E0%A4%BE%20%E0%A4%85%E0%A4%9A%E0%A5%82%E0%A4%95%20%E0%A4%94%E0%A4%B0%20%E0%A4%B8%E0%A4%AB%E0%A4%B2%20%E0%A4%89%E0%A4%AA%E0%A4%9A%E0%A4%BE%E0%A4%B0%20%E0%A4%95%E0%A5%8D%E0%A4%AF%E0%A4%BE%20%E0%A4%B9%E0%A5%88.jpg
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2701
x-xss-protection
0
server
fife
etag
"v1661"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 04 Aug 2022 02:53:08 GMT
ANbyha17Uc0Id_G8fm7FxMNxWfrmtvu8_BK1ulGZTE8FAg2UGL4LChHfLAMvSbnIFNBvrR5BaLnoQxwTusRzZseRmYRxFeafu9KWe_Iw_rxyKg9XfAIKuLtkKZ9-a2VPGdkGm54-sn9hyLYIAqj35GRHdUrt3UhwMOHtesNfhmeoX02-ou-uGL7DWbGM5_zxNQgC=...
lh3.googleusercontent.com/blogger_img_proxy/
0
0
Image
General
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/ANbyha17Uc0Id_G8fm7FxMNxWfrmtvu8_BK1ulGZTE8FAg2UGL4LChHfLAMvSbnIFNBvrR5BaLnoQxwTusRzZseRmYRxFeafu9KWe_Iw_rxyKg9XfAIKuLtkKZ9-a2VPGdkGm54-sn9hyLYIAqj35GRHdUrt3UhwMOHtesNfhmeoX02-ou-uGL7DWbGM5_zxNQgC=w72-h72-p-k-no-nu
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

622119239-medical-procedure-surgery-doctor%2527s-office-medical-examination-medicine-breathing-789647.jpg
2.bp.blogspot.com/-o0wL8hfk_WQ/WT7M0QvAXCI/AAAAAAAAAYk/-kEUdqZ8OwU0RxSc0c15SkWjQJ90y-5JwCK4B/w72-h72-p-k-no-nu/
3 KB
3 KB
Image
General
Full URL
https://2.bp.blogspot.com/-o0wL8hfk_WQ/WT7M0QvAXCI/AAAAAAAAAYk/-kEUdqZ8OwU0RxSc0c15SkWjQJ90y-5JwCK4B/w72-h72-p-k-no-nu/622119239-medical-procedure-surgery-doctor%2527s-office-medical-examination-medicine-breathing-789647.jpg
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
d8d5f139f97f7e9ceb21cb9b4e685f7cc1e0ea7a0ab64c0704ff012fe6a71930
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:55:04 GMT
x-content-type-options
nosniff
age
227
content-disposition
inline;filename="622119239-medical-procedure-surgery-doctor's-office-medical-examination-medicine-breathing-789647.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2959
x-xss-protection
0
server
fife
etag
"v18a"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 04 Aug 2022 02:55:04 GMT
ANbyha3Ua0fzHgowk5Oq2C5qTD8e9gj3rSzdr7_wBXjB9Iw69bSIRiSZefoafnZdAkC7T4jxcQu7q9IcguBLtwpbzbzFBV2R0sd_VFvLCliQULsoPGkYcI1lW4Ophs5d2nyILOw5=w72-h72-p-k-no-nu
lh3.googleusercontent.com/blogger_img_proxy/
0
0
Image
General
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/ANbyha3Ua0fzHgowk5Oq2C5qTD8e9gj3rSzdr7_wBXjB9Iw69bSIRiSZefoafnZdAkC7T4jxcQu7q9IcguBLtwpbzbzFBV2R0sd_VFvLCliQULsoPGkYcI1lW4Ophs5d2nyILOw5=w72-h72-p-k-no-nu
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

nth.png
4.bp.blogspot.com/-O3EpVMWcoKw/WxY6-6I4--I/AAAAAAAAB2s/KzC0FqUQtkMdw7VzT6oOR_8vbZO6EJc-ACK4BGAYYCw/w680/
4 KB
4 KB
Image
General
Full URL
https://4.bp.blogspot.com/-O3EpVMWcoKw/WxY6-6I4--I/AAAAAAAAB2s/KzC0FqUQtkMdw7VzT6oOR_8vbZO6EJc-ACK4BGAYYCw/w680/nth.png
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
fd7739e2674c5fe13e0a51140a51189b82c5bbaf087c18a04d30b62fad9648a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:15:39 GMT
x-content-type-options
nosniff
age
2592
content-disposition
inline;filename="nth.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3725
x-xss-protection
0
server
fife
etag
"v76c"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 17 Nov 2021 08:01:26 GMT
dentist-smiling-patient.jpg
1.bp.blogspot.com/-_2zynMeHh1g/WT60wlhQ0WI/AAAAAAAALoU/UfhycVqsEUodrQJ0igRCJyAQSBIzlh5igCLcB/w72-h72-p-k-no-nu/
4 KB
4 KB
Image
General
Full URL
https://1.bp.blogspot.com/-_2zynMeHh1g/WT60wlhQ0WI/AAAAAAAALoU/UfhycVqsEUodrQJ0igRCJyAQSBIzlh5igCLcB/w72-h72-p-k-no-nu/dentist-smiling-patient.jpg
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
c7a01833f8e2f655cd4aa0243c19e6becc6e490cce37994ec738ab5af58777ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:44:41 GMT
x-content-type-options
nosniff
age
850
content-disposition
inline;filename="dentist-smiling-patient.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3991
x-xss-protection
0
server
fife
etag
"v2e86"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 04 Aug 2022 02:44:41 GMT
FY_65KBakAIeACl
pbs.twimg.com/media/
1 KB
1 KB
Image
General
Full URL
https://pbs.twimg.com/media/FY_65KBakAIeACl?format=png&name=240x240
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:6f::159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
307a964bc6b653fe6cc1fff5962b2afeae59ad718897317da12447ec37148e2d
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Sun, 31 Jul 2022 13:34:05 GMT
date
Wed, 03 Aug 2022 02:58:51 GMT
x-tw-cdn
FT
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
1175
x-served-by
cache-lhr7351-LHR, cache-muc13968-MUC, cache-tw-ZZZ1
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/
95 KB
34 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 22:38:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15618
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Aug 2023 22:38:33 GMT
main.js
m9m6e2w5.stackpathcdn.com/v2/f41e75ff/
148 KB
41 KB
Script
General
Full URL
https://m9m6e2w5.stackpathcdn.com/v2/f41e75ff/main.js
Requested by
Host: cdn.shareaholic.net
URL: https://cdn.shareaholic.net/assets/pub/shareaholic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
59b04a15dacf5d7c6befe6dd8f0c26a66bfab4ac12cf05b7d9acd177e22f5b03

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:51 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 20:54:53 GMT
server
nginx
x-amz-request-id
NFB49KNGRGY1YFX2
etag
"88fa1ed2ddaaae4bf29d6c2a0672314d"
x-hw
1659495531.cds299.am5.hn,1659495531.cds316.am5.c
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000, public
x-hello-human
Join the fun! Apply at www.shareaholic.com/jobs
accept-ranges
bytes
content-length
41836
x-amz-id-2
HePZJCSNFUOhrCXRPUbrxu5S1nhbgH3/YLE4IrdrYwEBjmZFAYqLDzXrMDSe198oV2+ZRwpicaU=
cookienotice.js
speakdoor.blogspot.com/js/
6 KB
6 KB
Script
General
Full URL
https://speakdoor.blogspot.com/js/cookienotice.js
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/2021/05/mypaint.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 01 Aug 2022 18:53:45 GMT
x-content-type-options
nosniff
age
115506
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6513
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 18:12:59 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Mon, 08 Aug 2022 18:53:45 GMT
2211061526-widgets.js
www.blogger.com/static/v1/widgets/
159 KB
58 KB
Script
General
Full URL
https://www.blogger.com/static/v1/widgets/2211061526-widgets.js
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89ada6cbc8b51401f6ce47c24714981ee4c13a35f92460e8bcd2bb026df6ebde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 01:16:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6163
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58891
x-xss-protection
0
last-modified
Tue, 02 Aug 2022 06:59:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Thu, 03 Aug 2023 01:16:08 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207280101/
342 KB
121 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2284510269158892&plah=speakdoor.blogspot.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2284510269158892
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
83d3e85aa95dbdf5729e777496f70db6ef3d8e7d896b1fd418a6fee0b30336a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123535
x-xss-protection
0
server
cafe
etag
93667020872293308
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 03 Aug 2022 02:58:51 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220728/r20190131/ Frame BD42
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220728/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2284510269158892
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://speakdoor.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
14025
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Aug 2022 23:05:06 GMT
etag
8616628553774171045
expires
Tue, 16 Aug 2022 23:05:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
8022190083811535766
www.blogger.com/comment/frame/ Frame 370B
0
0

moatframe.js
z.moatads.com/addthismoatframe568911941483/
2 KB
1 KB
Script
General
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.209.169 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-209-169.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:51 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
3DA20F33DFB043F4
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=43529
accept-ranges
bytes
content-length
948
x-amz-id-2
g7+QTkfgFpKXdjIV1ns3PedgNVHG4mi9TLupYfjziOmGieTRD5DTu0V21U3C4oqBbTG5njMGxL0=
js15_as.js
s10.histats.com/
11 KB
4 KB
Script
General
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:52:35 GMT
content-encoding
br
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"-375139978"
x-cacheable
Matched cache
content-type
text/javascript
x-cdn-pop
sbg
accept-ranges
bytes
content-length
4364
x-request-id
148670064
cuelinksv1.js
cdn0.cuelinks.com/js/
5 KB
2 KB
Script
General
Full URL
https://cdn0.cuelinks.com/js/cuelinksv1.js
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:231e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
faa013fc80a89a4fd73a31e0ba4f4bb0430880709dc29b554caee68222f18399

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:51 GMT
via
1.1 f884e2c0a4bd6c75faee34aade3f091e.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
912
x-cache
Miss from cloudfront
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 23 Jul 2019 21:18:16 GMT
server
cloudflare
etag
W/"e5088f4665a477854410cd45e1b95a62"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O5jdp2pMq%2FvPJ42HoTbjdylSHc9ZF2vBYoUHQsnSOoAFXENYACCw48uREtDet4eXXZz18X4X2gIrucFgbmXwf5FHrKBOUDTfmeqMZ%2FXgbf%2BlY0704tAuaHCL5tTarT8gEjL8V6fXuXjnLDGhZRyndA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-cf-pop
FRA60-P2
cf-ray
734bcb3febee9bee-FRA
x-amz-cf-id
tMnTkv0Tck125mXCB99mqpb3lLrmaKiLnv0hRzhWwMUIxsFcwjtd4A==
vglnk.js
cdn.viglink.com/api/
81 KB
28 KB
Script
General
Full URL
https://cdn.viglink.com/api/vglnk.js
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:a00d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73073ed7160406dcfbe826dcabd7ec807cf2aa72afe0303424f518767120cf2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:51 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1334486
cf-ray
734bcb3fec9c9196-FRA
content-length
28567
x-amz-id-2
ML7jYK3BxGj/JlwxYFocqq50fHVEbr3Hj8dv8lJVemjO+aFbcE49XVyTuQwCPc7T6FiRz1Q/2hg=
last-modified
Wed, 02 Dec 2020 18:57:12 GMT
server
cloudflare
etag
"072eaf64a771815874455704fca9301b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
096RS0EE98N86N58
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 10 Aug 2022 02:58:51 GMT
authorization.css
www.blogger.com/dyn-css/
1 B
43 B
Stylesheet
General
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=8022190083811535766&zx=a4aa2133-da9f-4b29-a7d8-c94ff3010a72
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 03 Aug 2022 02:58:51 GMT
server
GSE
date
Wed, 03 Aug 2022 02:58:51 GMT
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-type
text/css; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
d312364965eb6e7a11c0be2441762d17.json
www.shareaholic.net/config/
3 KB
2 KB
XHR
General
Full URL
https://www.shareaholic.net/config/d312364965eb6e7a11c0be2441762d17.json
Requested by
Host: cdn.shareaholic.net
URL: https://cdn.shareaholic.net/assets/pub/shareaholic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.73.100.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-100-94.compute-1.amazonaws.com
Software
nginx /
Resource Hash
002123d897452aa127f3e88e7529a9b03fae8aa95cfb5a01f537db9619f858ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-client-geo-country
DE,Deutschland
date
Wed, 03 Aug 2022 00:44:38 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
content-length
925
server
nginx
x-client-geo-region
HE,Hessen
x-client-geo-metrocode
etag
W/"002123d897452aa127f3e88e7529a9b0"
access-control-max-age
2000
x-client-geo-city
Frankfurt am Main
x-varnish
96767965 95067129
via
1.1 varnish (Varnish/6.0)
access-control-expose-headers
Etag, Access-Control-Allow-Origin, x-client-geo-latlong, x-client-geo-country, x-client-geo-city, x-client-geo-zip, x-client-geo-region, x-client-geo-metrocode
cache-control
max-age=3, public, must-revalidate
x-client-geo-zip
60326
accept-ranges
bytes
content-type
application/json
access-control-allow-headers
*
x-client-geo-latlong
50.104900,8.629500
0.php
s4.histats.com/stats/
95 B
229 B
Script
General
Full URL
https://s4.histats.com/stats/0.php?4131786&@f16&@g1&@h1&@i1&@j1659495531549&@k0&@l1&@mMyPaint&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:179280119&@b3:1659495532&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fspeakdoor.blogspot.com%2F2021%2F05%2Fmypaint.html&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.0.58 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns500326.ip-192-99-0.net
Software
/
Resource Hash
75918ebeb9caa44ae131405d51ebdebffb4f2e729daf02ca992e60432d505524

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 02:58:51 GMT
Connection
close
Content-Length
95
Content-Type
text/html;charset=UTF-8
ping
api.viglink.com/api/
410 B
865 B
XHR
General
Full URL
https://api.viglink.com/api/ping
Requested by
Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.223.183 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-223-183.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
376f60790a82b805974739e2243d6518721c0200c24471e47d65fe755fbab6fd

Request headers

Referer
https://speakdoor.blogspot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Wed, 03 Aug 2022 02:58:51 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://speakdoor.blogspot.com
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Content-Length
410
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sdk.js
connect.facebook.net/en_US/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1402de6546f43fecb9df964454fe9d79d87ca54b93713c71f511d1a51eebac38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
IEoAG4DKHOBG3K8tE4fdzQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1688
x-fb-rlafr
0
x-fb-debug
m2MrWSv5NaNp9pDqJYpfqL0v3DekpDokf80FBoxR55dCFjdXAkqhcAUCoc9ydIkKckIxFSTQoukIZ3APBVMe7Q==
x-fb-trip-id
720026100
x-fb-content-md5
6a152fa2cd14d32e722393154d5f9b0e
x-frame-options
DENY
date
Wed, 03 Aug 2022 02:58:51 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"1dc239ea8771281387d94f6dc16f94ca"
timing-allow-origin
*
expires
Wed, 03 Aug 2022 03:12:04 GMT
e
analytics.shareaholic.com/
43 B
384 B
Ping
General
Full URL
https://analytics.shareaholic.com/e
Requested by
Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/f41e75ff/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.122.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-122-58.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Content-Security-Policy referrer always

Request headers

Referer
https://speakdoor.blogspot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 03 Aug 2022 02:58:51 GMT
vary
Origin
p3p
CP="OTI DSP COR DEVo ADMa OUR CONo IND COM INT ONL PUR STA OTC"
access-control-allow-origin
https://speakdoor.blogspot.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
referer-policy
unsafe-url
content-security-policy
referrer always
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
_ate.track.config_resp
v1.addthisedge.com/live/boost/gunjankumarverma/
2 KB
891 B
Script
General
Full URL
https://v1.addthisedge.com/live/boost/gunjankumarverma/_ate.track.config_resp
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
17ae181511ff74f23ecbb12af7cd591e8313ccb6edf63213bec2744a548e3a01

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:51 GMT
content-encoding
gzip
etag
1759170557--gzip
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=42, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-length
715
300lo.json
m.addthis.com/live/red_lojson/
91 B
251 B
Script
General
Full URL
https://m.addthis.com/live/red_lojson/300lo.json?si=62e9e46b5af3fc59&bkl=0&bl=1&pdt=735&sid=62e9e46b5af3fc59&pub=gunjankumarverma&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=speakdoor.blogspot.com&fp=2021%2F05%2Fmypaint.html&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1659495531626&jsl=1&uvs=62e9e46be35a5cc9000&skipb=1&callback=addthis.cbs.jsonp__0277667253597464470
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7b2ca959b234d69f91e182be13da3a8e4d9fb47514ba3dd490c8061687805ae1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Aug 2022 02:58:51 GMT
cache-control
max-age=0, no-cache, no-store, no-transform
content-disposition
attachment; filename=1.txt
content-length
91
content-type
application/javascript;charset=utf-8
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 0646
0
0

sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 6030
71 KB
26 KB
Document
General
Full URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://speakdoor.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=86313600
content-encoding
gzip
content-length
26421
content-type
text/html
date
Wed, 03 Aug 2022 02:58:51 GMT
etag
W/"5f971164-11adc"
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
p3p
CP="NON ADM OUR DEV IND COM STA"
server
nginx/1.15.8
strict-transport-security
max-age=15724800; includeSubDomains
timing-allow-origin
*
vary
Accept-Encoding
x-host
s7.addthis.com
what-is-libreoffice.html
speakdoor.blogspot.com/2021/05/
429 KB
67 KB
XHR
General
Full URL
https://speakdoor.blogspot.com/2021/05/what-is-libreoffice.html
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8d8a11589e97b835e0aefafbfa4c6336f982e138ffb67968034d7fe03c5da72f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://speakdoor.blogspot.com/2021/05/mypaint.html
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 03 Aug 2022 02:29:35 GMT
server
GSE
etag
W/"5a67cd3ef887f663e7a27cb26541c26e82eb5def5a536ead8369e4af55d7abd9"
content-type
text/html; charset=UTF-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68108
x-xss-protection
1; mode=block
expires
Wed, 03 Aug 2022 02:58:52 GMT
with-scratch-you-can-program-your-own.html
speakdoor.blogspot.com/2021/05/
430 KB
66 KB
XHR
General
Full URL
https://speakdoor.blogspot.com/2021/05/with-scratch-you-can-program-your-own.html
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5f0127ae6568d5203a03d96a6e5c1375c49114dcd590506eaf510f3c55e87ae0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://speakdoor.blogspot.com/2021/05/mypaint.html
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 03 Aug 2022 02:29:35 GMT
server
GSE
etag
W/"5a67cd3ef887f663e7a27cb26541c26e82eb5def5a536ead8369e4af55d7abd9"
content-type
text/html; charset=UTF-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67671
x-xss-protection
1; mode=block
expires
Wed, 03 Aug 2022 02:58:52 GMT
8022190083811535766
www.blogger.com/comment/frame/ Frame B2D4
70 KB
18 KB
Document
General
Full URL
https://www.blogger.com/comment/frame/8022190083811535766?po=5427073714583874335&hl=en-GB&skin=contempo&blogspotRpcToken=3120113
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
30f952c8f65312b34a19736eb0da1c8ee7b4774f5df5786d2f822989267a7b9d
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport script-src 'report-sample' 'nonce-hV1QFPZ6Q2S8vMXelvFj5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self' script-src 'nonce-hV1QFPZ6Q2S8vMXelvFj5A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/BloggerCommentUi/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://speakdoor.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport script-src 'report-sample' 'nonce-hV1QFPZ6Q2S8vMXelvFj5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self' script-src 'nonce-hV1QFPZ6Q2S8vMXelvFj5A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/BloggerCommentUi/cspreport
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-site
date
Wed, 03 Aug 2022 02:58:51 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
default
speakdoor.blogspot.com/feeds/posts/
899 KB
157 KB
XHR
General
Full URL
https://speakdoor.blogspot.com/feeds/posts/default?alt=json-in-script&max-results=10&callback=jQuery112403947256310584799_1659495531584&_=1659495531585
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
blogger-renderd /
Resource Hash
cad95c8b81dcc30d1bc32c7e29978f63efc76c7ed99da7594794e10facc31eff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://speakdoor.blogspot.com/2021/05/mypaint.html
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 03 Aug 2022 02:29:35 GMT
server
blogger-renderd
etag
W/"b3746ca3ada15190f3cc04759f2ad3ae6b4dde2b3157708d913be90664a0219e"
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
160251
x-xss-protection
0
expires
Wed, 03 Aug 2022 02:58:53 GMT
Computer
speakdoor.blogspot.com/feeds/posts/default/-/
64 KB
19 KB
XHR
General
Full URL
https://speakdoor.blogspot.com/feeds/posts/default/-/Computer?alt=json-in-script&max-results=3&callback=jQuery112403947256310584799_1659495531586&_=1659495531587
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
blogger-renderd /
Resource Hash
73c152db974db6a54befb152227706bdde865095dfb7fb1cef4f3b14b218ac06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://speakdoor.blogspot.com/2021/05/mypaint.html
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 03 Aug 2022 02:29:35 GMT
server
blogger-renderd
etag
W/"22ea0f9b9abc77925904418f22762fc759ee51ddd2962897a962493655737f17"
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
19005
x-xss-protection
0
expires
Wed, 03 Aug 2022 02:58:53 GMT
thumbs.php.jpg
1.bp.blogspot.com/-pBBDqC4Po2I/X0FYsYKFsFI/AAAAAAAARMw/AKwOnSa1x2gq5S1RHSXxqUebocK0fQzoACLcBGAsYHQ/w75-h60-p-k-no-nu/
4 KB
4 KB
Image
General
Full URL
https://1.bp.blogspot.com/-pBBDqC4Po2I/X0FYsYKFsFI/AAAAAAAARMw/AKwOnSa1x2gq5S1RHSXxqUebocK0fQzoACLcBGAsYHQ/w75-h60-p-k-no-nu/thumbs.php.jpg
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
26cbc34b60320d9ed93095bcba5f6d7d5fdef6fa622eb95e1a4733e388620a3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:43:39 GMT
x-content-type-options
nosniff
age
912
content-disposition
inline;filename="thumbs.php.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4318
x-xss-protection
0
server
fife
etag
"v44cd"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 04 Aug 2022 02:43:39 GMT
ANbyha3K1p9UV1ibAldHhVtjyiitvUYiarLpbAd1uv3Tu-DCqVYm62_a4KVLjCF8c26klNqiGX9-DYtY5kdzPXhNesp2do7p92jLa5wPnnqVV5RH-OQd3Wpd0-a32LWcFH-A1NujJJz03FyQ7l8z8mOWIB0-KW2SbBCtTKJmq6KAyhXEFr3DwoFE9KsaUWSWXQvoA...
lh3.googleusercontent.com/blogger_img_proxy/
0
0
Image
General
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/ANbyha3K1p9UV1ibAldHhVtjyiitvUYiarLpbAd1uv3Tu-DCqVYm62_a4KVLjCF8c26klNqiGX9-DYtY5kdzPXhNesp2do7p92jLa5wPnnqVV5RH-OQd3Wpd0-a32LWcFH-A1NujJJz03FyQ7l8z8mOWIB0-KW2SbBCtTKJmq6KAyhXEFr3DwoFE9KsaUWSWXQvoAO6Z1R56=w75-h60-p-k-no-nu
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cookie.js
partner.googleadservices.com/gampad/
216 B
645 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=speakdoor.blogspot.com&callback=_gfp_s_&client=ca-pub-2284510269158892
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2284510269158892&plah=speakdoor.blogspot.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
5a5a1218761c898afd6653b7f582d10440f3db1acf76474629076e8f3563d4a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
201
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=speakdoor.blogspot.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2284510269158892&plah=speakdoor.blogspot.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 03 Aug 2022 02:58:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=speakdoor.blogspot.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2284510269158892&plah=speakdoor.blogspot.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 03 Aug 2022 02:58:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fspeakdoor.blogspot.com%2F2021%2F05%2Fmypaint.html&tn=DIV&id=cookieChoiceInfo&cls=cookie-choices-info%20singleton-element&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Aug 2022 02:58:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 7038
50 KB
15 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2284510269158892&output=html&adk=1812271804&adf=3025194257&lmt=1659493775&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2Fspeakdoor.blogspot.com%2F2021%2F05%2Fmypaint.html&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659495531392&bpp=4&bdt=270&idt=287&shv=r20220728&mjsv=m202207280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2793839140486&frm=20&pv=2&ga_vid=1415982526.1659495532&ga_sid=1659495532&ga_hid=1944273415&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531607%2C44769661&oid=2&pvsid=4218468948237186&tmod=440477505&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=300
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2284510269158892&plah=speakdoor.blogspot.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7361c06eb56be2d9dabeed83e8daafaa4fd18ee226fe43f4dae507161ffd6751
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://speakdoor.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
15134
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 03 Aug 2022 02:58:51 GMT
expires
Wed, 03 Aug 2022 02:58:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
layers.fa6cd1947ce26e890d3d.js
s7.addthis.com/static/
263 KB
76 KB
Script
General
Full URL
https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-41cf5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
date
Wed, 03 Aug 2022 02:58:51 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
77617
sync.js
api.viglink.com/api/
43 B
390 B
Script
General
Full URL
https://api.viglink.com/api/sync.js?key=d41145dd420ce89217c1f5f5763b23f0
Requested by
Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.223.183 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-223-183.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
b6d018729b6cc00b3732df6a76d2d350e205062eac8b2e6ac254db938eeab31b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Aug 2022 02:58:51 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Type
image/gif;charset=UTF-8
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync.gif
api.viglink.com/api/
43 B
390 B
Image
General
Full URL
https://api.viglink.com/api/sync.gif?key=d41145dd420ce89217c1f5f5763b23f0
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.223.183 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-223-183.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Aug 2022 02:58:51 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Type
image/gif;charset=UTF-8
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 0822
25 KB
10 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2284510269158892&output=html&h=280&slotname=6199451114&adk=3515622465&adf=3804959376&pi=t.ma~as.6199451114&w=970&fwrn=4&fwrnh=100&lmt=1659493775&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fspeakdoor.blogspot.com%2F2021%2F05%2Fmypaint.html&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659495531396&bpp=2&bdt=273&idt=318&shv=r20220728&mjsv=m202207280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2793839140486&frm=20&pv=1&ga_vid=1415982526.1659495532&ga_sid=1659495532&ga_hid=1944273415&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531607%2C44769661&oid=2&pvsid=4218468948237186&tmod=440477505&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9SnV2ElN33&p=https%3A//speakdoor.blogspot.com&dtd=323
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2284510269158892&plah=speakdoor.blogspot.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aefa99336f3bf14e3cea83dcc4c5b32461a5e248333f7dafb634eb25bf16a95b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://speakdoor.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
10719
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 03 Aug 2022 02:58:51 GMT
expires
Wed, 03 Aug 2022 02:58:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sdk.js
connect.facebook.net/en_US/
302 KB
86 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=1fd1f4273fe97ba5186af0d63f848164
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
510f9663fe6f69cbde6f7a6ea2bc12b88a365dee2fa897091e81f907fb880c99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://speakdoor.blogspot.com/
Origin
https://speakdoor.blogspot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
DhS2UPVoLgAw7ZV4bk4KDQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
87843
x-fb-rlafr
0
x-fb-debug
6VcCfnN89NADEsYrD7NAemsdZKD0xGbcm40pZKXQSTYNRZuMl2TAKzldmuEWY2z6qD54lu4q6lIHMDDKNMG3yQ==
x-fb-content-md5
fd1b7ca379c6351f2efe0fc020b8b75e
x-frame-options
DENY
date
Wed, 03 Aug 2022 02:58:51 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"aa2c742a05dfd9096268c695b50b3fcd"
timing-allow-origin
*
priority
u=3,i
expires
Thu, 03 Aug 2023 02:44:50 GMT
cspreport
www.blogger.com/_/BloggerCommentUi/ Frame B2D4
0
27 B
Other
General
Full URL
https://www.blogger.com/_/BloggerCommentUi/cspreport
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport, script-src 'report-sample' 'nonce-NEVaWYDamPlyyaWSLIcNMw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self', script-src 'nonce-NEVaWYDamPlyyaWSLIcNMw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/BloggerCommentUi/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.blogger.com/comment/frame/8022190083811535766?po=5427073714583874335&hl=en-GB&skin=contempo&blogspotRpcToken=3120113
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 03 Aug 2022 02:58:51 GMT
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="BloggerCommentUi"
x-frame-options
SAMEORIGIN
report-to
{"group":"BloggerCommentUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/BloggerCommentUi/external"}]}
content-type
text/html; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport, script-src 'report-sample' 'nonce-NEVaWYDamPlyyaWSLIcNMw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self', script-src 'nonce-NEVaWYDamPlyyaWSLIcNMw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/BloggerCommentUi/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
domains
api.viglink.com/api/
58 B
512 B
XHR
General
Full URL
https://api.viglink.com/api/domains
Requested by
Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.223.183 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-223-183.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
c1fa96d44ae34a667340961fe3ca599dd2a64beb963edc550f7c04c56dd88198

Request headers

Referer
https://speakdoor.blogspot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Wed, 03 Aug 2022 02:58:50 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://speakdoor.blogspot.com
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Content-Length
58
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 3D5E
25 KB
10 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2284510269158892&output=html&h=280&slotname=6199451114&adk=3235462141&adf=3329327272&pi=t.ma~as.6199451114&w=588&fwrn=4&fwrnh=100&lmt=1659493775&rafmt=1&psa=0&format=588x280&url=https%3A%2F%2Fspeakdoor.blogspot.com%2F2021%2F05%2Fmypaint.html&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659495531398&bpp=1&bdt=275&idt=357&shv=r20220728&mjsv=m202207280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=2793839140486&frm=20&pv=1&ga_vid=1415982526.1659495532&ga_sid=1659495532&ga_hid=1944273415&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=653&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531607%2C44769661&oid=2&pvsid=4218468948237186&tmod=440477505&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=lGLnwDGDA3&p=https%3A//speakdoor.blogspot.com&dtd=360
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2284510269158892&plah=speakdoor.blogspot.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d84d4a0c5427d346b2ceb12588dfb9a16bb523f3362c7e5ed08772705237020c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://speakdoor.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
10695
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 03 Aug 2022 02:58:51 GMT
expires
Wed, 03 Aug 2022 02:58:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
m=_b,_tp,_r
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en_GB.nrclM-_PVcU.es5.O/am=cQACAQ/d=1/excm=_b,_r,_tp,commentformiframeview/ed=1/dg=0/wt=2/rs=AEy-KP2uSsRgae6UQuTW2VWBo83S23uNGQ/ Frame B2D4
172 KB
60 KB
Script
General
Full URL
https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en_GB.nrclM-_PVcU.es5.O/am=cQACAQ/d=1/excm=_b,_r,_tp,commentformiframeview/ed=1/dg=0/wt=2/rs=AEy-KP2uSsRgae6UQuTW2VWBo83S23uNGQ/m=_b,_tp,_r
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/comment/frame/8022190083811535766?po=5427073714583874335&hl=en-GB&skin=contempo&blogspotRpcToken=3120113
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09d864850ee427736c6d330964c250a508f8b6d3d766a05b815e1af2e17b66c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 01 Aug 2022 03:13:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
171934
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61850
x-xss-protection
0
last-modified
Sat, 30 Jul 2022 04:14:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
vary
Accept-Encoding
report-to
{"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 01 Aug 2023 03:13:17 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame D983
25 KB
10 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2284510269158892&output=html&h=280&slotname=6199451114&adk=3235462141&adf=212795810&pi=t.ma~as.6199451114&w=588&fwrn=4&fwrnh=100&lmt=1659493775&rafmt=1&psa=0&format=588x280&url=https%3A%2F%2Fspeakdoor.blogspot.com%2F2021%2F05%2Fmypaint.html&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659495531399&bpp=1&bdt=276&idt=377&shv=r20220728&mjsv=m202207280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C588x280&nras=1&correlator=2793839140486&frm=20&pv=1&ga_vid=1415982526.1659495532&ga_sid=1659495532&ga_hid=1944273415&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=1845&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531607%2C44769661&oid=2&pvsid=4218468948237186&tmod=440477505&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=aIuctpEWfI&p=https%3A//speakdoor.blogspot.com&dtd=382
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2284510269158892&plah=speakdoor.blogspot.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f7bc9396245531479db6df2e50f241182925d5168d232561861eaa94c687396
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://speakdoor.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
10668
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 03 Aug 2022 02:58:51 GMT
expires
Wed, 03 Aug 2022 02:58:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame AB08
81 KB
22 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2284510269158892&output=html&h=352&slotname=6655585604&adk=1606311184&adf=2466936919&pi=t.ma~as.6655585604&w=588&cr_col=4&cr_row=2&fwrn=2&lmt=1659493775&rafmt=9&psa=0&format=588x352&url=https%3A%2F%2Fspeakdoor.blogspot.com%2F2021%2F05%2Fmypaint.html&host=ca-host-pub-1556223355139109&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659495531400&bpp=1&bdt=277&idt=391&shv=r20220728&mjsv=m202207280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C588x280%2C588x280&nras=1&correlator=2793839140486&frm=20&pv=1&ga_vid=1415982526.1659495532&ga_sid=1659495532&ga_hid=1944273415&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=2125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531607%2C44769661&oid=2&pvsid=4218468948237186&tmod=440477505&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=DMG7eA7igE&p=https%3A//speakdoor.blogspot.com&dtd=393
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2284510269158892&plah=speakdoor.blogspot.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
357ae23995168f39c444d8432ecc26483a55b1d6649038a45d00b4e5d5f16087
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://speakdoor.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
22956
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 03 Aug 2022 02:58:51 GMT
expires
Wed, 03 Aug 2022 02:58:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3587
31 KB
11 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2284510269158892&output=html&h=600&slotname=6199451114&adk=1087211778&adf=882022816&pi=t.ma~as.6199451114&w=278&fwrn=4&fwrnh=100&lmt=1659493775&rafmt=1&psa=0&format=278x600&url=https%3A%2F%2Fspeakdoor.blogspot.com%2F2021%2F05%2Fmypaint.html&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659495531471&bpp=2&bdt=349&idt=345&shv=r20220728&mjsv=m202207280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C588x280%2C588x280%2C588x352&nras=1&correlator=2793839140486&frm=20&pv=1&ga_vid=1415982526.1659495532&ga_sid=1659495532&ga_hid=1944273415&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=986&ady=514&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531607%2C44769661&oid=2&pvsid=4218468948237186&tmod=440477505&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=vzVIQEasG2&p=https%3A//speakdoor.blogspot.com&dtd=347
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2284510269158892&plah=speakdoor.blogspot.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86b47d7617dd5c529595041389e833bf7c381ff38ccca48c76aa47b979837742
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://speakdoor.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
11451
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 03 Aug 2022 02:58:51 GMT
expires
Wed, 03 Aug 2022 02:58:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
151.67aec2e0546e639563bb.js
s7.addthis.com/static/
2 KB
1 KB
Script
General
Full URL
https://s7.addthis.com/static/151.67aec2e0546e639563bb.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
e1fa72e38624f68bc2039aded02a054eead1fbf24646f4df60abcacc665a8690
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-68f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
date
Wed, 03 Aug 2022 02:58:51 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
815
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
7011
date
Wed, 03 Aug 2022 01:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 03 Aug 2022 03:02:00 GMT
recommendations.js
m9m6e2w5.stackpathcdn.com/v2/f41e75ff/
92 KB
13 KB
Script
General
Full URL
https://m9m6e2w5.stackpathcdn.com/v2/f41e75ff/recommendations.js
Requested by
Host: cdn.shareaholic.net
URL: https://cdn.shareaholic.net/assets/pub/shareaholic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
f1209899a0cbbf58df073110347d1429e0ad4d254b584f0fff016f395a09cfff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:51 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 20:54:53 GMT
server
nginx
x-amz-request-id
NFB5P478EE68WWD6
etag
"bd2f6bef184f7e22b7efe36558d084d4"
x-hw
1659495531.cds299.am5.hn,1659495531.cds003.am5.c
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000, public
x-hello-human
Join the fun! Apply at www.shareaholic.com/jobs
accept-ranges
bytes
content-length
12624
x-amz-id-2
JCacSqMWtEoyGMrlmSMHg4gyvqgMP2tl7M1aQ5X/zaY+t7TBSm78VLRlW8JM+3tlE/H78MzyZNc=
affiliatelinks.js
m9m6e2w5.stackpathcdn.com/v2/f41e75ff/
997 B
796 B
Script
General
Full URL
https://m9m6e2w5.stackpathcdn.com/v2/f41e75ff/affiliatelinks.js
Requested by
Host: cdn.shareaholic.net
URL: https://cdn.shareaholic.net/assets/pub/shareaholic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
4d071d69e25eb8288369459a7fa77275fd654bc22f4965e50ca2e95fe63931c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:51 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 20:54:53 GMT
server
nginx
x-amz-request-id
NFB7G1TKJQB2PT3W
etag
"99e5164c1e3f1deebc20ff6fd1e5eae7"
x-hw
1659495531.cds299.am5.hn,1659495531.cds230.am5.c
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000, public
x-hello-human
Join the fun! Apply at www.shareaholic.com/jobs
accept-ranges
bytes
content-length
591
x-amz-id-2
Afu+bPwK18TPOnqMAi3s+YDUmdHnVqo7ECuiQO8VxItReoV4DoSomCY9LBVpP/CY67YbmL8CYsw=
partners.js
partner.shareaholic.com/
0
265 B
Script
General
Full URL
https://partner.shareaholic.com/partners.js?location=https%3A%2F%2Fspeakdoor.blogspot.com%2F2021%2F05%2Fmypaint.html&id_sync=3c8b4bf7-29ae-4031-aa93-969a84c74e19&minify=1&pvs=1&site=d312364965eb6e7a11c0be2441762d17
Requested by
Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/f41e75ff/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.20.147.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-20-147-136.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Aug 2022 02:58:52 GMT
vary
Accept-Encoding, User-Agent
p3p
CP='OTI DSP COR DEVo ADMa OUR CONo IND COM INT ONL PUR STA OTC'
cache-control
no-cache, no-store, must-revalidate
content-type
application/javascript;charset=utf-8
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
77002f317af306cd1836fd40f9948c441dec62997fa2733262a6ea68ff0b3f08

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/svg+xml
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220728/r20110914/client/ Frame 0822
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220728/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2284510269158892&output=html&h=280&slotname=6199451114&adk=3515622465&adf=3804959376&pi=t.ma~as.6199451114&w=970&fwrn=4&fwrnh=100&lmt=1659493775&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fspeakdoor.blogspot.com%2F2021%2F05%2Fmypaint.html&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659495531396&bpp=2&bdt=273&idt=318&shv=r20220728&mjsv=m202207280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2793839140486&frm=20&pv=1&ga_vid=1415982526.1659495532&ga_sid=1659495532&ga_hid=1944273415&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531607%2C44769661&oid=2&pvsid=4218468948237186&tmod=440477505&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9SnV2ElN33&p=https%3A//speakdoor.blogspot.com&dtd=323
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:00:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3506
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Aug 2022 02:00:25 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0822
139 KB
43 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2284510269158892&output=html&h=280&slotname=6199451114&adk=3515622465&adf=3804959376&pi=t.ma~as.6199451114&w=970&fwrn=4&fwrnh=100&lmt=1659493775&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fspeakdoor.blogspot.com%2F2021%2F05%2Fmypaint.html&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659495531396&bpp=2&bdt=273&idt=318&shv=r20220728&mjsv=m202207280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2793839140486&frm=20&pv=1&ga_vid=1415982526.1659495532&ga_sid=1659495532&ga_hid=1944273415&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531607%2C44769661&oid=2&pvsid=4218468948237186&tmod=440477505&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9SnV2ElN33&p=https%3A//speakdoor.blogspot.com&dtd=323
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92aaa12adb4161114f57fe1c38584f80895525c642d8778be4d5b2d68fcab715
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43813
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1659353321385471"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 03 Aug 2022 02:58:51 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220728/r20110914/client/ Frame 0822
18 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220728/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2284510269158892&output=html&h=280&slotname=6199451114&adk=3515622465&adf=3804959376&pi=t.ma~as.6199451114&w=970&fwrn=4&fwrnh=100&lmt=1659493775&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fspeakdoor.blogspot.com%2F2021%2F05%2Fmypaint.html&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659495531396&bpp=2&bdt=273&idt=318&shv=r20220728&mjsv=m202207280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2793839140486&frm=20&pv=1&ga_vid=1415982526.1659495532&ga_sid=1659495532&ga_hid=1944273415&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531607%2C44769661&oid=2&pvsid=4218468948237186&tmod=440477505&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9SnV2ElN33&p=https%3A//speakdoor.blogspot.com&dtd=323
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e5ee07c0b9aebe4b9fe10f351068879e9046771eaae0fecc0d06a320e75d472
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:05:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3195
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7643
x-xss-protection
0
server
cafe
etag
5476907727954993956
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Aug 2022 02:05:36 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 0822
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CwP4za-TpYuesLZPL7_UP5fOJyA3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ7M9XT6Q2xPqgDAaoE6QFP0F0fQPcR5RJb0NKNRzAvjYwAe7wKpZUQcnQftbUK99-eJhhnpn6ltNAqfk2-BakdV_OclIh9DSixtSW8G_cBEP2VwstCmEkC22xGX7nfwN_A_HZFXW5XihwHRXeiGszqw8rsxGA86TdwpT4hq9OSc011k96trKUwJcvFHS03lQOouE6cT6HyHOoE3sUZwcQqYOHGvmgO36AEPN_HiAJzBN2Mv9PArauUf9-P6QaX2iST1tDZ8RnzDScRe8gce0XerF31fxOpHt8FtR_I0q5qPnD0bqM-Hlwi9KzAv_sC4I7hhQrQ0yPVpIAGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yMjg0NTEwMjY5MTU4ODkyGAA&sigh=q1xnlaMHX3I&uach_m=[UACH]&cid=CAQSGwCsnQUxxyou-MnCQLSJWkBCGldXbSfEGuWn1xgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2284510269158892&output=html&h=280&slotname=6199451114&adk=3515622465&adf=3804959376&pi=t.ma~as.6199451114&w=970&fwrn=4&fwrnh=100&lmt=1659493775&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fspeakdoor.blogspot.com%2F2021%2F05%2Fmypaint.html&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659495531396&bpp=2&bdt=273&idt=318&shv=r20220728&mjsv=m202207280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2793839140486&frm=20&pv=1&ga_vid=1415982526.1659495532&ga_sid=1659495532&ga_hid=1944273415&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531607%2C44769661&oid=2&pvsid=4218468948237186&tmod=440477505&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9SnV2ElN33&p=https%3A//speakdoor.blogspot.com&dtd=323
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2284510269158892&output=html&h=280&slotname=6199451114&adk=3515622465&adf=3804959376&pi=t.ma~as.6199451114&w=970&fwrn=4&fwrnh=100&lmt=1659493775&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fspeakdoor.blogspot.com%2F2021%2F05%2Fmypaint.html&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659495531396&bpp=2&bdt=273&idt=318&shv=r20220728&mjsv=m202207280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2793839140486&frm=20&pv=1&ga_vid=1415982526.1659495532&ga_sid=1659495532&ga_hid=1944273415&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531607%2C44769661&oid=2&pvsid=4218468948237186&tmod=440477505&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9SnV2ElN33&p=https%3A//speakdoor.blogspot.com&dtd=323
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 03 Aug 2022 02:58:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 03 Aug 2022 02:58:51 GMT
notify
rtb.nl.eu.criteo.com/google/auction/ Frame 0822
0
0
Fetch
General
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kOb8EMz6RMoHmAKdg2ICAgAAAF8HqR4db0N0EGrk6WJUjzWmjZL4p9oZ8gASAAA&wp=YunkawALVmcIu-WTAAJ55SNfpvOurZVgviooRg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2284510269158892&output=html&h=280&slotname=6199451114&adk=3515622465&adf=3804959376&pi=t.ma~as.6199451114&w=970&fwrn=4&fwrnh=100&lmt=1659493775&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fspeakdoor.blogspot.com%2F2021%2F05%2Fmypaint.html&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659495531396&bpp=2&bdt=273&idt=318&shv=r20220728&mjsv=m202207280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2793839140486&frm=20&pv=1&ga_vid=1415982526.1659495532&ga_sid=1659495532&ga_hid=1944273415&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531607%2C44769661&oid=2&pvsid=4218468948237186&tmod=440477505&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9SnV2ElN33&p=https%3A//speakdoor.blogspot.com&dtd=323
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:51 GMT
server
Kestrel
server-processing-duration-in-ticks
371450
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame 210E
207 KB
59 KB
Document
General
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawALVmcIu-WTAAJ55SNfpvOurZVgviooRg&u=%7CPcGAtcajvHPHlPb2UcmyndfF4v3nimGRG7Aqw%2BnV8l8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-EmSBxF9gVT5n1MXNKzDdgZj0YA9-KFVsubJ8ETM2ZS1JSHu-xkc1vdtSyaueNzr69KpbsnxWtt3aP2RtSz_85tcohTt9MA4pDFO068EMt8BKXEA4aAzOLSC70s8qpltRCopz7JZIny7Y5wCge_9Gk8i7SdMWQ8FPz2haBqC6WAVnXyxuMAVOm6ue6p74CuAo2ijY5cCt8JN80XIBkqrKWMTMRbK68ejmSwP-mJwDljnCjSgNhLepZAoP-xkbqtYlwI5XYFSt91Ou4hdPrN5TxY_IKGI6yG1nonOEMgJsCp7dt40OSlVC1WgZG2587eNW1sFwlJfVa7CJSTfOD2H2cM3a-gLuVXchA3r7qabEkX5f_tch-kQsZV19fTrdzTHNyd7IyKNdcym-RpWvdpLxZcAtAj28kjwlS5&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCytnPa-TpYuesLZPL7_UP5fOJyA3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ7M9XT6Q2xPqgDAaoE7AFP0F0fQPcR5RJb0NKNRzAvjYwAe7wKpZUQcnQftbUK99-eJhhnpn6ltNAqfk2-BakdV_OclIh9DSixtSW8G_cBEP2VwstCmEkC22xGX7nfwN_A_HZFXW5XihwHRXeiGszqw8rsxGA86TdwpT4hq9OSc011k96trKUwJcvFHS03lQOouE6cT6HyHOoE3sUZwcQqYOHGvmgO36AEPN_HiAJzBN2Mv9PArauUf9-P6QaX2iST1tDZ8RnzDScRe8gce0XerF23fTI7mVCZpqBUxg26A9YMZ7c0qFYM7C50d8akEjH_qRJVeafGG-tEe4AGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1pj0x13NEUlCCZNvBgB5e5bYP1lQ%26client%3Dca-pub-2284510269158892%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2284510269158892&output=html&h=280&slotname=6199451114&adk=3515622465&adf=3804959376&pi=t.ma~as.6199451114&w=970&fwrn=4&fwrnh=100&lmt=1659493775&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fspeakdoor.blogspot.com%2F2021%2F05%2Fmypaint.html&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659495531396&bpp=2&bdt=273&idt=318&shv=r20220728&mjsv=m202207280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2793839140486&frm=20&pv=1&ga_vid=1415982526.1659495532&ga_sid=1659495532&ga_hid=1944273415&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531607%2C44769661&oid=2&pvsid=4218468948237186&tmod=440477505&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9SnV2ElN33&p=https%3A//speakdoor.blogspot.com&dtd=323
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b71c6b3347e7804291084cc452443506f307553c22934ce1c36122a78a29f270
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Wed, 03 Aug 2022 02:58:52 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=t2E_ojfX20-jaVR3WBvtzUrJsyCsZh-BDLZegZ9ryKwIHqhM65uiW-0M3kkOETe1An2Hgn_xmrONrkQXmRycFnUhurEzM7b9XIppfSVJx1sjTi9bE2SB0VuwauBHOf30X9mBSFnBmry3Vb79vvSP_vZ8BLsWiyLnJmWBmbqaK9zPpZcqonnAdMXgU9my86Lp0t9PBMVaV91kRNixUCOl40FUu7EOK06TvWsdvDTdVIpdC8SmPwodBkswgkCKzeboB2D-BA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
98987321
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
/
recs.shareaholic.com/rec/
5 KB
2 KB
Fetch
General
Full URL
https://recs.shareaholic.com/rec/?asid=1117373&location=https%3A%2F%2Fspeakdoor.blogspot.com%2F2021%2F05%2Fmypaint.html&canonical=https%3A%2F%2Fspeakdoor.blogspot.com%2F2021%2F05%2Fmypaint.html&internal=8&sponsored=8&api_key=d312364965eb6e7a11c0be2441762d17&hp=educratsweb.com
Requested by
Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/f41e75ff/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.36.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-36-4.compute-1.amazonaws.com
Software
/
Resource Hash
3d487fb8539bc46cf92a29e818b90290739981953ee56e264f12c969895325e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Aug 2022 02:58:52 GMT
content-encoding
gzip
vary
Origin, Accept-Encoding, User-Agent
content-type
application/json
access-control-allow-origin
https://speakdoor.blogspot.com
access-control-expose-headers
X-Client-Auth
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
2044
expires
Thu, 01 Jan 1970 00:00:00 GMT
m=n73qwf,ws9Tlc,e5qFLc,GkRiKb,IZT63,vfuNJf,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,mI3LFb,WO9ee,WzT7ae,gZjhIf,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,laz...
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en_GB.nrclM-_PVcU.es5.O/ck=boq-blogger.BloggerCommentUi.VM8PAZtDOww.L.B1.O/am=cQACAQ/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,commentfor... Frame B2D4
281 KB
100 KB
Script
General
Full URL
https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en_GB.nrclM-_PVcU.es5.O/ck=boq-blogger.BloggerCommentUi.VM8PAZtDOww.L.B1.O/am=cQACAQ/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,commentformiframeview/ed=1/wt=2/rs=AEy-KP3TC1tV_N05l0nRCX2fIivJpogXZg/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=n73qwf,ws9Tlc,e5qFLc,GkRiKb,IZT63,vfuNJf,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,mI3LFb,WO9ee,WzT7ae,gZjhIf,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,lazG7b,Mpq4Ee,S2r0ad,XVMNvd,L1AAkb,KUM7Z,Mlhmy,hc6Ubd,lwddkf,gychg,w9hDv,EEDORb,RMhBfe,SdcwHb,aW3pY,SpsfSb,EFQ78c,Ulmmrd,ZfAoz,mdR7q,I6YDgd,xQtZb,MdUzUe,JNoxi,kWgXee,MI6k7c,kjKdXe,BVgquf,ovKuLd,hKSk3e,zbML3c,yDVVkb,Uas9Hd,KG2eXe,VwDzFe,ZDqTJc,eD1YLc,A7fCU,pjICDe
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en_GB.nrclM-_PVcU.es5.O/am=cQACAQ/d=1/excm=_b,_r,_tp,commentformiframeview/ed=1/dg=0/wt=2/rs=AEy-KP2uSsRgae6UQuTW2VWBo83S23uNGQ/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ac5ae5a9394b620eb48bf18c6b9920ac72b1d2bc0214359298b768c74e5af24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 01 Aug 2022 03:13:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
171930
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
101925
x-xss-protection
0
last-modified
Sat, 30 Jul 2022 00:12:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
vary
Accept-Encoding
report-to
{"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 01 Aug 2023 03:13:21 GMT
vglnk.js
cdn.viglink.com/api/
81 KB
28 KB
Script
General
Full URL
https://cdn.viglink.com/api/vglnk.js
Requested by
Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/f41e75ff/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:a00d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73073ed7160406dcfbe826dcabd7ec807cf2aa72afe0303424f518767120cf2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:51 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1334486
cf-ray
734bcb427e179196-FRA
content-length
28567
x-amz-id-2
ML7jYK3BxGj/JlwxYFocqq50fHVEbr3Hj8dv8lJVemjO+aFbcE49XVyTuQwCPc7T6FiRz1Q/2hg=
last-modified
Wed, 02 Dec 2020 18:57:12 GMT
server
cloudflare
etag
"072eaf64a771815874455704fca9301b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
096RS0EE98N86N58
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 10 Aug 2022 02:58:51 GMT
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en_GB.nrclM-_PVcU.es5.O/ck=boq-blogger.BloggerCommentUi.VM8PAZtDOww.L.B1.O/am=cQACAQ/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,G... Frame B2D4
6 KB
3 KB
Script
General
Full URL
https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en_GB.nrclM-_PVcU.es5.O/ck=boq-blogger.BloggerCommentUi.VM8PAZtDOww.L.B1.O/am=cQACAQ/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,I6YDgd,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,Mpq4Ee,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,S2r0ad,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,WO9ee,WzT7ae,XVMNvd,ZDqTJc,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,fKUV3e,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,vfuNJf,w9hDv,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c/excm=_b,_r,_tp,commentformiframeview/ed=1/wt=2/rs=AEy-KP3TC1tV_N05l0nRCX2fIivJpogXZg/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en_GB.nrclM-_PVcU.es5.O/am=cQACAQ/d=1/excm=_b,_r,_tp,commentformiframeview/ed=1/dg=0/wt=2/rs=AEy-KP2uSsRgae6UQuTW2VWBo83S23uNGQ/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
36d934d9521a33bb571f35a8080a047914dd2964506a5e29a2d083227854f3fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 01 Aug 2022 03:13:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
171930
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2832
x-xss-protection
0
last-modified
Sat, 30 Jul 2022 00:12:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
vary
Accept-Encoding
report-to
{"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 01 Aug 2023 03:13:21 GMT
m=A4UTCb,VXdfxd,YwHGTd,i6Ko2d,pxq3x,fgj8Rb,XvDhNc,fgib1c
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en_GB.nrclM-_PVcU.es5.O/ck=boq-blogger.BloggerCommentUi.VM8PAZtDOww.L.B1.O/am=cQACAQ/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,F... Frame B2D4
73 KB
25 KB
Script
General
Full URL
https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en_GB.nrclM-_PVcU.es5.O/ck=boq-blogger.BloggerCommentUi.VM8PAZtDOww.L.B1.O/am=cQACAQ/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,FCpbqb,GkRiKb,I6YDgd,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,Mpq4Ee,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,S2r0ad,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,WO9ee,WhJNk,Wt6vjf,WzT7ae,XVMNvd,ZDqTJc,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,fKUV3e,gZjhIf,gychg,hKSk3e,hc6Ubd,hhhU8,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,vfuNJf,w9hDv,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c/excm=_b,_r,_tp,commentformiframeview/ed=1/wt=2/rs=AEy-KP3TC1tV_N05l0nRCX2fIivJpogXZg/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=A4UTCb,VXdfxd,YwHGTd,i6Ko2d,pxq3x,fgj8Rb,XvDhNc,fgib1c
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en_GB.nrclM-_PVcU.es5.O/am=cQACAQ/d=1/excm=_b,_r,_tp,commentformiframeview/ed=1/dg=0/wt=2/rs=AEy-KP2uSsRgae6UQuTW2VWBo83S23uNGQ/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c743d2e0a1681d4d6c392d8b3a5e8b08d4fa33457058bad29606a44fa5d0e9c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 01 Aug 2022 03:13:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
171930
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25836
x-xss-protection
0
last-modified
Sat, 30 Jul 2022 00:12:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
vary
Accept-Encoding
report-to
{"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 01 Aug 2023 03:13:21 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220728/r20110914/client/ Frame 3D5E
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220728/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2284510269158892&output=html&h=280&slotname=6199451114&adk=3235462141&adf=3329327272&pi=t.ma~as.6199451114&w=588&fwrn=4&fwrnh=100&lmt=1659493775&rafmt=1&psa=0&format=588x280&url=https%3A%2F%2Fspeakdoor.blogspot.com%2F2021%2F05%2Fmypaint.html&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659495531398&bpp=1&bdt=275&idt=357&shv=r20220728&mjsv=m202207280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=2793839140486&frm=20&pv=1&ga_vid=1415982526.1659495532&ga_sid=1659495532&ga_hid=1944273415&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=653&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531607%2C44769661&oid=2&pvsid=4218468948237186&tmod=440477505&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=lGLnwDGDA3&p=https%3A//speakdoor.blogspot.com&dtd=360
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:00:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3506
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Aug 2022 02:00:25 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3D5E
139 KB
43 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2284510269158892&output=html&h=280&slotname=6199451114&adk=3235462141&adf=3329327272&pi=t.ma~as.6199451114&w=588&fwrn=4&fwrnh=100&lmt=1659493775&rafmt=1&psa=0&format=588x280&url=https%3A%2F%2Fspeakdoor.blogspot.com%2F2021%2F05%2Fmypaint.html&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659495531398&bpp=1&bdt=275&idt=357&shv=r20220728&mjsv=m202207280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=2793839140486&frm=20&pv=1&ga_vid=1415982526.1659495532&ga_sid=1659495532&ga_hid=1944273415&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=653&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531607%2C44769661&oid=2&pvsid=4218468948237186&tmod=440477505&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=lGLnwDGDA3&p=https%3A//speakdoor.blogspot.com&dtd=360
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92aaa12adb4161114f57fe1c38584f80895525c642d8778be4d5b2d68fcab715
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43813
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1659353321385471"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 03 Aug 2022 02:58:52 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220728/r20110914/client/ Frame 3D5E
18 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220728/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2284510269158892&output=html&h=280&slotname=6199451114&adk=3235462141&adf=3329327272&pi=t.ma~as.6199451114&w=588&fwrn=4&fwrnh=100&lmt=1659493775&rafmt=1&psa=0&format=588x280&url=https%3A%2F%2Fspeakdoor.blogspot.com%2F2021%2F05%2Fmypaint.html&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659495531398&bpp=1&bdt=275&idt=357&shv=r20220728&mjsv=m202207280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=2793839140486&frm=20&pv=1&ga_vid=1415982526.1659495532&ga_sid=1659495532&ga_hid=1944273415&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=653&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531607%2C44769661&oid=2&pvsid=4218468948237186&tmod=440477505&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=lGLnwDGDA3&p=https%3A//speakdoor.blogspot.com&dtd=360
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e5ee07c0b9aebe4b9fe10f351068879e9046771eaae0fecc0d06a320e75d472
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:05:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3195
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7643
x-xss-protection
0
server
cafe
etag
5476907727954993956
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Aug 2022 02:05:36 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 3D5E
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CNXWDa-TpYrvdL4mX9u8P5L2j6AvJntKxXMWymPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ1U99zWw6xPqgDAcgDAqoE6QFP0NUFJfelGsRwfl1_3u-FNITxSHGNV0-edjYnoqFebCw3Wx8hIVl401hU8TGc2-PV9YvaVc29CplWcEBzKqk2K5cK7EMMc1InoFx66T5dXP1xwMl-57KJJEBENy2JQ7Hjts51ObKA7Lnsv9NVtSgDS3aFE1DmLD_f2FxLqMpJiSKTF2g5vh4fhxugdOS8ndf8DL3dTRYtbIETcIr-f9BcbWgftyOXOBD11Of-OR_T5zWwUbHUFHMdwJERB1UhrnFrsoN0UOIi4aoYowxAlX90KFVlSMjApSgSsP4dr-4fAVx8ZO3BD8nnN4AGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yMjg0NTEwMjY5MTU4ODkyGAA&sigh=0BIOW8TvKa0&uach_m=[UACH]&cid=CAQSGwCsnQUx-VBfFZKG8z8gkQkPi9S6wN8tWK_MjxgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2284510269158892&output=html&h=280&slotname=6199451114&adk=3235462141&adf=3329327272&pi=t.ma~as.6199451114&w=588&fwrn=4&fwrnh=100&lmt=1659493775&rafmt=1&psa=0&format=588x280&url=https%3A%2F%2Fspeakdoor.blogspot.com%2F2021%2F05%2Fmypaint.html&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659495531398&bpp=1&bdt=275&idt=357&shv=r20220728&mjsv=m202207280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=2793839140486&frm=20&pv=1&ga_vid=1415982526.1659495532&ga_sid=1659495532&ga_hid=1944273415&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=653&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531607%2C44769661&oid=2&pvsid=4218468948237186&tmod=440477505&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=lGLnwDGDA3&p=https%3A//speakdoor.blogspot.com&dtd=360
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2284510269158892&output=html&h=280&slotname=6199451114&adk=3235462141&adf=3329327272&pi=t.ma~as.6199451114&w=588&fwrn=4&fwrnh=100&lmt=1659493775&rafmt=1&psa=0&format=588x280&url=https%3A%2F%2Fspeakdoor.blogspot.com%2F2021%2F05%2Fmypaint.html&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659495531398&bpp=1&bdt=275&idt=357&shv=r20220728&mjsv=m202207280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=2793839140486&frm=20&pv=1&ga_vid=1415982526.1659495532&ga_sid=1659495532&ga_hid=1944273415&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=653&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531607%2C44769661&oid=2&pvsid=4218468948237186&tmod=440477505&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=lGLnwDGDA3&p=https%3A//speakdoor.blogspot.com&dtd=360
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 03 Aug 2022 02:58:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 03 Aug 2022 02:58:51 GMT
notify
rtb.fr.eu.criteo.com/google/auction/ Frame 3D5E
0
0
Fetch
General
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kOb8EMz6RMwEmAKdg2ICAgAAAF8HqR4db0N0EGvk6WITH8B-k_EOiKK8kgASAAA&wp=YunkawAL7rsH_YuJAAje5IgFp06GvEgKDiclow
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2284510269158892&output=html&h=280&slotname=6199451114&adk=3235462141&adf=3329327272&pi=t.ma~as.6199451114&w=588&fwrn=4&fwrnh=100&lmt=1659493775&rafmt=1&psa=0&format=588x280&url=https%3A%2F%2Fspeakdoor.blogspot.com%2F2021%2F05%2Fmypaint.html&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659495531398&bpp=1&bdt=275&idt=357&shv=r20220728&mjsv=m202207280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=2793839140486&frm=20&pv=1&ga_vid=1415982526.1659495532&ga_sid=1659495532&ga_hid=1944273415&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=653&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531607%2C44769661&oid=2&pvsid=4218468948237186&tmod=440477505&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=lGLnwDGDA3&p=https%3A//speakdoor.blogspot.com&dtd=360
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:51 GMT
server
Kestrel
server-processing-duration-in-ticks
283953
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame DE5B
168 KB
53 KB
Document
General
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAL7rsH_YuJAAje5IgFp06GvEgKDiclow&u=%7CPcGAtcajvHO0ANmpo881aJ3jiaqrA5SOsPafE6vvrWo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-Em2JF7kAG8z86GXLEmVN-29o0JqLNUc-JiAckm9GsDG4wavTlTTCXlwAUgpELson0EH0bvtLj2Xw7LuOdyFv1jKvYfBgEv-H7pX7LVs1RouGindVCSYP0ev6FPYCPF_qQzhlutXktRyaeSeznNz1jj66izBj3AKdjgg09sSe68lhXlILWM8wZk62f6qMWiBfpXP6W1qL2KZtl3kw1cpXHk9apjIYEby6GYThApiOJIQk5yZYI9Wllry0--jhAZQdugHDeotZ0QQ5Ceca6xaKwBnQ5epX8dNrZThUiJ3ncGM83uz0Po6YLhcQVFjV0bXDXsfMMyfmOAVGQ0riYSjhouw4wJpwNMvmRnzj7YQXHe_9mJ6CA3N9PT-i0TlKNx-sW6r1BnE1w3-iuxL1Ly2_EEjg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgYP3a-TpYrvdL4mX9u8P5L2j6AvJntKxXMWymPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ1U99zWw6xPqgDAcgDAqoE7AFP0NUFJfelGsRwfl1_3u-FNITxSHGNV0-edjYnoqFebCw3Wx8hIVl401hU8TGc2-PV9YvaVc29CplWcEBzKqk2K5cK7EMMc1InoFx66T5dXP1xwMl-57KJJEBENy2JQ7Hjts51ObKA7Lnsv9NVtSgDS3aFE1DmLD_f2FxLqMpJiSKTF2g5vh4fhxugdOS8ndf8DL3dTRYtbIETcIr-f9BcbWgftyOXOBD11Of-OR_T5zWwUbHUFHMdwJERB1UhrnFrsoM2UsOwZiWEsLPcgdykFfOdQdzKEyI8qHypZ9O58-NiSPVEpU30iGHEyoAGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0j4KqIk7RLVJsLTnxwK5xyCt79hw%26client%3Dca-pub-2284510269158892%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2284510269158892&output=html&h=280&slotname=6199451114&adk=3235462141&adf=3329327272&pi=t.ma~as.6199451114&w=588&fwrn=4&fwrnh=100&lmt=1659493775&rafmt=1&psa=0&format=588x280&url=https%3A%2F%2Fspeakdoor.blogspot.com%2F2021%2F05%2Fmypaint.html&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659495531398&bpp=1&bdt=275&idt=357&shv=r20220728&mjsv=m202207280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=2793839140486&frm=20&pv=1&ga_vid=1415982526.1659495532&ga_sid=1659495532&ga_hid=1944273415&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=653&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531607%2C44769661&oid=2&pvsid=4218468948237186&tmod=440477505&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=lGLnwDGDA3&p=https%3A//speakdoor.blogspot.com&dtd=360
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
78d1c56b85bd295ec918a2b0540f25742e3bdd3afdcf971d2cb23491f48505c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Wed, 03 Aug 2022 02:58:51 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=KCbJnzfX20-jaVR36u5jMhGeJXhyk7xaeFi4_e9i93fWQf7SwZg3TpQbjsIqED9TXZE_TxxVvmPyL-1r4gT9fsQeyfV9pAE3ASbw2joly_8MeR8YfQWjbxwm49G7ra6Eg-BIDLdRvsFCh7Q7n7aISMFm0nBHWhONF3pyuxsr3dO4aEu90Dh2pu4kukGglLEasG7PFNq1JyW8Y2TdXrVcwaWTaAvLG0M5FMRlbg-VDidjAbMWpHWeTXiKIb6bMpUETAYq7A"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
102362263
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207280101/
151 KB
54 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207280101/reactive_library_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2284510269158892&plah=speakdoor.blogspot.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4e75a96d71e536ee965f27d12fef7547fd95ea8173b40f0c58c3d6b849520e4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54890
x-xss-protection
0
server
cafe
etag
369126996052214492
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Aug 2022 02:58:51 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220728/r20110914/client/ Frame D983
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220728/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2284510269158892&output=html&h=280&slotname=6199451114&adk=3235462141&adf=212795810&pi=t.ma~as.6199451114&w=588&fwrn=4&fwrnh=100&lmt=1659493775&rafmt=1&psa=0&format=588x280&url=https%3A%2F%2Fspeakdoor.blogspot.com%2F2021%2F05%2Fmypaint.html&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659495531399&bpp=1&bdt=276&idt=377&shv=r20220728&mjsv=m202207280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C588x280&nras=1&correlator=2793839140486&frm=20&pv=1&ga_vid=1415982526.1659495532&ga_sid=1659495532&ga_hid=1944273415&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=1845&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531607%2C44769661&oid=2&pvsid=4218468948237186&tmod=440477505&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=aIuctpEWfI&p=https%3A//speakdoor.blogspot.com&dtd=382
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:00:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3506
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Aug 2022 02:00:25 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D983
139 KB
43 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2284510269158892&output=html&h=280&slotname=6199451114&adk=3235462141&adf=212795810&pi=t.ma~as.6199451114&w=588&fwrn=4&fwrnh=100&lmt=1659493775&rafmt=1&psa=0&format=588x280&url=https%3A%2F%2Fspeakdoor.blogspot.com%2F2021%2F05%2Fmypaint.html&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659495531399&bpp=1&bdt=276&idt=377&shv=r20220728&mjsv=m202207280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C588x280&nras=1&correlator=2793839140486&frm=20&pv=1&ga_vid=1415982526.1659495532&ga_sid=1659495532&ga_hid=1944273415&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=1845&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531607%2C44769661&oid=2&pvsid=4218468948237186&tmod=440477505&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=aIuctpEWfI&p=https%3A//speakdoor.blogspot.com&dtd=382
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92aaa12adb4161114f57fe1c38584f80895525c642d8778be4d5b2d68fcab715
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43813
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1659353321385471"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 03 Aug 2022 02:58:52 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220728/r20110914/client/ Frame D983
18 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220728/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2284510269158892&output=html&h=280&slotname=6199451114&adk=3235462141&adf=212795810&pi=t.ma~as.6199451114&w=588&fwrn=4&fwrnh=100&lmt=1659493775&rafmt=1&psa=0&format=588x280&url=https%3A%2F%2Fspeakdoor.blogspot.com%2F2021%2F05%2Fmypaint.html&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659495531399&bpp=1&bdt=276&idt=377&shv=r20220728&mjsv=m202207280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C588x280&nras=1&correlator=2793839140486&frm=20&pv=1&ga_vid=1415982526.1659495532&ga_sid=1659495532&ga_hid=1944273415&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=1845&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531607%2C44769661&oid=2&pvsid=4218468948237186&tmod=440477505&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=aIuctpEWfI&p=https%3A//speakdoor.blogspot.com&dtd=382
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e5ee07c0b9aebe4b9fe10f351068879e9046771eaae0fecc0d06a320e75d472
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:05:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3195
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7643
x-xss-protection
0
server
cafe
etag
5476907727954993956
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Aug 2022 02:05:36 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame D983
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CjoCva-TpYvaYMe-k9u8P94WG-A_JntKxXPXalvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ1U99zWw6xPqgDAaoE7gFP0KultPC5yhQyMqU3-dMSMKtQK0XUA5HT3E8v4wZcrjf7xl0pJcy6MsEw3FilyMS3y8kA3reECVY2sdr1GHCX4bOF3lV7s3SYTDyKoB3YV8vOgDuZCW0JttfBaaGpM40FaOdA65VorSRnpWvHv0F2kozJVJsG5WfRk-DVyYEXHNQrNn5uTIi5Mxj0HBq1guwwWkC4mJQX11BQbHCg5AmnMB1mz3ySJJ6iXDfaVAmrc9oXLjjEiGUegb_lubephG3KjJqLk2Ed_l0XUbpGWCrimEss-9tQoJJ1SiLJwO-vyzWEUuVRMeFuZTo_qnvmgAaeoLeMwZmgsm6gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTIyODQ1MTAyNjkxNTg4OTIYAA&sigh=qUcDjpLh0xM&uach_m=[UACH]&cid=CAQSGwCsnQUxJr54fLHMp4Pb_GKPXasyhOTjJOOBZRgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2284510269158892&output=html&h=280&slotname=6199451114&adk=3235462141&adf=212795810&pi=t.ma~as.6199451114&w=588&fwrn=4&fwrnh=100&lmt=1659493775&rafmt=1&psa=0&format=588x280&url=https%3A%2F%2Fspeakdoor.blogspot.com%2F2021%2F05%2Fmypaint.html&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659495531399&bpp=1&bdt=276&idt=377&shv=r20220728&mjsv=m202207280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C588x280&nras=1&correlator=2793839140486&frm=20&pv=1&ga_vid=1415982526.1659495532&ga_sid=1659495532&ga_hid=1944273415&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=1845&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531607%2C44769661&oid=2&pvsid=4218468948237186&tmod=440477505&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=aIuctpEWfI&p=https%3A//speakdoor.blogspot.com&dtd=382
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2284510269158892&output=html&h=280&slotname=6199451114&adk=3235462141&adf=212795810&pi=t.ma~as.6199451114&w=588&fwrn=4&fwrnh=100&lmt=1659493775&rafmt=1&psa=0&format=588x280&url=https%3A%2F%2Fspeakdoor.blogspot.com%2F2021%2F05%2Fmypaint.html&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659495531399&bpp=1&bdt=276&idt=377&shv=r20220728&mjsv=m202207280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C588x280&nras=1&correlator=2793839140486&frm=20&pv=1&ga_vid=1415982526.1659495532&ga_sid=1659495532&ga_hid=1944273415&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=1845&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531607%2C44769661&oid=2&pvsid=4218468948237186&tmod=440477505&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=aIuctpEWfI&p=https%3A//speakdoor.blogspot.com&dtd=382
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 03 Aug 2022 02:58:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
notify
rtb.nl.eu.criteo.com/google/auction/ Frame D983
0
0
Fetch
General
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kOb8EMz6RMwEmAKdg2ICAgAAAF8HqR4db0N0EGrk6WLblX2u7z5T06ulaQASAAA&wp=YunkawAMTHYH_ZJvAAGC92w4eK7GZS48co8Liw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2284510269158892&output=html&h=280&slotname=6199451114&adk=3235462141&adf=212795810&pi=t.ma~as.6199451114&w=588&fwrn=4&fwrnh=100&lmt=1659493775&rafmt=1&psa=0&format=588x280&url=https%3A%2F%2Fspeakdoor.blogspot.com%2F2021%2F05%2Fmypaint.html&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659495531399&bpp=1&bdt=276&idt=377&shv=r20220728&mjsv=m202207280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C588x280&nras=1&correlator=2793839140486&frm=20&pv=1&ga_vid=1415982526.1659495532&ga_sid=1659495532&ga_hid=1944273415&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=1845&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531607%2C44769661&oid=2&pvsid=4218468948237186&tmod=440477505&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=aIuctpEWfI&p=https%3A//speakdoor.blogspot.com&dtd=382
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:51 GMT
server
Kestrel
server-processing-duration-in-ticks
155802
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame D3B4
207 KB
59 KB
Document
General
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAMTHYH_ZJvAAGC92w4eK7GZS48co8Liw&u=%7CPcGAtcajvHPNj%2B6rggXbeU8jZxiIx20958XyO8mplQw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-Em2JF7kAG8z86GXLEmVN-29ssmfspfyGhVzisVULS66n2dGaP1V9j8atLVX_QLF-rwnGWDQlNEZNXHyFf49GyU1si658_1gtc_NbQP26ZQTdC0ww9KGo383AlvAc5Kdxz7tF5AOIXU3RdAb2oL0b869FNQqnn0pouotKHww_OLLFabz534Ja-_kbyGm9boabrtQdl-3IChVuwUt4xjEuUvZrAuMLBerLpy8NEJD2hb2RYiHTu4-x-SG_mq5zRIEghVQaPxCPQijxoYaV764LSyft3-iV8EO7y6cTWmE4WEbtidaG-Ywvef_o6-ysjZpJHuCPCLl6uRQ3eG76qX5b05Iq1LkX5gx6TvhUARexGehQ8z9VqVOqrpXyzcaYNW60JCzik9egwVfCU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfXJDa-TpYvaYMe-k9u8P94WG-A_JntKxXPXalvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ1U99zWw6xPqgDAaoE8QFP0KultPC5yhQyMqU3-dMSMKtQK0XUA5HT3E8v4wZcrjf7xl0pJcy6MsEw3FilyMS3y8kA3reECVY2sdr1GHCX4bOF3lV7s3SYTDyKoB3YV8vOgDuZCW0JttfBaaGpM40FaOdA65VorSRnpWvHv0F2kozJVJsG5WfRk-DVyYEXHNQrNn5uTIi5Mxj0HBq1guwwWkC4mJQX11BQbHCg5AmnMB1mz3ySJJ6iXDfaVAmrc9oXLjjEiGUegb_lubephG3KjJqLk2Ed_h8VcCjB17bxJ9c4WAttBmp8Xih_ysG3SYFMb0Ojjv9Cfb-VLmhZ2U75gAaeoLeMwZmgsm6gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3DaoepKe97xl6MMSpE1oAnEgfSPA%26client%3Dca-pub-2284510269158892%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2284510269158892&output=html&h=280&slotname=6199451114&adk=3235462141&adf=212795810&pi=t.ma~as.6199451114&w=588&fwrn=4&fwrnh=100&lmt=1659493775&rafmt=1&psa=0&format=588x280&url=https%3A%2F%2Fspeakdoor.blogspot.com%2F2021%2F05%2Fmypaint.html&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659495531399&bpp=1&bdt=276&idt=377&shv=r20220728&mjsv=m202207280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C588x280&nras=1&correlator=2793839140486&frm=20&pv=1&ga_vid=1415982526.1659495532&ga_sid=1659495532&ga_hid=1944273415&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=1845&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531607%2C44769661&oid=2&pvsid=4218468948237186&tmod=440477505&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=aIuctpEWfI&p=https%3A//speakdoor.blogspot.com&dtd=382
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
5a61be86510e957b0b1398525c7ad8083cccb683a3899dcf78641dad73d07de5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Wed, 03 Aug 2022 02:58:51 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=hiC9WTfX20-jaVR3w7jlfE5HLzEjdsnWsFH13MPIuZk8RjcA6xJnvRd_UavAi7jnRH-OC95XQsq8vuFwJr5AmglYA_BVdVqWXnzHfMp-HNwRN8inTHwM22Ug_jyXrEhLtIQQzp2GMvJ8fm6gGotoxiqHTVcYYe3Nly_Kuh1NE9Q_DPdencmaIhbKx7S1XhJlt-kKF-yjzHfbL_n06BlUCK6bka96IiSswvciAWsLtwZ49bmzVShLkhMFXXWs8EytaInC8w"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
107241086
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
adview
googleads.g.doubleclick.net/pagead/ Frame D501
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=ClgSOa-TpYoe4M7fD7_UPoeCQ4AnJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ7M9XT6Q2xPqgDAaoE6QFP0CpH2LmOJ5Rgz4SotV3QeWwW5aVlxwhc26not56ZYiIr_91ikjubn-x-vuM_PVgTFDWdls01pwcK1gBQ-cCrlEwqA9DX-AzTXYt6__Xczd5EXsNigttSUSVhrYkTpGZX-qn0IaswZb7qFHcMC4tefZJHTd3GAPFCD4FyjT9Cs4ucwKkXfjKaqHTb3HRQsj4Fa1fxE3u8XBc9nUnJy_JIuZlX-UIvB6G5_kiDgdDQLjSlDU-KPjsl5HKSVdPN9pvu0zgQQFat7h_gjN5DoTFHOjx_Z4FRFvTupYInV2AjoZaULmF7aemXSYAGh_mR8dqPjtUUoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yMjg0NTEwMjY5MTU4ODkyGAA&sigh=Y9sijWT-zuU&uach_m=[UACH]&cid=CAQSGwCsnQUxEJ8U89zQasSFFBUpm5EP-OWSFi9MDRgB
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2284510269158892&output=html&h=600&slotname=6199451114&adk=1087211778&adf=882022816&pi=t.ma~as.6199451114&w=278&fwrn=4&fwrnh=100&lmt=1659493775&rafmt=1&psa=0&format=278x600&url=https%3A%2F%2Fspeakdoor.blogspot.com%2F2021%2F05%2Fmypaint.html&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659495531471&bpp=2&bdt=349&idt=345&shv=r20220728&mjsv=m202207280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C588x280%2C588x280%2C588x352&nras=1&correlator=2793839140486&frm=20&pv=1&ga_vid=1415982526.1659495532&ga_sid=1659495532&ga_hid=1944273415&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=986&ady=514&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531607%2C44769661&oid=2&pvsid=4218468948237186&tmod=440477505&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=vzVIQEasG2&p=https%3A//speakdoor.blogspot.com&dtd=347
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 03 Aug 2022 02:58:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
notify
rtb.nl.eu.criteo.com/google/auction/ Frame D501
0
0
Fetch
General
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kN70E9yBMKAB2ASdg2ICAgAAAF8HqR4db0N0EGvk6WI0B1pCBkICNtGnSAASAAA&wp=YunkawAM3AcIu-G3AAQwIR3unTy4LpRgBjET1g
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:51 GMT
server
Kestrel
server-processing-duration-in-ticks
227860
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame EE39
46 KB
18 KB
Document
General
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAM3AcIu-G3AAQwIR3unTy4LpRgBjET1g&u=%7CPcGAtcajvHP9sF5nffzrog4nkOEK169emKuPBEkhJ3g%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgN28ygJ6EDhxdQI20RAwqy4lxuDNMTGFUkOWP8zlyBsbJY-zLVbz_2taJdYygYpDCfFFeLi3aW0ZqLTfR5Rwn47WNzAaYN7T32DpeHdlF9WvkUf6hbA5AZuC0NRd-0dE8wXGW5kAVTpq4K4nApfba2kUBwK-XZmgP2dnjWoSH8f1JSzFJaDJGrcY9KDvCyKlX1ouUkoJXk-i6VPLERU8uapkjFl_E4zy8NYIcaUx0rS7BUAYRwK7bUvpV6WPWpPbYGIoIxg1Lv1efFOUUwdb_dloCPdFTLBfUqi-93OGlmh4IsWiHjGwgKusgmISoaxyrDKQZ9q6LvVisHZmfeg-iCEWOHAffiGE41H71RHzhXlYOAcVkN4w1G9n1N3whfIn0ZQOtadfb7hP0tjtm_q5NRCB7GbEJgdoXCR03Da7-OXBg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfvZEa-TpYoe4M7fD7_UPoeCQ4AnJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ7M9XT6Q2xPqgDAaoE7AFP0CpH2LmOJ5Rgz4SotV3QeWwW5aVlxwhc26not56ZYiIr_91ikjubn-x-vuM_PVgTFDWdls01pwcK1gBQ-cCrlEwqA9DX-AzTXYt6__Xczd5EXsNigttSUSVhrYkTpGZX-qn0IaswZb7qFHcMC4tefZJHTd3GAPFCD4FyjT9Cs4ucwKkXfjKaqHTb3HRQsj4Fa1fxE3u8XBc9nUnJy_JIuZlX-UIvB6G5_kiDgdDQLjSlDU-KPjsl5HKSVdPN9pvu0zhSQnc_aZB8n2HftZKXB5qHbpVboP7AvQCTn12FUymKAnn-w22E9gYA54AGh_mR8dqPjtUUoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_08Wv_zMKpbPws_Xnqrn6KQQxw-yw%26client%3Dca-pub-2284510269158892%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2284510269158892&output=html&h=600&slotname=6199451114&adk=1087211778&adf=882022816&pi=t.ma~as.6199451114&w=278&fwrn=4&fwrnh=100&lmt=1659493775&rafmt=1&psa=0&format=278x600&url=https%3A%2F%2Fspeakdoor.blogspot.com%2F2021%2F05%2Fmypaint.html&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659495531471&bpp=2&bdt=349&idt=345&shv=r20220728&mjsv=m202207280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C588x280%2C588x280%2C588x352&nras=1&correlator=2793839140486&frm=20&pv=1&ga_vid=1415982526.1659495532&ga_sid=1659495532&ga_hid=1944273415&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=986&ady=514&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531607%2C44769661&oid=2&pvsid=4218468948237186&tmod=440477505&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=vzVIQEasG2&p=https%3A//speakdoor.blogspot.com&dtd=347
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
3767802fb6e81fa5b0f0b86afdd332b0528fadb019728eab6444e9c42a6dab6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Wed, 03 Aug 2022 02:58:51 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=A0SIVTfX20-jaVR3Mq9djOPzoCXiW1F9-zG1-RJSH0gYgjYOqwQQSh8TPggGrwgiYsfv-maEnGGF20bm1qf0KSvPULM53cwj0tfMtIsg5mODBwjGJBqN3i0TMvKOcatKyl2MFuKuAuwYEEiAsVcKVRjX8zxbcOcnWzUx4jrn82bAe8QiG1DRhE8zlI1xLGL0fFPirWEeAzCXw1BH7QwlPCUDWlYJbmUSdX8zgyhRD0yqV0GJ_wwUPKroVFDhV3BqaUm2Mg"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
5966493
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220728/r20110914/client/ Frame D501
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220728/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2284510269158892&output=html&h=600&slotname=6199451114&adk=1087211778&adf=882022816&pi=t.ma~as.6199451114&w=278&fwrn=4&fwrnh=100&lmt=1659493775&rafmt=1&psa=0&format=278x600&url=https%3A%2F%2Fspeakdoor.blogspot.com%2F2021%2F05%2Fmypaint.html&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659495531471&bpp=2&bdt=349&idt=345&shv=r20220728&mjsv=m202207280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C588x280%2C588x280%2C588x352&nras=1&correlator=2793839140486&frm=20&pv=1&ga_vid=1415982526.1659495532&ga_sid=1659495532&ga_hid=1944273415&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=986&ady=514&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531607%2C44769661&oid=2&pvsid=4218468948237186&tmod=440477505&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=vzVIQEasG2&p=https%3A//speakdoor.blogspot.com&dtd=347
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:00:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3507
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Aug 2022 02:00:25 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D501
139 KB
43 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2284510269158892&output=html&h=600&slotname=6199451114&adk=1087211778&adf=882022816&pi=t.ma~as.6199451114&w=278&fwrn=4&fwrnh=100&lmt=1659493775&rafmt=1&psa=0&format=278x600&url=https%3A%2F%2Fspeakdoor.blogspot.com%2F2021%2F05%2Fmypaint.html&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659495531471&bpp=2&bdt=349&idt=345&shv=r20220728&mjsv=m202207280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C588x280%2C588x280%2C588x352&nras=1&correlator=2793839140486&frm=20&pv=1&ga_vid=1415982526.1659495532&ga_sid=1659495532&ga_hid=1944273415&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=986&ady=514&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531607%2C44769661&oid=2&pvsid=4218468948237186&tmod=440477505&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=vzVIQEasG2&p=https%3A//speakdoor.blogspot.com&dtd=347
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92aaa12adb4161114f57fe1c38584f80895525c642d8778be4d5b2d68fcab715
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43813
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1659353321385471"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 03 Aug 2022 02:58:52 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220728/r20110914/client/ Frame D501
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220728/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2284510269158892&output=html&h=600&slotname=6199451114&adk=1087211778&adf=882022816&pi=t.ma~as.6199451114&w=278&fwrn=4&fwrnh=100&lmt=1659493775&rafmt=1&psa=0&format=278x600&url=https%3A%2F%2Fspeakdoor.blogspot.com%2F2021%2F05%2Fmypaint.html&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659495531471&bpp=2&bdt=349&idt=345&shv=r20220728&mjsv=m202207280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C588x280%2C588x280%2C588x352&nras=1&correlator=2793839140486&frm=20&pv=1&ga_vid=1415982526.1659495532&ga_sid=1659495532&ga_hid=1944273415&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=986&ady=514&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531607%2C44769661&oid=2&pvsid=4218468948237186&tmod=440477505&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=vzVIQEasG2&p=https%3A//speakdoor.blogspot.com&dtd=347
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e5ee07c0b9aebe4b9fe10f351068879e9046771eaae0fecc0d06a320e75d472
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:05:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3196
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7643
x-xss-protection
0
server
cafe
etag
5476907727954993956
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Aug 2022 02:05:36 GMT
e9729a99e2ce9704c0788d1ab658d164.js
www.gstatic.com/mysidia/ Frame AB08
12 KB
5 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/e9729a99e2ce9704c0788d1ab658d164.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2284510269158892&output=html&h=352&slotname=6655585604&adk=1606311184&adf=2466936919&pi=t.ma~as.6655585604&w=588&cr_col=4&cr_row=2&fwrn=2&lmt=1659493775&rafmt=9&psa=0&format=588x352&url=https%3A%2F%2Fspeakdoor.blogspot.com%2F2021%2F05%2Fmypaint.html&host=ca-host-pub-1556223355139109&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659495531400&bpp=1&bdt=277&idt=391&shv=r20220728&mjsv=m202207280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C588x280%2C588x280&nras=1&correlator=2793839140486&frm=20&pv=1&ga_vid=1415982526.1659495532&ga_sid=1659495532&ga_hid=1944273415&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=2125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531607%2C44769661&oid=2&pvsid=4218468948237186&tmod=440477505&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=DMG7eA7igE&p=https%3A//speakdoor.blogspot.com&dtd=393
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb35ebb5f496f09ed4148015a0c3f569595d38d6214bc5d00941b37464782290
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 20:55:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
453795
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4942
x-xss-protection
0
last-modified
Thu, 28 Jul 2022 20:13:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 26 Oct 2022 20:55:37 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220728/r20110914/client/ Frame AB08
2 KB
902 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220728/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2284510269158892&output=html&h=352&slotname=6655585604&adk=1606311184&adf=2466936919&pi=t.ma~as.6655585604&w=588&cr_col=4&cr_row=2&fwrn=2&lmt=1659493775&rafmt=9&psa=0&format=588x352&url=https%3A%2F%2Fspeakdoor.blogspot.com%2F2021%2F05%2Fmypaint.html&host=ca-host-pub-1556223355139109&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659495531400&bpp=1&bdt=277&idt=391&shv=r20220728&mjsv=m202207280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C588x280%2C588x280&nras=1&correlator=2793839140486&frm=20&pv=1&ga_vid=1415982526.1659495532&ga_sid=1659495532&ga_hid=1944273415&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=2125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531607%2C44769661&oid=2&pvsid=4218468948237186&tmod=440477505&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=DMG7eA7igE&p=https%3A//speakdoor.blogspot.com&dtd=393
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:07:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3068
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Aug 2022 02:07:44 GMT
7219d8b4753271ce4192f2ee66d7db28.js
www.gstatic.com/mysidia/ Frame AB08
22 KB
9 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/7219d8b4753271ce4192f2ee66d7db28.js?tag=exit_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2284510269158892&output=html&h=352&slotname=6655585604&adk=1606311184&adf=2466936919&pi=t.ma~as.6655585604&w=588&cr_col=4&cr_row=2&fwrn=2&lmt=1659493775&rafmt=9&psa=0&format=588x352&url=https%3A%2F%2Fspeakdoor.blogspot.com%2F2021%2F05%2Fmypaint.html&host=ca-host-pub-1556223355139109&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659495531400&bpp=1&bdt=277&idt=391&shv=r20220728&mjsv=m202207280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C588x280%2C588x280&nras=1&correlator=2793839140486&frm=20&pv=1&ga_vid=1415982526.1659495532&ga_sid=1659495532&ga_hid=1944273415&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=2125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531607%2C44769661&oid=2&pvsid=4218468948237186&tmod=440477505&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=DMG7eA7igE&p=https%3A//speakdoor.blogspot.com&dtd=393
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ae635aa632e6e57598324d48c5b288e1bf21441b4e46d8ef54c40130a7780b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 21:54:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
450279
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9375
x-xss-protection
0
last-modified
Thu, 28 Jul 2022 20:13:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 26 Oct 2022 21:54:13 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220728/r20110914/ Frame AB08
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220728/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2284510269158892&output=html&h=352&slotname=6655585604&adk=1606311184&adf=2466936919&pi=t.ma~as.6655585604&w=588&cr_col=4&cr_row=2&fwrn=2&lmt=1659493775&rafmt=9&psa=0&format=588x352&url=https%3A%2F%2Fspeakdoor.blogspot.com%2F2021%2F05%2Fmypaint.html&host=ca-host-pub-1556223355139109&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659495531400&bpp=1&bdt=277&idt=391&shv=r20220728&mjsv=m202207280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C588x280%2C588x280&nras=1&correlator=2793839140486&frm=20&pv=1&ga_vid=1415982526.1659495532&ga_sid=1659495532&ga_hid=1944273415&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=2125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531607%2C44769661&oid=2&pvsid=4218468948237186&tmod=440477505&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=DMG7eA7igE&p=https%3A//speakdoor.blogspot.com&dtd=393
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4c44b7ac3b0fb4895714ee8a35ed0a452b849df7759ee470ed8a7455ed15270f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 01:48:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4223
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9504
x-xss-protection
0
server
cafe
etag
17733382080043146658
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Aug 2022 01:48:29 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220728/r20110914/client/ Frame AB08
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220728/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2284510269158892&output=html&h=352&slotname=6655585604&adk=1606311184&adf=2466936919&pi=t.ma~as.6655585604&w=588&cr_col=4&cr_row=2&fwrn=2&lmt=1659493775&rafmt=9&psa=0&format=588x352&url=https%3A%2F%2Fspeakdoor.blogspot.com%2F2021%2F05%2Fmypaint.html&host=ca-host-pub-1556223355139109&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659495531400&bpp=1&bdt=277&idt=391&shv=r20220728&mjsv=m202207280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C588x280%2C588x280&nras=1&correlator=2793839140486&frm=20&pv=1&ga_vid=1415982526.1659495532&ga_sid=1659495532&ga_hid=1944273415&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=2125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531607%2C44769661&oid=2&pvsid=4218468948237186&tmod=440477505&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=DMG7eA7igE&p=https%3A//speakdoor.blogspot.com&dtd=393
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:00:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3507
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Aug 2022 02:00:25 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AB08
139 KB
43 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2284510269158892&output=html&h=352&slotname=6655585604&adk=1606311184&adf=2466936919&pi=t.ma~as.6655585604&w=588&cr_col=4&cr_row=2&fwrn=2&lmt=1659493775&rafmt=9&psa=0&format=588x352&url=https%3A%2F%2Fspeakdoor.blogspot.com%2F2021%2F05%2Fmypaint.html&host=ca-host-pub-1556223355139109&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659495531400&bpp=1&bdt=277&idt=391&shv=r20220728&mjsv=m202207280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C588x280%2C588x280&nras=1&correlator=2793839140486&frm=20&pv=1&ga_vid=1415982526.1659495532&ga_sid=1659495532&ga_hid=1944273415&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=2125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531607%2C44769661&oid=2&pvsid=4218468948237186&tmod=440477505&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=DMG7eA7igE&p=https%3A//speakdoor.blogspot.com&dtd=393
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92aaa12adb4161114f57fe1c38584f80895525c642d8778be4d5b2d68fcab715
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43813
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1659353321385471"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 03 Aug 2022 02:58:52 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220728/r20110914/client/ Frame AB08
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220728/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2284510269158892&output=html&h=352&slotname=6655585604&adk=1606311184&adf=2466936919&pi=t.ma~as.6655585604&w=588&cr_col=4&cr_row=2&fwrn=2&lmt=1659493775&rafmt=9&psa=0&format=588x352&url=https%3A%2F%2Fspeakdoor.blogspot.com%2F2021%2F05%2Fmypaint.html&host=ca-host-pub-1556223355139109&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659495531400&bpp=1&bdt=277&idt=391&shv=r20220728&mjsv=m202207280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C588x280%2C588x280&nras=1&correlator=2793839140486&frm=20&pv=1&ga_vid=1415982526.1659495532&ga_sid=1659495532&ga_hid=1944273415&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=2125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531607%2C44769661&oid=2&pvsid=4218468948237186&tmod=440477505&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=DMG7eA7igE&p=https%3A//speakdoor.blogspot.com&dtd=393
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e5ee07c0b9aebe4b9fe10f351068879e9046771eaae0fecc0d06a320e75d472
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:05:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3196
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7643
x-xss-protection
0
server
cafe
etag
5476907727954993956
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Aug 2022 02:05:36 GMT
m=bm51tf
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en_GB.nrclM-_PVcU.es5.O/ck=boq-blogger.BloggerCommentUi.VM8PAZtDOww.L.B1.O/am=cQACAQ/d=1/exm=A4UTCb,A7fCU,BVgquf,COQbmf,EEDORb,E... Frame B2D4
1 KB
698 B
Script
General
Full URL
https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en_GB.nrclM-_PVcU.es5.O/ck=boq-blogger.BloggerCommentUi.VM8PAZtDOww.L.B1.O/am=cQACAQ/d=1/exm=A4UTCb,A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,FCpbqb,GkRiKb,I6YDgd,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,Mpq4Ee,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,S2r0ad,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,WhJNk,Wt6vjf,WzT7ae,XVMNvd,XvDhNc,YwHGTd,ZDqTJc,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,fKUV3e,fgib1c,fgj8Rb,gZjhIf,gychg,hKSk3e,hc6Ubd,hhhU8,i6Ko2d,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c/excm=_b,_r,_tp,commentformiframeview/ed=1/wt=2/rs=AEy-KP3TC1tV_N05l0nRCX2fIivJpogXZg/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=bm51tf
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en_GB.nrclM-_PVcU.es5.O/am=cQACAQ/d=1/excm=_b,_r,_tp,commentformiframeview/ed=1/dg=0/wt=2/rs=AEy-KP2uSsRgae6UQuTW2VWBo83S23uNGQ/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
900877c3f6342ae0289e6287759b3cf36eb1bfe95813de9f49d3665485c4a9ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 01 Aug 2022 03:13:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
171930
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
672
x-xss-protection
0
last-modified
Sat, 30 Jul 2022 00:12:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
vary
Accept-Encoding
report-to
{"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 01 Aug 2023 03:13:22 GMT
log
play.google.com/ Frame B2D4
131 B
672 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en_GB.nrclM-_PVcU.es5.O/am=cQACAQ/d=1/excm=_b,_r,_tp,commentformiframeview/ed=1/dg=0/wt=2/rs=AEy-KP2uSsRgae6UQuTW2VWBo83S23uNGQ/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.blogger.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://www.blogger.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Wed, 03 Aug 2022 02:58:52 GMT
api.js
www.google.com/recaptcha/ Frame B2D4
1 KB
1 KB
Script
General
Full URL
https://www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en_GB.nrclM-_PVcU.es5.O/ck=boq-blogger.BloggerCommentUi.VM8PAZtDOww.L.B1.O/am=cQACAQ/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,commentformiframeview/ed=1/wt=2/rs=AEy-KP3TC1tV_N05l0nRCX2fIivJpogXZg/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=n73qwf,ws9Tlc,e5qFLc,GkRiKb,IZT63,vfuNJf,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,mI3LFb,WO9ee,WzT7ae,gZjhIf,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,lazG7b,Mpq4Ee,S2r0ad,XVMNvd,L1AAkb,KUM7Z,Mlhmy,hc6Ubd,lwddkf,gychg,w9hDv,EEDORb,RMhBfe,SdcwHb,aW3pY,SpsfSb,EFQ78c,Ulmmrd,ZfAoz,mdR7q,I6YDgd,xQtZb,MdUzUe,JNoxi,kWgXee,MI6k7c,kjKdXe,BVgquf,ovKuLd,hKSk3e,zbML3c,yDVVkb,Uas9Hd,KG2eXe,VwDzFe,ZDqTJc,eD1YLc,A7fCU,pjICDe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
607adf46c67a9119b2e6e39fd963516a2b7df0aa355aae0c84fdb6ed2d136a65
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
669
x-xss-protection
1; mode=block
expires
Wed, 03 Aug 2022 02:58:52 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 210E
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawALVmcIu-WTAAJ55SNfpvOurZVgviooRg&u=%7CPcGAtcajvHPHlPb2UcmyndfF4v3nimGRG7Aqw%2BnV8l8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-EmSBxF9gVT5n1MXNKzDdgZj0YA9-KFVsubJ8ETM2ZS1JSHu-xkc1vdtSyaueNzr69KpbsnxWtt3aP2RtSz_85tcohTt9MA4pDFO068EMt8BKXEA4aAzOLSC70s8qpltRCopz7JZIny7Y5wCge_9Gk8i7SdMWQ8FPz2haBqC6WAVnXyxuMAVOm6ue6p74CuAo2ijY5cCt8JN80XIBkqrKWMTMRbK68ejmSwP-mJwDljnCjSgNhLepZAoP-xkbqtYlwI5XYFSt91Ou4hdPrN5TxY_IKGI6yG1nonOEMgJsCp7dt40OSlVC1WgZG2587eNW1sFwlJfVa7CJSTfOD2H2cM3a-gLuVXchA3r7qabEkX5f_tch-kQsZV19fTrdzTHNyd7IyKNdcym-RpWvdpLxZcAtAj28kjwlS5&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCytnPa-TpYuesLZPL7_UP5fOJyA3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ7M9XT6Q2xPqgDAaoE7AFP0F0fQPcR5RJb0NKNRzAvjYwAe7wKpZUQcnQftbUK99-eJhhnpn6ltNAqfk2-BakdV_OclIh9DSixtSW8G_cBEP2VwstCmEkC22xGX7nfwN_A_HZFXW5XihwHRXeiGszqw8rsxGA86TdwpT4hq9OSc011k96trKUwJcvFHS03lQOouE6cT6HyHOoE3sUZwcQqYOHGvmgO36AEPN_HiAJzBN2Mv9PArauUf9-P6QaX2iST1tDZ8RnzDScRe8gce0XerF23fTI7mVCZpqBUxg26A9YMZ7c0qFYM7C50d8akEjH_qRJVeafGG-tEe4AGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1pj0x13NEUlCCZNvBgB5e5bYP1lQ%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 29 Jul 2023 02:58:52 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 210E
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawALVmcIu-WTAAJ55SNfpvOurZVgviooRg&u=%7CPcGAtcajvHPHlPb2UcmyndfF4v3nimGRG7Aqw%2BnV8l8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-EmSBxF9gVT5n1MXNKzDdgZj0YA9-KFVsubJ8ETM2ZS1JSHu-xkc1vdtSyaueNzr69KpbsnxWtt3aP2RtSz_85tcohTt9MA4pDFO068EMt8BKXEA4aAzOLSC70s8qpltRCopz7JZIny7Y5wCge_9Gk8i7SdMWQ8FPz2haBqC6WAVnXyxuMAVOm6ue6p74CuAo2ijY5cCt8JN80XIBkqrKWMTMRbK68ejmSwP-mJwDljnCjSgNhLepZAoP-xkbqtYlwI5XYFSt91Ou4hdPrN5TxY_IKGI6yG1nonOEMgJsCp7dt40OSlVC1WgZG2587eNW1sFwlJfVa7CJSTfOD2H2cM3a-gLuVXchA3r7qabEkX5f_tch-kQsZV19fTrdzTHNyd7IyKNdcym-RpWvdpLxZcAtAj28kjwlS5&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCytnPa-TpYuesLZPL7_UP5fOJyA3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ7M9XT6Q2xPqgDAaoE7AFP0F0fQPcR5RJb0NKNRzAvjYwAe7wKpZUQcnQftbUK99-eJhhnpn6ltNAqfk2-BakdV_OclIh9DSixtSW8G_cBEP2VwstCmEkC22xGX7nfwN_A_HZFXW5XihwHRXeiGszqw8rsxGA86TdwpT4hq9OSc011k96trKUwJcvFHS03lQOouE6cT6HyHOoE3sUZwcQqYOHGvmgO36AEPN_HiAJzBN2Mv9PArauUf9-P6QaX2iST1tDZ8RnzDScRe8gce0XerF23fTI7mVCZpqBUxg26A9YMZ7c0qFYM7C50d8akEjH_qRJVeafGG-tEe4AGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1pj0x13NEUlCCZNvBgB5e5bYP1lQ%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 29 Jul 2023 02:58:52 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 210E
308 B
636 B
Image
General
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawALVmcIu-WTAAJ55SNfpvOurZVgviooRg&u=%7CPcGAtcajvHPHlPb2UcmyndfF4v3nimGRG7Aqw%2BnV8l8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-EmSBxF9gVT5n1MXNKzDdgZj0YA9-KFVsubJ8ETM2ZS1JSHu-xkc1vdtSyaueNzr69KpbsnxWtt3aP2RtSz_85tcohTt9MA4pDFO068EMt8BKXEA4aAzOLSC70s8qpltRCopz7JZIny7Y5wCge_9Gk8i7SdMWQ8FPz2haBqC6WAVnXyxuMAVOm6ue6p74CuAo2ijY5cCt8JN80XIBkqrKWMTMRbK68ejmSwP-mJwDljnCjSgNhLepZAoP-xkbqtYlwI5XYFSt91Ou4hdPrN5TxY_IKGI6yG1nonOEMgJsCp7dt40OSlVC1WgZG2587eNW1sFwlJfVa7CJSTfOD2H2cM3a-gLuVXchA3r7qabEkX5f_tch-kQsZV19fTrdzTHNyd7IyKNdcym-RpWvdpLxZcAtAj28kjwlS5&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCytnPa-TpYuesLZPL7_UP5fOJyA3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ7M9XT6Q2xPqgDAaoE7AFP0F0fQPcR5RJb0NKNRzAvjYwAe7wKpZUQcnQftbUK99-eJhhnpn6ltNAqfk2-BakdV_OclIh9DSixtSW8G_cBEP2VwstCmEkC22xGX7nfwN_A_HZFXW5XihwHRXeiGszqw8rsxGA86TdwpT4hq9OSc011k96trKUwJcvFHS03lQOouE6cT6HyHOoE3sUZwcQqYOHGvmgO36AEPN_HiAJzBN2Mv9PArauUf9-P6QaX2iST1tDZ8RnzDScRe8gce0XerF23fTI7mVCZpqBUxg26A9YMZ7c0qFYM7C50d8akEjH_qRJVeafGG-tEe4AGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1pj0x13NEUlCCZNvBgB5e5bYP1lQ%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sat, 29 Jul 2023 02:58:52 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 210E
293 B
621 B
Image
General
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawALVmcIu-WTAAJ55SNfpvOurZVgviooRg&u=%7CPcGAtcajvHPHlPb2UcmyndfF4v3nimGRG7Aqw%2BnV8l8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-EmSBxF9gVT5n1MXNKzDdgZj0YA9-KFVsubJ8ETM2ZS1JSHu-xkc1vdtSyaueNzr69KpbsnxWtt3aP2RtSz_85tcohTt9MA4pDFO068EMt8BKXEA4aAzOLSC70s8qpltRCopz7JZIny7Y5wCge_9Gk8i7SdMWQ8FPz2haBqC6WAVnXyxuMAVOm6ue6p74CuAo2ijY5cCt8JN80XIBkqrKWMTMRbK68ejmSwP-mJwDljnCjSgNhLepZAoP-xkbqtYlwI5XYFSt91Ou4hdPrN5TxY_IKGI6yG1nonOEMgJsCp7dt40OSlVC1WgZG2587eNW1sFwlJfVa7CJSTfOD2H2cM3a-gLuVXchA3r7qabEkX5f_tch-kQsZV19fTrdzTHNyd7IyKNdcym-RpWvdpLxZcAtAj28kjwlS5&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCytnPa-TpYuesLZPL7_UP5fOJyA3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ7M9XT6Q2xPqgDAaoE7AFP0F0fQPcR5RJb0NKNRzAvjYwAe7wKpZUQcnQftbUK99-eJhhnpn6ltNAqfk2-BakdV_OclIh9DSixtSW8G_cBEP2VwstCmEkC22xGX7nfwN_A_HZFXW5XihwHRXeiGszqw8rsxGA86TdwpT4hq9OSc011k96trKUwJcvFHS03lQOouE6cT6HyHOoE3sUZwcQqYOHGvmgO36AEPN_HiAJzBN2Mv9PArauUf9-P6QaX2iST1tDZ8RnzDScRe8gce0XerF23fTI7mVCZpqBUxg26A9YMZ7c0qFYM7C50d8akEjH_qRJVeafGG-tEe4AGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1pj0x13NEUlCCZNvBgB5e5bYP1lQ%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sat, 29 Jul 2023 02:58:52 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame 210E
43 B
348 B
Image
General
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=j2618aIgar3PdS5R9BM-mVDRxQXjUE2Oslcx-3IYpKDhFINtSyYQWcRMURf6Jm6gAlUYrFK5CRcWmyoHfSQHTOGWDHAh9FOjs0J3cWQyp5zd6I_59mr6pt2IXK8Pjg-FXy1ozN268U9DCJCs5I8nnqFv6acG17DJEJ0CMM35UpFoC_RRnFlkzpEmHKeFdlogSzgdal9Tm_JnRmTWvBJfrii0t2ljGxs4-m-Yp0cCCTmgUXBYFJJ9gbIKAoLhIB6_-4Zg4yZHTgg4VMtAJcFigoVdol_LpGpkynt6U8gLyUjg7bWYzhfMtWFBfGjGk8jqVGq7uAvIrjbIjBVHpGVPE4-dxUDhnoP-aHXGoWYK8iJwCS4M3RZCi-eUwcc1reesEDkOJm_KUGXp6CbOgprhHsAJeGI7pJ0RTsoSAZ1aLpSVmEnuc203kff7JE_SBCS5LkDdNQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawALVmcIu-WTAAJ55SNfpvOurZVgviooRg&u=%7CPcGAtcajvHPHlPb2UcmyndfF4v3nimGRG7Aqw%2BnV8l8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-EmSBxF9gVT5n1MXNKzDdgZj0YA9-KFVsubJ8ETM2ZS1JSHu-xkc1vdtSyaueNzr69KpbsnxWtt3aP2RtSz_85tcohTt9MA4pDFO068EMt8BKXEA4aAzOLSC70s8qpltRCopz7JZIny7Y5wCge_9Gk8i7SdMWQ8FPz2haBqC6WAVnXyxuMAVOm6ue6p74CuAo2ijY5cCt8JN80XIBkqrKWMTMRbK68ejmSwP-mJwDljnCjSgNhLepZAoP-xkbqtYlwI5XYFSt91Ou4hdPrN5TxY_IKGI6yG1nonOEMgJsCp7dt40OSlVC1WgZG2587eNW1sFwlJfVa7CJSTfOD2H2cM3a-gLuVXchA3r7qabEkX5f_tch-kQsZV19fTrdzTHNyd7IyKNdcym-RpWvdpLxZcAtAj28kjwlS5&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCytnPa-TpYuesLZPL7_UP5fOJyA3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ7M9XT6Q2xPqgDAaoE7AFP0F0fQPcR5RJb0NKNRzAvjYwAe7wKpZUQcnQftbUK99-eJhhnpn6ltNAqfk2-BakdV_OclIh9DSixtSW8G_cBEP2VwstCmEkC22xGX7nfwN_A_HZFXW5XihwHRXeiGszqw8rsxGA86TdwpT4hq9OSc011k96trKUwJcvFHS03lQOouE6cT6HyHOoE3sUZwcQqYOHGvmgO36AEPN_HiAJzBN2Mv9PArauUf9-P6QaX2iST1tDZ8RnzDScRe8gce0XerF23fTI7mVCZpqBUxg26A9YMZ7c0qFYM7C50d8akEjH_qRJVeafGG-tEe4AGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1pj0x13NEUlCCZNvBgB5e5bYP1lQ%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Aug 2022 02:58:51 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3007880
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
m
secure-gl.imrworldwide.com/cgi-bin/ Frame 210E
0
688 B
Image
General
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1659495531
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawALVmcIu-WTAAJ55SNfpvOurZVgviooRg&u=%7CPcGAtcajvHPHlPb2UcmyndfF4v3nimGRG7Aqw%2BnV8l8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-EmSBxF9gVT5n1MXNKzDdgZj0YA9-KFVsubJ8ETM2ZS1JSHu-xkc1vdtSyaueNzr69KpbsnxWtt3aP2RtSz_85tcohTt9MA4pDFO068EMt8BKXEA4aAzOLSC70s8qpltRCopz7JZIny7Y5wCge_9Gk8i7SdMWQ8FPz2haBqC6WAVnXyxuMAVOm6ue6p74CuAo2ijY5cCt8JN80XIBkqrKWMTMRbK68ejmSwP-mJwDljnCjSgNhLepZAoP-xkbqtYlwI5XYFSt91Ou4hdPrN5TxY_IKGI6yG1nonOEMgJsCp7dt40OSlVC1WgZG2587eNW1sFwlJfVa7CJSTfOD2H2cM3a-gLuVXchA3r7qabEkX5f_tch-kQsZV19fTrdzTHNyd7IyKNdcym-RpWvdpLxZcAtAj28kjwlS5&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCytnPa-TpYuesLZPL7_UP5fOJyA3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ7M9XT6Q2xPqgDAaoE7AFP0F0fQPcR5RJb0NKNRzAvjYwAe7wKpZUQcnQftbUK99-eJhhnpn6ltNAqfk2-BakdV_OclIh9DSixtSW8G_cBEP2VwstCmEkC22xGX7nfwN_A_HZFXW5XihwHRXeiGszqw8rsxGA86TdwpT4hq9OSc011k96trKUwJcvFHS03lQOouE6cT6HyHOoE3sUZwcQqYOHGvmgO36AEPN_HiAJzBN2Mv9PArauUf9-P6QaX2iST1tDZ8RnzDScRe8gce0XerF23fTI7mVCZpqBUxg26A9YMZ7c0qFYM7C50d8akEjH_qRJVeafGG-tEe4AGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1pj0x13NEUlCCZNvBgB5e5bYP1lQ%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:5e00:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Aug 2022 02:58:52 GMT
via
1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA56-C1
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
x-cache
Miss from cloudfront
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length
0
x-amz-cf-id
3za--01WXlQwrEh42vxkNrSaJnlh9jMleLlUgn45OveIwnsIYQ0tMg==
expires
Thu, 01 Dec 1994 16:00:00 GMT
integrator.js
adservice.google.de/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=speakdoor.blogspot.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2284510269158892&plah=speakdoor.blogspot.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 03 Aug 2022 02:58:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=speakdoor.blogspot.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2284510269158892&plah=speakdoor.blogspot.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 03 Aug 2022 02:58:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220728/r20110914/ Frame E2DE
10 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220728/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2284510269158892&plah=speakdoor.blogspot.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://speakdoor.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
73759
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Aug 2022 06:29:33 GMT
etag
8616628553774171045
expires
Tue, 16 Aug 2022 06:29:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
privacy_small.svg
static.criteo.net/flash/icon/ Frame DE5B
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAL7rsH_YuJAAje5IgFp06GvEgKDiclow&u=%7CPcGAtcajvHO0ANmpo881aJ3jiaqrA5SOsPafE6vvrWo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-Em2JF7kAG8z86GXLEmVN-29o0JqLNUc-JiAckm9GsDG4wavTlTTCXlwAUgpELson0EH0bvtLj2Xw7LuOdyFv1jKvYfBgEv-H7pX7LVs1RouGindVCSYP0ev6FPYCPF_qQzhlutXktRyaeSeznNz1jj66izBj3AKdjgg09sSe68lhXlILWM8wZk62f6qMWiBfpXP6W1qL2KZtl3kw1cpXHk9apjIYEby6GYThApiOJIQk5yZYI9Wllry0--jhAZQdugHDeotZ0QQ5Ceca6xaKwBnQ5epX8dNrZThUiJ3ncGM83uz0Po6YLhcQVFjV0bXDXsfMMyfmOAVGQ0riYSjhouw4wJpwNMvmRnzj7YQXHe_9mJ6CA3N9PT-i0TlKNx-sW6r1BnE1w3-iuxL1Ly2_EEjg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgYP3a-TpYrvdL4mX9u8P5L2j6AvJntKxXMWymPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ1U99zWw6xPqgDAcgDAqoE7AFP0NUFJfelGsRwfl1_3u-FNITxSHGNV0-edjYnoqFebCw3Wx8hIVl401hU8TGc2-PV9YvaVc29CplWcEBzKqk2K5cK7EMMc1InoFx66T5dXP1xwMl-57KJJEBENy2JQ7Hjts51ObKA7Lnsv9NVtSgDS3aFE1DmLD_f2FxLqMpJiSKTF2g5vh4fhxugdOS8ndf8DL3dTRYtbIETcIr-f9BcbWgftyOXOBD11Of-OR_T5zWwUbHUFHMdwJERB1UhrnFrsoM2UsOwZiWEsLPcgdykFfOdQdzKEyI8qHypZ9O58-NiSPVEpU30iGHEyoAGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0j4KqIk7RLVJsLTnxwK5xyCt79hw%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 29 Jul 2023 02:58:52 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame DE5B
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAL7rsH_YuJAAje5IgFp06GvEgKDiclow&u=%7CPcGAtcajvHO0ANmpo881aJ3jiaqrA5SOsPafE6vvrWo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-Em2JF7kAG8z86GXLEmVN-29o0JqLNUc-JiAckm9GsDG4wavTlTTCXlwAUgpELson0EH0bvtLj2Xw7LuOdyFv1jKvYfBgEv-H7pX7LVs1RouGindVCSYP0ev6FPYCPF_qQzhlutXktRyaeSeznNz1jj66izBj3AKdjgg09sSe68lhXlILWM8wZk62f6qMWiBfpXP6W1qL2KZtl3kw1cpXHk9apjIYEby6GYThApiOJIQk5yZYI9Wllry0--jhAZQdugHDeotZ0QQ5Ceca6xaKwBnQ5epX8dNrZThUiJ3ncGM83uz0Po6YLhcQVFjV0bXDXsfMMyfmOAVGQ0riYSjhouw4wJpwNMvmRnzj7YQXHe_9mJ6CA3N9PT-i0TlKNx-sW6r1BnE1w3-iuxL1Ly2_EEjg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgYP3a-TpYrvdL4mX9u8P5L2j6AvJntKxXMWymPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ1U99zWw6xPqgDAcgDAqoE7AFP0NUFJfelGsRwfl1_3u-FNITxSHGNV0-edjYnoqFebCw3Wx8hIVl401hU8TGc2-PV9YvaVc29CplWcEBzKqk2K5cK7EMMc1InoFx66T5dXP1xwMl-57KJJEBENy2JQ7Hjts51ObKA7Lnsv9NVtSgDS3aFE1DmLD_f2FxLqMpJiSKTF2g5vh4fhxugdOS8ndf8DL3dTRYtbIETcIr-f9BcbWgftyOXOBD11Of-OR_T5zWwUbHUFHMdwJERB1UhrnFrsoM2UsOwZiWEsLPcgdykFfOdQdzKEyI8qHypZ9O58-NiSPVEpU30iGHEyoAGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0j4KqIk7RLVJsLTnxwK5xyCt79hw%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 29 Jul 2023 02:58:52 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame DE5B
308 B
636 B
Image
General
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAL7rsH_YuJAAje5IgFp06GvEgKDiclow&u=%7CPcGAtcajvHO0ANmpo881aJ3jiaqrA5SOsPafE6vvrWo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-Em2JF7kAG8z86GXLEmVN-29o0JqLNUc-JiAckm9GsDG4wavTlTTCXlwAUgpELson0EH0bvtLj2Xw7LuOdyFv1jKvYfBgEv-H7pX7LVs1RouGindVCSYP0ev6FPYCPF_qQzhlutXktRyaeSeznNz1jj66izBj3AKdjgg09sSe68lhXlILWM8wZk62f6qMWiBfpXP6W1qL2KZtl3kw1cpXHk9apjIYEby6GYThApiOJIQk5yZYI9Wllry0--jhAZQdugHDeotZ0QQ5Ceca6xaKwBnQ5epX8dNrZThUiJ3ncGM83uz0Po6YLhcQVFjV0bXDXsfMMyfmOAVGQ0riYSjhouw4wJpwNMvmRnzj7YQXHe_9mJ6CA3N9PT-i0TlKNx-sW6r1BnE1w3-iuxL1Ly2_EEjg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgYP3a-TpYrvdL4mX9u8P5L2j6AvJntKxXMWymPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ1U99zWw6xPqgDAcgDAqoE7AFP0NUFJfelGsRwfl1_3u-FNITxSHGNV0-edjYnoqFebCw3Wx8hIVl401hU8TGc2-PV9YvaVc29CplWcEBzKqk2K5cK7EMMc1InoFx66T5dXP1xwMl-57KJJEBENy2JQ7Hjts51ObKA7Lnsv9NVtSgDS3aFE1DmLD_f2FxLqMpJiSKTF2g5vh4fhxugdOS8ndf8DL3dTRYtbIETcIr-f9BcbWgftyOXOBD11Of-OR_T5zWwUbHUFHMdwJERB1UhrnFrsoM2UsOwZiWEsLPcgdykFfOdQdzKEyI8qHypZ9O58-NiSPVEpU30iGHEyoAGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0j4KqIk7RLVJsLTnxwK5xyCt79hw%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sat, 29 Jul 2023 02:58:52 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame DE5B
293 B
621 B
Image
General
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAL7rsH_YuJAAje5IgFp06GvEgKDiclow&u=%7CPcGAtcajvHO0ANmpo881aJ3jiaqrA5SOsPafE6vvrWo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-Em2JF7kAG8z86GXLEmVN-29o0JqLNUc-JiAckm9GsDG4wavTlTTCXlwAUgpELson0EH0bvtLj2Xw7LuOdyFv1jKvYfBgEv-H7pX7LVs1RouGindVCSYP0ev6FPYCPF_qQzhlutXktRyaeSeznNz1jj66izBj3AKdjgg09sSe68lhXlILWM8wZk62f6qMWiBfpXP6W1qL2KZtl3kw1cpXHk9apjIYEby6GYThApiOJIQk5yZYI9Wllry0--jhAZQdugHDeotZ0QQ5Ceca6xaKwBnQ5epX8dNrZThUiJ3ncGM83uz0Po6YLhcQVFjV0bXDXsfMMyfmOAVGQ0riYSjhouw4wJpwNMvmRnzj7YQXHe_9mJ6CA3N9PT-i0TlKNx-sW6r1BnE1w3-iuxL1Ly2_EEjg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgYP3a-TpYrvdL4mX9u8P5L2j6AvJntKxXMWymPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ1U99zWw6xPqgDAcgDAqoE7AFP0NUFJfelGsRwfl1_3u-FNITxSHGNV0-edjYnoqFebCw3Wx8hIVl401hU8TGc2-PV9YvaVc29CplWcEBzKqk2K5cK7EMMc1InoFx66T5dXP1xwMl-57KJJEBENy2JQ7Hjts51ObKA7Lnsv9NVtSgDS3aFE1DmLD_f2FxLqMpJiSKTF2g5vh4fhxugdOS8ndf8DL3dTRYtbIETcIr-f9BcbWgftyOXOBD11Of-OR_T5zWwUbHUFHMdwJERB1UhrnFrsoM2UsOwZiWEsLPcgdykFfOdQdzKEyI8qHypZ9O58-NiSPVEpU30iGHEyoAGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0j4KqIk7RLVJsLTnxwK5xyCt79hw%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sat, 29 Jul 2023 02:58:52 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame DE5B
43 B
347 B
Image
General
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=8eSft6Igar3PdS5R9BM-mVDRxQV9TYwUabPeTt7lQ0TBSv0GjwggxWINgTSi-yHj8pTnZlM08FaumGO32QE1OBCxcOCdpRn_IYjZ8NUnWGg7WAN3LhVD5IN5TK3hNnCKSA3R4QKiMOGAMtA0JGTFnd2nBTiBmyGzS01O5dMU3kgCjVGkBP1_DoA0uziOeX4NwcChLpYWFFNmkYBWPZzUCBaRSiIsFVbTUBWvBLmyIxh6HURy7vYtD8WO31aZp59ZPTPT1NIUunA-8bb0Zephw08XMc9LkvTGKFk4yTsn5BiuiBkLwBw96_TpBCHadDYxnkOeztMCRVJ0SOlo0FbbCvOmdEvTeJTm8tvmCUR9fG2pCH1lOxf9x4Ex7jxRQ8ys7DvGrwWYjrD3_3b5QR0F89OQSucWQW3SwkCHmiMO0JM4EHtk
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAL7rsH_YuJAAje5IgFp06GvEgKDiclow&u=%7CPcGAtcajvHO0ANmpo881aJ3jiaqrA5SOsPafE6vvrWo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-Em2JF7kAG8z86GXLEmVN-29o0JqLNUc-JiAckm9GsDG4wavTlTTCXlwAUgpELson0EH0bvtLj2Xw7LuOdyFv1jKvYfBgEv-H7pX7LVs1RouGindVCSYP0ev6FPYCPF_qQzhlutXktRyaeSeznNz1jj66izBj3AKdjgg09sSe68lhXlILWM8wZk62f6qMWiBfpXP6W1qL2KZtl3kw1cpXHk9apjIYEby6GYThApiOJIQk5yZYI9Wllry0--jhAZQdugHDeotZ0QQ5Ceca6xaKwBnQ5epX8dNrZThUiJ3ncGM83uz0Po6YLhcQVFjV0bXDXsfMMyfmOAVGQ0riYSjhouw4wJpwNMvmRnzj7YQXHe_9mJ6CA3N9PT-i0TlKNx-sW6r1BnE1w3-iuxL1Ly2_EEjg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgYP3a-TpYrvdL4mX9u8P5L2j6AvJntKxXMWymPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ1U99zWw6xPqgDAcgDAqoE7AFP0NUFJfelGsRwfl1_3u-FNITxSHGNV0-edjYnoqFebCw3Wx8hIVl401hU8TGc2-PV9YvaVc29CplWcEBzKqk2K5cK7EMMc1InoFx66T5dXP1xwMl-57KJJEBENy2JQ7Hjts51ObKA7Lnsv9NVtSgDS3aFE1DmLD_f2FxLqMpJiSKTF2g5vh4fhxugdOS8ndf8DL3dTRYtbIETcIr-f9BcbWgftyOXOBD11Of-OR_T5zWwUbHUFHMdwJERB1UhrnFrsoM2UsOwZiWEsLPcgdykFfOdQdzKEyI8qHypZ9O58-NiSPVEpU30iGHEyoAGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0j4KqIk7RLVJsLTnxwK5xyCt79hw%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Aug 2022 02:58:51 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3544428
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
m
secure-gl.imrworldwide.com/cgi-bin/ Frame DE5B
0
692 B
Image
General
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1659495531
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAL7rsH_YuJAAje5IgFp06GvEgKDiclow&u=%7CPcGAtcajvHO0ANmpo881aJ3jiaqrA5SOsPafE6vvrWo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-Em2JF7kAG8z86GXLEmVN-29o0JqLNUc-JiAckm9GsDG4wavTlTTCXlwAUgpELson0EH0bvtLj2Xw7LuOdyFv1jKvYfBgEv-H7pX7LVs1RouGindVCSYP0ev6FPYCPF_qQzhlutXktRyaeSeznNz1jj66izBj3AKdjgg09sSe68lhXlILWM8wZk62f6qMWiBfpXP6W1qL2KZtl3kw1cpXHk9apjIYEby6GYThApiOJIQk5yZYI9Wllry0--jhAZQdugHDeotZ0QQ5Ceca6xaKwBnQ5epX8dNrZThUiJ3ncGM83uz0Po6YLhcQVFjV0bXDXsfMMyfmOAVGQ0riYSjhouw4wJpwNMvmRnzj7YQXHe_9mJ6CA3N9PT-i0TlKNx-sW6r1BnE1w3-iuxL1Ly2_EEjg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgYP3a-TpYrvdL4mX9u8P5L2j6AvJntKxXMWymPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ1U99zWw6xPqgDAcgDAqoE7AFP0NUFJfelGsRwfl1_3u-FNITxSHGNV0-edjYnoqFebCw3Wx8hIVl401hU8TGc2-PV9YvaVc29CplWcEBzKqk2K5cK7EMMc1InoFx66T5dXP1xwMl-57KJJEBENy2JQ7Hjts51ObKA7Lnsv9NVtSgDS3aFE1DmLD_f2FxLqMpJiSKTF2g5vh4fhxugdOS8ndf8DL3dTRYtbIETcIr-f9BcbWgftyOXOBD11Of-OR_T5zWwUbHUFHMdwJERB1UhrnFrsoM2UsOwZiWEsLPcgdykFfOdQdzKEyI8qHypZ9O58-NiSPVEpU30iGHEyoAGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0j4KqIk7RLVJsLTnxwK5xyCt79hw%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:5e00:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Aug 2022 02:58:52 GMT
via
1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA56-C1
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
x-cache
Miss from cloudfront
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length
0
x-amz-cf-id
-qGk65Dp0vVyZDIxGjlrZBI35d3X5QZ4XWFqMYEHSwLX2THOwYWUUQ==
expires
Thu, 01 Dec 1994 16:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame EE39
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAM3AcIu-G3AAQwIR3unTy4LpRgBjET1g&u=%7CPcGAtcajvHP9sF5nffzrog4nkOEK169emKuPBEkhJ3g%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgN28ygJ6EDhxdQI20RAwqy4lxuDNMTGFUkOWP8zlyBsbJY-zLVbz_2taJdYygYpDCfFFeLi3aW0ZqLTfR5Rwn47WNzAaYN7T32DpeHdlF9WvkUf6hbA5AZuC0NRd-0dE8wXGW5kAVTpq4K4nApfba2kUBwK-XZmgP2dnjWoSH8f1JSzFJaDJGrcY9KDvCyKlX1ouUkoJXk-i6VPLERU8uapkjFl_E4zy8NYIcaUx0rS7BUAYRwK7bUvpV6WPWpPbYGIoIxg1Lv1efFOUUwdb_dloCPdFTLBfUqi-93OGlmh4IsWiHjGwgKusgmISoaxyrDKQZ9q6LvVisHZmfeg-iCEWOHAffiGE41H71RHzhXlYOAcVkN4w1G9n1N3whfIn0ZQOtadfb7hP0tjtm_q5NRCB7GbEJgdoXCR03Da7-OXBg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfvZEa-TpYoe4M7fD7_UPoeCQ4AnJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ7M9XT6Q2xPqgDAaoE7AFP0CpH2LmOJ5Rgz4SotV3QeWwW5aVlxwhc26not56ZYiIr_91ikjubn-x-vuM_PVgTFDWdls01pwcK1gBQ-cCrlEwqA9DX-AzTXYt6__Xczd5EXsNigttSUSVhrYkTpGZX-qn0IaswZb7qFHcMC4tefZJHTd3GAPFCD4FyjT9Cs4ucwKkXfjKaqHTb3HRQsj4Fa1fxE3u8XBc9nUnJy_JIuZlX-UIvB6G5_kiDgdDQLjSlDU-KPjsl5HKSVdPN9pvu0zhSQnc_aZB8n2HftZKXB5qHbpVboP7AvQCTn12FUymKAnn-w22E9gYA54AGh_mR8dqPjtUUoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_08Wv_zMKpbPws_Xnqrn6KQQxw-yw%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 29 Jul 2023 02:58:52 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame EE39
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAM3AcIu-G3AAQwIR3unTy4LpRgBjET1g&u=%7CPcGAtcajvHP9sF5nffzrog4nkOEK169emKuPBEkhJ3g%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgN28ygJ6EDhxdQI20RAwqy4lxuDNMTGFUkOWP8zlyBsbJY-zLVbz_2taJdYygYpDCfFFeLi3aW0ZqLTfR5Rwn47WNzAaYN7T32DpeHdlF9WvkUf6hbA5AZuC0NRd-0dE8wXGW5kAVTpq4K4nApfba2kUBwK-XZmgP2dnjWoSH8f1JSzFJaDJGrcY9KDvCyKlX1ouUkoJXk-i6VPLERU8uapkjFl_E4zy8NYIcaUx0rS7BUAYRwK7bUvpV6WPWpPbYGIoIxg1Lv1efFOUUwdb_dloCPdFTLBfUqi-93OGlmh4IsWiHjGwgKusgmISoaxyrDKQZ9q6LvVisHZmfeg-iCEWOHAffiGE41H71RHzhXlYOAcVkN4w1G9n1N3whfIn0ZQOtadfb7hP0tjtm_q5NRCB7GbEJgdoXCR03Da7-OXBg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfvZEa-TpYoe4M7fD7_UPoeCQ4AnJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ7M9XT6Q2xPqgDAaoE7AFP0CpH2LmOJ5Rgz4SotV3QeWwW5aVlxwhc26not56ZYiIr_91ikjubn-x-vuM_PVgTFDWdls01pwcK1gBQ-cCrlEwqA9DX-AzTXYt6__Xczd5EXsNigttSUSVhrYkTpGZX-qn0IaswZb7qFHcMC4tefZJHTd3GAPFCD4FyjT9Cs4ucwKkXfjKaqHTb3HRQsj4Fa1fxE3u8XBc9nUnJy_JIuZlX-UIvB6G5_kiDgdDQLjSlDU-KPjsl5HKSVdPN9pvu0zhSQnc_aZB8n2HftZKXB5qHbpVboP7AvQCTn12FUymKAnn-w22E9gYA54AGh_mR8dqPjtUUoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_08Wv_zMKpbPws_Xnqrn6KQQxw-yw%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 29 Jul 2023 02:58:52 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame EE39
308 B
636 B
Image
General
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAM3AcIu-G3AAQwIR3unTy4LpRgBjET1g&u=%7CPcGAtcajvHP9sF5nffzrog4nkOEK169emKuPBEkhJ3g%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgN28ygJ6EDhxdQI20RAwqy4lxuDNMTGFUkOWP8zlyBsbJY-zLVbz_2taJdYygYpDCfFFeLi3aW0ZqLTfR5Rwn47WNzAaYN7T32DpeHdlF9WvkUf6hbA5AZuC0NRd-0dE8wXGW5kAVTpq4K4nApfba2kUBwK-XZmgP2dnjWoSH8f1JSzFJaDJGrcY9KDvCyKlX1ouUkoJXk-i6VPLERU8uapkjFl_E4zy8NYIcaUx0rS7BUAYRwK7bUvpV6WPWpPbYGIoIxg1Lv1efFOUUwdb_dloCPdFTLBfUqi-93OGlmh4IsWiHjGwgKusgmISoaxyrDKQZ9q6LvVisHZmfeg-iCEWOHAffiGE41H71RHzhXlYOAcVkN4w1G9n1N3whfIn0ZQOtadfb7hP0tjtm_q5NRCB7GbEJgdoXCR03Da7-OXBg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfvZEa-TpYoe4M7fD7_UPoeCQ4AnJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ7M9XT6Q2xPqgDAaoE7AFP0CpH2LmOJ5Rgz4SotV3QeWwW5aVlxwhc26not56ZYiIr_91ikjubn-x-vuM_PVgTFDWdls01pwcK1gBQ-cCrlEwqA9DX-AzTXYt6__Xczd5EXsNigttSUSVhrYkTpGZX-qn0IaswZb7qFHcMC4tefZJHTd3GAPFCD4FyjT9Cs4ucwKkXfjKaqHTb3HRQsj4Fa1fxE3u8XBc9nUnJy_JIuZlX-UIvB6G5_kiDgdDQLjSlDU-KPjsl5HKSVdPN9pvu0zhSQnc_aZB8n2HftZKXB5qHbpVboP7AvQCTn12FUymKAnn-w22E9gYA54AGh_mR8dqPjtUUoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_08Wv_zMKpbPws_Xnqrn6KQQxw-yw%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sat, 29 Jul 2023 02:58:52 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame EE39
293 B
621 B
Image
General
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAM3AcIu-G3AAQwIR3unTy4LpRgBjET1g&u=%7CPcGAtcajvHP9sF5nffzrog4nkOEK169emKuPBEkhJ3g%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgN28ygJ6EDhxdQI20RAwqy4lxuDNMTGFUkOWP8zlyBsbJY-zLVbz_2taJdYygYpDCfFFeLi3aW0ZqLTfR5Rwn47WNzAaYN7T32DpeHdlF9WvkUf6hbA5AZuC0NRd-0dE8wXGW5kAVTpq4K4nApfba2kUBwK-XZmgP2dnjWoSH8f1JSzFJaDJGrcY9KDvCyKlX1ouUkoJXk-i6VPLERU8uapkjFl_E4zy8NYIcaUx0rS7BUAYRwK7bUvpV6WPWpPbYGIoIxg1Lv1efFOUUwdb_dloCPdFTLBfUqi-93OGlmh4IsWiHjGwgKusgmISoaxyrDKQZ9q6LvVisHZmfeg-iCEWOHAffiGE41H71RHzhXlYOAcVkN4w1G9n1N3whfIn0ZQOtadfb7hP0tjtm_q5NRCB7GbEJgdoXCR03Da7-OXBg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfvZEa-TpYoe4M7fD7_UPoeCQ4AnJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ7M9XT6Q2xPqgDAaoE7AFP0CpH2LmOJ5Rgz4SotV3QeWwW5aVlxwhc26not56ZYiIr_91ikjubn-x-vuM_PVgTFDWdls01pwcK1gBQ-cCrlEwqA9DX-AzTXYt6__Xczd5EXsNigttSUSVhrYkTpGZX-qn0IaswZb7qFHcMC4tefZJHTd3GAPFCD4FyjT9Cs4ucwKkXfjKaqHTb3HRQsj4Fa1fxE3u8XBc9nUnJy_JIuZlX-UIvB6G5_kiDgdDQLjSlDU-KPjsl5HKSVdPN9pvu0zhSQnc_aZB8n2HftZKXB5qHbpVboP7AvQCTn12FUymKAnn-w22E9gYA54AGh_mR8dqPjtUUoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_08Wv_zMKpbPws_Xnqrn6KQQxw-yw%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sat, 29 Jul 2023 02:58:52 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame EE39
43 B
347 B
Image
General
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=Tt5LeiQLjrOseJBEJiDOw6X0P0zeSBH9XIp4VJxl2ZnxEVBl26XZ6cqRC3ReSgeo4Lta_z2h9rzt8rFrR6rtBLIbYXCfDnXrEHPrgdFG_U6AUe6nYpWd3YwQEu7Auvw8GC5ZNmU2TvuH43-EuhsnrGfZsxNhAuts7wHjqi05QIgNVSGpWxO3Vz33a6F4JQMN0r8XFJ0LXGg4bXmgkhsVzto89zV3A2cvLKJPWU2nOK9Rt1uuAa4u8i6rWFaXyuDYlp84cNbHesis2-8QqoUt8yjp7jkOz5QFcXWJFDgxLtjD4nhmpAGWt-6tP_JculRhDDTs7_XG-CDCPEzCa6kRAxFURG2QZCaE3C6v6I3pdBqlckwNRP3FQBxEWqcwWU-_Ej3j6b89EEExcjwGzepcW8yhLAjjBfdTqCfHarHZQeasAqlWEF4FTwwaL1ebLFT8GVs7kA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAM3AcIu-G3AAQwIR3unTy4LpRgBjET1g&u=%7CPcGAtcajvHP9sF5nffzrog4nkOEK169emKuPBEkhJ3g%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgN28ygJ6EDhxdQI20RAwqy4lxuDNMTGFUkOWP8zlyBsbJY-zLVbz_2taJdYygYpDCfFFeLi3aW0ZqLTfR5Rwn47WNzAaYN7T32DpeHdlF9WvkUf6hbA5AZuC0NRd-0dE8wXGW5kAVTpq4K4nApfba2kUBwK-XZmgP2dnjWoSH8f1JSzFJaDJGrcY9KDvCyKlX1ouUkoJXk-i6VPLERU8uapkjFl_E4zy8NYIcaUx0rS7BUAYRwK7bUvpV6WPWpPbYGIoIxg1Lv1efFOUUwdb_dloCPdFTLBfUqi-93OGlmh4IsWiHjGwgKusgmISoaxyrDKQZ9q6LvVisHZmfeg-iCEWOHAffiGE41H71RHzhXlYOAcVkN4w1G9n1N3whfIn0ZQOtadfb7hP0tjtm_q5NRCB7GbEJgdoXCR03Da7-OXBg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfvZEa-TpYoe4M7fD7_UPoeCQ4AnJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ7M9XT6Q2xPqgDAaoE7AFP0CpH2LmOJ5Rgz4SotV3QeWwW5aVlxwhc26not56ZYiIr_91ikjubn-x-vuM_PVgTFDWdls01pwcK1gBQ-cCrlEwqA9DX-AzTXYt6__Xczd5EXsNigttSUSVhrYkTpGZX-qn0IaswZb7qFHcMC4tefZJHTd3GAPFCD4FyjT9Cs4ucwKkXfjKaqHTb3HRQsj4Fa1fxE3u8XBc9nUnJy_JIuZlX-UIvB6G5_kiDgdDQLjSlDU-KPjsl5HKSVdPN9pvu0zhSQnc_aZB8n2HftZKXB5qHbpVboP7AvQCTn12FUymKAnn-w22E9gYA54AGh_mR8dqPjtUUoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_08Wv_zMKpbPws_Xnqrn6KQQxw-yw%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Aug 2022 02:58:52 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3329000
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
1944a3bdd8a24ecbbd9131b26ee40717_image_ad_160x600.png
static.criteo.net/design/dt/94486/220714/ Frame EE39
33 KB
34 KB
Image
General
Full URL
https://static.criteo.net/design/dt/94486/220714/1944a3bdd8a24ecbbd9131b26ee40717_image_ad_160x600.png
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAM3AcIu-G3AAQwIR3unTy4LpRgBjET1g&u=%7CPcGAtcajvHP9sF5nffzrog4nkOEK169emKuPBEkhJ3g%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgN28ygJ6EDhxdQI20RAwqy4lxuDNMTGFUkOWP8zlyBsbJY-zLVbz_2taJdYygYpDCfFFeLi3aW0ZqLTfR5Rwn47WNzAaYN7T32DpeHdlF9WvkUf6hbA5AZuC0NRd-0dE8wXGW5kAVTpq4K4nApfba2kUBwK-XZmgP2dnjWoSH8f1JSzFJaDJGrcY9KDvCyKlX1ouUkoJXk-i6VPLERU8uapkjFl_E4zy8NYIcaUx0rS7BUAYRwK7bUvpV6WPWpPbYGIoIxg1Lv1efFOUUwdb_dloCPdFTLBfUqi-93OGlmh4IsWiHjGwgKusgmISoaxyrDKQZ9q6LvVisHZmfeg-iCEWOHAffiGE41H71RHzhXlYOAcVkN4w1G9n1N3whfIn0ZQOtadfb7hP0tjtm_q5NRCB7GbEJgdoXCR03Da7-OXBg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfvZEa-TpYoe4M7fD7_UPoeCQ4AnJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ7M9XT6Q2xPqgDAaoE7AFP0CpH2LmOJ5Rgz4SotV3QeWwW5aVlxwhc26not56ZYiIr_91ikjubn-x-vuM_PVgTFDWdls01pwcK1gBQ-cCrlEwqA9DX-AzTXYt6__Xczd5EXsNigttSUSVhrYkTpGZX-qn0IaswZb7qFHcMC4tefZJHTd3GAPFCD4FyjT9Cs4ucwKkXfjKaqHTb3HRQsj4Fa1fxE3u8XBc9nUnJy_JIuZlX-UIvB6G5_kiDgdDQLjSlDU-KPjsl5HKSVdPN9pvu0zhSQnc_aZB8n2HftZKXB5qHbpVboP7AvQCTn12FUymKAnn-w22E9gYA54AGh_mR8dqPjtUUoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_08Wv_zMKpbPws_Xnqrn6KQQxw-yw%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
3c63b1da0d19abc611b8d544a6691c608d60afd3bd2921a4254ecf453d777208
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
last-modified
Thu, 14 Jul 2022 13:31:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"62d01ac4-84c8"
strict-transport-security
max-age=31536000; preload;
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
33992
expires
Sat, 29 Jul 2023 02:58:52 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame D3B4
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAMTHYH_ZJvAAGC92w4eK7GZS48co8Liw&u=%7CPcGAtcajvHPNj%2B6rggXbeU8jZxiIx20958XyO8mplQw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-Em2JF7kAG8z86GXLEmVN-29ssmfspfyGhVzisVULS66n2dGaP1V9j8atLVX_QLF-rwnGWDQlNEZNXHyFf49GyU1si658_1gtc_NbQP26ZQTdC0ww9KGo383AlvAc5Kdxz7tF5AOIXU3RdAb2oL0b869FNQqnn0pouotKHww_OLLFabz534Ja-_kbyGm9boabrtQdl-3IChVuwUt4xjEuUvZrAuMLBerLpy8NEJD2hb2RYiHTu4-x-SG_mq5zRIEghVQaPxCPQijxoYaV764LSyft3-iV8EO7y6cTWmE4WEbtidaG-Ywvef_o6-ysjZpJHuCPCLl6uRQ3eG76qX5b05Iq1LkX5gx6TvhUARexGehQ8z9VqVOqrpXyzcaYNW60JCzik9egwVfCU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfXJDa-TpYvaYMe-k9u8P94WG-A_JntKxXPXalvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ1U99zWw6xPqgDAaoE8QFP0KultPC5yhQyMqU3-dMSMKtQK0XUA5HT3E8v4wZcrjf7xl0pJcy6MsEw3FilyMS3y8kA3reECVY2sdr1GHCX4bOF3lV7s3SYTDyKoB3YV8vOgDuZCW0JttfBaaGpM40FaOdA65VorSRnpWvHv0F2kozJVJsG5WfRk-DVyYEXHNQrNn5uTIi5Mxj0HBq1guwwWkC4mJQX11BQbHCg5AmnMB1mz3ySJJ6iXDfaVAmrc9oXLjjEiGUegb_lubephG3KjJqLk2Ed_h8VcCjB17bxJ9c4WAttBmp8Xih_ysG3SYFMb0Ojjv9Cfb-VLmhZ2U75gAaeoLeMwZmgsm6gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3DaoepKe97xl6MMSpE1oAnEgfSPA%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 29 Jul 2023 02:58:52 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame D3B4
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAMTHYH_ZJvAAGC92w4eK7GZS48co8Liw&u=%7CPcGAtcajvHPNj%2B6rggXbeU8jZxiIx20958XyO8mplQw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-Em2JF7kAG8z86GXLEmVN-29ssmfspfyGhVzisVULS66n2dGaP1V9j8atLVX_QLF-rwnGWDQlNEZNXHyFf49GyU1si658_1gtc_NbQP26ZQTdC0ww9KGo383AlvAc5Kdxz7tF5AOIXU3RdAb2oL0b869FNQqnn0pouotKHww_OLLFabz534Ja-_kbyGm9boabrtQdl-3IChVuwUt4xjEuUvZrAuMLBerLpy8NEJD2hb2RYiHTu4-x-SG_mq5zRIEghVQaPxCPQijxoYaV764LSyft3-iV8EO7y6cTWmE4WEbtidaG-Ywvef_o6-ysjZpJHuCPCLl6uRQ3eG76qX5b05Iq1LkX5gx6TvhUARexGehQ8z9VqVOqrpXyzcaYNW60JCzik9egwVfCU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfXJDa-TpYvaYMe-k9u8P94WG-A_JntKxXPXalvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ1U99zWw6xPqgDAaoE8QFP0KultPC5yhQyMqU3-dMSMKtQK0XUA5HT3E8v4wZcrjf7xl0pJcy6MsEw3FilyMS3y8kA3reECVY2sdr1GHCX4bOF3lV7s3SYTDyKoB3YV8vOgDuZCW0JttfBaaGpM40FaOdA65VorSRnpWvHv0F2kozJVJsG5WfRk-DVyYEXHNQrNn5uTIi5Mxj0HBq1guwwWkC4mJQX11BQbHCg5AmnMB1mz3ySJJ6iXDfaVAmrc9oXLjjEiGUegb_lubephG3KjJqLk2Ed_h8VcCjB17bxJ9c4WAttBmp8Xih_ysG3SYFMb0Ojjv9Cfb-VLmhZ2U75gAaeoLeMwZmgsm6gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3DaoepKe97xl6MMSpE1oAnEgfSPA%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 29 Jul 2023 02:58:52 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame D3B4
308 B
636 B
Image
General
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAMTHYH_ZJvAAGC92w4eK7GZS48co8Liw&u=%7CPcGAtcajvHPNj%2B6rggXbeU8jZxiIx20958XyO8mplQw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-Em2JF7kAG8z86GXLEmVN-29ssmfspfyGhVzisVULS66n2dGaP1V9j8atLVX_QLF-rwnGWDQlNEZNXHyFf49GyU1si658_1gtc_NbQP26ZQTdC0ww9KGo383AlvAc5Kdxz7tF5AOIXU3RdAb2oL0b869FNQqnn0pouotKHww_OLLFabz534Ja-_kbyGm9boabrtQdl-3IChVuwUt4xjEuUvZrAuMLBerLpy8NEJD2hb2RYiHTu4-x-SG_mq5zRIEghVQaPxCPQijxoYaV764LSyft3-iV8EO7y6cTWmE4WEbtidaG-Ywvef_o6-ysjZpJHuCPCLl6uRQ3eG76qX5b05Iq1LkX5gx6TvhUARexGehQ8z9VqVOqrpXyzcaYNW60JCzik9egwVfCU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfXJDa-TpYvaYMe-k9u8P94WG-A_JntKxXPXalvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ1U99zWw6xPqgDAaoE8QFP0KultPC5yhQyMqU3-dMSMKtQK0XUA5HT3E8v4wZcrjf7xl0pJcy6MsEw3FilyMS3y8kA3reECVY2sdr1GHCX4bOF3lV7s3SYTDyKoB3YV8vOgDuZCW0JttfBaaGpM40FaOdA65VorSRnpWvHv0F2kozJVJsG5WfRk-DVyYEXHNQrNn5uTIi5Mxj0HBq1guwwWkC4mJQX11BQbHCg5AmnMB1mz3ySJJ6iXDfaVAmrc9oXLjjEiGUegb_lubephG3KjJqLk2Ed_h8VcCjB17bxJ9c4WAttBmp8Xih_ysG3SYFMb0Ojjv9Cfb-VLmhZ2U75gAaeoLeMwZmgsm6gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3DaoepKe97xl6MMSpE1oAnEgfSPA%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sat, 29 Jul 2023 02:58:52 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame D3B4
293 B
621 B
Image
General
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAMTHYH_ZJvAAGC92w4eK7GZS48co8Liw&u=%7CPcGAtcajvHPNj%2B6rggXbeU8jZxiIx20958XyO8mplQw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-Em2JF7kAG8z86GXLEmVN-29ssmfspfyGhVzisVULS66n2dGaP1V9j8atLVX_QLF-rwnGWDQlNEZNXHyFf49GyU1si658_1gtc_NbQP26ZQTdC0ww9KGo383AlvAc5Kdxz7tF5AOIXU3RdAb2oL0b869FNQqnn0pouotKHww_OLLFabz534Ja-_kbyGm9boabrtQdl-3IChVuwUt4xjEuUvZrAuMLBerLpy8NEJD2hb2RYiHTu4-x-SG_mq5zRIEghVQaPxCPQijxoYaV764LSyft3-iV8EO7y6cTWmE4WEbtidaG-Ywvef_o6-ysjZpJHuCPCLl6uRQ3eG76qX5b05Iq1LkX5gx6TvhUARexGehQ8z9VqVOqrpXyzcaYNW60JCzik9egwVfCU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfXJDa-TpYvaYMe-k9u8P94WG-A_JntKxXPXalvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ1U99zWw6xPqgDAaoE8QFP0KultPC5yhQyMqU3-dMSMKtQK0XUA5HT3E8v4wZcrjf7xl0pJcy6MsEw3FilyMS3y8kA3reECVY2sdr1GHCX4bOF3lV7s3SYTDyKoB3YV8vOgDuZCW0JttfBaaGpM40FaOdA65VorSRnpWvHv0F2kozJVJsG5WfRk-DVyYEXHNQrNn5uTIi5Mxj0HBq1guwwWkC4mJQX11BQbHCg5AmnMB1mz3ySJJ6iXDfaVAmrc9oXLjjEiGUegb_lubephG3KjJqLk2Ed_h8VcCjB17bxJ9c4WAttBmp8Xih_ysG3SYFMb0Ojjv9Cfb-VLmhZ2U75gAaeoLeMwZmgsm6gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3DaoepKe97xl6MMSpE1oAnEgfSPA%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sat, 29 Jul 2023 02:58:52 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame D3B4
43 B
347 B
Image
General
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=Pu2GV6Igar3PdS5R9BM-mVDRxQW1lY9H9wCJCZ55ma8h8Qs9IStrY52QjmnA3qK5VJWuL1_Vlf9sF6y_xwfjcBCQL0nDgCiyDH2FQKcJ72oQNZgZUe0ZA0xUvWyhYFW8ZxuB6CQaZWZuejgRmimTJNtwV4VQrGDSf4JW8o4tkRzXuI1BhKStuIKgHX5OIWWlezC3laZqi8MXyBa3TQCziZraSnOw9QUU2NRslSWXCeYfM0yjxDbsPsLYojXNBxmIQ163wPsP_0F8JiVEgz19_k3MRn7ZQeqge6_hBytVGlOzpAa5_TtbWxLPtwTbs6fjttLVJBkVRdgvrd_za7gevJ5CPirV-QuyppG0nayfng1D0Ip3S-2rcouaNtAdh57-o8exL-_CF_x1aHEvW-cLWYJha6JKAvMfVN30fsXc9RSQQ8QbA2-ptITPLXKKso55dXjZTA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAMTHYH_ZJvAAGC92w4eK7GZS48co8Liw&u=%7CPcGAtcajvHPNj%2B6rggXbeU8jZxiIx20958XyO8mplQw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-Em2JF7kAG8z86GXLEmVN-29ssmfspfyGhVzisVULS66n2dGaP1V9j8atLVX_QLF-rwnGWDQlNEZNXHyFf49GyU1si658_1gtc_NbQP26ZQTdC0ww9KGo383AlvAc5Kdxz7tF5AOIXU3RdAb2oL0b869FNQqnn0pouotKHww_OLLFabz534Ja-_kbyGm9boabrtQdl-3IChVuwUt4xjEuUvZrAuMLBerLpy8NEJD2hb2RYiHTu4-x-SG_mq5zRIEghVQaPxCPQijxoYaV764LSyft3-iV8EO7y6cTWmE4WEbtidaG-Ywvef_o6-ysjZpJHuCPCLl6uRQ3eG76qX5b05Iq1LkX5gx6TvhUARexGehQ8z9VqVOqrpXyzcaYNW60JCzik9egwVfCU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfXJDa-TpYvaYMe-k9u8P94WG-A_JntKxXPXalvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ1U99zWw6xPqgDAaoE8QFP0KultPC5yhQyMqU3-dMSMKtQK0XUA5HT3E8v4wZcrjf7xl0pJcy6MsEw3FilyMS3y8kA3reECVY2sdr1GHCX4bOF3lV7s3SYTDyKoB3YV8vOgDuZCW0JttfBaaGpM40FaOdA65VorSRnpWvHv0F2kozJVJsG5WfRk-DVyYEXHNQrNn5uTIi5Mxj0HBq1guwwWkC4mJQX11BQbHCg5AmnMB1mz3ySJJ6iXDfaVAmrc9oXLjjEiGUegb_lubephG3KjJqLk2Ed_h8VcCjB17bxJ9c4WAttBmp8Xih_ysG3SYFMb0Ojjv9Cfb-VLmhZ2U75gAaeoLeMwZmgsm6gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3DaoepKe97xl6MMSpE1oAnEgfSPA%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Aug 2022 02:58:51 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3274459
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
m
secure-gl.imrworldwide.com/cgi-bin/ Frame D3B4
0
689 B
Image
General
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1659495531
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAMTHYH_ZJvAAGC92w4eK7GZS48co8Liw&u=%7CPcGAtcajvHPNj%2B6rggXbeU8jZxiIx20958XyO8mplQw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-Em2JF7kAG8z86GXLEmVN-29ssmfspfyGhVzisVULS66n2dGaP1V9j8atLVX_QLF-rwnGWDQlNEZNXHyFf49GyU1si658_1gtc_NbQP26ZQTdC0ww9KGo383AlvAc5Kdxz7tF5AOIXU3RdAb2oL0b869FNQqnn0pouotKHww_OLLFabz534Ja-_kbyGm9boabrtQdl-3IChVuwUt4xjEuUvZrAuMLBerLpy8NEJD2hb2RYiHTu4-x-SG_mq5zRIEghVQaPxCPQijxoYaV764LSyft3-iV8EO7y6cTWmE4WEbtidaG-Ywvef_o6-ysjZpJHuCPCLl6uRQ3eG76qX5b05Iq1LkX5gx6TvhUARexGehQ8z9VqVOqrpXyzcaYNW60JCzik9egwVfCU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfXJDa-TpYvaYMe-k9u8P94WG-A_JntKxXPXalvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ1U99zWw6xPqgDAaoE8QFP0KultPC5yhQyMqU3-dMSMKtQK0XUA5HT3E8v4wZcrjf7xl0pJcy6MsEw3FilyMS3y8kA3reECVY2sdr1GHCX4bOF3lV7s3SYTDyKoB3YV8vOgDuZCW0JttfBaaGpM40FaOdA65VorSRnpWvHv0F2kozJVJsG5WfRk-DVyYEXHNQrNn5uTIi5Mxj0HBq1guwwWkC4mJQX11BQbHCg5AmnMB1mz3ySJJ6iXDfaVAmrc9oXLjjEiGUegb_lubephG3KjJqLk2Ed_h8VcCjB17bxJ9c4WAttBmp8Xih_ysG3SYFMb0Ojjv9Cfb-VLmhZ2U75gAaeoLeMwZmgsm6gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3DaoepKe97xl6MMSpE1oAnEgfSPA%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:5e00:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Aug 2022 02:58:52 GMT
via
1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA56-C1
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
x-cache
Miss from cloudfront
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length
0
x-amz-cf-id
aJJnnp6WzUM3IcajLofTghmIb4hHuAwrKrITr8oTdYv8ASQbEfqGRw==
expires
Thu, 01 Dec 1994 16:00:00 GMT
truncated
/ Frame 0822
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e21bdd287570ecca2d6f8450c8ebd20ab7c625ec7a5c22d7f2156d1eccd6059f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame D983
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6ed92bf9e67712bf822ccdf0744fa198a0238525139c0bac9af0db4de441e507

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/png
all
csm.eu.criteo.net/ Frame EE39
0
128 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=A0SIVTfX20-jaVR3Mq9djOPzoCXiW1F9-zG1-RJSH0gYgjYOqwQQSh8TPggGrwgiYsfv-maEnGGF20bm1qf0KSvPULM53cwj0tfMtIsg5mODBwjGJBqN3i0TMvKOcatKyl2MFuKuAuwYEEiAsVcKVRjX8zxbcOcnWzUx4jrn82bAe8QiG1DRhE8zlI1xLGL0fFPirWEeAzCXw1BH7QwlPCUDWlYJbmUSdX8zgyhRD0yqV0GJ_wwUPKroVFDhV3BqaUm2Mg&sds=2&rev=82250&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAM3AcIu-G3AAQwIR3unTy4LpRgBjET1g&u=%7CPcGAtcajvHP9sF5nffzrog4nkOEK169emKuPBEkhJ3g%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgN28ygJ6EDhxdQI20RAwqy4lxuDNMTGFUkOWP8zlyBsbJY-zLVbz_2taJdYygYpDCfFFeLi3aW0ZqLTfR5Rwn47WNzAaYN7T32DpeHdlF9WvkUf6hbA5AZuC0NRd-0dE8wXGW5kAVTpq4K4nApfba2kUBwK-XZmgP2dnjWoSH8f1JSzFJaDJGrcY9KDvCyKlX1ouUkoJXk-i6VPLERU8uapkjFl_E4zy8NYIcaUx0rS7BUAYRwK7bUvpV6WPWpPbYGIoIxg1Lv1efFOUUwdb_dloCPdFTLBfUqi-93OGlmh4IsWiHjGwgKusgmISoaxyrDKQZ9q6LvVisHZmfeg-iCEWOHAffiGE41H71RHzhXlYOAcVkN4w1G9n1N3whfIn0ZQOtadfb7hP0tjtm_q5NRCB7GbEJgdoXCR03Da7-OXBg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfvZEa-TpYoe4M7fD7_UPoeCQ4AnJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ7M9XT6Q2xPqgDAaoE7AFP0CpH2LmOJ5Rgz4SotV3QeWwW5aVlxwhc26not56ZYiIr_91ikjubn-x-vuM_PVgTFDWdls01pwcK1gBQ-cCrlEwqA9DX-AzTXYt6__Xczd5EXsNigttSUSVhrYkTpGZX-qn0IaswZb7qFHcMC4tefZJHTd3GAPFCD4FyjT9Cs4ucwKkXfjKaqHTb3HRQsj4Fa1fxE3u8XBc9nUnJy_JIuZlX-UIvB6G5_kiDgdDQLjSlDU-KPjsl5HKSVdPN9pvu0zhSQnc_aZB8n2HftZKXB5qHbpVboP7AvQCTn12FUymKAnn-w22E9gYA54AGh_mR8dqPjtUUoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_08Wv_zMKpbPws_Xnqrn6KQQxw-yw%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 03 Aug 2022 02:58:51 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame EE39
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAM3AcIu-G3AAQwIR3unTy4LpRgBjET1g&u=%7CPcGAtcajvHP9sF5nffzrog4nkOEK169emKuPBEkhJ3g%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgN28ygJ6EDhxdQI20RAwqy4lxuDNMTGFUkOWP8zlyBsbJY-zLVbz_2taJdYygYpDCfFFeLi3aW0ZqLTfR5Rwn47WNzAaYN7T32DpeHdlF9WvkUf6hbA5AZuC0NRd-0dE8wXGW5kAVTpq4K4nApfba2kUBwK-XZmgP2dnjWoSH8f1JSzFJaDJGrcY9KDvCyKlX1ouUkoJXk-i6VPLERU8uapkjFl_E4zy8NYIcaUx0rS7BUAYRwK7bUvpV6WPWpPbYGIoIxg1Lv1efFOUUwdb_dloCPdFTLBfUqi-93OGlmh4IsWiHjGwgKusgmISoaxyrDKQZ9q6LvVisHZmfeg-iCEWOHAffiGE41H71RHzhXlYOAcVkN4w1G9n1N3whfIn0ZQOtadfb7hP0tjtm_q5NRCB7GbEJgdoXCR03Da7-OXBg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfvZEa-TpYoe4M7fD7_UPoeCQ4AnJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ7M9XT6Q2xPqgDAaoE7AFP0CpH2LmOJ5Rgz4SotV3QeWwW5aVlxwhc26not56ZYiIr_91ikjubn-x-vuM_PVgTFDWdls01pwcK1gBQ-cCrlEwqA9DX-AzTXYt6__Xczd5EXsNigttSUSVhrYkTpGZX-qn0IaswZb7qFHcMC4tefZJHTd3GAPFCD4FyjT9Cs4ucwKkXfjKaqHTb3HRQsj4Fa1fxE3u8XBc9nUnJy_JIuZlX-UIvB6G5_kiDgdDQLjSlDU-KPjsl5HKSVdPN9pvu0zhSQnc_aZB8n2HftZKXB5qHbpVboP7AvQCTn12FUymKAnn-w22E9gYA54AGh_mR8dqPjtUUoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_08Wv_zMKpbPws_Xnqrn6KQQxw-yw%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 29 Jul 2023 02:58:52 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame EE39
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAM3AcIu-G3AAQwIR3unTy4LpRgBjET1g&u=%7CPcGAtcajvHP9sF5nffzrog4nkOEK169emKuPBEkhJ3g%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgN28ygJ6EDhxdQI20RAwqy4lxuDNMTGFUkOWP8zlyBsbJY-zLVbz_2taJdYygYpDCfFFeLi3aW0ZqLTfR5Rwn47WNzAaYN7T32DpeHdlF9WvkUf6hbA5AZuC0NRd-0dE8wXGW5kAVTpq4K4nApfba2kUBwK-XZmgP2dnjWoSH8f1JSzFJaDJGrcY9KDvCyKlX1ouUkoJXk-i6VPLERU8uapkjFl_E4zy8NYIcaUx0rS7BUAYRwK7bUvpV6WPWpPbYGIoIxg1Lv1efFOUUwdb_dloCPdFTLBfUqi-93OGlmh4IsWiHjGwgKusgmISoaxyrDKQZ9q6LvVisHZmfeg-iCEWOHAffiGE41H71RHzhXlYOAcVkN4w1G9n1N3whfIn0ZQOtadfb7hP0tjtm_q5NRCB7GbEJgdoXCR03Da7-OXBg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfvZEa-TpYoe4M7fD7_UPoeCQ4AnJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ7M9XT6Q2xPqgDAaoE7AFP0CpH2LmOJ5Rgz4SotV3QeWwW5aVlxwhc26not56ZYiIr_91ikjubn-x-vuM_PVgTFDWdls01pwcK1gBQ-cCrlEwqA9DX-AzTXYt6__Xczd5EXsNigttSUSVhrYkTpGZX-qn0IaswZb7qFHcMC4tefZJHTd3GAPFCD4FyjT9Cs4ucwKkXfjKaqHTb3HRQsj4Fa1fxE3u8XBc9nUnJy_JIuZlX-UIvB6G5_kiDgdDQLjSlDU-KPjsl5HKSVdPN9pvu0zhSQnc_aZB8n2HftZKXB5qHbpVboP7AvQCTn12FUymKAnn-w22E9gYA54AGh_mR8dqPjtUUoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_08Wv_zMKpbPws_Xnqrn6KQQxw-yw%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 29 Jul 2023 02:58:52 GMT
animejs.js
static.criteo.net/animejs/ Frame 210E
12 KB
6 KB
Script
General
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawALVmcIu-WTAAJ55SNfpvOurZVgviooRg&u=%7CPcGAtcajvHPHlPb2UcmyndfF4v3nimGRG7Aqw%2BnV8l8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-EmSBxF9gVT5n1MXNKzDdgZj0YA9-KFVsubJ8ETM2ZS1JSHu-xkc1vdtSyaueNzr69KpbsnxWtt3aP2RtSz_85tcohTt9MA4pDFO068EMt8BKXEA4aAzOLSC70s8qpltRCopz7JZIny7Y5wCge_9Gk8i7SdMWQ8FPz2haBqC6WAVnXyxuMAVOm6ue6p74CuAo2ijY5cCt8JN80XIBkqrKWMTMRbK68ejmSwP-mJwDljnCjSgNhLepZAoP-xkbqtYlwI5XYFSt91Ou4hdPrN5TxY_IKGI6yG1nonOEMgJsCp7dt40OSlVC1WgZG2587eNW1sFwlJfVa7CJSTfOD2H2cM3a-gLuVXchA3r7qabEkX5f_tch-kQsZV19fTrdzTHNyd7IyKNdcym-RpWvdpLxZcAtAj28kjwlS5&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCytnPa-TpYuesLZPL7_UP5fOJyA3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ7M9XT6Q2xPqgDAaoE7AFP0F0fQPcR5RJb0NKNRzAvjYwAe7wKpZUQcnQftbUK99-eJhhnpn6ltNAqfk2-BakdV_OclIh9DSixtSW8G_cBEP2VwstCmEkC22xGX7nfwN_A_HZFXW5XihwHRXeiGszqw8rsxGA86TdwpT4hq9OSc011k96trKUwJcvFHS03lQOouE6cT6HyHOoE3sUZwcQqYOHGvmgO36AEPN_HiAJzBN2Mv9PArauUf9-P6QaX2iST1tDZ8RnzDScRe8gce0XerF23fTI7mVCZpqBUxg26A9YMZ7c0qFYM7C50d8akEjH_qRJVeafGG-tEe4AGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1pj0x13NEUlCCZNvBgB5e5bYP1lQ%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 29 Jul 2023 02:58:52 GMT
img
pix.eu.criteo.net/img/ Frame 210E
7 KB
7 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?h=556&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F79f2c646e3f74b54931cff1f39d769d0_blue.png&v=3&w=196&s=nkm37OBN4xyh5x9UPHeLVYZl
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawALVmcIu-WTAAJ55SNfpvOurZVgviooRg&u=%7CPcGAtcajvHPHlPb2UcmyndfF4v3nimGRG7Aqw%2BnV8l8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-EmSBxF9gVT5n1MXNKzDdgZj0YA9-KFVsubJ8ETM2ZS1JSHu-xkc1vdtSyaueNzr69KpbsnxWtt3aP2RtSz_85tcohTt9MA4pDFO068EMt8BKXEA4aAzOLSC70s8qpltRCopz7JZIny7Y5wCge_9Gk8i7SdMWQ8FPz2haBqC6WAVnXyxuMAVOm6ue6p74CuAo2ijY5cCt8JN80XIBkqrKWMTMRbK68ejmSwP-mJwDljnCjSgNhLepZAoP-xkbqtYlwI5XYFSt91Ou4hdPrN5TxY_IKGI6yG1nonOEMgJsCp7dt40OSlVC1WgZG2587eNW1sFwlJfVa7CJSTfOD2H2cM3a-gLuVXchA3r7qabEkX5f_tch-kQsZV19fTrdzTHNyd7IyKNdcym-RpWvdpLxZcAtAj28kjwlS5&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCytnPa-TpYuesLZPL7_UP5fOJyA3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ7M9XT6Q2xPqgDAaoE7AFP0F0fQPcR5RJb0NKNRzAvjYwAe7wKpZUQcnQftbUK99-eJhhnpn6ltNAqfk2-BakdV_OclIh9DSixtSW8G_cBEP2VwstCmEkC22xGX7nfwN_A_HZFXW5XihwHRXeiGszqw8rsxGA86TdwpT4hq9OSc011k96trKUwJcvFHS03lQOouE6cT6HyHOoE3sUZwcQqYOHGvmgO36AEPN_HiAJzBN2Mv9PArauUf9-P6QaX2iST1tDZ8RnzDScRe8gce0XerF23fTI7mVCZpqBUxg26A9YMZ7c0qFYM7C50d8akEjH_qRJVeafGG-tEe4AGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1pj0x13NEUlCCZNvBgB5e5bYP1lQ%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
bfcd7a262745ac2a8520d46dbe261c5db424c001970e9ebe83c440bfb48454f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:51 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29052289
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
6722
expires
Wed, 05 Jul 2023 09:03:42 GMT
img
pix.eu.criteo.net/img/ Frame 210E
1 KB
1 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoBKA_Bundeskriminalamt_4558DE.gif%3Feb%3D1&v=3&w=800&s=DI0SONUVXrdIf4n2KRU4NSEh&b=1200
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawALVmcIu-WTAAJ55SNfpvOurZVgviooRg&u=%7CPcGAtcajvHPHlPb2UcmyndfF4v3nimGRG7Aqw%2BnV8l8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-EmSBxF9gVT5n1MXNKzDdgZj0YA9-KFVsubJ8ETM2ZS1JSHu-xkc1vdtSyaueNzr69KpbsnxWtt3aP2RtSz_85tcohTt9MA4pDFO068EMt8BKXEA4aAzOLSC70s8qpltRCopz7JZIny7Y5wCge_9Gk8i7SdMWQ8FPz2haBqC6WAVnXyxuMAVOm6ue6p74CuAo2ijY5cCt8JN80XIBkqrKWMTMRbK68ejmSwP-mJwDljnCjSgNhLepZAoP-xkbqtYlwI5XYFSt91Ou4hdPrN5TxY_IKGI6yG1nonOEMgJsCp7dt40OSlVC1WgZG2587eNW1sFwlJfVa7CJSTfOD2H2cM3a-gLuVXchA3r7qabEkX5f_tch-kQsZV19fTrdzTHNyd7IyKNdcym-RpWvdpLxZcAtAj28kjwlS5&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCytnPa-TpYuesLZPL7_UP5fOJyA3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ7M9XT6Q2xPqgDAaoE7AFP0F0fQPcR5RJb0NKNRzAvjYwAe7wKpZUQcnQftbUK99-eJhhnpn6ltNAqfk2-BakdV_OclIh9DSixtSW8G_cBEP2VwstCmEkC22xGX7nfwN_A_HZFXW5XihwHRXeiGszqw8rsxGA86TdwpT4hq9OSc011k96trKUwJcvFHS03lQOouE6cT6HyHOoE3sUZwcQqYOHGvmgO36AEPN_HiAJzBN2Mv9PArauUf9-P6QaX2iST1tDZ8RnzDScRe8gce0XerF23fTI7mVCZpqBUxg26A9YMZ7c0qFYM7C50d8akEjH_qRJVeafGG-tEe4AGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1pj0x13NEUlCCZNvBgB5e5bYP1lQ%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e4b58a351151e4da3ebfac8c923fc7c19c7bbbd6696d716a2f3465bf869f1138
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=179433
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1266
expires
Fri, 05 Aug 2022 04:49:26 GMT
img
pix.eu.criteo.net/img/ Frame 210E
2 KB
2 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FC%2FlogoFraGround-Fraport-Ground-Services-GmbH-222375DE.gif%3Feb%3D1&v=3&w=800&s=p7imNlwxxrodxxqEMEPxBMSf&b=1200
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawALVmcIu-WTAAJ55SNfpvOurZVgviooRg&u=%7CPcGAtcajvHPHlPb2UcmyndfF4v3nimGRG7Aqw%2BnV8l8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-EmSBxF9gVT5n1MXNKzDdgZj0YA9-KFVsubJ8ETM2ZS1JSHu-xkc1vdtSyaueNzr69KpbsnxWtt3aP2RtSz_85tcohTt9MA4pDFO068EMt8BKXEA4aAzOLSC70s8qpltRCopz7JZIny7Y5wCge_9Gk8i7SdMWQ8FPz2haBqC6WAVnXyxuMAVOm6ue6p74CuAo2ijY5cCt8JN80XIBkqrKWMTMRbK68ejmSwP-mJwDljnCjSgNhLepZAoP-xkbqtYlwI5XYFSt91Ou4hdPrN5TxY_IKGI6yG1nonOEMgJsCp7dt40OSlVC1WgZG2587eNW1sFwlJfVa7CJSTfOD2H2cM3a-gLuVXchA3r7qabEkX5f_tch-kQsZV19fTrdzTHNyd7IyKNdcym-RpWvdpLxZcAtAj28kjwlS5&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCytnPa-TpYuesLZPL7_UP5fOJyA3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ7M9XT6Q2xPqgDAaoE7AFP0F0fQPcR5RJb0NKNRzAvjYwAe7wKpZUQcnQftbUK99-eJhhnpn6ltNAqfk2-BakdV_OclIh9DSixtSW8G_cBEP2VwstCmEkC22xGX7nfwN_A_HZFXW5XihwHRXeiGszqw8rsxGA86TdwpT4hq9OSc011k96trKUwJcvFHS03lQOouE6cT6HyHOoE3sUZwcQqYOHGvmgO36AEPN_HiAJzBN2Mv9PArauUf9-P6QaX2iST1tDZ8RnzDScRe8gce0XerF23fTI7mVCZpqBUxg26A9YMZ7c0qFYM7C50d8akEjH_qRJVeafGG-tEe4AGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1pj0x13NEUlCCZNvBgB5e5bYP1lQ%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
5aeca3b44d1a071a3a4271a080470f383d077f1c0d1298845266e690449e6607
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=879328
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1960
expires
Sat, 13 Aug 2022 07:14:20 GMT
img
pix.eu.criteo.net/img/ Frame 210E
1 KB
2 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2Flogoumlaut-22544DE-2011191708.gif%3Feb%3D1&v=3&w=800&s=AkP6VzvhlWQHomqr6ocOPfaW&b=1200
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawALVmcIu-WTAAJ55SNfpvOurZVgviooRg&u=%7CPcGAtcajvHPHlPb2UcmyndfF4v3nimGRG7Aqw%2BnV8l8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-EmSBxF9gVT5n1MXNKzDdgZj0YA9-KFVsubJ8ETM2ZS1JSHu-xkc1vdtSyaueNzr69KpbsnxWtt3aP2RtSz_85tcohTt9MA4pDFO068EMt8BKXEA4aAzOLSC70s8qpltRCopz7JZIny7Y5wCge_9Gk8i7SdMWQ8FPz2haBqC6WAVnXyxuMAVOm6ue6p74CuAo2ijY5cCt8JN80XIBkqrKWMTMRbK68ejmSwP-mJwDljnCjSgNhLepZAoP-xkbqtYlwI5XYFSt91Ou4hdPrN5TxY_IKGI6yG1nonOEMgJsCp7dt40OSlVC1WgZG2587eNW1sFwlJfVa7CJSTfOD2H2cM3a-gLuVXchA3r7qabEkX5f_tch-kQsZV19fTrdzTHNyd7IyKNdcym-RpWvdpLxZcAtAj28kjwlS5&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCytnPa-TpYuesLZPL7_UP5fOJyA3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ7M9XT6Q2xPqgDAaoE7AFP0F0fQPcR5RJb0NKNRzAvjYwAe7wKpZUQcnQftbUK99-eJhhnpn6ltNAqfk2-BakdV_OclIh9DSixtSW8G_cBEP2VwstCmEkC22xGX7nfwN_A_HZFXW5XihwHRXeiGszqw8rsxGA86TdwpT4hq9OSc011k96trKUwJcvFHS03lQOouE6cT6HyHOoE3sUZwcQqYOHGvmgO36AEPN_HiAJzBN2Mv9PArauUf9-P6QaX2iST1tDZ8RnzDScRe8gce0XerF23fTI7mVCZpqBUxg26A9YMZ7c0qFYM7C50d8akEjH_qRJVeafGG-tEe4AGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1pj0x13NEUlCCZNvBgB5e5bYP1lQ%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
1e04cc8c7f4f0ea9326b4de881d5734b2a1f8a96e9b11c11f6a24ff5997d9b18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:51 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=1768494
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1403
expires
Tue, 23 Aug 2022 14:13:47 GMT
img
pix.eu.criteo.net/img/ Frame 210E
2 KB
2 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F6%2FlogoBosch-Gruppe-2804DE-1909091413.gif%3Feb%3D1&v=3&w=800&s=HYbmSDVtbe5wAnm1TH3AhaIB&b=1200
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawALVmcIu-WTAAJ55SNfpvOurZVgviooRg&u=%7CPcGAtcajvHPHlPb2UcmyndfF4v3nimGRG7Aqw%2BnV8l8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-EmSBxF9gVT5n1MXNKzDdgZj0YA9-KFVsubJ8ETM2ZS1JSHu-xkc1vdtSyaueNzr69KpbsnxWtt3aP2RtSz_85tcohTt9MA4pDFO068EMt8BKXEA4aAzOLSC70s8qpltRCopz7JZIny7Y5wCge_9Gk8i7SdMWQ8FPz2haBqC6WAVnXyxuMAVOm6ue6p74CuAo2ijY5cCt8JN80XIBkqrKWMTMRbK68ejmSwP-mJwDljnCjSgNhLepZAoP-xkbqtYlwI5XYFSt91Ou4hdPrN5TxY_IKGI6yG1nonOEMgJsCp7dt40OSlVC1WgZG2587eNW1sFwlJfVa7CJSTfOD2H2cM3a-gLuVXchA3r7qabEkX5f_tch-kQsZV19fTrdzTHNyd7IyKNdcym-RpWvdpLxZcAtAj28kjwlS5&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCytnPa-TpYuesLZPL7_UP5fOJyA3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ7M9XT6Q2xPqgDAaoE7AFP0F0fQPcR5RJb0NKNRzAvjYwAe7wKpZUQcnQftbUK99-eJhhnpn6ltNAqfk2-BakdV_OclIh9DSixtSW8G_cBEP2VwstCmEkC22xGX7nfwN_A_HZFXW5XihwHRXeiGszqw8rsxGA86TdwpT4hq9OSc011k96trKUwJcvFHS03lQOouE6cT6HyHOoE3sUZwcQqYOHGvmgO36AEPN_HiAJzBN2Mv9PArauUf9-P6QaX2iST1tDZ8RnzDScRe8gce0XerF23fTI7mVCZpqBUxg26A9YMZ7c0qFYM7C50d8akEjH_qRJVeafGG-tEe4AGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1pj0x13NEUlCCZNvBgB5e5bYP1lQ%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
490319aff00a55cfc00d9e24f71f39fc0801858055c62c07bec8fabf2f6e24ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:51 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1541262
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1584
expires
Sat, 20 Aug 2022 23:06:35 GMT
img
pix.eu.criteo.net/img/ Frame 210E
898 B
1 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FG%2FlogoGKS-Gesellschaft-fur-Kommunikationsservice-mbH-148116DE.gif%3Feb%3D1&v=3&w=800&s=oYyeyoIGWuLVJQzf4NyU10P1&b=1200
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawALVmcIu-WTAAJ55SNfpvOurZVgviooRg&u=%7CPcGAtcajvHPHlPb2UcmyndfF4v3nimGRG7Aqw%2BnV8l8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-EmSBxF9gVT5n1MXNKzDdgZj0YA9-KFVsubJ8ETM2ZS1JSHu-xkc1vdtSyaueNzr69KpbsnxWtt3aP2RtSz_85tcohTt9MA4pDFO068EMt8BKXEA4aAzOLSC70s8qpltRCopz7JZIny7Y5wCge_9Gk8i7SdMWQ8FPz2haBqC6WAVnXyxuMAVOm6ue6p74CuAo2ijY5cCt8JN80XIBkqrKWMTMRbK68ejmSwP-mJwDljnCjSgNhLepZAoP-xkbqtYlwI5XYFSt91Ou4hdPrN5TxY_IKGI6yG1nonOEMgJsCp7dt40OSlVC1WgZG2587eNW1sFwlJfVa7CJSTfOD2H2cM3a-gLuVXchA3r7qabEkX5f_tch-kQsZV19fTrdzTHNyd7IyKNdcym-RpWvdpLxZcAtAj28kjwlS5&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCytnPa-TpYuesLZPL7_UP5fOJyA3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ7M9XT6Q2xPqgDAaoE7AFP0F0fQPcR5RJb0NKNRzAvjYwAe7wKpZUQcnQftbUK99-eJhhnpn6ltNAqfk2-BakdV_OclIh9DSixtSW8G_cBEP2VwstCmEkC22xGX7nfwN_A_HZFXW5XihwHRXeiGszqw8rsxGA86TdwpT4hq9OSc011k96trKUwJcvFHS03lQOouE6cT6HyHOoE3sUZwcQqYOHGvmgO36AEPN_HiAJzBN2Mv9PArauUf9-P6QaX2iST1tDZ8RnzDScRe8gce0XerF23fTI7mVCZpqBUxg26A9YMZ7c0qFYM7C50d8akEjH_qRJVeafGG-tEe4AGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1pj0x13NEUlCCZNvBgB5e5bYP1lQ%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
46b12afb08dc52a9f50161094e95fc99f08cbb726b869573c640365e1e6b6fd2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:51 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1818347
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
898
expires
Wed, 24 Aug 2022 04:04:39 GMT
img
pix.eu.criteo.net/img/ Frame 210E
3 KB
4 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F0%2FlogoLowenstein-Medical-GmbH-Co-KG-74111DE-2105110848.gif%3Feb%3D1&v=3&w=800&s=JijzJWBzMZm7U9QYvYYkey6k&b=1200
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawALVmcIu-WTAAJ55SNfpvOurZVgviooRg&u=%7CPcGAtcajvHPHlPb2UcmyndfF4v3nimGRG7Aqw%2BnV8l8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-EmSBxF9gVT5n1MXNKzDdgZj0YA9-KFVsubJ8ETM2ZS1JSHu-xkc1vdtSyaueNzr69KpbsnxWtt3aP2RtSz_85tcohTt9MA4pDFO068EMt8BKXEA4aAzOLSC70s8qpltRCopz7JZIny7Y5wCge_9Gk8i7SdMWQ8FPz2haBqC6WAVnXyxuMAVOm6ue6p74CuAo2ijY5cCt8JN80XIBkqrKWMTMRbK68ejmSwP-mJwDljnCjSgNhLepZAoP-xkbqtYlwI5XYFSt91Ou4hdPrN5TxY_IKGI6yG1nonOEMgJsCp7dt40OSlVC1WgZG2587eNW1sFwlJfVa7CJSTfOD2H2cM3a-gLuVXchA3r7qabEkX5f_tch-kQsZV19fTrdzTHNyd7IyKNdcym-RpWvdpLxZcAtAj28kjwlS5&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCytnPa-TpYuesLZPL7_UP5fOJyA3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ7M9XT6Q2xPqgDAaoE7AFP0F0fQPcR5RJb0NKNRzAvjYwAe7wKpZUQcnQftbUK99-eJhhnpn6ltNAqfk2-BakdV_OclIh9DSixtSW8G_cBEP2VwstCmEkC22xGX7nfwN_A_HZFXW5XihwHRXeiGszqw8rsxGA86TdwpT4hq9OSc011k96trKUwJcvFHS03lQOouE6cT6HyHOoE3sUZwcQqYOHGvmgO36AEPN_HiAJzBN2Mv9PArauUf9-P6QaX2iST1tDZ8RnzDScRe8gce0XerF23fTI7mVCZpqBUxg26A9YMZ7c0qFYM7C50d8akEjH_qRJVeafGG-tEe4AGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1pj0x13NEUlCCZNvBgB5e5bYP1lQ%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
12d6f2cc08c97c56eed865540784456fab04f1511531765d785585a7b90093f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=32358
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
3486
expires
Wed, 03 Aug 2022 11:58:11 GMT
all
csm.eu.criteo.net/ Frame 210E
0
127 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=t2E_ojfX20-jaVR3WBvtzUrJsyCsZh-BDLZegZ9ryKwIHqhM65uiW-0M3kkOETe1An2Hgn_xmrONrkQXmRycFnUhurEzM7b9XIppfSVJx1sjTi9bE2SB0VuwauBHOf30X9mBSFnBmry3Vb79vvSP_vZ8BLsWiyLnJmWBmbqaK9zPpZcqonnAdMXgU9my86Lp0t9PBMVaV91kRNixUCOl40FUu7EOK06TvWsdvDTdVIpdC8SmPwodBkswgkCKzeboB2D-BA&sds=2&rev=82250&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawALVmcIu-WTAAJ55SNfpvOurZVgviooRg&u=%7CPcGAtcajvHPHlPb2UcmyndfF4v3nimGRG7Aqw%2BnV8l8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-EmSBxF9gVT5n1MXNKzDdgZj0YA9-KFVsubJ8ETM2ZS1JSHu-xkc1vdtSyaueNzr69KpbsnxWtt3aP2RtSz_85tcohTt9MA4pDFO068EMt8BKXEA4aAzOLSC70s8qpltRCopz7JZIny7Y5wCge_9Gk8i7SdMWQ8FPz2haBqC6WAVnXyxuMAVOm6ue6p74CuAo2ijY5cCt8JN80XIBkqrKWMTMRbK68ejmSwP-mJwDljnCjSgNhLepZAoP-xkbqtYlwI5XYFSt91Ou4hdPrN5TxY_IKGI6yG1nonOEMgJsCp7dt40OSlVC1WgZG2587eNW1sFwlJfVa7CJSTfOD2H2cM3a-gLuVXchA3r7qabEkX5f_tch-kQsZV19fTrdzTHNyd7IyKNdcym-RpWvdpLxZcAtAj28kjwlS5&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCytnPa-TpYuesLZPL7_UP5fOJyA3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ7M9XT6Q2xPqgDAaoE7AFP0F0fQPcR5RJb0NKNRzAvjYwAe7wKpZUQcnQftbUK99-eJhhnpn6ltNAqfk2-BakdV_OclIh9DSixtSW8G_cBEP2VwstCmEkC22xGX7nfwN_A_HZFXW5XihwHRXeiGszqw8rsxGA86TdwpT4hq9OSc011k96trKUwJcvFHS03lQOouE6cT6HyHOoE3sUZwcQqYOHGvmgO36AEPN_HiAJzBN2Mv9PArauUf9-P6QaX2iST1tDZ8RnzDScRe8gce0XerF23fTI7mVCZpqBUxg26A9YMZ7c0qFYM7C50d8akEjH_qRJVeafGG-tEe4AGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1pj0x13NEUlCCZNvBgB5e5bYP1lQ%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 03 Aug 2022 02:58:52 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 210E
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawALVmcIu-WTAAJ55SNfpvOurZVgviooRg&u=%7CPcGAtcajvHPHlPb2UcmyndfF4v3nimGRG7Aqw%2BnV8l8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-EmSBxF9gVT5n1MXNKzDdgZj0YA9-KFVsubJ8ETM2ZS1JSHu-xkc1vdtSyaueNzr69KpbsnxWtt3aP2RtSz_85tcohTt9MA4pDFO068EMt8BKXEA4aAzOLSC70s8qpltRCopz7JZIny7Y5wCge_9Gk8i7SdMWQ8FPz2haBqC6WAVnXyxuMAVOm6ue6p74CuAo2ijY5cCt8JN80XIBkqrKWMTMRbK68ejmSwP-mJwDljnCjSgNhLepZAoP-xkbqtYlwI5XYFSt91Ou4hdPrN5TxY_IKGI6yG1nonOEMgJsCp7dt40OSlVC1WgZG2587eNW1sFwlJfVa7CJSTfOD2H2cM3a-gLuVXchA3r7qabEkX5f_tch-kQsZV19fTrdzTHNyd7IyKNdcym-RpWvdpLxZcAtAj28kjwlS5&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCytnPa-TpYuesLZPL7_UP5fOJyA3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ7M9XT6Q2xPqgDAaoE7AFP0F0fQPcR5RJb0NKNRzAvjYwAe7wKpZUQcnQftbUK99-eJhhnpn6ltNAqfk2-BakdV_OclIh9DSixtSW8G_cBEP2VwstCmEkC22xGX7nfwN_A_HZFXW5XihwHRXeiGszqw8rsxGA86TdwpT4hq9OSc011k96trKUwJcvFHS03lQOouE6cT6HyHOoE3sUZwcQqYOHGvmgO36AEPN_HiAJzBN2Mv9PArauUf9-P6QaX2iST1tDZ8RnzDScRe8gce0XerF23fTI7mVCZpqBUxg26A9YMZ7c0qFYM7C50d8akEjH_qRJVeafGG-tEe4AGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1pj0x13NEUlCCZNvBgB5e5bYP1lQ%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 29 Jul 2023 02:58:52 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 210E
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawALVmcIu-WTAAJ55SNfpvOurZVgviooRg&u=%7CPcGAtcajvHPHlPb2UcmyndfF4v3nimGRG7Aqw%2BnV8l8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-EmSBxF9gVT5n1MXNKzDdgZj0YA9-KFVsubJ8ETM2ZS1JSHu-xkc1vdtSyaueNzr69KpbsnxWtt3aP2RtSz_85tcohTt9MA4pDFO068EMt8BKXEA4aAzOLSC70s8qpltRCopz7JZIny7Y5wCge_9Gk8i7SdMWQ8FPz2haBqC6WAVnXyxuMAVOm6ue6p74CuAo2ijY5cCt8JN80XIBkqrKWMTMRbK68ejmSwP-mJwDljnCjSgNhLepZAoP-xkbqtYlwI5XYFSt91Ou4hdPrN5TxY_IKGI6yG1nonOEMgJsCp7dt40OSlVC1WgZG2587eNW1sFwlJfVa7CJSTfOD2H2cM3a-gLuVXchA3r7qabEkX5f_tch-kQsZV19fTrdzTHNyd7IyKNdcym-RpWvdpLxZcAtAj28kjwlS5&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCytnPa-TpYuesLZPL7_UP5fOJyA3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ7M9XT6Q2xPqgDAaoE7AFP0F0fQPcR5RJb0NKNRzAvjYwAe7wKpZUQcnQftbUK99-eJhhnpn6ltNAqfk2-BakdV_OclIh9DSixtSW8G_cBEP2VwstCmEkC22xGX7nfwN_A_HZFXW5XihwHRXeiGszqw8rsxGA86TdwpT4hq9OSc011k96trKUwJcvFHS03lQOouE6cT6HyHOoE3sUZwcQqYOHGvmgO36AEPN_HiAJzBN2Mv9PArauUf9-P6QaX2iST1tDZ8RnzDScRe8gce0XerF23fTI7mVCZpqBUxg26A9YMZ7c0qFYM7C50d8akEjH_qRJVeafGG-tEe4AGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1pj0x13NEUlCCZNvBgB5e5bYP1lQ%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 29 Jul 2023 02:58:52 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame E2DE
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CkmnRa-TpYpTnK8iC9u8Pn6GW-A3JntKxXKX8k_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTLIAQmpAnsz1dPpDbE-qAMBqgTqAU_Qr_lCYk7IwTAsMWJBQvtEGaApgHzLLL8HmbidYDIwr1KG1CWZjcBV44yxckdodafOWOMd_HRKmISfVj_ZvBrx27bjU14BxWvGq31qAfPPi901VDFqs8bTiJtDZ97bWj_WvdXxRAQCto6N-jce3sSnd1c5bA2pyBhTk_CMK1yn95RBqPAgD701NXEHNd4ZRsPdqr0N2yEd-covAMx76MdtXMMQtoLnSRwwjCDuEqDBm8QgCd_cuy_jvfl3BUyZm-FDm6sjmvnTnglZnlHxaZUixRIOXvjtDrhzGHU9sXA6nUqA5Rl-j7SI2oAGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yMjg0NTEwMjY5MTU4ODkyGAA&sigh=HXYaLQ9pKQ8&uach_m=[UACH]&cid=CAQSGwCsnQUxiGg5_LjpgsDR-5s6YIQcQRcDOyDAshgB
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20220728/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 03 Aug 2022 02:58:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
notify
rtb.nl.eu.criteo.com/google/auction/ Frame E2DE
0
0
Fetch
General
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kOb8EMz6RO0HfJ2DYgICAAAA_MjcXYaThzQQa-TpYtHuvsD_TN7YYiS-ABIAAA&wp=YunkawAK85QH_YFIAAWQn8gq7HM3HqJvduWHmQ
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
server
Kestrel
server-processing-duration-in-ticks
283025
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame 1F12
168 KB
54 KB
Document
General
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAK85QH_YFIAAWQn8gq7HM3HqJvduWHmQ&u=%7CPcGAtcajvHPFLl9ZX%2BtSdoT1aVRby0QxXaCnjV%2BJAOY%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-EmeEBKDJIlZExN5DTY5nQePSLhPFm1S_J63JJCCtFmg6yo0P9kgGOr3Gk9jK_dEK6UjOqyoRh7PrM9WL2tCezjYT6DeNI1Xitg8hAK4xl_QH4YVd-oLQGME2Se8q3aRAHD5qQFwvGb0yJ3V--47RAbnIAzBXqKo-NjDrcXCsS-pfkYVxdXfhju6FQgrVMPuNEd5TGdut2rb8XNhK9pawL9OYboHJUVdZGVDTiebYtkrchzqaTb-BUsuzq3KMzfZa_xl4pH1YYjlnuWWMjeenDCHEwMSn7vizQg5nHC3jvG2M4avVKDD4hbRw1RsbXZhOxKMM7wZS8REWtB7A0sSLd_m7a1RkBldL7fx59v1bUlZOHUQgdn-lqRALFTIamNN6KL&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCitWNa-TpYpTnK8iC9u8Pn6GW-A3JntKxXKX8k_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTLIAQmpAnsz1dPpDbE-qAMBqgTtAU_Qr_lCYk7IwTAsMWJBQvtEGaApgHzLLL8HmbidYDIwr1KG1CWZjcBV44yxckdodafOWOMd_HRKmISfVj_ZvBrx27bjU14BxWvGq31qAfPPi901VDFqs8bTiJtDZ97bWj_WvdXxRAQCto6N-jce3sSnd1c5bA2pyBhTk_CMK1yn95RBqPAgD701NXEHNd4ZRsPdqr0N2yEd-covAMx76MdtXMMQtoLnSRwwjCDuEqDBm8QgCd_cuy_jvfl3BUyZm-FDm6thmNhBGYbFje5tfTby-LT2V-znuLJdAPeJeU2cb_WeyQH7JTCbZULFYYAGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_09OgULVkQrnQvEtkCGoqNs89iIQQ%26client%3Dca-pub-2284510269158892%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220728/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e801530c93fa2410663b47482b43c034bcc51c0f839002503538ce0e40ef0421
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Wed, 03 Aug 2022 02:58:51 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=6c3bZjfX20-jaVR3W7r4FrZ_UuPaf7bOuzlUYooZfYccB5twMBQy5fFR8sTXsD31kF2UE1_sPZrRt1SKMOdd5Ds9yuQ8GUWv0D5iH4Owb2joijZ4uzonEQO9yZ84u5Pbr5cSV3dqZM5QRpjuuIwWbdo4QQUBiiTgnJJBvHPcXlFZurCQ6rt9DhDfujuCKoTiNkHtmiMFz3_CD8ec4WsD1Aw9960J1K_unKQAHlw84IXK0Bkbzibes3YgbVQmZbSBoQeNcQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
103350383
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220728/r20110914/client/ Frame E2DE
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220728/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220728/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:00:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3507
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Aug 2022 02:00:25 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E2DE
139 KB
43 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220728/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92aaa12adb4161114f57fe1c38584f80895525c642d8778be4d5b2d68fcab715
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43813
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1659353321385471"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 03 Aug 2022 02:58:52 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220728/r20110914/client/ Frame E2DE
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220728/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220728/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e5ee07c0b9aebe4b9fe10f351068879e9046771eaae0fecc0d06a320e75d472
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:05:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3196
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7643
x-xss-protection
0
server
cafe
etag
5476907727954993956
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Aug 2022 02:05:36 GMT
truncated
/ Frame D501
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fd0959173b226adaa48c9dd2f5e567ea840f1a5bfca6679109f39b803e5755e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3D5E
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d8eb28791e16c37c7f0706c00da6f250e9aa1a7f0a60f6681bc730c4848c9e2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/png
animejs.js
static.criteo.net/animejs/ Frame DE5B
12 KB
6 KB
Script
General
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAL7rsH_YuJAAje5IgFp06GvEgKDiclow&u=%7CPcGAtcajvHO0ANmpo881aJ3jiaqrA5SOsPafE6vvrWo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-Em2JF7kAG8z86GXLEmVN-29o0JqLNUc-JiAckm9GsDG4wavTlTTCXlwAUgpELson0EH0bvtLj2Xw7LuOdyFv1jKvYfBgEv-H7pX7LVs1RouGindVCSYP0ev6FPYCPF_qQzhlutXktRyaeSeznNz1jj66izBj3AKdjgg09sSe68lhXlILWM8wZk62f6qMWiBfpXP6W1qL2KZtl3kw1cpXHk9apjIYEby6GYThApiOJIQk5yZYI9Wllry0--jhAZQdugHDeotZ0QQ5Ceca6xaKwBnQ5epX8dNrZThUiJ3ncGM83uz0Po6YLhcQVFjV0bXDXsfMMyfmOAVGQ0riYSjhouw4wJpwNMvmRnzj7YQXHe_9mJ6CA3N9PT-i0TlKNx-sW6r1BnE1w3-iuxL1Ly2_EEjg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgYP3a-TpYrvdL4mX9u8P5L2j6AvJntKxXMWymPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ1U99zWw6xPqgDAcgDAqoE7AFP0NUFJfelGsRwfl1_3u-FNITxSHGNV0-edjYnoqFebCw3Wx8hIVl401hU8TGc2-PV9YvaVc29CplWcEBzKqk2K5cK7EMMc1InoFx66T5dXP1xwMl-57KJJEBENy2JQ7Hjts51ObKA7Lnsv9NVtSgDS3aFE1DmLD_f2FxLqMpJiSKTF2g5vh4fhxugdOS8ndf8DL3dTRYtbIETcIr-f9BcbWgftyOXOBD11Of-OR_T5zWwUbHUFHMdwJERB1UhrnFrsoM2UsOwZiWEsLPcgdykFfOdQdzKEyI8qHypZ9O58-NiSPVEpU30iGHEyoAGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0j4KqIk7RLVJsLTnxwK5xyCt79hw%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 29 Jul 2023 02:58:52 GMT
img
pix.eu.criteo.net/img/ Frame DE5B
7 KB
7 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?h=556&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F79f2c646e3f74b54931cff1f39d769d0_blue.png&v=3&w=196&s=nkm37OBN4xyh5x9UPHeLVYZl
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAL7rsH_YuJAAje5IgFp06GvEgKDiclow&u=%7CPcGAtcajvHO0ANmpo881aJ3jiaqrA5SOsPafE6vvrWo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-Em2JF7kAG8z86GXLEmVN-29o0JqLNUc-JiAckm9GsDG4wavTlTTCXlwAUgpELson0EH0bvtLj2Xw7LuOdyFv1jKvYfBgEv-H7pX7LVs1RouGindVCSYP0ev6FPYCPF_qQzhlutXktRyaeSeznNz1jj66izBj3AKdjgg09sSe68lhXlILWM8wZk62f6qMWiBfpXP6W1qL2KZtl3kw1cpXHk9apjIYEby6GYThApiOJIQk5yZYI9Wllry0--jhAZQdugHDeotZ0QQ5Ceca6xaKwBnQ5epX8dNrZThUiJ3ncGM83uz0Po6YLhcQVFjV0bXDXsfMMyfmOAVGQ0riYSjhouw4wJpwNMvmRnzj7YQXHe_9mJ6CA3N9PT-i0TlKNx-sW6r1BnE1w3-iuxL1Ly2_EEjg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgYP3a-TpYrvdL4mX9u8P5L2j6AvJntKxXMWymPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ1U99zWw6xPqgDAcgDAqoE7AFP0NUFJfelGsRwfl1_3u-FNITxSHGNV0-edjYnoqFebCw3Wx8hIVl401hU8TGc2-PV9YvaVc29CplWcEBzKqk2K5cK7EMMc1InoFx66T5dXP1xwMl-57KJJEBENy2JQ7Hjts51ObKA7Lnsv9NVtSgDS3aFE1DmLD_f2FxLqMpJiSKTF2g5vh4fhxugdOS8ndf8DL3dTRYtbIETcIr-f9BcbWgftyOXOBD11Of-OR_T5zWwUbHUFHMdwJERB1UhrnFrsoM2UsOwZiWEsLPcgdykFfOdQdzKEyI8qHypZ9O58-NiSPVEpU30iGHEyoAGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0j4KqIk7RLVJsLTnxwK5xyCt79hw%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
bfcd7a262745ac2a8520d46dbe261c5db424c001970e9ebe83c440bfb48454f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29052289
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
6722
expires
Wed, 05 Jul 2023 09:03:42 GMT
img
pix.eu.criteo.net/img/ Frame DE5B
1 KB
1 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoBKA_Bundeskriminalamt_4558DE.gif%3Feb%3D1&v=3&w=400&s=GVnKI3ywx2pDN-sz0JRgKSSP&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAL7rsH_YuJAAje5IgFp06GvEgKDiclow&u=%7CPcGAtcajvHO0ANmpo881aJ3jiaqrA5SOsPafE6vvrWo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-Em2JF7kAG8z86GXLEmVN-29o0JqLNUc-JiAckm9GsDG4wavTlTTCXlwAUgpELson0EH0bvtLj2Xw7LuOdyFv1jKvYfBgEv-H7pX7LVs1RouGindVCSYP0ev6FPYCPF_qQzhlutXktRyaeSeznNz1jj66izBj3AKdjgg09sSe68lhXlILWM8wZk62f6qMWiBfpXP6W1qL2KZtl3kw1cpXHk9apjIYEby6GYThApiOJIQk5yZYI9Wllry0--jhAZQdugHDeotZ0QQ5Ceca6xaKwBnQ5epX8dNrZThUiJ3ncGM83uz0Po6YLhcQVFjV0bXDXsfMMyfmOAVGQ0riYSjhouw4wJpwNMvmRnzj7YQXHe_9mJ6CA3N9PT-i0TlKNx-sW6r1BnE1w3-iuxL1Ly2_EEjg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgYP3a-TpYrvdL4mX9u8P5L2j6AvJntKxXMWymPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ1U99zWw6xPqgDAcgDAqoE7AFP0NUFJfelGsRwfl1_3u-FNITxSHGNV0-edjYnoqFebCw3Wx8hIVl401hU8TGc2-PV9YvaVc29CplWcEBzKqk2K5cK7EMMc1InoFx66T5dXP1xwMl-57KJJEBENy2JQ7Hjts51ObKA7Lnsv9NVtSgDS3aFE1DmLD_f2FxLqMpJiSKTF2g5vh4fhxugdOS8ndf8DL3dTRYtbIETcIr-f9BcbWgftyOXOBD11Of-OR_T5zWwUbHUFHMdwJERB1UhrnFrsoM2UsOwZiWEsLPcgdykFfOdQdzKEyI8qHypZ9O58-NiSPVEpU30iGHEyoAGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0j4KqIk7RLVJsLTnxwK5xyCt79hw%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e4b58a351151e4da3ebfac8c923fc7c19c7bbbd6696d716a2f3465bf869f1138
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=179433
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1266
expires
Fri, 05 Aug 2022 04:49:26 GMT
img
pix.eu.criteo.net/img/ Frame DE5B
1 KB
2 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2Flogoumlaut-22544DE-2011191708.gif%3Feb%3D1&v=3&w=400&s=h6MSrvCuLLNFEP2MLoODan37&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAL7rsH_YuJAAje5IgFp06GvEgKDiclow&u=%7CPcGAtcajvHO0ANmpo881aJ3jiaqrA5SOsPafE6vvrWo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-Em2JF7kAG8z86GXLEmVN-29o0JqLNUc-JiAckm9GsDG4wavTlTTCXlwAUgpELson0EH0bvtLj2Xw7LuOdyFv1jKvYfBgEv-H7pX7LVs1RouGindVCSYP0ev6FPYCPF_qQzhlutXktRyaeSeznNz1jj66izBj3AKdjgg09sSe68lhXlILWM8wZk62f6qMWiBfpXP6W1qL2KZtl3kw1cpXHk9apjIYEby6GYThApiOJIQk5yZYI9Wllry0--jhAZQdugHDeotZ0QQ5Ceca6xaKwBnQ5epX8dNrZThUiJ3ncGM83uz0Po6YLhcQVFjV0bXDXsfMMyfmOAVGQ0riYSjhouw4wJpwNMvmRnzj7YQXHe_9mJ6CA3N9PT-i0TlKNx-sW6r1BnE1w3-iuxL1Ly2_EEjg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgYP3a-TpYrvdL4mX9u8P5L2j6AvJntKxXMWymPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ1U99zWw6xPqgDAcgDAqoE7AFP0NUFJfelGsRwfl1_3u-FNITxSHGNV0-edjYnoqFebCw3Wx8hIVl401hU8TGc2-PV9YvaVc29CplWcEBzKqk2K5cK7EMMc1InoFx66T5dXP1xwMl-57KJJEBENy2JQ7Hjts51ObKA7Lnsv9NVtSgDS3aFE1DmLD_f2FxLqMpJiSKTF2g5vh4fhxugdOS8ndf8DL3dTRYtbIETcIr-f9BcbWgftyOXOBD11Of-OR_T5zWwUbHUFHMdwJERB1UhrnFrsoM2UsOwZiWEsLPcgdykFfOdQdzKEyI8qHypZ9O58-NiSPVEpU30iGHEyoAGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0j4KqIk7RLVJsLTnxwK5xyCt79hw%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
1e04cc8c7f4f0ea9326b4de881d5734b2a1f8a96e9b11c11f6a24ff5997d9b18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=1768494
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1403
expires
Tue, 23 Aug 2022 14:13:47 GMT
img
pix.eu.criteo.net/img/ Frame DE5B
2 KB
2 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FC%2FlogoFraGround-Fraport-Ground-Services-GmbH-222375DE.gif%3Feb%3D1&v=3&w=400&s=u8QjTuzx4yQwWOjyD8TMxXfP&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAL7rsH_YuJAAje5IgFp06GvEgKDiclow&u=%7CPcGAtcajvHO0ANmpo881aJ3jiaqrA5SOsPafE6vvrWo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-Em2JF7kAG8z86GXLEmVN-29o0JqLNUc-JiAckm9GsDG4wavTlTTCXlwAUgpELson0EH0bvtLj2Xw7LuOdyFv1jKvYfBgEv-H7pX7LVs1RouGindVCSYP0ev6FPYCPF_qQzhlutXktRyaeSeznNz1jj66izBj3AKdjgg09sSe68lhXlILWM8wZk62f6qMWiBfpXP6W1qL2KZtl3kw1cpXHk9apjIYEby6GYThApiOJIQk5yZYI9Wllry0--jhAZQdugHDeotZ0QQ5Ceca6xaKwBnQ5epX8dNrZThUiJ3ncGM83uz0Po6YLhcQVFjV0bXDXsfMMyfmOAVGQ0riYSjhouw4wJpwNMvmRnzj7YQXHe_9mJ6CA3N9PT-i0TlKNx-sW6r1BnE1w3-iuxL1Ly2_EEjg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgYP3a-TpYrvdL4mX9u8P5L2j6AvJntKxXMWymPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ1U99zWw6xPqgDAcgDAqoE7AFP0NUFJfelGsRwfl1_3u-FNITxSHGNV0-edjYnoqFebCw3Wx8hIVl401hU8TGc2-PV9YvaVc29CplWcEBzKqk2K5cK7EMMc1InoFx66T5dXP1xwMl-57KJJEBENy2JQ7Hjts51ObKA7Lnsv9NVtSgDS3aFE1DmLD_f2FxLqMpJiSKTF2g5vh4fhxugdOS8ndf8DL3dTRYtbIETcIr-f9BcbWgftyOXOBD11Of-OR_T5zWwUbHUFHMdwJERB1UhrnFrsoM2UsOwZiWEsLPcgdykFfOdQdzKEyI8qHypZ9O58-NiSPVEpU30iGHEyoAGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0j4KqIk7RLVJsLTnxwK5xyCt79hw%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
5aeca3b44d1a071a3a4271a080470f383d077f1c0d1298845266e690449e6607
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=879328
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1960
expires
Sat, 13 Aug 2022 07:14:20 GMT
img
pix.eu.criteo.net/img/ Frame DE5B
2 KB
2 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F6%2FlogoBosch-Gruppe-2804DE-1909091413.gif%3Feb%3D1&v=3&w=400&s=mpSaavc37cTAcDERDSmhZdBJ&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAL7rsH_YuJAAje5IgFp06GvEgKDiclow&u=%7CPcGAtcajvHO0ANmpo881aJ3jiaqrA5SOsPafE6vvrWo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-Em2JF7kAG8z86GXLEmVN-29o0JqLNUc-JiAckm9GsDG4wavTlTTCXlwAUgpELson0EH0bvtLj2Xw7LuOdyFv1jKvYfBgEv-H7pX7LVs1RouGindVCSYP0ev6FPYCPF_qQzhlutXktRyaeSeznNz1jj66izBj3AKdjgg09sSe68lhXlILWM8wZk62f6qMWiBfpXP6W1qL2KZtl3kw1cpXHk9apjIYEby6GYThApiOJIQk5yZYI9Wllry0--jhAZQdugHDeotZ0QQ5Ceca6xaKwBnQ5epX8dNrZThUiJ3ncGM83uz0Po6YLhcQVFjV0bXDXsfMMyfmOAVGQ0riYSjhouw4wJpwNMvmRnzj7YQXHe_9mJ6CA3N9PT-i0TlKNx-sW6r1BnE1w3-iuxL1Ly2_EEjg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgYP3a-TpYrvdL4mX9u8P5L2j6AvJntKxXMWymPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ1U99zWw6xPqgDAcgDAqoE7AFP0NUFJfelGsRwfl1_3u-FNITxSHGNV0-edjYnoqFebCw3Wx8hIVl401hU8TGc2-PV9YvaVc29CplWcEBzKqk2K5cK7EMMc1InoFx66T5dXP1xwMl-57KJJEBENy2JQ7Hjts51ObKA7Lnsv9NVtSgDS3aFE1DmLD_f2FxLqMpJiSKTF2g5vh4fhxugdOS8ndf8DL3dTRYtbIETcIr-f9BcbWgftyOXOBD11Of-OR_T5zWwUbHUFHMdwJERB1UhrnFrsoM2UsOwZiWEsLPcgdykFfOdQdzKEyI8qHypZ9O58-NiSPVEpU30iGHEyoAGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0j4KqIk7RLVJsLTnxwK5xyCt79hw%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
490319aff00a55cfc00d9e24f71f39fc0801858055c62c07bec8fabf2f6e24ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:51 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1541262
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1584
expires
Sat, 20 Aug 2022 23:06:35 GMT
img
pix.eu.criteo.net/img/ Frame DE5B
3 KB
4 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F0%2FlogoLowenstein-Medical-GmbH-Co-KG-74111DE-2105110848.gif%3Feb%3D1&v=3&w=400&s=2-_TANSLS_KEsZlOLAgpT42z&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAL7rsH_YuJAAje5IgFp06GvEgKDiclow&u=%7CPcGAtcajvHO0ANmpo881aJ3jiaqrA5SOsPafE6vvrWo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-Em2JF7kAG8z86GXLEmVN-29o0JqLNUc-JiAckm9GsDG4wavTlTTCXlwAUgpELson0EH0bvtLj2Xw7LuOdyFv1jKvYfBgEv-H7pX7LVs1RouGindVCSYP0ev6FPYCPF_qQzhlutXktRyaeSeznNz1jj66izBj3AKdjgg09sSe68lhXlILWM8wZk62f6qMWiBfpXP6W1qL2KZtl3kw1cpXHk9apjIYEby6GYThApiOJIQk5yZYI9Wllry0--jhAZQdugHDeotZ0QQ5Ceca6xaKwBnQ5epX8dNrZThUiJ3ncGM83uz0Po6YLhcQVFjV0bXDXsfMMyfmOAVGQ0riYSjhouw4wJpwNMvmRnzj7YQXHe_9mJ6CA3N9PT-i0TlKNx-sW6r1BnE1w3-iuxL1Ly2_EEjg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgYP3a-TpYrvdL4mX9u8P5L2j6AvJntKxXMWymPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ1U99zWw6xPqgDAcgDAqoE7AFP0NUFJfelGsRwfl1_3u-FNITxSHGNV0-edjYnoqFebCw3Wx8hIVl401hU8TGc2-PV9YvaVc29CplWcEBzKqk2K5cK7EMMc1InoFx66T5dXP1xwMl-57KJJEBENy2JQ7Hjts51ObKA7Lnsv9NVtSgDS3aFE1DmLD_f2FxLqMpJiSKTF2g5vh4fhxugdOS8ndf8DL3dTRYtbIETcIr-f9BcbWgftyOXOBD11Of-OR_T5zWwUbHUFHMdwJERB1UhrnFrsoM2UsOwZiWEsLPcgdykFfOdQdzKEyI8qHypZ9O58-NiSPVEpU30iGHEyoAGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0j4KqIk7RLVJsLTnxwK5xyCt79hw%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
12d6f2cc08c97c56eed865540784456fab04f1511531765d785585a7b90093f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=32358
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
3486
expires
Wed, 03 Aug 2022 11:58:11 GMT
img
pix.eu.criteo.net/img/ Frame DE5B
6 KB
6 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FE%2FlogoWentzel-Dr-GmbH-72929DE-2203151009.gif%3Feb%3D1&v=3&w=400&s=uCg-mOa70Sq-wX6b2LZcSwAb&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAL7rsH_YuJAAje5IgFp06GvEgKDiclow&u=%7CPcGAtcajvHO0ANmpo881aJ3jiaqrA5SOsPafE6vvrWo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-Em2JF7kAG8z86GXLEmVN-29o0JqLNUc-JiAckm9GsDG4wavTlTTCXlwAUgpELson0EH0bvtLj2Xw7LuOdyFv1jKvYfBgEv-H7pX7LVs1RouGindVCSYP0ev6FPYCPF_qQzhlutXktRyaeSeznNz1jj66izBj3AKdjgg09sSe68lhXlILWM8wZk62f6qMWiBfpXP6W1qL2KZtl3kw1cpXHk9apjIYEby6GYThApiOJIQk5yZYI9Wllry0--jhAZQdugHDeotZ0QQ5Ceca6xaKwBnQ5epX8dNrZThUiJ3ncGM83uz0Po6YLhcQVFjV0bXDXsfMMyfmOAVGQ0riYSjhouw4wJpwNMvmRnzj7YQXHe_9mJ6CA3N9PT-i0TlKNx-sW6r1BnE1w3-iuxL1Ly2_EEjg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgYP3a-TpYrvdL4mX9u8P5L2j6AvJntKxXMWymPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ1U99zWw6xPqgDAcgDAqoE7AFP0NUFJfelGsRwfl1_3u-FNITxSHGNV0-edjYnoqFebCw3Wx8hIVl401hU8TGc2-PV9YvaVc29CplWcEBzKqk2K5cK7EMMc1InoFx66T5dXP1xwMl-57KJJEBENy2JQ7Hjts51ObKA7Lnsv9NVtSgDS3aFE1DmLD_f2FxLqMpJiSKTF2g5vh4fhxugdOS8ndf8DL3dTRYtbIETcIr-f9BcbWgftyOXOBD11Of-OR_T5zWwUbHUFHMdwJERB1UhrnFrsoM2UsOwZiWEsLPcgdykFfOdQdzKEyI8qHypZ9O58-NiSPVEpU30iGHEyoAGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0j4KqIk7RLVJsLTnxwK5xyCt79hw%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
cde9e51128d4ee7ca1a42dddb79b1cc1c3b23387aa3b610b2a866971a70c8707
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:51 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=819635
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
5758
expires
Fri, 12 Aug 2022 14:39:28 GMT
img
pix.eu.criteo.net/img/ Frame DE5B
2 KB
2 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoDr-Meindl-u-Partner-Verrechnungsstelle-GmbH-139545DE.gif%3Feb%3D1&v=3&w=400&s=OEC11Z9rjyZetjUjA1x1yYe1&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAL7rsH_YuJAAje5IgFp06GvEgKDiclow&u=%7CPcGAtcajvHO0ANmpo881aJ3jiaqrA5SOsPafE6vvrWo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-Em2JF7kAG8z86GXLEmVN-29o0JqLNUc-JiAckm9GsDG4wavTlTTCXlwAUgpELson0EH0bvtLj2Xw7LuOdyFv1jKvYfBgEv-H7pX7LVs1RouGindVCSYP0ev6FPYCPF_qQzhlutXktRyaeSeznNz1jj66izBj3AKdjgg09sSe68lhXlILWM8wZk62f6qMWiBfpXP6W1qL2KZtl3kw1cpXHk9apjIYEby6GYThApiOJIQk5yZYI9Wllry0--jhAZQdugHDeotZ0QQ5Ceca6xaKwBnQ5epX8dNrZThUiJ3ncGM83uz0Po6YLhcQVFjV0bXDXsfMMyfmOAVGQ0riYSjhouw4wJpwNMvmRnzj7YQXHe_9mJ6CA3N9PT-i0TlKNx-sW6r1BnE1w3-iuxL1Ly2_EEjg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgYP3a-TpYrvdL4mX9u8P5L2j6AvJntKxXMWymPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ1U99zWw6xPqgDAcgDAqoE7AFP0NUFJfelGsRwfl1_3u-FNITxSHGNV0-edjYnoqFebCw3Wx8hIVl401hU8TGc2-PV9YvaVc29CplWcEBzKqk2K5cK7EMMc1InoFx66T5dXP1xwMl-57KJJEBENy2JQ7Hjts51ObKA7Lnsv9NVtSgDS3aFE1DmLD_f2FxLqMpJiSKTF2g5vh4fhxugdOS8ndf8DL3dTRYtbIETcIr-f9BcbWgftyOXOBD11Of-OR_T5zWwUbHUFHMdwJERB1UhrnFrsoM2UsOwZiWEsLPcgdykFfOdQdzKEyI8qHypZ9O58-NiSPVEpU30iGHEyoAGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0j4KqIk7RLVJsLTnxwK5xyCt79hw%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
cd5c0df13009943b3fdf4190f148764693d7a0d820d6c76430a5382d154a979e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:51 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1732
expires
Sat, 29 Jul 2023 02:58:52 GMT
img
pix.eu.criteo.net/img/ Frame DE5B
966 B
1 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F0%2FlogoEnterprise-Autovermietung-Deutschland-GmbH-153745DE.gif%3Feb%3D1&v=3&w=400&s=UVU4F-OS6-7KqWNCMLQy8kE1&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAL7rsH_YuJAAje5IgFp06GvEgKDiclow&u=%7CPcGAtcajvHO0ANmpo881aJ3jiaqrA5SOsPafE6vvrWo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-Em2JF7kAG8z86GXLEmVN-29o0JqLNUc-JiAckm9GsDG4wavTlTTCXlwAUgpELson0EH0bvtLj2Xw7LuOdyFv1jKvYfBgEv-H7pX7LVs1RouGindVCSYP0ev6FPYCPF_qQzhlutXktRyaeSeznNz1jj66izBj3AKdjgg09sSe68lhXlILWM8wZk62f6qMWiBfpXP6W1qL2KZtl3kw1cpXHk9apjIYEby6GYThApiOJIQk5yZYI9Wllry0--jhAZQdugHDeotZ0QQ5Ceca6xaKwBnQ5epX8dNrZThUiJ3ncGM83uz0Po6YLhcQVFjV0bXDXsfMMyfmOAVGQ0riYSjhouw4wJpwNMvmRnzj7YQXHe_9mJ6CA3N9PT-i0TlKNx-sW6r1BnE1w3-iuxL1Ly2_EEjg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgYP3a-TpYrvdL4mX9u8P5L2j6AvJntKxXMWymPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ1U99zWw6xPqgDAcgDAqoE7AFP0NUFJfelGsRwfl1_3u-FNITxSHGNV0-edjYnoqFebCw3Wx8hIVl401hU8TGc2-PV9YvaVc29CplWcEBzKqk2K5cK7EMMc1InoFx66T5dXP1xwMl-57KJJEBENy2JQ7Hjts51ObKA7Lnsv9NVtSgDS3aFE1DmLD_f2FxLqMpJiSKTF2g5vh4fhxugdOS8ndf8DL3dTRYtbIETcIr-f9BcbWgftyOXOBD11Of-OR_T5zWwUbHUFHMdwJERB1UhrnFrsoM2UsOwZiWEsLPcgdykFfOdQdzKEyI8qHypZ9O58-NiSPVEpU30iGHEyoAGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0j4KqIk7RLVJsLTnxwK5xyCt79hw%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
81b3a0e1a674b19b86930db69495ebf54f462859737be1bae1ccb8ddf472d540
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:51 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=369984
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
966
expires
Sun, 07 Aug 2022 09:45:16 GMT
img
pix.eu.criteo.net/img/ Frame DE5B
1 KB
1 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FZ%2FlogoZEISS-3427DE.gif%3Feb%3D1&v=3&w=400&s=57jpJpXqQqO6aPmte_wy5ihf&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAL7rsH_YuJAAje5IgFp06GvEgKDiclow&u=%7CPcGAtcajvHO0ANmpo881aJ3jiaqrA5SOsPafE6vvrWo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-Em2JF7kAG8z86GXLEmVN-29o0JqLNUc-JiAckm9GsDG4wavTlTTCXlwAUgpELson0EH0bvtLj2Xw7LuOdyFv1jKvYfBgEv-H7pX7LVs1RouGindVCSYP0ev6FPYCPF_qQzhlutXktRyaeSeznNz1jj66izBj3AKdjgg09sSe68lhXlILWM8wZk62f6qMWiBfpXP6W1qL2KZtl3kw1cpXHk9apjIYEby6GYThApiOJIQk5yZYI9Wllry0--jhAZQdugHDeotZ0QQ5Ceca6xaKwBnQ5epX8dNrZThUiJ3ncGM83uz0Po6YLhcQVFjV0bXDXsfMMyfmOAVGQ0riYSjhouw4wJpwNMvmRnzj7YQXHe_9mJ6CA3N9PT-i0TlKNx-sW6r1BnE1w3-iuxL1Ly2_EEjg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgYP3a-TpYrvdL4mX9u8P5L2j6AvJntKxXMWymPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ1U99zWw6xPqgDAcgDAqoE7AFP0NUFJfelGsRwfl1_3u-FNITxSHGNV0-edjYnoqFebCw3Wx8hIVl401hU8TGc2-PV9YvaVc29CplWcEBzKqk2K5cK7EMMc1InoFx66T5dXP1xwMl-57KJJEBENy2JQ7Hjts51ObKA7Lnsv9NVtSgDS3aFE1DmLD_f2FxLqMpJiSKTF2g5vh4fhxugdOS8ndf8DL3dTRYtbIETcIr-f9BcbWgftyOXOBD11Of-OR_T5zWwUbHUFHMdwJERB1UhrnFrsoM2UsOwZiWEsLPcgdykFfOdQdzKEyI8qHypZ9O58-NiSPVEpU30iGHEyoAGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0j4KqIk7RLVJsLTnxwK5xyCt79hw%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
a6c11502463f3445d37d3184cef1016bb3c77dbc12b88636788632bfe5e87b98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:51 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=914366
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1244
expires
Sat, 13 Aug 2022 16:58:17 GMT
all
csm.eu.criteo.net/ Frame DE5B
0
127 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=KCbJnzfX20-jaVR36u5jMhGeJXhyk7xaeFi4_e9i93fWQf7SwZg3TpQbjsIqED9TXZE_TxxVvmPyL-1r4gT9fsQeyfV9pAE3ASbw2joly_8MeR8YfQWjbxwm49G7ra6Eg-BIDLdRvsFCh7Q7n7aISMFm0nBHWhONF3pyuxsr3dO4aEu90Dh2pu4kukGglLEasG7PFNq1JyW8Y2TdXrVcwaWTaAvLG0M5FMRlbg-VDidjAbMWpHWeTXiKIb6bMpUETAYq7A&sds=2&rev=82250&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAL7rsH_YuJAAje5IgFp06GvEgKDiclow&u=%7CPcGAtcajvHO0ANmpo881aJ3jiaqrA5SOsPafE6vvrWo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-Em2JF7kAG8z86GXLEmVN-29o0JqLNUc-JiAckm9GsDG4wavTlTTCXlwAUgpELson0EH0bvtLj2Xw7LuOdyFv1jKvYfBgEv-H7pX7LVs1RouGindVCSYP0ev6FPYCPF_qQzhlutXktRyaeSeznNz1jj66izBj3AKdjgg09sSe68lhXlILWM8wZk62f6qMWiBfpXP6W1qL2KZtl3kw1cpXHk9apjIYEby6GYThApiOJIQk5yZYI9Wllry0--jhAZQdugHDeotZ0QQ5Ceca6xaKwBnQ5epX8dNrZThUiJ3ncGM83uz0Po6YLhcQVFjV0bXDXsfMMyfmOAVGQ0riYSjhouw4wJpwNMvmRnzj7YQXHe_9mJ6CA3N9PT-i0TlKNx-sW6r1BnE1w3-iuxL1Ly2_EEjg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgYP3a-TpYrvdL4mX9u8P5L2j6AvJntKxXMWymPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ1U99zWw6xPqgDAcgDAqoE7AFP0NUFJfelGsRwfl1_3u-FNITxSHGNV0-edjYnoqFebCw3Wx8hIVl401hU8TGc2-PV9YvaVc29CplWcEBzKqk2K5cK7EMMc1InoFx66T5dXP1xwMl-57KJJEBENy2JQ7Hjts51ObKA7Lnsv9NVtSgDS3aFE1DmLD_f2FxLqMpJiSKTF2g5vh4fhxugdOS8ndf8DL3dTRYtbIETcIr-f9BcbWgftyOXOBD11Of-OR_T5zWwUbHUFHMdwJERB1UhrnFrsoM2UsOwZiWEsLPcgdykFfOdQdzKEyI8qHypZ9O58-NiSPVEpU30iGHEyoAGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0j4KqIk7RLVJsLTnxwK5xyCt79hw%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 03 Aug 2022 02:58:51 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame DE5B
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAL7rsH_YuJAAje5IgFp06GvEgKDiclow&u=%7CPcGAtcajvHO0ANmpo881aJ3jiaqrA5SOsPafE6vvrWo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-Em2JF7kAG8z86GXLEmVN-29o0JqLNUc-JiAckm9GsDG4wavTlTTCXlwAUgpELson0EH0bvtLj2Xw7LuOdyFv1jKvYfBgEv-H7pX7LVs1RouGindVCSYP0ev6FPYCPF_qQzhlutXktRyaeSeznNz1jj66izBj3AKdjgg09sSe68lhXlILWM8wZk62f6qMWiBfpXP6W1qL2KZtl3kw1cpXHk9apjIYEby6GYThApiOJIQk5yZYI9Wllry0--jhAZQdugHDeotZ0QQ5Ceca6xaKwBnQ5epX8dNrZThUiJ3ncGM83uz0Po6YLhcQVFjV0bXDXsfMMyfmOAVGQ0riYSjhouw4wJpwNMvmRnzj7YQXHe_9mJ6CA3N9PT-i0TlKNx-sW6r1BnE1w3-iuxL1Ly2_EEjg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgYP3a-TpYrvdL4mX9u8P5L2j6AvJntKxXMWymPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ1U99zWw6xPqgDAcgDAqoE7AFP0NUFJfelGsRwfl1_3u-FNITxSHGNV0-edjYnoqFebCw3Wx8hIVl401hU8TGc2-PV9YvaVc29CplWcEBzKqk2K5cK7EMMc1InoFx66T5dXP1xwMl-57KJJEBENy2JQ7Hjts51ObKA7Lnsv9NVtSgDS3aFE1DmLD_f2FxLqMpJiSKTF2g5vh4fhxugdOS8ndf8DL3dTRYtbIETcIr-f9BcbWgftyOXOBD11Of-OR_T5zWwUbHUFHMdwJERB1UhrnFrsoM2UsOwZiWEsLPcgdykFfOdQdzKEyI8qHypZ9O58-NiSPVEpU30iGHEyoAGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0j4KqIk7RLVJsLTnxwK5xyCt79hw%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 29 Jul 2023 02:58:52 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame DE5B
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAL7rsH_YuJAAje5IgFp06GvEgKDiclow&u=%7CPcGAtcajvHO0ANmpo881aJ3jiaqrA5SOsPafE6vvrWo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-Em2JF7kAG8z86GXLEmVN-29o0JqLNUc-JiAckm9GsDG4wavTlTTCXlwAUgpELson0EH0bvtLj2Xw7LuOdyFv1jKvYfBgEv-H7pX7LVs1RouGindVCSYP0ev6FPYCPF_qQzhlutXktRyaeSeznNz1jj66izBj3AKdjgg09sSe68lhXlILWM8wZk62f6qMWiBfpXP6W1qL2KZtl3kw1cpXHk9apjIYEby6GYThApiOJIQk5yZYI9Wllry0--jhAZQdugHDeotZ0QQ5Ceca6xaKwBnQ5epX8dNrZThUiJ3ncGM83uz0Po6YLhcQVFjV0bXDXsfMMyfmOAVGQ0riYSjhouw4wJpwNMvmRnzj7YQXHe_9mJ6CA3N9PT-i0TlKNx-sW6r1BnE1w3-iuxL1Ly2_EEjg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgYP3a-TpYrvdL4mX9u8P5L2j6AvJntKxXMWymPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ1U99zWw6xPqgDAcgDAqoE7AFP0NUFJfelGsRwfl1_3u-FNITxSHGNV0-edjYnoqFebCw3Wx8hIVl401hU8TGc2-PV9YvaVc29CplWcEBzKqk2K5cK7EMMc1InoFx66T5dXP1xwMl-57KJJEBENy2JQ7Hjts51ObKA7Lnsv9NVtSgDS3aFE1DmLD_f2FxLqMpJiSKTF2g5vh4fhxugdOS8ndf8DL3dTRYtbIETcIr-f9BcbWgftyOXOBD11Of-OR_T5zWwUbHUFHMdwJERB1UhrnFrsoM2UsOwZiWEsLPcgdykFfOdQdzKEyI8qHypZ9O58-NiSPVEpU30iGHEyoAGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0j4KqIk7RLVJsLTnxwK5xyCt79hw%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 29 Jul 2023 02:58:52 GMT
img
pix.eu.criteo.net/img/ Frame AB08
2 KB
3 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoBKA_Bundeskriminalamt_4558DE.gif%3Feb%3D1&ups=1&v=3&w=800&s=VXUQypBhkE2emCWeJm0w2DzE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2284510269158892&output=html&h=352&slotname=6655585604&adk=1606311184&adf=2466936919&pi=t.ma~as.6655585604&w=588&cr_col=4&cr_row=2&fwrn=2&lmt=1659493775&rafmt=9&psa=0&format=588x352&url=https%3A%2F%2Fspeakdoor.blogspot.com%2F2021%2F05%2Fmypaint.html&host=ca-host-pub-1556223355139109&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659495531400&bpp=1&bdt=277&idt=391&shv=r20220728&mjsv=m202207280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C588x280%2C588x280&nras=1&correlator=2793839140486&frm=20&pv=1&ga_vid=1415982526.1659495532&ga_sid=1659495532&ga_hid=1944273415&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=2125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531607%2C44769661&oid=2&pvsid=4218468948237186&tmod=440477505&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=DMG7eA7igE&p=https%3A//speakdoor.blogspot.com&dtd=393
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
0b1680a8e4662f0539158fdc3b97f89656dfb10b4f9400396b7f9681b9e21859
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=179433
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
2358
expires
Fri, 05 Aug 2022 04:49:26 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame AB08
81 KB
81 KB
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2284510269158892&output=html&h=352&slotname=6655585604&adk=1606311184&adf=2466936919&pi=t.ma~as.6655585604&w=588&cr_col=4&cr_row=2&fwrn=2&lmt=1659493775&rafmt=9&psa=0&format=588x352&url=https%3A%2F%2Fspeakdoor.blogspot.com%2F2021%2F05%2Fmypaint.html&host=ca-host-pub-1556223355139109&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659495531400&bpp=1&bdt=277&idt=391&shv=r20220728&mjsv=m202207280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C588x280%2C588x280&nras=1&correlator=2793839140486&frm=20&pv=1&ga_vid=1415982526.1659495532&ga_sid=1659495532&ga_hid=1944273415&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=2125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531607%2C44769661&oid=2&pvsid=4218468948237186&tmod=440477505&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=DMG7eA7igE&p=https%3A//speakdoor.blogspot.com&dtd=393
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2284510269158892&output=html&h=352&slotname=6655585604&adk=1606311184&adf=2466936919&pi=t.ma~as.6655585604&w=588&cr_col=4&cr_row=2&fwrn=2&lmt=1659493775&rafmt=9&psa=0&format=588x352&url=https%3A%2F%2Fspeakdoor.blogspot.com%2F2021%2F05%2Fmypaint.html&host=ca-host-pub-1556223355139109&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659495531400&bpp=1&bdt=277&idt=391&shv=r20220728&mjsv=m202207280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C588x280%2C588x280&nras=1&correlator=2793839140486&frm=20&pv=1&ga_vid=1415982526.1659495532&ga_sid=1659495532&ga_hid=1944273415&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=2125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531607%2C44769661&oid=2&pvsid=4218468948237186&tmod=440477505&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=DMG7eA7igE&p=https%3A//speakdoor.blogspot.com&dtd=393
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2284510269158892&output=html&h=352&slotname=6655585604&adk=1606311184&adf=2466936919&pi=t.ma~as.6655585604&w=588&cr_col=4&cr_row=2&fwrn=2&lmt=1659493775&rafmt=9&psa=0&format=588x352&url=https%3A%2F%2Fspeakdoor.blogspot.com%2F2021%2F05%2Fmypaint.html&host=ca-host-pub-1556223355139109&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659495531400&bpp=1&bdt=277&idt=391&shv=r20220728&mjsv=m202207280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C588x280%2C588x280&nras=1&correlator=2793839140486&frm=20&pv=1&ga_vid=1415982526.1659495532&ga_sid=1659495532&ga_hid=1944273415&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=2125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531607%2C44769661&oid=2&pvsid=4218468948237186&tmod=440477505&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=DMG7eA7igE&p=https%3A//speakdoor.blogspot.com&dtd=393
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23019
x-xss-protection
0
pad_screenshot_240x180.gif
cdn.soft112.com/tangram-7/00/00/00/3A/0000003APG/
17 KB
17 KB
Image
General
Full URL
https://cdn.soft112.com/tangram-7/00/00/00/3A/0000003APG/pad_screenshot_240x180.gif
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.111.9.35 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
820e00de6abb3aaa6d599d967f94efe32c51e88950dfdb53bb9028b806a81d57

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
last-modified
Mon, 09 Oct 2017 17:03:09 GMT
server
NetDNA-cache/2.2
etag
"435f-55b202a38cd40"
x-cache
HIT
content-type
image/gif
cache-control
max-age=604800
accept-ranges
bytes
content-length
17247
expires
Wed, 10 Aug 2022 02:58:52 GMT
GeoGebra%2BMath%2BApps.png
1.bp.blogspot.com/-OTQnolZFlWI/YI0SlzbT6iI/AAAAAAAATT8/qq7iar0iupYlhMz46smNV1qLGfoVCWr6QCLcBGAsYHQ/s0/
106 KB
106 KB
Image
General
Full URL
https://1.bp.blogspot.com/-OTQnolZFlWI/YI0SlzbT6iI/AAAAAAAATT8/qq7iar0iupYlhMz46smNV1qLGfoVCWr6QCLcBGAsYHQ/s0/GeoGebra%2BMath%2BApps.png
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
5cd70f8c2c548ec95cc3450bb485b839cec7a8ea050897353100add4a5d4cddf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:25 GMT
x-content-type-options
nosniff
age
27
content-disposition
inline;filename="GeoGebra Math Apps.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
108330
x-xss-protection
0
server
fife
etag
"v4d40"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 04 Aug 2022 02:58:25 GMT
GeoGebra%2BMath%2BApps.png
1.bp.blogspot.com/-OTQnolZFlWI/YI0SlzbT6iI/AAAAAAAATT8/qq7iar0iupYlhMz46smNV1qLGfoVCWr6QCLcBGAsYHQ/w72-h72-p-k-no-nu/
3 KB
3 KB
Image
General
Full URL
https://1.bp.blogspot.com/-OTQnolZFlWI/YI0SlzbT6iI/AAAAAAAATT8/qq7iar0iupYlhMz46smNV1qLGfoVCWr6QCLcBGAsYHQ/w72-h72-p-k-no-nu/GeoGebra%2BMath%2BApps.png
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
897e3372189781bc03dca169574bc3c145cd1adff7595cf2fa233207c071b032
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:25 GMT
x-content-type-options
nosniff
age
27
content-disposition
inline;filename="GeoGebra Math Apps.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3462
x-xss-protection
0
server
fife
etag
"v4d40"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 04 Aug 2022 02:58:25 GMT
animejs.js
static.criteo.net/animejs/ Frame D3B4
12 KB
6 KB
Script
General
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAMTHYH_ZJvAAGC92w4eK7GZS48co8Liw&u=%7CPcGAtcajvHPNj%2B6rggXbeU8jZxiIx20958XyO8mplQw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-Em2JF7kAG8z86GXLEmVN-29ssmfspfyGhVzisVULS66n2dGaP1V9j8atLVX_QLF-rwnGWDQlNEZNXHyFf49GyU1si658_1gtc_NbQP26ZQTdC0ww9KGo383AlvAc5Kdxz7tF5AOIXU3RdAb2oL0b869FNQqnn0pouotKHww_OLLFabz534Ja-_kbyGm9boabrtQdl-3IChVuwUt4xjEuUvZrAuMLBerLpy8NEJD2hb2RYiHTu4-x-SG_mq5zRIEghVQaPxCPQijxoYaV764LSyft3-iV8EO7y6cTWmE4WEbtidaG-Ywvef_o6-ysjZpJHuCPCLl6uRQ3eG76qX5b05Iq1LkX5gx6TvhUARexGehQ8z9VqVOqrpXyzcaYNW60JCzik9egwVfCU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfXJDa-TpYvaYMe-k9u8P94WG-A_JntKxXPXalvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ1U99zWw6xPqgDAaoE8QFP0KultPC5yhQyMqU3-dMSMKtQK0XUA5HT3E8v4wZcrjf7xl0pJcy6MsEw3FilyMS3y8kA3reECVY2sdr1GHCX4bOF3lV7s3SYTDyKoB3YV8vOgDuZCW0JttfBaaGpM40FaOdA65VorSRnpWvHv0F2kozJVJsG5WfRk-DVyYEXHNQrNn5uTIi5Mxj0HBq1guwwWkC4mJQX11BQbHCg5AmnMB1mz3ySJJ6iXDfaVAmrc9oXLjjEiGUegb_lubephG3KjJqLk2Ed_h8VcCjB17bxJ9c4WAttBmp8Xih_ysG3SYFMb0Ojjv9Cfb-VLmhZ2U75gAaeoLeMwZmgsm6gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3DaoepKe97xl6MMSpE1oAnEgfSPA%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 29 Jul 2023 02:58:52 GMT
img
pix.eu.criteo.net/img/ Frame D3B4
7 KB
7 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?h=556&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F79f2c646e3f74b54931cff1f39d769d0_blue.png&v=3&w=196&s=nkm37OBN4xyh5x9UPHeLVYZl
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAMTHYH_ZJvAAGC92w4eK7GZS48co8Liw&u=%7CPcGAtcajvHPNj%2B6rggXbeU8jZxiIx20958XyO8mplQw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-Em2JF7kAG8z86GXLEmVN-29ssmfspfyGhVzisVULS66n2dGaP1V9j8atLVX_QLF-rwnGWDQlNEZNXHyFf49GyU1si658_1gtc_NbQP26ZQTdC0ww9KGo383AlvAc5Kdxz7tF5AOIXU3RdAb2oL0b869FNQqnn0pouotKHww_OLLFabz534Ja-_kbyGm9boabrtQdl-3IChVuwUt4xjEuUvZrAuMLBerLpy8NEJD2hb2RYiHTu4-x-SG_mq5zRIEghVQaPxCPQijxoYaV764LSyft3-iV8EO7y6cTWmE4WEbtidaG-Ywvef_o6-ysjZpJHuCPCLl6uRQ3eG76qX5b05Iq1LkX5gx6TvhUARexGehQ8z9VqVOqrpXyzcaYNW60JCzik9egwVfCU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfXJDa-TpYvaYMe-k9u8P94WG-A_JntKxXPXalvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ1U99zWw6xPqgDAaoE8QFP0KultPC5yhQyMqU3-dMSMKtQK0XUA5HT3E8v4wZcrjf7xl0pJcy6MsEw3FilyMS3y8kA3reECVY2sdr1GHCX4bOF3lV7s3SYTDyKoB3YV8vOgDuZCW0JttfBaaGpM40FaOdA65VorSRnpWvHv0F2kozJVJsG5WfRk-DVyYEXHNQrNn5uTIi5Mxj0HBq1guwwWkC4mJQX11BQbHCg5AmnMB1mz3ySJJ6iXDfaVAmrc9oXLjjEiGUegb_lubephG3KjJqLk2Ed_h8VcCjB17bxJ9c4WAttBmp8Xih_ysG3SYFMb0Ojjv9Cfb-VLmhZ2U75gAaeoLeMwZmgsm6gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3DaoepKe97xl6MMSpE1oAnEgfSPA%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
bfcd7a262745ac2a8520d46dbe261c5db424c001970e9ebe83c440bfb48454f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29052289
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
6722
expires
Wed, 05 Jul 2023 09:03:42 GMT
img
pix.eu.criteo.net/img/ Frame D3B4
1 KB
1 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoBKA_Bundeskriminalamt_4558DE.gif%3Feb%3D1&v=3&w=800&s=DI0SONUVXrdIf4n2KRU4NSEh&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAMTHYH_ZJvAAGC92w4eK7GZS48co8Liw&u=%7CPcGAtcajvHPNj%2B6rggXbeU8jZxiIx20958XyO8mplQw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-Em2JF7kAG8z86GXLEmVN-29ssmfspfyGhVzisVULS66n2dGaP1V9j8atLVX_QLF-rwnGWDQlNEZNXHyFf49GyU1si658_1gtc_NbQP26ZQTdC0ww9KGo383AlvAc5Kdxz7tF5AOIXU3RdAb2oL0b869FNQqnn0pouotKHww_OLLFabz534Ja-_kbyGm9boabrtQdl-3IChVuwUt4xjEuUvZrAuMLBerLpy8NEJD2hb2RYiHTu4-x-SG_mq5zRIEghVQaPxCPQijxoYaV764LSyft3-iV8EO7y6cTWmE4WEbtidaG-Ywvef_o6-ysjZpJHuCPCLl6uRQ3eG76qX5b05Iq1LkX5gx6TvhUARexGehQ8z9VqVOqrpXyzcaYNW60JCzik9egwVfCU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfXJDa-TpYvaYMe-k9u8P94WG-A_JntKxXPXalvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ1U99zWw6xPqgDAaoE8QFP0KultPC5yhQyMqU3-dMSMKtQK0XUA5HT3E8v4wZcrjf7xl0pJcy6MsEw3FilyMS3y8kA3reECVY2sdr1GHCX4bOF3lV7s3SYTDyKoB3YV8vOgDuZCW0JttfBaaGpM40FaOdA65VorSRnpWvHv0F2kozJVJsG5WfRk-DVyYEXHNQrNn5uTIi5Mxj0HBq1guwwWkC4mJQX11BQbHCg5AmnMB1mz3ySJJ6iXDfaVAmrc9oXLjjEiGUegb_lubephG3KjJqLk2Ed_h8VcCjB17bxJ9c4WAttBmp8Xih_ysG3SYFMb0Ojjv9Cfb-VLmhZ2U75gAaeoLeMwZmgsm6gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3DaoepKe97xl6MMSpE1oAnEgfSPA%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e4b58a351151e4da3ebfac8c923fc7c19c7bbbd6696d716a2f3465bf869f1138
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=179433
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1266
expires
Fri, 05 Aug 2022 04:49:26 GMT
img
pix.eu.criteo.net/img/ Frame D3B4
2 KB
2 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FC%2FlogoFraGround-Fraport-Ground-Services-GmbH-222375DE.gif%3Feb%3D1&v=3&w=800&s=p7imNlwxxrodxxqEMEPxBMSf&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAMTHYH_ZJvAAGC92w4eK7GZS48co8Liw&u=%7CPcGAtcajvHPNj%2B6rggXbeU8jZxiIx20958XyO8mplQw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-Em2JF7kAG8z86GXLEmVN-29ssmfspfyGhVzisVULS66n2dGaP1V9j8atLVX_QLF-rwnGWDQlNEZNXHyFf49GyU1si658_1gtc_NbQP26ZQTdC0ww9KGo383AlvAc5Kdxz7tF5AOIXU3RdAb2oL0b869FNQqnn0pouotKHww_OLLFabz534Ja-_kbyGm9boabrtQdl-3IChVuwUt4xjEuUvZrAuMLBerLpy8NEJD2hb2RYiHTu4-x-SG_mq5zRIEghVQaPxCPQijxoYaV764LSyft3-iV8EO7y6cTWmE4WEbtidaG-Ywvef_o6-ysjZpJHuCPCLl6uRQ3eG76qX5b05Iq1LkX5gx6TvhUARexGehQ8z9VqVOqrpXyzcaYNW60JCzik9egwVfCU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfXJDa-TpYvaYMe-k9u8P94WG-A_JntKxXPXalvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ1U99zWw6xPqgDAaoE8QFP0KultPC5yhQyMqU3-dMSMKtQK0XUA5HT3E8v4wZcrjf7xl0pJcy6MsEw3FilyMS3y8kA3reECVY2sdr1GHCX4bOF3lV7s3SYTDyKoB3YV8vOgDuZCW0JttfBaaGpM40FaOdA65VorSRnpWvHv0F2kozJVJsG5WfRk-DVyYEXHNQrNn5uTIi5Mxj0HBq1guwwWkC4mJQX11BQbHCg5AmnMB1mz3ySJJ6iXDfaVAmrc9oXLjjEiGUegb_lubephG3KjJqLk2Ed_h8VcCjB17bxJ9c4WAttBmp8Xih_ysG3SYFMb0Ojjv9Cfb-VLmhZ2U75gAaeoLeMwZmgsm6gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3DaoepKe97xl6MMSpE1oAnEgfSPA%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
5aeca3b44d1a071a3a4271a080470f383d077f1c0d1298845266e690449e6607
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:51 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=879327
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1960
expires
Sat, 13 Aug 2022 07:14:20 GMT
img
pix.eu.criteo.net/img/ Frame D3B4
2 KB
2 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F6%2FlogoBosch-Gruppe-2804DE-1909091413.gif%3Feb%3D1&v=3&w=800&s=HYbmSDVtbe5wAnm1TH3AhaIB&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAMTHYH_ZJvAAGC92w4eK7GZS48co8Liw&u=%7CPcGAtcajvHPNj%2B6rggXbeU8jZxiIx20958XyO8mplQw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-Em2JF7kAG8z86GXLEmVN-29ssmfspfyGhVzisVULS66n2dGaP1V9j8atLVX_QLF-rwnGWDQlNEZNXHyFf49GyU1si658_1gtc_NbQP26ZQTdC0ww9KGo383AlvAc5Kdxz7tF5AOIXU3RdAb2oL0b869FNQqnn0pouotKHww_OLLFabz534Ja-_kbyGm9boabrtQdl-3IChVuwUt4xjEuUvZrAuMLBerLpy8NEJD2hb2RYiHTu4-x-SG_mq5zRIEghVQaPxCPQijxoYaV764LSyft3-iV8EO7y6cTWmE4WEbtidaG-Ywvef_o6-ysjZpJHuCPCLl6uRQ3eG76qX5b05Iq1LkX5gx6TvhUARexGehQ8z9VqVOqrpXyzcaYNW60JCzik9egwVfCU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfXJDa-TpYvaYMe-k9u8P94WG-A_JntKxXPXalvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ1U99zWw6xPqgDAaoE8QFP0KultPC5yhQyMqU3-dMSMKtQK0XUA5HT3E8v4wZcrjf7xl0pJcy6MsEw3FilyMS3y8kA3reECVY2sdr1GHCX4bOF3lV7s3SYTDyKoB3YV8vOgDuZCW0JttfBaaGpM40FaOdA65VorSRnpWvHv0F2kozJVJsG5WfRk-DVyYEXHNQrNn5uTIi5Mxj0HBq1guwwWkC4mJQX11BQbHCg5AmnMB1mz3ySJJ6iXDfaVAmrc9oXLjjEiGUegb_lubephG3KjJqLk2Ed_h8VcCjB17bxJ9c4WAttBmp8Xih_ysG3SYFMb0Ojjv9Cfb-VLmhZ2U75gAaeoLeMwZmgsm6gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3DaoepKe97xl6MMSpE1oAnEgfSPA%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
490319aff00a55cfc00d9e24f71f39fc0801858055c62c07bec8fabf2f6e24ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:51 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1541262
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1584
expires
Sat, 20 Aug 2022 23:06:35 GMT
img
pix.eu.criteo.net/img/ Frame D3B4
1 KB
2 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FG%2FlogoGeneral-Consulate-of-the-state-of-Kuwait-Health-Office-DE.gif%3Feb%3D1&v=3&w=800&s=-dLqZvCSFRucRx0Gl31M5LGs&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAMTHYH_ZJvAAGC92w4eK7GZS48co8Liw&u=%7CPcGAtcajvHPNj%2B6rggXbeU8jZxiIx20958XyO8mplQw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-Em2JF7kAG8z86GXLEmVN-29ssmfspfyGhVzisVULS66n2dGaP1V9j8atLVX_QLF-rwnGWDQlNEZNXHyFf49GyU1si658_1gtc_NbQP26ZQTdC0ww9KGo383AlvAc5Kdxz7tF5AOIXU3RdAb2oL0b869FNQqnn0pouotKHww_OLLFabz534Ja-_kbyGm9boabrtQdl-3IChVuwUt4xjEuUvZrAuMLBerLpy8NEJD2hb2RYiHTu4-x-SG_mq5zRIEghVQaPxCPQijxoYaV764LSyft3-iV8EO7y6cTWmE4WEbtidaG-Ywvef_o6-ysjZpJHuCPCLl6uRQ3eG76qX5b05Iq1LkX5gx6TvhUARexGehQ8z9VqVOqrpXyzcaYNW60JCzik9egwVfCU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfXJDa-TpYvaYMe-k9u8P94WG-A_JntKxXPXalvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ1U99zWw6xPqgDAaoE8QFP0KultPC5yhQyMqU3-dMSMKtQK0XUA5HT3E8v4wZcrjf7xl0pJcy6MsEw3FilyMS3y8kA3reECVY2sdr1GHCX4bOF3lV7s3SYTDyKoB3YV8vOgDuZCW0JttfBaaGpM40FaOdA65VorSRnpWvHv0F2kozJVJsG5WfRk-DVyYEXHNQrNn5uTIi5Mxj0HBq1guwwWkC4mJQX11BQbHCg5AmnMB1mz3ySJJ6iXDfaVAmrc9oXLjjEiGUegb_lubephG3KjJqLk2Ed_h8VcCjB17bxJ9c4WAttBmp8Xih_ysG3SYFMb0Ojjv9Cfb-VLmhZ2U75gAaeoLeMwZmgsm6gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3DaoepKe97xl6MMSpE1oAnEgfSPA%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ec726bd933fd745a283039066e9e60536ce6c98df3221b078164ef72ceb570eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1054793
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1376
expires
Mon, 15 Aug 2022 07:58:45 GMT
img
pix.eu.criteo.net/img/ Frame D3B4
1 KB
2 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2Flogoumlaut-22544DE-2011191708.gif%3Feb%3D1&v=3&w=800&s=AkP6VzvhlWQHomqr6ocOPfaW&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAMTHYH_ZJvAAGC92w4eK7GZS48co8Liw&u=%7CPcGAtcajvHPNj%2B6rggXbeU8jZxiIx20958XyO8mplQw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-Em2JF7kAG8z86GXLEmVN-29ssmfspfyGhVzisVULS66n2dGaP1V9j8atLVX_QLF-rwnGWDQlNEZNXHyFf49GyU1si658_1gtc_NbQP26ZQTdC0ww9KGo383AlvAc5Kdxz7tF5AOIXU3RdAb2oL0b869FNQqnn0pouotKHww_OLLFabz534Ja-_kbyGm9boabrtQdl-3IChVuwUt4xjEuUvZrAuMLBerLpy8NEJD2hb2RYiHTu4-x-SG_mq5zRIEghVQaPxCPQijxoYaV764LSyft3-iV8EO7y6cTWmE4WEbtidaG-Ywvef_o6-ysjZpJHuCPCLl6uRQ3eG76qX5b05Iq1LkX5gx6TvhUARexGehQ8z9VqVOqrpXyzcaYNW60JCzik9egwVfCU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfXJDa-TpYvaYMe-k9u8P94WG-A_JntKxXPXalvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ1U99zWw6xPqgDAaoE8QFP0KultPC5yhQyMqU3-dMSMKtQK0XUA5HT3E8v4wZcrjf7xl0pJcy6MsEw3FilyMS3y8kA3reECVY2sdr1GHCX4bOF3lV7s3SYTDyKoB3YV8vOgDuZCW0JttfBaaGpM40FaOdA65VorSRnpWvHv0F2kozJVJsG5WfRk-DVyYEXHNQrNn5uTIi5Mxj0HBq1guwwWkC4mJQX11BQbHCg5AmnMB1mz3ySJJ6iXDfaVAmrc9oXLjjEiGUegb_lubephG3KjJqLk2Ed_h8VcCjB17bxJ9c4WAttBmp8Xih_ysG3SYFMb0Ojjv9Cfb-VLmhZ2U75gAaeoLeMwZmgsm6gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3DaoepKe97xl6MMSpE1oAnEgfSPA%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
1e04cc8c7f4f0ea9326b4de881d5734b2a1f8a96e9b11c11f6a24ff5997d9b18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:51 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=1768494
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1403
expires
Tue, 23 Aug 2022 14:13:47 GMT
img
pix.eu.criteo.net/img/ Frame D3B4
3 KB
4 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F0%2FlogoLowenstein-Medical-GmbH-Co-KG-74111DE-2105110848.gif%3Feb%3D1&v=3&w=800&s=JijzJWBzMZm7U9QYvYYkey6k&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAMTHYH_ZJvAAGC92w4eK7GZS48co8Liw&u=%7CPcGAtcajvHPNj%2B6rggXbeU8jZxiIx20958XyO8mplQw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-Em2JF7kAG8z86GXLEmVN-29ssmfspfyGhVzisVULS66n2dGaP1V9j8atLVX_QLF-rwnGWDQlNEZNXHyFf49GyU1si658_1gtc_NbQP26ZQTdC0ww9KGo383AlvAc5Kdxz7tF5AOIXU3RdAb2oL0b869FNQqnn0pouotKHww_OLLFabz534Ja-_kbyGm9boabrtQdl-3IChVuwUt4xjEuUvZrAuMLBerLpy8NEJD2hb2RYiHTu4-x-SG_mq5zRIEghVQaPxCPQijxoYaV764LSyft3-iV8EO7y6cTWmE4WEbtidaG-Ywvef_o6-ysjZpJHuCPCLl6uRQ3eG76qX5b05Iq1LkX5gx6TvhUARexGehQ8z9VqVOqrpXyzcaYNW60JCzik9egwVfCU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfXJDa-TpYvaYMe-k9u8P94WG-A_JntKxXPXalvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ1U99zWw6xPqgDAaoE8QFP0KultPC5yhQyMqU3-dMSMKtQK0XUA5HT3E8v4wZcrjf7xl0pJcy6MsEw3FilyMS3y8kA3reECVY2sdr1GHCX4bOF3lV7s3SYTDyKoB3YV8vOgDuZCW0JttfBaaGpM40FaOdA65VorSRnpWvHv0F2kozJVJsG5WfRk-DVyYEXHNQrNn5uTIi5Mxj0HBq1guwwWkC4mJQX11BQbHCg5AmnMB1mz3ySJJ6iXDfaVAmrc9oXLjjEiGUegb_lubephG3KjJqLk2Ed_h8VcCjB17bxJ9c4WAttBmp8Xih_ysG3SYFMb0Ojjv9Cfb-VLmhZ2U75gAaeoLeMwZmgsm6gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3DaoepKe97xl6MMSpE1oAnEgfSPA%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
12d6f2cc08c97c56eed865540784456fab04f1511531765d785585a7b90093f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:51 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=32358
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
3486
expires
Wed, 03 Aug 2022 11:58:11 GMT
img
pix.eu.criteo.net/img/ Frame D3B4
966 B
1 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F0%2FlogoEnterprise-Autovermietung-Deutschland-GmbH-153745DE.gif%3Feb%3D1&v=3&w=800&s=U5H84uopB27cQLx8WSpo245D&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAMTHYH_ZJvAAGC92w4eK7GZS48co8Liw&u=%7CPcGAtcajvHPNj%2B6rggXbeU8jZxiIx20958XyO8mplQw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-Em2JF7kAG8z86GXLEmVN-29ssmfspfyGhVzisVULS66n2dGaP1V9j8atLVX_QLF-rwnGWDQlNEZNXHyFf49GyU1si658_1gtc_NbQP26ZQTdC0ww9KGo383AlvAc5Kdxz7tF5AOIXU3RdAb2oL0b869FNQqnn0pouotKHww_OLLFabz534Ja-_kbyGm9boabrtQdl-3IChVuwUt4xjEuUvZrAuMLBerLpy8NEJD2hb2RYiHTu4-x-SG_mq5zRIEghVQaPxCPQijxoYaV764LSyft3-iV8EO7y6cTWmE4WEbtidaG-Ywvef_o6-ysjZpJHuCPCLl6uRQ3eG76qX5b05Iq1LkX5gx6TvhUARexGehQ8z9VqVOqrpXyzcaYNW60JCzik9egwVfCU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfXJDa-TpYvaYMe-k9u8P94WG-A_JntKxXPXalvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ1U99zWw6xPqgDAaoE8QFP0KultPC5yhQyMqU3-dMSMKtQK0XUA5HT3E8v4wZcrjf7xl0pJcy6MsEw3FilyMS3y8kA3reECVY2sdr1GHCX4bOF3lV7s3SYTDyKoB3YV8vOgDuZCW0JttfBaaGpM40FaOdA65VorSRnpWvHv0F2kozJVJsG5WfRk-DVyYEXHNQrNn5uTIi5Mxj0HBq1guwwWkC4mJQX11BQbHCg5AmnMB1mz3ySJJ6iXDfaVAmrc9oXLjjEiGUegb_lubephG3KjJqLk2Ed_h8VcCjB17bxJ9c4WAttBmp8Xih_ysG3SYFMb0Ojjv9Cfb-VLmhZ2U75gAaeoLeMwZmgsm6gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3DaoepKe97xl6MMSpE1oAnEgfSPA%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
81b3a0e1a674b19b86930db69495ebf54f462859737be1bae1ccb8ddf472d540
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:51 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=369983
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
966
expires
Sun, 07 Aug 2022 09:45:16 GMT
img
pix.eu.criteo.net/img/ Frame D3B4
1 KB
1 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F7%2FlogoPwC-2965DE.gif%3Feb%3D1&v=3&w=800&s=P1iwqlztP-6RPDJ2TSVIR8NP&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAMTHYH_ZJvAAGC92w4eK7GZS48co8Liw&u=%7CPcGAtcajvHPNj%2B6rggXbeU8jZxiIx20958XyO8mplQw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-Em2JF7kAG8z86GXLEmVN-29ssmfspfyGhVzisVULS66n2dGaP1V9j8atLVX_QLF-rwnGWDQlNEZNXHyFf49GyU1si658_1gtc_NbQP26ZQTdC0ww9KGo383AlvAc5Kdxz7tF5AOIXU3RdAb2oL0b869FNQqnn0pouotKHww_OLLFabz534Ja-_kbyGm9boabrtQdl-3IChVuwUt4xjEuUvZrAuMLBerLpy8NEJD2hb2RYiHTu4-x-SG_mq5zRIEghVQaPxCPQijxoYaV764LSyft3-iV8EO7y6cTWmE4WEbtidaG-Ywvef_o6-ysjZpJHuCPCLl6uRQ3eG76qX5b05Iq1LkX5gx6TvhUARexGehQ8z9VqVOqrpXyzcaYNW60JCzik9egwVfCU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfXJDa-TpYvaYMe-k9u8P94WG-A_JntKxXPXalvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ1U99zWw6xPqgDAaoE8QFP0KultPC5yhQyMqU3-dMSMKtQK0XUA5HT3E8v4wZcrjf7xl0pJcy6MsEw3FilyMS3y8kA3reECVY2sdr1GHCX4bOF3lV7s3SYTDyKoB3YV8vOgDuZCW0JttfBaaGpM40FaOdA65VorSRnpWvHv0F2kozJVJsG5WfRk-DVyYEXHNQrNn5uTIi5Mxj0HBq1guwwWkC4mJQX11BQbHCg5AmnMB1mz3ySJJ6iXDfaVAmrc9oXLjjEiGUegb_lubephG3KjJqLk2Ed_h8VcCjB17bxJ9c4WAttBmp8Xih_ysG3SYFMb0Ojjv9Cfb-VLmhZ2U75gAaeoLeMwZmgsm6gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3DaoepKe97xl6MMSpE1oAnEgfSPA%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
a9c3152b1f921defaf879a7f6514623aa21e0656a12f143b20cde6648ff5036c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1226
expires
Sat, 29 Jul 2023 02:58:52 GMT
img
pix.eu.criteo.net/img/ Frame D3B4
1 KB
1 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FJ%2FlogoJS_Deutschland_GmbH_24984DE.gif%3Feb%3D1&v=3&w=800&s=kazlmmYaf1I4CAPjpV7VMXGz&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAMTHYH_ZJvAAGC92w4eK7GZS48co8Liw&u=%7CPcGAtcajvHPNj%2B6rggXbeU8jZxiIx20958XyO8mplQw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-Em2JF7kAG8z86GXLEmVN-29ssmfspfyGhVzisVULS66n2dGaP1V9j8atLVX_QLF-rwnGWDQlNEZNXHyFf49GyU1si658_1gtc_NbQP26ZQTdC0ww9KGo383AlvAc5Kdxz7tF5AOIXU3RdAb2oL0b869FNQqnn0pouotKHww_OLLFabz534Ja-_kbyGm9boabrtQdl-3IChVuwUt4xjEuUvZrAuMLBerLpy8NEJD2hb2RYiHTu4-x-SG_mq5zRIEghVQaPxCPQijxoYaV764LSyft3-iV8EO7y6cTWmE4WEbtidaG-Ywvef_o6-ysjZpJHuCPCLl6uRQ3eG76qX5b05Iq1LkX5gx6TvhUARexGehQ8z9VqVOqrpXyzcaYNW60JCzik9egwVfCU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfXJDa-TpYvaYMe-k9u8P94WG-A_JntKxXPXalvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ1U99zWw6xPqgDAaoE8QFP0KultPC5yhQyMqU3-dMSMKtQK0XUA5HT3E8v4wZcrjf7xl0pJcy6MsEw3FilyMS3y8kA3reECVY2sdr1GHCX4bOF3lV7s3SYTDyKoB3YV8vOgDuZCW0JttfBaaGpM40FaOdA65VorSRnpWvHv0F2kozJVJsG5WfRk-DVyYEXHNQrNn5uTIi5Mxj0HBq1guwwWkC4mJQX11BQbHCg5AmnMB1mz3ySJJ6iXDfaVAmrc9oXLjjEiGUegb_lubephG3KjJqLk2Ed_h8VcCjB17bxJ9c4WAttBmp8Xih_ysG3SYFMb0Ojjv9Cfb-VLmhZ2U75gAaeoLeMwZmgsm6gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3DaoepKe97xl6MMSpE1oAnEgfSPA%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
639665b9e97aad7d30114d5b9b4d4b391d1ee6e870fd4515ec28e5a24c22863a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1099277
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1100
expires
Mon, 15 Aug 2022 20:20:09 GMT
all
csm.eu.criteo.net/ Frame D3B4
0
127 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=hiC9WTfX20-jaVR3w7jlfE5HLzEjdsnWsFH13MPIuZk8RjcA6xJnvRd_UavAi7jnRH-OC95XQsq8vuFwJr5AmglYA_BVdVqWXnzHfMp-HNwRN8inTHwM22Ug_jyXrEhLtIQQzp2GMvJ8fm6gGotoxiqHTVcYYe3Nly_Kuh1NE9Q_DPdencmaIhbKx7S1XhJlt-kKF-yjzHfbL_n06BlUCK6bka96IiSswvciAWsLtwZ49bmzVShLkhMFXXWs8EytaInC8w&sds=2&rev=82250&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAMTHYH_ZJvAAGC92w4eK7GZS48co8Liw&u=%7CPcGAtcajvHPNj%2B6rggXbeU8jZxiIx20958XyO8mplQw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-Em2JF7kAG8z86GXLEmVN-29ssmfspfyGhVzisVULS66n2dGaP1V9j8atLVX_QLF-rwnGWDQlNEZNXHyFf49GyU1si658_1gtc_NbQP26ZQTdC0ww9KGo383AlvAc5Kdxz7tF5AOIXU3RdAb2oL0b869FNQqnn0pouotKHww_OLLFabz534Ja-_kbyGm9boabrtQdl-3IChVuwUt4xjEuUvZrAuMLBerLpy8NEJD2hb2RYiHTu4-x-SG_mq5zRIEghVQaPxCPQijxoYaV764LSyft3-iV8EO7y6cTWmE4WEbtidaG-Ywvef_o6-ysjZpJHuCPCLl6uRQ3eG76qX5b05Iq1LkX5gx6TvhUARexGehQ8z9VqVOqrpXyzcaYNW60JCzik9egwVfCU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfXJDa-TpYvaYMe-k9u8P94WG-A_JntKxXPXalvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ1U99zWw6xPqgDAaoE8QFP0KultPC5yhQyMqU3-dMSMKtQK0XUA5HT3E8v4wZcrjf7xl0pJcy6MsEw3FilyMS3y8kA3reECVY2sdr1GHCX4bOF3lV7s3SYTDyKoB3YV8vOgDuZCW0JttfBaaGpM40FaOdA65VorSRnpWvHv0F2kozJVJsG5WfRk-DVyYEXHNQrNn5uTIi5Mxj0HBq1guwwWkC4mJQX11BQbHCg5AmnMB1mz3ySJJ6iXDfaVAmrc9oXLjjEiGUegb_lubephG3KjJqLk2Ed_h8VcCjB17bxJ9c4WAttBmp8Xih_ysG3SYFMb0Ojjv9Cfb-VLmhZ2U75gAaeoLeMwZmgsm6gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3DaoepKe97xl6MMSpE1oAnEgfSPA%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 03 Aug 2022 02:58:52 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame D3B4
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAMTHYH_ZJvAAGC92w4eK7GZS48co8Liw&u=%7CPcGAtcajvHPNj%2B6rggXbeU8jZxiIx20958XyO8mplQw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-Em2JF7kAG8z86GXLEmVN-29ssmfspfyGhVzisVULS66n2dGaP1V9j8atLVX_QLF-rwnGWDQlNEZNXHyFf49GyU1si658_1gtc_NbQP26ZQTdC0ww9KGo383AlvAc5Kdxz7tF5AOIXU3RdAb2oL0b869FNQqnn0pouotKHww_OLLFabz534Ja-_kbyGm9boabrtQdl-3IChVuwUt4xjEuUvZrAuMLBerLpy8NEJD2hb2RYiHTu4-x-SG_mq5zRIEghVQaPxCPQijxoYaV764LSyft3-iV8EO7y6cTWmE4WEbtidaG-Ywvef_o6-ysjZpJHuCPCLl6uRQ3eG76qX5b05Iq1LkX5gx6TvhUARexGehQ8z9VqVOqrpXyzcaYNW60JCzik9egwVfCU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfXJDa-TpYvaYMe-k9u8P94WG-A_JntKxXPXalvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ1U99zWw6xPqgDAaoE8QFP0KultPC5yhQyMqU3-dMSMKtQK0XUA5HT3E8v4wZcrjf7xl0pJcy6MsEw3FilyMS3y8kA3reECVY2sdr1GHCX4bOF3lV7s3SYTDyKoB3YV8vOgDuZCW0JttfBaaGpM40FaOdA65VorSRnpWvHv0F2kozJVJsG5WfRk-DVyYEXHNQrNn5uTIi5Mxj0HBq1guwwWkC4mJQX11BQbHCg5AmnMB1mz3ySJJ6iXDfaVAmrc9oXLjjEiGUegb_lubephG3KjJqLk2Ed_h8VcCjB17bxJ9c4WAttBmp8Xih_ysG3SYFMb0Ojjv9Cfb-VLmhZ2U75gAaeoLeMwZmgsm6gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3DaoepKe97xl6MMSpE1oAnEgfSPA%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 29 Jul 2023 02:58:52 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame D3B4
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAMTHYH_ZJvAAGC92w4eK7GZS48co8Liw&u=%7CPcGAtcajvHPNj%2B6rggXbeU8jZxiIx20958XyO8mplQw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-Em2JF7kAG8z86GXLEmVN-29ssmfspfyGhVzisVULS66n2dGaP1V9j8atLVX_QLF-rwnGWDQlNEZNXHyFf49GyU1si658_1gtc_NbQP26ZQTdC0ww9KGo383AlvAc5Kdxz7tF5AOIXU3RdAb2oL0b869FNQqnn0pouotKHww_OLLFabz534Ja-_kbyGm9boabrtQdl-3IChVuwUt4xjEuUvZrAuMLBerLpy8NEJD2hb2RYiHTu4-x-SG_mq5zRIEghVQaPxCPQijxoYaV764LSyft3-iV8EO7y6cTWmE4WEbtidaG-Ywvef_o6-ysjZpJHuCPCLl6uRQ3eG76qX5b05Iq1LkX5gx6TvhUARexGehQ8z9VqVOqrpXyzcaYNW60JCzik9egwVfCU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfXJDa-TpYvaYMe-k9u8P94WG-A_JntKxXPXalvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ1U99zWw6xPqgDAaoE8QFP0KultPC5yhQyMqU3-dMSMKtQK0XUA5HT3E8v4wZcrjf7xl0pJcy6MsEw3FilyMS3y8kA3reECVY2sdr1GHCX4bOF3lV7s3SYTDyKoB3YV8vOgDuZCW0JttfBaaGpM40FaOdA65VorSRnpWvHv0F2kozJVJsG5WfRk-DVyYEXHNQrNn5uTIi5Mxj0HBq1guwwWkC4mJQX11BQbHCg5AmnMB1mz3ySJJ6iXDfaVAmrc9oXLjjEiGUegb_lubephG3KjJqLk2Ed_h8VcCjB17bxJ9c4WAttBmp8Xih_ysG3SYFMb0Ojjv9Cfb-VLmhZ2U75gAaeoLeMwZmgsm6gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3DaoepKe97xl6MMSpE1oAnEgfSPA%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 29 Jul 2023 02:58:52 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/5JGZgxkKwe0uOXDdUvSaNtk_/ Frame B2D4
381 KB
151 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/5JGZgxkKwe0uOXDdUvSaNtk_/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee16f3ddf9a9263254797764cbefb769d06e772345ccf658d13951a64318af34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.blogger.com/
Origin
https://www.blogger.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 21:03:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21337
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
154709
x-xss-protection
0
last-modified
Mon, 25 Jul 2022 04:02:22 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 02 Aug 2023 21:03:15 GMT
lgn.php
cat.fr.eu.criteo.com/delivery/ Frame AB08
43 B
347 B
Fetch
General
Full URL
https://cat.fr.eu.criteo.com/delivery/lgn.php?cppv=3&cpp=F5zIzC5f9Tv4It1Vt-rVQBMGTVIMHuG5W_3DE_rYgMW9TudUE7p2zjkYCVJunAvTPXjZHya2xBWvIUmPCc5ORu2UWPH5oT8M1CqWk1CwzrTRMJKOcYCFSKW7ag_LWsxUcoXrsdspAfr5SKM_csBSOTI1nH2UCJjoXkEBlFUS_EHjYFKbsOEkIZpmTzsjHrb-l-s4ulDpkcY13Pg9LTolOycoo4Fk4IZjN_luWsIQT3d0UHOwMHNzUfsRf396vgAcJ1JVygWqsWD7p4kMDpqkcMXUF6wk5C8MuaTm_ODKTmW5DQ2O0tYCjNfl289g4xyHLFGOq1rsntsGj4aHx12RrWuMUmq-t82xbrMrzKWpD2wCU3ivPPAquhRzOYXvH7wxfcmTX08oLVAtNIHjel-4DHe2mFC3-IPQKtwffgvPfOVQEG4fGDmji_zRarn8d1ve6cSSN3KOqnbC8YPtAHVC8T5HuSA&z=YunkawAMg_cIu_BsAAJ0DseGPQhxWwqxQjgCvA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2284510269158892&output=html&h=352&slotname=6655585604&adk=1606311184&adf=2466936919&pi=t.ma~as.6655585604&w=588&cr_col=4&cr_row=2&fwrn=2&lmt=1659493775&rafmt=9&psa=0&format=588x352&url=https%3A%2F%2Fspeakdoor.blogspot.com%2F2021%2F05%2Fmypaint.html&host=ca-host-pub-1556223355139109&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659495531400&bpp=1&bdt=277&idt=391&shv=r20220728&mjsv=m202207280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C588x280%2C588x280&nras=1&correlator=2793839140486&frm=20&pv=1&ga_vid=1415982526.1659495532&ga_sid=1659495532&ga_hid=1944273415&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=2125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531607%2C44769661&oid=2&pvsid=4218468948237186&tmod=440477505&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=DMG7eA7igE&p=https%3A//speakdoor.blogspot.com&dtd=393
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Aug 2022 02:58:52 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2856017
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
notify
rtb.fr.eu.criteo.com/google/auction/ Frame AB08
0
0
Fetch
General
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kOb8EIrGMAAAnYNiAgIAAACsDLLoIxfFFhBr5Oli5kRoGNebVqne0ysAEgMB&wp=YunkawAMg_cIu_BsAAJ0DseGPQhxWwqxQjgCvA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2284510269158892&output=html&h=352&slotname=6655585604&adk=1606311184&adf=2466936919&pi=t.ma~as.6655585604&w=588&cr_col=4&cr_row=2&fwrn=2&lmt=1659493775&rafmt=9&psa=0&format=588x352&url=https%3A%2F%2Fspeakdoor.blogspot.com%2F2021%2F05%2Fmypaint.html&host=ca-host-pub-1556223355139109&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659495531400&bpp=1&bdt=277&idt=391&shv=r20220728&mjsv=m202207280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C588x280%2C588x280&nras=1&correlator=2793839140486&frm=20&pv=1&ga_vid=1415982526.1659495532&ga_sid=1659495532&ga_hid=1944273415&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=2125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531607%2C44769661&oid=2&pvsid=4218468948237186&tmod=440477505&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=DMG7eA7igE&p=https%3A//speakdoor.blogspot.com&dtd=393
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:51 GMT
server
Kestrel
server-processing-duration-in-ticks
246523
content-length
0
strict-transport-security
max-age=31536000; preload;
adview
googleads.g.doubleclick.net/pagead/ Frame AB08
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CkAAKa-TpYveHMuzg7_UPjuiJoAbJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ7M9XT6Q2xPqgDAaoE7gFP0KZTkE3q6XXJMesVjgEjdNzR1xtUy-CXtvEZ-WPOzuIOaheESLlYSyqL1lY0s8THtfgwi-rovvJIdqqoS_5S_h_Shk5xmrUnJX8s2fPFHKhM8hQUVKTN5hFG9cMXT0bz8Gsz-7oGZC6HtQ2ZUzx4bQf-n795lDra77zBJzfXALRzYukcIRH5paGuyd1aKumCm0JDDQkxnT3SZh6Oj4nWHENiNsQ0N7-as5vNhH9iCo0kDDcT4ABEm7toOwKautIKoV_EAFBkIYs1PF84fOw7QxfgjEqr9qTdcpqeYie3AaDIvXD5VO9ZL_3kLLKUgAbwg7GHruPk3SKgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTIyODQ1MTAyNjkxNTg4OTIYAA&sigh=rm1GMouwudU&uach_m=[UACH]&cid=CAQSGwCsnQUxAi8Qpca_Eh9RGywn4ok9IeChgjZdihgB&vt=10
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2284510269158892&output=html&h=352&slotname=6655585604&adk=1606311184&adf=2466936919&pi=t.ma~as.6655585604&w=588&cr_col=4&cr_row=2&fwrn=2&lmt=1659493775&rafmt=9&psa=0&format=588x352&url=https%3A%2F%2Fspeakdoor.blogspot.com%2F2021%2F05%2Fmypaint.html&host=ca-host-pub-1556223355139109&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659495531400&bpp=1&bdt=277&idt=391&shv=r20220728&mjsv=m202207280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C588x280%2C588x280&nras=1&correlator=2793839140486&frm=20&pv=1&ga_vid=1415982526.1659495532&ga_sid=1659495532&ga_hid=1944273415&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=2125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531607%2C44769661&oid=2&pvsid=4218468948237186&tmod=440477505&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=DMG7eA7igE&p=https%3A//speakdoor.blogspot.com&dtd=393
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2284510269158892&output=html&h=352&slotname=6655585604&adk=1606311184&adf=2466936919&pi=t.ma~as.6655585604&w=588&cr_col=4&cr_row=2&fwrn=2&lmt=1659493775&rafmt=9&psa=0&format=588x352&url=https%3A%2F%2Fspeakdoor.blogspot.com%2F2021%2F05%2Fmypaint.html&host=ca-host-pub-1556223355139109&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659495531400&bpp=1&bdt=277&idt=391&shv=r20220728&mjsv=m202207280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C588x280%2C588x280&nras=1&correlator=2793839140486&frm=20&pv=1&ga_vid=1415982526.1659495532&ga_sid=1659495532&ga_hid=1944273415&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=2125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531607%2C44769661&oid=2&pvsid=4218468948237186&tmod=440477505&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=DMG7eA7igE&p=https%3A//speakdoor.blogspot.com&dtd=393
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 03 Aug 2022 02:58:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame AB08
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CM5Dta-TpYveHMuzg7_UPjuiJoAbJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ7M9XT6Q2xPqgDAcgDAqoE7gFP0KZTkE3q6XXJMesVjgEjdNzR1xtUy-CXtvEZ-WPOzuIOaheESLlYSyqL1lY0s8THtfgwi-rovvJIdqqoS_5S_h_Shk5xmrUnJX8s2fPFHKhM8hQUVKTN5hFG9cMXT0bz8Gsz-7oGZC6HtQ2ZUzx4bQf-n795lDra77zBJzfXALRzYukcIRH5paGuyd1aKumCm0JDDQkxnT3SZh6Oj4nWHENiNsQ0N7-as5vNhH9iCo0kDDcT4ABEm7toOwKautIKoV_EAFBkIYs1PF84fOw7QxfgjEqr9qTdcpqeYie3AaDIvXD5VO9ZL_3kLLKUgAbwg7GHruPk3SKgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTIyODQ1MTAyNjkxNTg4OTIYAA&sigh=Xx4wPNxElwU&uach_m=[UACH]&cid=CAQSGwCsnQUxAi8Qpca_Eh9RGywn4ok9IeChgjZdihgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2284510269158892&output=html&h=352&slotname=6655585604&adk=1606311184&adf=2466936919&pi=t.ma~as.6655585604&w=588&cr_col=4&cr_row=2&fwrn=2&lmt=1659493775&rafmt=9&psa=0&format=588x352&url=https%3A%2F%2Fspeakdoor.blogspot.com%2F2021%2F05%2Fmypaint.html&host=ca-host-pub-1556223355139109&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659495531400&bpp=1&bdt=277&idt=391&shv=r20220728&mjsv=m202207280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C588x280%2C588x280&nras=1&correlator=2793839140486&frm=20&pv=1&ga_vid=1415982526.1659495532&ga_sid=1659495532&ga_hid=1944273415&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=2125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531607%2C44769661&oid=2&pvsid=4218468948237186&tmod=440477505&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=DMG7eA7igE&p=https%3A//speakdoor.blogspot.com&dtd=393
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2284510269158892&output=html&h=352&slotname=6655585604&adk=1606311184&adf=2466936919&pi=t.ma~as.6655585604&w=588&cr_col=4&cr_row=2&fwrn=2&lmt=1659493775&rafmt=9&psa=0&format=588x352&url=https%3A%2F%2Fspeakdoor.blogspot.com%2F2021%2F05%2Fmypaint.html&host=ca-host-pub-1556223355139109&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659495531400&bpp=1&bdt=277&idt=391&shv=r20220728&mjsv=m202207280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C588x280%2C588x280&nras=1&correlator=2793839140486&frm=20&pv=1&ga_vid=1415982526.1659495532&ga_sid=1659495532&ga_hid=1944273415&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=2125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531607%2C44769661&oid=2&pvsid=4218468948237186&tmod=440477505&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=DMG7eA7igE&p=https%3A//speakdoor.blogspot.com&dtd=393
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 03 Aug 2022 02:58:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
truncated
/ Frame AB08
210 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d169914045934d7c4fb847ab9fc924865d2dc3f776d9a2dbb27d889b47530a72

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/png
img
pix.eu.criteo.net/img/ Frame 210E
7 KB
7 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?h=556&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F79f2c646e3f74b54931cff1f39d769d0_blue.png&v=3&w=196&s=nkm37OBN4xyh5x9UPHeLVYZl
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawALVmcIu-WTAAJ55SNfpvOurZVgviooRg&u=%7CPcGAtcajvHPHlPb2UcmyndfF4v3nimGRG7Aqw%2BnV8l8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-EmSBxF9gVT5n1MXNKzDdgZj0YA9-KFVsubJ8ETM2ZS1JSHu-xkc1vdtSyaueNzr69KpbsnxWtt3aP2RtSz_85tcohTt9MA4pDFO068EMt8BKXEA4aAzOLSC70s8qpltRCopz7JZIny7Y5wCge_9Gk8i7SdMWQ8FPz2haBqC6WAVnXyxuMAVOm6ue6p74CuAo2ijY5cCt8JN80XIBkqrKWMTMRbK68ejmSwP-mJwDljnCjSgNhLepZAoP-xkbqtYlwI5XYFSt91Ou4hdPrN5TxY_IKGI6yG1nonOEMgJsCp7dt40OSlVC1WgZG2587eNW1sFwlJfVa7CJSTfOD2H2cM3a-gLuVXchA3r7qabEkX5f_tch-kQsZV19fTrdzTHNyd7IyKNdcym-RpWvdpLxZcAtAj28kjwlS5&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCytnPa-TpYuesLZPL7_UP5fOJyA3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ7M9XT6Q2xPqgDAaoE7AFP0F0fQPcR5RJb0NKNRzAvjYwAe7wKpZUQcnQftbUK99-eJhhnpn6ltNAqfk2-BakdV_OclIh9DSixtSW8G_cBEP2VwstCmEkC22xGX7nfwN_A_HZFXW5XihwHRXeiGszqw8rsxGA86TdwpT4hq9OSc011k96trKUwJcvFHS03lQOouE6cT6HyHOoE3sUZwcQqYOHGvmgO36AEPN_HiAJzBN2Mv9PArauUf9-P6QaX2iST1tDZ8RnzDScRe8gce0XerF23fTI7mVCZpqBUxg26A9YMZ7c0qFYM7C50d8akEjH_qRJVeafGG-tEe4AGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1pj0x13NEUlCCZNvBgB5e5bYP1lQ%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
bfcd7a262745ac2a8520d46dbe261c5db424c001970e9ebe83c440bfb48454f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29052289
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
6722
expires
Wed, 05 Jul 2023 09:03:42 GMT
screenshots.png
www.libreoffice.org/themes/libreofficenew/img/
202 KB
202 KB
Image
General
Full URL
https://www.libreoffice.org/themes/libreofficenew/img/screenshots.png
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a00:1828:a012:168::1 , Germany, ASN34240 (MANITU, DE),
Reverse DNS
Software
nginx/1.10.3 /
Resource Hash
d8a6f5b2f6b0a036dd8f45469c1e67144167dbb72c5bf2bc9ae42671f7dd4c21
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
last-modified
Fri, 05 Feb 2021 13:13:47 GMT
server
nginx/1.10.3
etag
"601d448b-326e9"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=1209600
content-security-policy
frame-ancestors 'self'
accept-ranges
bytes
content-length
206569
expires
Wed, 17 Aug 2022 02:58:52 GMT
lo52-writer-01.png
www.libreoffice.org/assets/Uploads/Discover/LO52-Screenshots/
129 KB
129 KB
Image
General
Full URL
https://www.libreoffice.org/assets/Uploads/Discover/LO52-Screenshots/lo52-writer-01.png
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a00:1828:a012:168::1 , Germany, ASN34240 (MANITU, DE),
Reverse DNS
Software
nginx/1.10.3 /
Resource Hash
fe756fda126ce5fbc429e07ffb9a25cb339816c4dfcb4b089922dfb877391d24
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
last-modified
Wed, 03 Aug 2016 09:15:52 GMT
server
nginx/1.10.3
etag
"57a1b648-203d0"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=1209600
content-security-policy
frame-ancestors 'self'
accept-ranges
bytes
content-length
132048
expires
Wed, 17 Aug 2022 02:58:52 GMT
dlp-button.png
www.libreoffice.org/assets/Uploads/dlp/images/
22 KB
22 KB
Image
General
Full URL
https://www.libreoffice.org/assets/Uploads/dlp/images/dlp-button.png
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a00:1828:a012:168::1 , Germany, ASN34240 (MANITU, DE),
Reverse DNS
Software
nginx/1.10.3 /
Resource Hash
daf34e90a5a60fff8fd3adbf8e765943cc8b32805921647e91ab402e49708d4d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
last-modified
Mon, 21 Nov 2016 13:18:30 GMT
server
nginx/1.10.3
etag
"5832f426-58d1"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=1209600
content-security-policy
frame-ancestors 'self'
accept-ranges
bytes
content-length
22737
expires
Wed, 17 Aug 2022 02:58:52 GMT
ANbyha3Ua0fzHgowk5Oq2C5qTD8e9gj3rSzdr7_wBXjB9Iw69bSIRiSZefoafnZdAkC7T4jxcQu7q9IcguBLtwpbzbzFBV2R0sd_VFvLCliQULsoPGkYcI1lW4Ophs5d2nyILOw5=w72-h72-p-k-no-nu
lh3.googleusercontent.com/blogger_img_proxy/
0
0
Image
General
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/ANbyha3Ua0fzHgowk5Oq2C5qTD8e9gj3rSzdr7_wBXjB9Iw69bSIRiSZefoafnZdAkC7T4jxcQu7q9IcguBLtwpbzbzFBV2R0sd_VFvLCliQULsoPGkYcI1lW4Ophs5d2nyILOw5=w72-h72-p-k-no-nu
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

img
pix.eu.criteo.net/img/ Frame DE5B
7 KB
7 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?h=556&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F79f2c646e3f74b54931cff1f39d769d0_blue.png&v=3&w=196&s=nkm37OBN4xyh5x9UPHeLVYZl
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAL7rsH_YuJAAje5IgFp06GvEgKDiclow&u=%7CPcGAtcajvHO0ANmpo881aJ3jiaqrA5SOsPafE6vvrWo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-Em2JF7kAG8z86GXLEmVN-29o0JqLNUc-JiAckm9GsDG4wavTlTTCXlwAUgpELson0EH0bvtLj2Xw7LuOdyFv1jKvYfBgEv-H7pX7LVs1RouGindVCSYP0ev6FPYCPF_qQzhlutXktRyaeSeznNz1jj66izBj3AKdjgg09sSe68lhXlILWM8wZk62f6qMWiBfpXP6W1qL2KZtl3kw1cpXHk9apjIYEby6GYThApiOJIQk5yZYI9Wllry0--jhAZQdugHDeotZ0QQ5Ceca6xaKwBnQ5epX8dNrZThUiJ3ncGM83uz0Po6YLhcQVFjV0bXDXsfMMyfmOAVGQ0riYSjhouw4wJpwNMvmRnzj7YQXHe_9mJ6CA3N9PT-i0TlKNx-sW6r1BnE1w3-iuxL1Ly2_EEjg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgYP3a-TpYrvdL4mX9u8P5L2j6AvJntKxXMWymPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ1U99zWw6xPqgDAcgDAqoE7AFP0NUFJfelGsRwfl1_3u-FNITxSHGNV0-edjYnoqFebCw3Wx8hIVl401hU8TGc2-PV9YvaVc29CplWcEBzKqk2K5cK7EMMc1InoFx66T5dXP1xwMl-57KJJEBENy2JQ7Hjts51ObKA7Lnsv9NVtSgDS3aFE1DmLD_f2FxLqMpJiSKTF2g5vh4fhxugdOS8ndf8DL3dTRYtbIETcIr-f9BcbWgftyOXOBD11Of-OR_T5zWwUbHUFHMdwJERB1UhrnFrsoM2UsOwZiWEsLPcgdykFfOdQdzKEyI8qHypZ9O58-NiSPVEpU30iGHEyoAGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0j4KqIk7RLVJsLTnxwK5xyCt79hw%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
bfcd7a262745ac2a8520d46dbe261c5db424c001970e9ebe83c440bfb48454f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:51 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29052289
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
6722
expires
Wed, 05 Jul 2023 09:03:42 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 1F12
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAK85QH_YFIAAWQn8gq7HM3HqJvduWHmQ&u=%7CPcGAtcajvHPFLl9ZX%2BtSdoT1aVRby0QxXaCnjV%2BJAOY%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-EmeEBKDJIlZExN5DTY5nQePSLhPFm1S_J63JJCCtFmg6yo0P9kgGOr3Gk9jK_dEK6UjOqyoRh7PrM9WL2tCezjYT6DeNI1Xitg8hAK4xl_QH4YVd-oLQGME2Se8q3aRAHD5qQFwvGb0yJ3V--47RAbnIAzBXqKo-NjDrcXCsS-pfkYVxdXfhju6FQgrVMPuNEd5TGdut2rb8XNhK9pawL9OYboHJUVdZGVDTiebYtkrchzqaTb-BUsuzq3KMzfZa_xl4pH1YYjlnuWWMjeenDCHEwMSn7vizQg5nHC3jvG2M4avVKDD4hbRw1RsbXZhOxKMM7wZS8REWtB7A0sSLd_m7a1RkBldL7fx59v1bUlZOHUQgdn-lqRALFTIamNN6KL&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCitWNa-TpYpTnK8iC9u8Pn6GW-A3JntKxXKX8k_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTLIAQmpAnsz1dPpDbE-qAMBqgTtAU_Qr_lCYk7IwTAsMWJBQvtEGaApgHzLLL8HmbidYDIwr1KG1CWZjcBV44yxckdodafOWOMd_HRKmISfVj_ZvBrx27bjU14BxWvGq31qAfPPi901VDFqs8bTiJtDZ97bWj_WvdXxRAQCto6N-jce3sSnd1c5bA2pyBhTk_CMK1yn95RBqPAgD701NXEHNd4ZRsPdqr0N2yEd-covAMx76MdtXMMQtoLnSRwwjCDuEqDBm8QgCd_cuy_jvfl3BUyZm-FDm6thmNhBGYbFje5tfTby-LT2V-znuLJdAPeJeU2cb_WeyQH7JTCbZULFYYAGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_09OgULVkQrnQvEtkCGoqNs89iIQQ%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 29 Jul 2023 02:58:52 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 1F12
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAK85QH_YFIAAWQn8gq7HM3HqJvduWHmQ&u=%7CPcGAtcajvHPFLl9ZX%2BtSdoT1aVRby0QxXaCnjV%2BJAOY%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-EmeEBKDJIlZExN5DTY5nQePSLhPFm1S_J63JJCCtFmg6yo0P9kgGOr3Gk9jK_dEK6UjOqyoRh7PrM9WL2tCezjYT6DeNI1Xitg8hAK4xl_QH4YVd-oLQGME2Se8q3aRAHD5qQFwvGb0yJ3V--47RAbnIAzBXqKo-NjDrcXCsS-pfkYVxdXfhju6FQgrVMPuNEd5TGdut2rb8XNhK9pawL9OYboHJUVdZGVDTiebYtkrchzqaTb-BUsuzq3KMzfZa_xl4pH1YYjlnuWWMjeenDCHEwMSn7vizQg5nHC3jvG2M4avVKDD4hbRw1RsbXZhOxKMM7wZS8REWtB7A0sSLd_m7a1RkBldL7fx59v1bUlZOHUQgdn-lqRALFTIamNN6KL&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCitWNa-TpYpTnK8iC9u8Pn6GW-A3JntKxXKX8k_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTLIAQmpAnsz1dPpDbE-qAMBqgTtAU_Qr_lCYk7IwTAsMWJBQvtEGaApgHzLLL8HmbidYDIwr1KG1CWZjcBV44yxckdodafOWOMd_HRKmISfVj_ZvBrx27bjU14BxWvGq31qAfPPi901VDFqs8bTiJtDZ97bWj_WvdXxRAQCto6N-jce3sSnd1c5bA2pyBhTk_CMK1yn95RBqPAgD701NXEHNd4ZRsPdqr0N2yEd-covAMx76MdtXMMQtoLnSRwwjCDuEqDBm8QgCd_cuy_jvfl3BUyZm-FDm6thmNhBGYbFje5tfTby-LT2V-znuLJdAPeJeU2cb_WeyQH7JTCbZULFYYAGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_09OgULVkQrnQvEtkCGoqNs89iIQQ%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 29 Jul 2023 02:58:52 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 1F12
308 B
636 B
Image
General
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAK85QH_YFIAAWQn8gq7HM3HqJvduWHmQ&u=%7CPcGAtcajvHPFLl9ZX%2BtSdoT1aVRby0QxXaCnjV%2BJAOY%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-EmeEBKDJIlZExN5DTY5nQePSLhPFm1S_J63JJCCtFmg6yo0P9kgGOr3Gk9jK_dEK6UjOqyoRh7PrM9WL2tCezjYT6DeNI1Xitg8hAK4xl_QH4YVd-oLQGME2Se8q3aRAHD5qQFwvGb0yJ3V--47RAbnIAzBXqKo-NjDrcXCsS-pfkYVxdXfhju6FQgrVMPuNEd5TGdut2rb8XNhK9pawL9OYboHJUVdZGVDTiebYtkrchzqaTb-BUsuzq3KMzfZa_xl4pH1YYjlnuWWMjeenDCHEwMSn7vizQg5nHC3jvG2M4avVKDD4hbRw1RsbXZhOxKMM7wZS8REWtB7A0sSLd_m7a1RkBldL7fx59v1bUlZOHUQgdn-lqRALFTIamNN6KL&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCitWNa-TpYpTnK8iC9u8Pn6GW-A3JntKxXKX8k_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTLIAQmpAnsz1dPpDbE-qAMBqgTtAU_Qr_lCYk7IwTAsMWJBQvtEGaApgHzLLL8HmbidYDIwr1KG1CWZjcBV44yxckdodafOWOMd_HRKmISfVj_ZvBrx27bjU14BxWvGq31qAfPPi901VDFqs8bTiJtDZ97bWj_WvdXxRAQCto6N-jce3sSnd1c5bA2pyBhTk_CMK1yn95RBqPAgD701NXEHNd4ZRsPdqr0N2yEd-covAMx76MdtXMMQtoLnSRwwjCDuEqDBm8QgCd_cuy_jvfl3BUyZm-FDm6thmNhBGYbFje5tfTby-LT2V-znuLJdAPeJeU2cb_WeyQH7JTCbZULFYYAGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_09OgULVkQrnQvEtkCGoqNs89iIQQ%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sat, 29 Jul 2023 02:58:52 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 1F12
293 B
621 B
Image
General
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAK85QH_YFIAAWQn8gq7HM3HqJvduWHmQ&u=%7CPcGAtcajvHPFLl9ZX%2BtSdoT1aVRby0QxXaCnjV%2BJAOY%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-EmeEBKDJIlZExN5DTY5nQePSLhPFm1S_J63JJCCtFmg6yo0P9kgGOr3Gk9jK_dEK6UjOqyoRh7PrM9WL2tCezjYT6DeNI1Xitg8hAK4xl_QH4YVd-oLQGME2Se8q3aRAHD5qQFwvGb0yJ3V--47RAbnIAzBXqKo-NjDrcXCsS-pfkYVxdXfhju6FQgrVMPuNEd5TGdut2rb8XNhK9pawL9OYboHJUVdZGVDTiebYtkrchzqaTb-BUsuzq3KMzfZa_xl4pH1YYjlnuWWMjeenDCHEwMSn7vizQg5nHC3jvG2M4avVKDD4hbRw1RsbXZhOxKMM7wZS8REWtB7A0sSLd_m7a1RkBldL7fx59v1bUlZOHUQgdn-lqRALFTIamNN6KL&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCitWNa-TpYpTnK8iC9u8Pn6GW-A3JntKxXKX8k_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTLIAQmpAnsz1dPpDbE-qAMBqgTtAU_Qr_lCYk7IwTAsMWJBQvtEGaApgHzLLL8HmbidYDIwr1KG1CWZjcBV44yxckdodafOWOMd_HRKmISfVj_ZvBrx27bjU14BxWvGq31qAfPPi901VDFqs8bTiJtDZ97bWj_WvdXxRAQCto6N-jce3sSnd1c5bA2pyBhTk_CMK1yn95RBqPAgD701NXEHNd4ZRsPdqr0N2yEd-covAMx76MdtXMMQtoLnSRwwjCDuEqDBm8QgCd_cuy_jvfl3BUyZm-FDm6thmNhBGYbFje5tfTby-LT2V-znuLJdAPeJeU2cb_WeyQH7JTCbZULFYYAGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_09OgULVkQrnQvEtkCGoqNs89iIQQ%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sat, 29 Jul 2023 02:58:52 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame 1F12
43 B
347 B
Image
General
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=0CWxVPEQXosB4o_DSZQa_qdMyZ68b6KMmSG_ssghvkpqNSRwbnSQUp0jFyGXQnih2VVllFtiWKioXK0byh5QYB60oChQVK2xSneM2buot0oSGd6P-XhBk_wyOO1eMKaC-FKuWlpmqI5TMZzN28Fwd5ytxn7duKZlVxyvZV7G16E2okzoV_FGWGVxa17CTt_FzrQbF2nfYOYcCh7oE68r7Q5ezBcIPgkaUXdBHuEPfoadgQKtZchSjp4PfVEDL7rcon9eIXnXA7ZKzqSa-NClOyn5haxii7VC6A8GgkrkUpL5E-LcCLmSa0YYtZwxVqflEjixAzG0-VbZ6-YbKPqeXPnThhhuKD3Skf1yEj64tG06G6e2R5faiEGWqao0mcMyPD3HaJTdM7fBv-HPRtl11xDrg053aiJ-KHeSiKgHaWh5_r1NMjJw5_xsr4ejR6J4Lx9V_Q
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAK85QH_YFIAAWQn8gq7HM3HqJvduWHmQ&u=%7CPcGAtcajvHPFLl9ZX%2BtSdoT1aVRby0QxXaCnjV%2BJAOY%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-EmeEBKDJIlZExN5DTY5nQePSLhPFm1S_J63JJCCtFmg6yo0P9kgGOr3Gk9jK_dEK6UjOqyoRh7PrM9WL2tCezjYT6DeNI1Xitg8hAK4xl_QH4YVd-oLQGME2Se8q3aRAHD5qQFwvGb0yJ3V--47RAbnIAzBXqKo-NjDrcXCsS-pfkYVxdXfhju6FQgrVMPuNEd5TGdut2rb8XNhK9pawL9OYboHJUVdZGVDTiebYtkrchzqaTb-BUsuzq3KMzfZa_xl4pH1YYjlnuWWMjeenDCHEwMSn7vizQg5nHC3jvG2M4avVKDD4hbRw1RsbXZhOxKMM7wZS8REWtB7A0sSLd_m7a1RkBldL7fx59v1bUlZOHUQgdn-lqRALFTIamNN6KL&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCitWNa-TpYpTnK8iC9u8Pn6GW-A3JntKxXKX8k_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTLIAQmpAnsz1dPpDbE-qAMBqgTtAU_Qr_lCYk7IwTAsMWJBQvtEGaApgHzLLL8HmbidYDIwr1KG1CWZjcBV44yxckdodafOWOMd_HRKmISfVj_ZvBrx27bjU14BxWvGq31qAfPPi901VDFqs8bTiJtDZ97bWj_WvdXxRAQCto6N-jce3sSnd1c5bA2pyBhTk_CMK1yn95RBqPAgD701NXEHNd4ZRsPdqr0N2yEd-covAMx76MdtXMMQtoLnSRwwjCDuEqDBm8QgCd_cuy_jvfl3BUyZm-FDm6thmNhBGYbFje5tfTby-LT2V-znuLJdAPeJeU2cb_WeyQH7JTCbZULFYYAGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_09OgULVkQrnQvEtkCGoqNs89iIQQ%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Aug 2022 02:58:51 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3488039
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
m
secure-gl.imrworldwide.com/cgi-bin/ Frame 1F12
0
688 B
Image
General
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1659495532
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAK85QH_YFIAAWQn8gq7HM3HqJvduWHmQ&u=%7CPcGAtcajvHPFLl9ZX%2BtSdoT1aVRby0QxXaCnjV%2BJAOY%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-EmeEBKDJIlZExN5DTY5nQePSLhPFm1S_J63JJCCtFmg6yo0P9kgGOr3Gk9jK_dEK6UjOqyoRh7PrM9WL2tCezjYT6DeNI1Xitg8hAK4xl_QH4YVd-oLQGME2Se8q3aRAHD5qQFwvGb0yJ3V--47RAbnIAzBXqKo-NjDrcXCsS-pfkYVxdXfhju6FQgrVMPuNEd5TGdut2rb8XNhK9pawL9OYboHJUVdZGVDTiebYtkrchzqaTb-BUsuzq3KMzfZa_xl4pH1YYjlnuWWMjeenDCHEwMSn7vizQg5nHC3jvG2M4avVKDD4hbRw1RsbXZhOxKMM7wZS8REWtB7A0sSLd_m7a1RkBldL7fx59v1bUlZOHUQgdn-lqRALFTIamNN6KL&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCitWNa-TpYpTnK8iC9u8Pn6GW-A3JntKxXKX8k_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTLIAQmpAnsz1dPpDbE-qAMBqgTtAU_Qr_lCYk7IwTAsMWJBQvtEGaApgHzLLL8HmbidYDIwr1KG1CWZjcBV44yxckdodafOWOMd_HRKmISfVj_ZvBrx27bjU14BxWvGq31qAfPPi901VDFqs8bTiJtDZ97bWj_WvdXxRAQCto6N-jce3sSnd1c5bA2pyBhTk_CMK1yn95RBqPAgD701NXEHNd4ZRsPdqr0N2yEd-covAMx76MdtXMMQtoLnSRwwjCDuEqDBm8QgCd_cuy_jvfl3BUyZm-FDm6thmNhBGYbFje5tfTby-LT2V-znuLJdAPeJeU2cb_WeyQH7JTCbZULFYYAGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_09OgULVkQrnQvEtkCGoqNs89iIQQ%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:5e00:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Aug 2022 02:58:52 GMT
via
1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA56-C1
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
x-cache
Miss from cloudfront
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length
0
x-amz-cf-id
P4Pk4GrgFlPyZd_N2lQQa95U2_BKC0sngrqp1Oe5NaGwoPdvGOsFfA==
expires
Thu, 01 Dec 1994 16:00:00 GMT
img
pix.eu.criteo.net/img/ Frame D3B4
7 KB
7 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?h=556&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F79f2c646e3f74b54931cff1f39d769d0_blue.png&v=3&w=196&s=nkm37OBN4xyh5x9UPHeLVYZl
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAMTHYH_ZJvAAGC92w4eK7GZS48co8Liw&u=%7CPcGAtcajvHPNj%2B6rggXbeU8jZxiIx20958XyO8mplQw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-Em2JF7kAG8z86GXLEmVN-29ssmfspfyGhVzisVULS66n2dGaP1V9j8atLVX_QLF-rwnGWDQlNEZNXHyFf49GyU1si658_1gtc_NbQP26ZQTdC0ww9KGo383AlvAc5Kdxz7tF5AOIXU3RdAb2oL0b869FNQqnn0pouotKHww_OLLFabz534Ja-_kbyGm9boabrtQdl-3IChVuwUt4xjEuUvZrAuMLBerLpy8NEJD2hb2RYiHTu4-x-SG_mq5zRIEghVQaPxCPQijxoYaV764LSyft3-iV8EO7y6cTWmE4WEbtidaG-Ywvef_o6-ysjZpJHuCPCLl6uRQ3eG76qX5b05Iq1LkX5gx6TvhUARexGehQ8z9VqVOqrpXyzcaYNW60JCzik9egwVfCU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfXJDa-TpYvaYMe-k9u8P94WG-A_JntKxXPXalvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ1U99zWw6xPqgDAaoE8QFP0KultPC5yhQyMqU3-dMSMKtQK0XUA5HT3E8v4wZcrjf7xl0pJcy6MsEw3FilyMS3y8kA3reECVY2sdr1GHCX4bOF3lV7s3SYTDyKoB3YV8vOgDuZCW0JttfBaaGpM40FaOdA65VorSRnpWvHv0F2kozJVJsG5WfRk-DVyYEXHNQrNn5uTIi5Mxj0HBq1guwwWkC4mJQX11BQbHCg5AmnMB1mz3ySJJ6iXDfaVAmrc9oXLjjEiGUegb_lubephG3KjJqLk2Ed_h8VcCjB17bxJ9c4WAttBmp8Xih_ysG3SYFMb0Ojjv9Cfb-VLmhZ2U75gAaeoLeMwZmgsm6gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3DaoepKe97xl6MMSpE1oAnEgfSPA%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
bfcd7a262745ac2a8520d46dbe261c5db424c001970e9ebe83c440bfb48454f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:51 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29052289
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
6722
expires
Wed, 05 Jul 2023 09:03:42 GMT
truncated
/ Frame E2DE
217 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6cc31ffbfbcc139080ae8b9525e184111a7c2bed2e40aef76e1e996fb0339208

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/png
animejs.js
static.criteo.net/animejs/ Frame 1F12
12 KB
6 KB
Script
General
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAK85QH_YFIAAWQn8gq7HM3HqJvduWHmQ&u=%7CPcGAtcajvHPFLl9ZX%2BtSdoT1aVRby0QxXaCnjV%2BJAOY%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-EmeEBKDJIlZExN5DTY5nQePSLhPFm1S_J63JJCCtFmg6yo0P9kgGOr3Gk9jK_dEK6UjOqyoRh7PrM9WL2tCezjYT6DeNI1Xitg8hAK4xl_QH4YVd-oLQGME2Se8q3aRAHD5qQFwvGb0yJ3V--47RAbnIAzBXqKo-NjDrcXCsS-pfkYVxdXfhju6FQgrVMPuNEd5TGdut2rb8XNhK9pawL9OYboHJUVdZGVDTiebYtkrchzqaTb-BUsuzq3KMzfZa_xl4pH1YYjlnuWWMjeenDCHEwMSn7vizQg5nHC3jvG2M4avVKDD4hbRw1RsbXZhOxKMM7wZS8REWtB7A0sSLd_m7a1RkBldL7fx59v1bUlZOHUQgdn-lqRALFTIamNN6KL&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCitWNa-TpYpTnK8iC9u8Pn6GW-A3JntKxXKX8k_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTLIAQmpAnsz1dPpDbE-qAMBqgTtAU_Qr_lCYk7IwTAsMWJBQvtEGaApgHzLLL8HmbidYDIwr1KG1CWZjcBV44yxckdodafOWOMd_HRKmISfVj_ZvBrx27bjU14BxWvGq31qAfPPi901VDFqs8bTiJtDZ97bWj_WvdXxRAQCto6N-jce3sSnd1c5bA2pyBhTk_CMK1yn95RBqPAgD701NXEHNd4ZRsPdqr0N2yEd-covAMx76MdtXMMQtoLnSRwwjCDuEqDBm8QgCd_cuy_jvfl3BUyZm-FDm6thmNhBGYbFje5tfTby-LT2V-znuLJdAPeJeU2cb_WeyQH7JTCbZULFYYAGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_09OgULVkQrnQvEtkCGoqNs89iIQQ%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 29 Jul 2023 02:58:52 GMT
img
pix.eu.criteo.net/img/ Frame 1F12
966 B
1 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F0%2FlogoEnterprise-Autovermietung-Deutschland-GmbH-153745DE.gif%3Feb%3D1&v=3&w=800&s=U5H84uopB27cQLx8WSpo245D&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAK85QH_YFIAAWQn8gq7HM3HqJvduWHmQ&u=%7CPcGAtcajvHPFLl9ZX%2BtSdoT1aVRby0QxXaCnjV%2BJAOY%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-EmeEBKDJIlZExN5DTY5nQePSLhPFm1S_J63JJCCtFmg6yo0P9kgGOr3Gk9jK_dEK6UjOqyoRh7PrM9WL2tCezjYT6DeNI1Xitg8hAK4xl_QH4YVd-oLQGME2Se8q3aRAHD5qQFwvGb0yJ3V--47RAbnIAzBXqKo-NjDrcXCsS-pfkYVxdXfhju6FQgrVMPuNEd5TGdut2rb8XNhK9pawL9OYboHJUVdZGVDTiebYtkrchzqaTb-BUsuzq3KMzfZa_xl4pH1YYjlnuWWMjeenDCHEwMSn7vizQg5nHC3jvG2M4avVKDD4hbRw1RsbXZhOxKMM7wZS8REWtB7A0sSLd_m7a1RkBldL7fx59v1bUlZOHUQgdn-lqRALFTIamNN6KL&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCitWNa-TpYpTnK8iC9u8Pn6GW-A3JntKxXKX8k_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTLIAQmpAnsz1dPpDbE-qAMBqgTtAU_Qr_lCYk7IwTAsMWJBQvtEGaApgHzLLL8HmbidYDIwr1KG1CWZjcBV44yxckdodafOWOMd_HRKmISfVj_ZvBrx27bjU14BxWvGq31qAfPPi901VDFqs8bTiJtDZ97bWj_WvdXxRAQCto6N-jce3sSnd1c5bA2pyBhTk_CMK1yn95RBqPAgD701NXEHNd4ZRsPdqr0N2yEd-covAMx76MdtXMMQtoLnSRwwjCDuEqDBm8QgCd_cuy_jvfl3BUyZm-FDm6thmNhBGYbFje5tfTby-LT2V-znuLJdAPeJeU2cb_WeyQH7JTCbZULFYYAGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_09OgULVkQrnQvEtkCGoqNs89iIQQ%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
81b3a0e1a674b19b86930db69495ebf54f462859737be1bae1ccb8ddf472d540
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=369983
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
966
expires
Sun, 07 Aug 2022 09:45:16 GMT
img
pix.eu.criteo.net/img/ Frame 1F12
2 KB
2 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FC%2FlogoFraGround-Fraport-Ground-Services-GmbH-222375DE.gif%3Feb%3D1&v=3&w=800&s=p7imNlwxxrodxxqEMEPxBMSf&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAK85QH_YFIAAWQn8gq7HM3HqJvduWHmQ&u=%7CPcGAtcajvHPFLl9ZX%2BtSdoT1aVRby0QxXaCnjV%2BJAOY%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-EmeEBKDJIlZExN5DTY5nQePSLhPFm1S_J63JJCCtFmg6yo0P9kgGOr3Gk9jK_dEK6UjOqyoRh7PrM9WL2tCezjYT6DeNI1Xitg8hAK4xl_QH4YVd-oLQGME2Se8q3aRAHD5qQFwvGb0yJ3V--47RAbnIAzBXqKo-NjDrcXCsS-pfkYVxdXfhju6FQgrVMPuNEd5TGdut2rb8XNhK9pawL9OYboHJUVdZGVDTiebYtkrchzqaTb-BUsuzq3KMzfZa_xl4pH1YYjlnuWWMjeenDCHEwMSn7vizQg5nHC3jvG2M4avVKDD4hbRw1RsbXZhOxKMM7wZS8REWtB7A0sSLd_m7a1RkBldL7fx59v1bUlZOHUQgdn-lqRALFTIamNN6KL&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCitWNa-TpYpTnK8iC9u8Pn6GW-A3JntKxXKX8k_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTLIAQmpAnsz1dPpDbE-qAMBqgTtAU_Qr_lCYk7IwTAsMWJBQvtEGaApgHzLLL8HmbidYDIwr1KG1CWZjcBV44yxckdodafOWOMd_HRKmISfVj_ZvBrx27bjU14BxWvGq31qAfPPi901VDFqs8bTiJtDZ97bWj_WvdXxRAQCto6N-jce3sSnd1c5bA2pyBhTk_CMK1yn95RBqPAgD701NXEHNd4ZRsPdqr0N2yEd-covAMx76MdtXMMQtoLnSRwwjCDuEqDBm8QgCd_cuy_jvfl3BUyZm-FDm6thmNhBGYbFje5tfTby-LT2V-znuLJdAPeJeU2cb_WeyQH7JTCbZULFYYAGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_09OgULVkQrnQvEtkCGoqNs89iIQQ%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
5aeca3b44d1a071a3a4271a080470f383d077f1c0d1298845266e690449e6607
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=879327
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1960
expires
Sat, 13 Aug 2022 07:14:20 GMT
img
pix.eu.criteo.net/img/ Frame 1F12
1 KB
1 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoBKA_Bundeskriminalamt_4558DE.gif%3Feb%3D1&v=3&w=800&s=DI0SONUVXrdIf4n2KRU4NSEh&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAK85QH_YFIAAWQn8gq7HM3HqJvduWHmQ&u=%7CPcGAtcajvHPFLl9ZX%2BtSdoT1aVRby0QxXaCnjV%2BJAOY%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-EmeEBKDJIlZExN5DTY5nQePSLhPFm1S_J63JJCCtFmg6yo0P9kgGOr3Gk9jK_dEK6UjOqyoRh7PrM9WL2tCezjYT6DeNI1Xitg8hAK4xl_QH4YVd-oLQGME2Se8q3aRAHD5qQFwvGb0yJ3V--47RAbnIAzBXqKo-NjDrcXCsS-pfkYVxdXfhju6FQgrVMPuNEd5TGdut2rb8XNhK9pawL9OYboHJUVdZGVDTiebYtkrchzqaTb-BUsuzq3KMzfZa_xl4pH1YYjlnuWWMjeenDCHEwMSn7vizQg5nHC3jvG2M4avVKDD4hbRw1RsbXZhOxKMM7wZS8REWtB7A0sSLd_m7a1RkBldL7fx59v1bUlZOHUQgdn-lqRALFTIamNN6KL&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCitWNa-TpYpTnK8iC9u8Pn6GW-A3JntKxXKX8k_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTLIAQmpAnsz1dPpDbE-qAMBqgTtAU_Qr_lCYk7IwTAsMWJBQvtEGaApgHzLLL8HmbidYDIwr1KG1CWZjcBV44yxckdodafOWOMd_HRKmISfVj_ZvBrx27bjU14BxWvGq31qAfPPi901VDFqs8bTiJtDZ97bWj_WvdXxRAQCto6N-jce3sSnd1c5bA2pyBhTk_CMK1yn95RBqPAgD701NXEHNd4ZRsPdqr0N2yEd-covAMx76MdtXMMQtoLnSRwwjCDuEqDBm8QgCd_cuy_jvfl3BUyZm-FDm6thmNhBGYbFje5tfTby-LT2V-znuLJdAPeJeU2cb_WeyQH7JTCbZULFYYAGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_09OgULVkQrnQvEtkCGoqNs89iIQQ%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e4b58a351151e4da3ebfac8c923fc7c19c7bbbd6696d716a2f3465bf869f1138
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=179433
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1266
expires
Fri, 05 Aug 2022 04:49:26 GMT
img
pix.eu.criteo.net/img/ Frame 1F12
2 KB
2 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F6%2FlogoBosch-Gruppe-2804DE-1909091413.gif%3Feb%3D1&v=3&w=800&s=HYbmSDVtbe5wAnm1TH3AhaIB&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAK85QH_YFIAAWQn8gq7HM3HqJvduWHmQ&u=%7CPcGAtcajvHPFLl9ZX%2BtSdoT1aVRby0QxXaCnjV%2BJAOY%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-EmeEBKDJIlZExN5DTY5nQePSLhPFm1S_J63JJCCtFmg6yo0P9kgGOr3Gk9jK_dEK6UjOqyoRh7PrM9WL2tCezjYT6DeNI1Xitg8hAK4xl_QH4YVd-oLQGME2Se8q3aRAHD5qQFwvGb0yJ3V--47RAbnIAzBXqKo-NjDrcXCsS-pfkYVxdXfhju6FQgrVMPuNEd5TGdut2rb8XNhK9pawL9OYboHJUVdZGVDTiebYtkrchzqaTb-BUsuzq3KMzfZa_xl4pH1YYjlnuWWMjeenDCHEwMSn7vizQg5nHC3jvG2M4avVKDD4hbRw1RsbXZhOxKMM7wZS8REWtB7A0sSLd_m7a1RkBldL7fx59v1bUlZOHUQgdn-lqRALFTIamNN6KL&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCitWNa-TpYpTnK8iC9u8Pn6GW-A3JntKxXKX8k_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTLIAQmpAnsz1dPpDbE-qAMBqgTtAU_Qr_lCYk7IwTAsMWJBQvtEGaApgHzLLL8HmbidYDIwr1KG1CWZjcBV44yxckdodafOWOMd_HRKmISfVj_ZvBrx27bjU14BxWvGq31qAfPPi901VDFqs8bTiJtDZ97bWj_WvdXxRAQCto6N-jce3sSnd1c5bA2pyBhTk_CMK1yn95RBqPAgD701NXEHNd4ZRsPdqr0N2yEd-covAMx76MdtXMMQtoLnSRwwjCDuEqDBm8QgCd_cuy_jvfl3BUyZm-FDm6thmNhBGYbFje5tfTby-LT2V-znuLJdAPeJeU2cb_WeyQH7JTCbZULFYYAGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_09OgULVkQrnQvEtkCGoqNs89iIQQ%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
490319aff00a55cfc00d9e24f71f39fc0801858055c62c07bec8fabf2f6e24ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1541262
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1584
expires
Sat, 20 Aug 2022 23:06:35 GMT
img
pix.eu.criteo.net/img/ Frame 1F12
1 KB
2 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2Flogoumlaut-22544DE-2011191708.gif%3Feb%3D1&v=3&w=800&s=AkP6VzvhlWQHomqr6ocOPfaW&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAK85QH_YFIAAWQn8gq7HM3HqJvduWHmQ&u=%7CPcGAtcajvHPFLl9ZX%2BtSdoT1aVRby0QxXaCnjV%2BJAOY%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-EmeEBKDJIlZExN5DTY5nQePSLhPFm1S_J63JJCCtFmg6yo0P9kgGOr3Gk9jK_dEK6UjOqyoRh7PrM9WL2tCezjYT6DeNI1Xitg8hAK4xl_QH4YVd-oLQGME2Se8q3aRAHD5qQFwvGb0yJ3V--47RAbnIAzBXqKo-NjDrcXCsS-pfkYVxdXfhju6FQgrVMPuNEd5TGdut2rb8XNhK9pawL9OYboHJUVdZGVDTiebYtkrchzqaTb-BUsuzq3KMzfZa_xl4pH1YYjlnuWWMjeenDCHEwMSn7vizQg5nHC3jvG2M4avVKDD4hbRw1RsbXZhOxKMM7wZS8REWtB7A0sSLd_m7a1RkBldL7fx59v1bUlZOHUQgdn-lqRALFTIamNN6KL&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCitWNa-TpYpTnK8iC9u8Pn6GW-A3JntKxXKX8k_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTLIAQmpAnsz1dPpDbE-qAMBqgTtAU_Qr_lCYk7IwTAsMWJBQvtEGaApgHzLLL8HmbidYDIwr1KG1CWZjcBV44yxckdodafOWOMd_HRKmISfVj_ZvBrx27bjU14BxWvGq31qAfPPi901VDFqs8bTiJtDZ97bWj_WvdXxRAQCto6N-jce3sSnd1c5bA2pyBhTk_CMK1yn95RBqPAgD701NXEHNd4ZRsPdqr0N2yEd-covAMx76MdtXMMQtoLnSRwwjCDuEqDBm8QgCd_cuy_jvfl3BUyZm-FDm6thmNhBGYbFje5tfTby-LT2V-znuLJdAPeJeU2cb_WeyQH7JTCbZULFYYAGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_09OgULVkQrnQvEtkCGoqNs89iIQQ%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
1e04cc8c7f4f0ea9326b4de881d5734b2a1f8a96e9b11c11f6a24ff5997d9b18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=1768494
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1403
expires
Tue, 23 Aug 2022 14:13:47 GMT
img
pix.eu.criteo.net/img/ Frame 1F12
7 KB
7 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?h=244&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F79f2c646e3f74b54931cff1f39d769d0_blue.png&v=3&w=196&s=YDZD8YNsk-thdpVjdHXSz5nU
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAK85QH_YFIAAWQn8gq7HM3HqJvduWHmQ&u=%7CPcGAtcajvHPFLl9ZX%2BtSdoT1aVRby0QxXaCnjV%2BJAOY%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-EmeEBKDJIlZExN5DTY5nQePSLhPFm1S_J63JJCCtFmg6yo0P9kgGOr3Gk9jK_dEK6UjOqyoRh7PrM9WL2tCezjYT6DeNI1Xitg8hAK4xl_QH4YVd-oLQGME2Se8q3aRAHD5qQFwvGb0yJ3V--47RAbnIAzBXqKo-NjDrcXCsS-pfkYVxdXfhju6FQgrVMPuNEd5TGdut2rb8XNhK9pawL9OYboHJUVdZGVDTiebYtkrchzqaTb-BUsuzq3KMzfZa_xl4pH1YYjlnuWWMjeenDCHEwMSn7vizQg5nHC3jvG2M4avVKDD4hbRw1RsbXZhOxKMM7wZS8REWtB7A0sSLd_m7a1RkBldL7fx59v1bUlZOHUQgdn-lqRALFTIamNN6KL&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCitWNa-TpYpTnK8iC9u8Pn6GW-A3JntKxXKX8k_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTLIAQmpAnsz1dPpDbE-qAMBqgTtAU_Qr_lCYk7IwTAsMWJBQvtEGaApgHzLLL8HmbidYDIwr1KG1CWZjcBV44yxckdodafOWOMd_HRKmISfVj_ZvBrx27bjU14BxWvGq31qAfPPi901VDFqs8bTiJtDZ97bWj_WvdXxRAQCto6N-jce3sSnd1c5bA2pyBhTk_CMK1yn95RBqPAgD701NXEHNd4ZRsPdqr0N2yEd-covAMx76MdtXMMQtoLnSRwwjCDuEqDBm8QgCd_cuy_jvfl3BUyZm-FDm6thmNhBGYbFje5tfTby-LT2V-znuLJdAPeJeU2cb_WeyQH7JTCbZULFYYAGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_09OgULVkQrnQvEtkCGoqNs89iIQQ%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
bfcd7a262745ac2a8520d46dbe261c5db424c001970e9ebe83c440bfb48454f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29052289
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
6722
expires
Wed, 05 Jul 2023 09:03:42 GMT
img
pix.eu.criteo.net/img/ Frame 1F12
2 KB
2 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoDr-Meindl-u-Partner-Verrechnungsstelle-GmbH-139545DE.gif%3Feb%3D1&v=3&w=800&s=YXBCFE_KtriTAH1bLSFU1EZt&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAK85QH_YFIAAWQn8gq7HM3HqJvduWHmQ&u=%7CPcGAtcajvHPFLl9ZX%2BtSdoT1aVRby0QxXaCnjV%2BJAOY%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-EmeEBKDJIlZExN5DTY5nQePSLhPFm1S_J63JJCCtFmg6yo0P9kgGOr3Gk9jK_dEK6UjOqyoRh7PrM9WL2tCezjYT6DeNI1Xitg8hAK4xl_QH4YVd-oLQGME2Se8q3aRAHD5qQFwvGb0yJ3V--47RAbnIAzBXqKo-NjDrcXCsS-pfkYVxdXfhju6FQgrVMPuNEd5TGdut2rb8XNhK9pawL9OYboHJUVdZGVDTiebYtkrchzqaTb-BUsuzq3KMzfZa_xl4pH1YYjlnuWWMjeenDCHEwMSn7vizQg5nHC3jvG2M4avVKDD4hbRw1RsbXZhOxKMM7wZS8REWtB7A0sSLd_m7a1RkBldL7fx59v1bUlZOHUQgdn-lqRALFTIamNN6KL&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCitWNa-TpYpTnK8iC9u8Pn6GW-A3JntKxXKX8k_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTLIAQmpAnsz1dPpDbE-qAMBqgTtAU_Qr_lCYk7IwTAsMWJBQvtEGaApgHzLLL8HmbidYDIwr1KG1CWZjcBV44yxckdodafOWOMd_HRKmISfVj_ZvBrx27bjU14BxWvGq31qAfPPi901VDFqs8bTiJtDZ97bWj_WvdXxRAQCto6N-jce3sSnd1c5bA2pyBhTk_CMK1yn95RBqPAgD701NXEHNd4ZRsPdqr0N2yEd-covAMx76MdtXMMQtoLnSRwwjCDuEqDBm8QgCd_cuy_jvfl3BUyZm-FDm6thmNhBGYbFje5tfTby-LT2V-znuLJdAPeJeU2cb_WeyQH7JTCbZULFYYAGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_09OgULVkQrnQvEtkCGoqNs89iIQQ%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
cd5c0df13009943b3fdf4190f148764693d7a0d820d6c76430a5382d154a979e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:51 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1732
expires
Sat, 29 Jul 2023 02:58:52 GMT
all
csm.eu.criteo.net/ Frame 1F12
0
127 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=6c3bZjfX20-jaVR3W7r4FrZ_UuPaf7bOuzlUYooZfYccB5twMBQy5fFR8sTXsD31kF2UE1_sPZrRt1SKMOdd5Ds9yuQ8GUWv0D5iH4Owb2joijZ4uzonEQO9yZ84u5Pbr5cSV3dqZM5QRpjuuIwWbdo4QQUBiiTgnJJBvHPcXlFZurCQ6rt9DhDfujuCKoTiNkHtmiMFz3_CD8ec4WsD1Aw9960J1K_unKQAHlw84IXK0Bkbzibes3YgbVQmZbSBoQeNcQ&sds=2&rev=82250&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAK85QH_YFIAAWQn8gq7HM3HqJvduWHmQ&u=%7CPcGAtcajvHPFLl9ZX%2BtSdoT1aVRby0QxXaCnjV%2BJAOY%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-EmeEBKDJIlZExN5DTY5nQePSLhPFm1S_J63JJCCtFmg6yo0P9kgGOr3Gk9jK_dEK6UjOqyoRh7PrM9WL2tCezjYT6DeNI1Xitg8hAK4xl_QH4YVd-oLQGME2Se8q3aRAHD5qQFwvGb0yJ3V--47RAbnIAzBXqKo-NjDrcXCsS-pfkYVxdXfhju6FQgrVMPuNEd5TGdut2rb8XNhK9pawL9OYboHJUVdZGVDTiebYtkrchzqaTb-BUsuzq3KMzfZa_xl4pH1YYjlnuWWMjeenDCHEwMSn7vizQg5nHC3jvG2M4avVKDD4hbRw1RsbXZhOxKMM7wZS8REWtB7A0sSLd_m7a1RkBldL7fx59v1bUlZOHUQgdn-lqRALFTIamNN6KL&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCitWNa-TpYpTnK8iC9u8Pn6GW-A3JntKxXKX8k_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTLIAQmpAnsz1dPpDbE-qAMBqgTtAU_Qr_lCYk7IwTAsMWJBQvtEGaApgHzLLL8HmbidYDIwr1KG1CWZjcBV44yxckdodafOWOMd_HRKmISfVj_ZvBrx27bjU14BxWvGq31qAfPPi901VDFqs8bTiJtDZ97bWj_WvdXxRAQCto6N-jce3sSnd1c5bA2pyBhTk_CMK1yn95RBqPAgD701NXEHNd4ZRsPdqr0N2yEd-covAMx76MdtXMMQtoLnSRwwjCDuEqDBm8QgCd_cuy_jvfl3BUyZm-FDm6thmNhBGYbFje5tfTby-LT2V-znuLJdAPeJeU2cb_WeyQH7JTCbZULFYYAGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_09OgULVkQrnQvEtkCGoqNs89iIQQ%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 03 Aug 2022 02:58:51 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 1F12
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAK85QH_YFIAAWQn8gq7HM3HqJvduWHmQ&u=%7CPcGAtcajvHPFLl9ZX%2BtSdoT1aVRby0QxXaCnjV%2BJAOY%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-EmeEBKDJIlZExN5DTY5nQePSLhPFm1S_J63JJCCtFmg6yo0P9kgGOr3Gk9jK_dEK6UjOqyoRh7PrM9WL2tCezjYT6DeNI1Xitg8hAK4xl_QH4YVd-oLQGME2Se8q3aRAHD5qQFwvGb0yJ3V--47RAbnIAzBXqKo-NjDrcXCsS-pfkYVxdXfhju6FQgrVMPuNEd5TGdut2rb8XNhK9pawL9OYboHJUVdZGVDTiebYtkrchzqaTb-BUsuzq3KMzfZa_xl4pH1YYjlnuWWMjeenDCHEwMSn7vizQg5nHC3jvG2M4avVKDD4hbRw1RsbXZhOxKMM7wZS8REWtB7A0sSLd_m7a1RkBldL7fx59v1bUlZOHUQgdn-lqRALFTIamNN6KL&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCitWNa-TpYpTnK8iC9u8Pn6GW-A3JntKxXKX8k_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTLIAQmpAnsz1dPpDbE-qAMBqgTtAU_Qr_lCYk7IwTAsMWJBQvtEGaApgHzLLL8HmbidYDIwr1KG1CWZjcBV44yxckdodafOWOMd_HRKmISfVj_ZvBrx27bjU14BxWvGq31qAfPPi901VDFqs8bTiJtDZ97bWj_WvdXxRAQCto6N-jce3sSnd1c5bA2pyBhTk_CMK1yn95RBqPAgD701NXEHNd4ZRsPdqr0N2yEd-covAMx76MdtXMMQtoLnSRwwjCDuEqDBm8QgCd_cuy_jvfl3BUyZm-FDm6thmNhBGYbFje5tfTby-LT2V-znuLJdAPeJeU2cb_WeyQH7JTCbZULFYYAGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_09OgULVkQrnQvEtkCGoqNs89iIQQ%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 29 Jul 2023 02:58:52 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 1F12
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAK85QH_YFIAAWQn8gq7HM3HqJvduWHmQ&u=%7CPcGAtcajvHPFLl9ZX%2BtSdoT1aVRby0QxXaCnjV%2BJAOY%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-EmeEBKDJIlZExN5DTY5nQePSLhPFm1S_J63JJCCtFmg6yo0P9kgGOr3Gk9jK_dEK6UjOqyoRh7PrM9WL2tCezjYT6DeNI1Xitg8hAK4xl_QH4YVd-oLQGME2Se8q3aRAHD5qQFwvGb0yJ3V--47RAbnIAzBXqKo-NjDrcXCsS-pfkYVxdXfhju6FQgrVMPuNEd5TGdut2rb8XNhK9pawL9OYboHJUVdZGVDTiebYtkrchzqaTb-BUsuzq3KMzfZa_xl4pH1YYjlnuWWMjeenDCHEwMSn7vizQg5nHC3jvG2M4avVKDD4hbRw1RsbXZhOxKMM7wZS8REWtB7A0sSLd_m7a1RkBldL7fx59v1bUlZOHUQgdn-lqRALFTIamNN6KL&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCitWNa-TpYpTnK8iC9u8Pn6GW-A3JntKxXKX8k_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTLIAQmpAnsz1dPpDbE-qAMBqgTtAU_Qr_lCYk7IwTAsMWJBQvtEGaApgHzLLL8HmbidYDIwr1KG1CWZjcBV44yxckdodafOWOMd_HRKmISfVj_ZvBrx27bjU14BxWvGq31qAfPPi901VDFqs8bTiJtDZ97bWj_WvdXxRAQCto6N-jce3sSnd1c5bA2pyBhTk_CMK1yn95RBqPAgD701NXEHNd4ZRsPdqr0N2yEd-covAMx76MdtXMMQtoLnSRwwjCDuEqDBm8QgCd_cuy_jvfl3BUyZm-FDm6thmNhBGYbFje5tfTby-LT2V-znuLJdAPeJeU2cb_WeyQH7JTCbZULFYYAGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_09OgULVkQrnQvEtkCGoqNs89iIQQ%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 29 Jul 2023 02:58:52 GMT
e
go.shareaholic.com/
43 B
383 B
Ping
General
Full URL
https://go.shareaholic.com/e
Requested by
Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/f41e75ff/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.122.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-122-58.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Content-Security-Policy referrer always

Request headers

Referer
https://speakdoor.blogspot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 03 Aug 2022 02:58:52 GMT
vary
Origin
p3p
CP="OTI DSP COR DEVo ADMa OUR CONo IND COM INT ONL PUR STA OTC"
access-control-allow-origin
https://speakdoor.blogspot.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
referer-policy
unsafe-url
content-security-policy
referrer always
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
ABLy4Ezn1vAmX6UhS9lO9n1ieOqzyjdoslOW3weWV6BfiVlLBUazgrqFcgqrJRpG9nkIdH1C8lUCTFaG2o3xzvDSCkQyWaG0tAeJ9y_6TqrEyJZZ6hXr=w1600
lh3.googleusercontent.com/blogger_img_proxy/
29 KB
29 KB
Image
General
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/ABLy4Ezn1vAmX6UhS9lO9n1ieOqzyjdoslOW3weWV6BfiVlLBUazgrqFcgqrJRpG9nkIdH1C8lUCTFaG2o3xzvDSCkQyWaG0tAeJ9y_6TqrEyJZZ6hXr=w1600
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
9e4cf3c1b8ee231ae6346311d558c7017ff7efaf00f8c81380a953d3620f16a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:51:01 GMT
x-content-type-options
nosniff
server
fife
age
471
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29747
x-xss-protection
0
expires
Thu, 04 Aug 2022 02:51:01 GMT
%2BBihar%2BSwasthya%2BSuraksha%2BSamiti%2B%25282%2529.jpg
1.bp.blogspot.com/-7d4ffovS7LY/XvNSNsL7H7I/AAAAAAAAQlY/lRMBLm7NkQYBLli8C3lRMMNEfunXFCM6wCLcBGAsYHQ/w1600/
114 KB
114 KB
Image
General
Full URL
https://1.bp.blogspot.com/-7d4ffovS7LY/XvNSNsL7H7I/AAAAAAAAQlY/lRMBLm7NkQYBLli8C3lRMMNEfunXFCM6wCLcBGAsYHQ/w1600/%2BBihar%2BSwasthya%2BSuraksha%2BSamiti%2B%25282%2529.jpg
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
60ba67021201dbce9a21495e904af6bac894567da6af853b8375b944c4872402
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:49:59 GMT
x-content-type-options
nosniff
age
533
content-disposition
inline;filename=" Bihar Swasthya Suraksha Samiti (2).jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
116669
x-xss-protection
0
server
fife
etag
"v4258"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 04 Aug 2022 02:49:59 GMT
622119239-medical-procedure-surgery-doctor%2527s-office-medical-examination-medicine-breathing-789647.jpg
2.bp.blogspot.com/-o0wL8hfk_WQ/WT7M0QvAXCI/AAAAAAAAAYk/-kEUdqZ8OwU0RxSc0c15SkWjQJ90y-5JwCK4B/w1600/
24 KB
24 KB
Image
General
Full URL
https://2.bp.blogspot.com/-o0wL8hfk_WQ/WT7M0QvAXCI/AAAAAAAAAYk/-kEUdqZ8OwU0RxSc0c15SkWjQJ90y-5JwCK4B/w1600/622119239-medical-procedure-surgery-doctor%2527s-office-medical-examination-medicine-breathing-789647.jpg
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
1e881df9713df5d1063c70b5de21a23a11210d2a6998911d1779bf66be113789
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:50:52 GMT
x-content-type-options
nosniff
age
480
content-disposition
inline;filename="622119239-medical-procedure-surgery-doctor's-office-medical-examination-medicine-breathing-789647.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24391
x-xss-protection
0
server
fife
etag
"v18a"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 04 Aug 2022 02:50:52 GMT
ABLy4Eyzf6w9rxP_JgWpMkj8IQLqmabETs6YjC4mWPqeN2xcZADe_zlfde8lYD6bx67ryrAYg-U4-wjUPN47ZkdB3rleWEoXYYSAad5VcINJXp_f2H8=w1600
lh3.googleusercontent.com/blogger_img_proxy/
35 KB
35 KB
Image
General
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/ABLy4Eyzf6w9rxP_JgWpMkj8IQLqmabETs6YjC4mWPqeN2xcZADe_zlfde8lYD6bx67ryrAYg-U4-wjUPN47ZkdB3rleWEoXYYSAad5VcINJXp_f2H8=w1600
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
24575a0833bfd34af74c67cee04f58ac161975ff4cd834d572a14bde9839bdb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Aug 2022 02:58:52 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
no-cache, must-revalidate, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35931
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ANbyha0AUEbPhfr6G6cDw9bZrVvTy4YuXY3mEhCZoLmSlkVNFTa4oGYjRjgPaaS64Ew4P3FBD92CYZSe4PS-GO0K7znOEpU7xCzfZTeDXrNCIuHq7LkWzMhOMZBuepKBwZqbIk_o_dDdGR8PxKgNxrjahPfYZMmPoy-izCbQgPMWkfADLqqiAmWXs39FmuoPAP3-T...
lh3.googleusercontent.com/blogger_img_proxy/
21 KB
21 KB
Image
General
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/ANbyha0AUEbPhfr6G6cDw9bZrVvTy4YuXY3mEhCZoLmSlkVNFTa4oGYjRjgPaaS64Ew4P3FBD92CYZSe4PS-GO0K7znOEpU7xCzfZTeDXrNCIuHq7LkWzMhOMZBuepKBwZqbIk_o_dDdGR8PxKgNxrjahPfYZMmPoy-izCbQgPMWkfADLqqiAmWXs39FmuoPAP3-TQExPQ1vGNDGCdxdSi8h8Da31GElodh8lcYDVylSr6qhWUD0MGhuNV6g0BCSPKeAG_IundhWKA
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
413ef1dd78b2ad40c10809518ec8fdff9da166c9e8d45d9eda64a9b0316e2e21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:43:40 GMT
x-content-type-options
nosniff
server
fife
age
912
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21737
x-xss-protection
0
expires
Thu, 04 Aug 2022 02:43:40 GMT
CFMS%2BBihar.png
1.bp.blogspot.com/-FPWiu7iI3-o/X1ZAMNbD98I/AAAAAAAARTQ/BifQWNaNrLsnG6HA1C1BmXTseoxMXo25QCLcBGAsYHQ/s16000/
201 KB
201 KB
Image
General
Full URL
https://1.bp.blogspot.com/-FPWiu7iI3-o/X1ZAMNbD98I/AAAAAAAARTQ/BifQWNaNrLsnG6HA1C1BmXTseoxMXo25QCLcBGAsYHQ/s16000/CFMS%2BBihar.png
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
a3884aed17cfa72eaf7bb7e875d0a378fc641ba237c33ae8eebc991d8790ef5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:50:00 GMT
x-content-type-options
nosniff
age
532
content-disposition
inline;filename="CFMS Bihar.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205951
x-xss-protection
0
server
fife
etag
"v4535"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 04 Aug 2022 02:50:00 GMT
Big%2BBazar%252C%2BBudh%2BMarg%252C%2BPatna%2B%25281%2529.jpg
1.bp.blogspot.com/-jYhG5fkOdDY/XvNyMhcKafI/AAAAAAAAQuI/Ta9Xziq5gpImYmEFjYlDZSNWZZj2vl5fACLcBGAsYHQ/s320/
33 KB
33 KB
Image
General
Full URL
https://1.bp.blogspot.com/-jYhG5fkOdDY/XvNyMhcKafI/AAAAAAAAQuI/Ta9Xziq5gpImYmEFjYlDZSNWZZj2vl5fACLcBGAsYHQ/s320/Big%2BBazar%252C%2BBudh%2BMarg%252C%2BPatna%2B%25281%2529.jpg
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
2b708c415e0acba472a2ec055943b7a21d1169badd4b6e7a453167f7b5e4a3d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:47:16 GMT
x-content-type-options
nosniff
age
696
content-disposition
inline;filename="Big Bazar, Budh Marg, Patna (1).jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33578
x-xss-protection
0
server
fife
etag
"v42e9"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 04 Aug 2022 02:47:16 GMT
ABLy4EzdwWxz4GSSj2iiIHjpkqfe2TestVvwQmtWWiUE7pXLp54om8UHspOtANxcnnX7uVFc5vHl2RZaFWozGcg_271ZTPq6q_wDqs2-NCvL4joN7ffj2GJdGbqhMBYHfUWDha_H8acTMNO-0ReUiz3px0je=w1600
lh3.googleusercontent.com/blogger_img_proxy/
3 KB
3 KB
Image
General
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/ABLy4EzdwWxz4GSSj2iiIHjpkqfe2TestVvwQmtWWiUE7pXLp54om8UHspOtANxcnnX7uVFc5vHl2RZaFWozGcg_271ZTPq6q_wDqs2-NCvL4joN7ffj2GJdGbqhMBYHfUWDha_H8acTMNO-0ReUiz3px0je=w1600
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
7a5a82f2e97d82cf3a0c6b04f8d062f731f6fc3f5a7fca5984a7ee288afab94c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:43:45 GMT
x-content-type-options
nosniff
server
fife
age
907
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3392
x-xss-protection
0
expires
Thu, 04 Aug 2022 02:43:45 GMT
asid
recs.shareaholic.com/
101 B
315 B
Fetch
General
Full URL
https://recs.shareaholic.com/asid?location=https%3A%2F%2Fspeakdoor.blogspot.com&api_key=d312364965eb6e7a11c0be2441762d17
Requested by
Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/f41e75ff/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.36.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-36-4.compute-1.amazonaws.com
Software
/
Resource Hash
3223dd6921ebecca9a640a6ec21d0a80fb4da2ae171475d890ce0a321038fa57

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
https://speakdoor.blogspot.com
date
Wed, 03 Aug 2022 02:58:53 GMT
access-control-allow-credentials
true
content-type
application/json
content-length
101
vary
Origin, Accept-Encoding, User-Agent
access-control-expose-headers
X-Client-Auth
truncated
/
37 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/gif
logo.png
tmc.gov.in/ncg/templates/jsn_megazine_pro/images/colors/green/
6 KB
6 KB
Image
General
Full URL
https://tmc.gov.in/ncg/templates/jsn_megazine_pro/images/colors/green/logo.png
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2405:8a00:6013::101 , India, ASN55824 (NKN-CORE-NW NKN Core Network, IN),
Reverse DNS
Software
/ TMC
Resource Hash
01d8f5a43111dca2908ec56932789448935deaaf1d7d8f6cc71449d7b70b8b16
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
last-modified
Wed, 24 Aug 2016 08:52:12 GMT
server
x-powered-by
TMC
x-frame-options
SAMEORIGIN
content-type
image/png
date
Wed, 03 Aug 2022 02:58:53 GMT
etag
"0c6f1cde4fdd11:0"
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
accept-ranges
bytes
content-length
5842
x-xss-protection
1; mode=block
symptoms-child-cancer.jpg
www.indiancancersociety.org/cancer-information/img/
26 KB
26 KB
Image
General
Full URL
https://www.indiancancersociety.org/cancer-information/img/symptoms-child-cancer.jpg
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.192.98.160 Pune, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
aa368f5437dc419e7f3449cb246b23518c139be828585a92542a411feb95fe90
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
last-modified
Mon, 19 Oct 2020 13:57:42 GMT
server
Microsoft-IIS/10.0
etag
"08f20d01fa6d61:0"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
26120
ico-screening.png
www.indiancancersociety.org/cancer-information/img/
2 KB
3 KB
Image
General
Full URL
https://www.indiancancersociety.org/cancer-information/img/ico-screening.png
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.192.98.160 Pune, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
23a5d9441d8e99f387e05f4898eea61dd92426fb61b8942242a9b9f05d56e865
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
last-modified
Mon, 19 Oct 2020 13:57:42 GMT
server
Microsoft-IIS/10.0
etag
"08f20d01fa6d61:0"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2396
ico-diagnostics.png
www.indiancancersociety.org/cancer-information/img/
3 KB
3 KB
Image
General
Full URL
https://www.indiancancersociety.org/cancer-information/img/ico-diagnostics.png
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.192.98.160 Pune, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
77b26cbbfb6dda4321c81a784d52b231b8ab8c99391aea5a29ca7a5cce06339d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
last-modified
Mon, 19 Oct 2020 13:57:42 GMT
server
Microsoft-IIS/10.0
etag
"08f20d01fa6d61:0"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2691
ico-treatment.png
www.indiancancersociety.org/cancer-information/img/
3 KB
3 KB
Image
General
Full URL
https://www.indiancancersociety.org/cancer-information/img/ico-treatment.png
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.192.98.160 Pune, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
f919590c3edd5d2226fc61ee0fe10b623c6caabd9154fa527d8451af4dcb1219
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
last-modified
Mon, 19 Oct 2020 13:57:42 GMT
server
Microsoft-IIS/10.0
etag
"08f20d01fa6d61:0"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
3195
ico-late-effects.png
www.indiancancersociety.org/cancer-information/img/
4 KB
4 KB
Image
General
Full URL
https://www.indiancancersociety.org/cancer-information/img/ico-late-effects.png
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.192.98.160 Pune, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
d55fcdfc70077b934ae0a2735ba01b0ef57f0c3955be10f9dc076a75b2709057
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
last-modified
Mon, 19 Oct 2020 13:57:42 GMT
server
Microsoft-IIS/10.0
etag
"08f20d01fa6d61:0"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
3948
child-cancer-support.jpg
www.indiancancersociety.org/cancer-information/img/
48 KB
49 KB
Image
General
Full URL
https://www.indiancancersociety.org/cancer-information/img/child-cancer-support.jpg
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.192.98.160 Pune, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c2f68b18f05ed6261ccf24ee90132bce5c4fe89cc001720e5c88242c0fa96632
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
last-modified
Mon, 19 Oct 2020 13:57:42 GMT
server
Microsoft-IIS/10.0
etag
"08f20d01fa6d61:0"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
49372
danger-signal.jpg
www.indiancancersociety.org/cancer-information/img/
31 KB
31 KB
Image
General
Full URL
https://www.indiancancersociety.org/cancer-information/img/danger-signal.jpg
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.192.98.160 Pune, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
562dfa20bdc290f5be78f96990ce309f14698ce7b7219115b01c9b819a6207c8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:52 GMT
last-modified
Wed, 08 May 2019 07:33:00 GMT
server
Microsoft-IIS/10.0
etag
"05e3f43705d51:0"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
31592
2_1607751785_photo_IMG20201212095021.jpg
ab-hwc.nhp.gov.in/beta/uploads/event_images/
0
0

2_1607751716_photo_IMG20201212093858.jpg
ab-hwc.nhp.gov.in/beta/uploads/event_images/
0
0

17_1614765411_photo_IMG-20210303-WA0070.jpg
ab-hwc.nhp.gov.in/beta/uploads/event_images/
0
0

2_1622214973_photo_20210526_101604.jpg
ab-hwc.nhp.gov.in/beta/uploads/event_images/
0
0

1_1622134789_photo_IMG-20210527-WA0004.jpg
ab-hwc.nhp.gov.in/beta/uploads/event_images/
0
0

1622868037_hwc_photo_IMG20210604101306.jpg
ab-hwc.nhp.gov.in/beta/uploads/event_images/
0
0

1623304848_hwc_photo_IMG20210609113248.jpg
ab-hwc.nhp.gov.in/beta/uploads/event_images/
0
0

17_1624191696_photo_IMG-20210619-WA0000.jpg
ab-hwc.nhp.gov.in/beta/uploads/event_images/
0
0

17_1624804758_photo_IMG-20210627-WA0014.jpg
ab-hwc.nhp.gov.in/beta/uploads/event_images/
0
0

17_1622993812_photo_IMG-20210602-WA0005.jpg
ab-hwc.nhp.gov.in/beta/uploads/event_images/
0
0

1622209103_hwc_photo_IMG-20210527-WA0009.jpg
ab-hwc.nhp.gov.in/beta/uploads/event_images/
0
0

13_1615278555_photo_20210309_115500.jpg
ab-hwc.nhp.gov.in/beta/uploads/event_images/
0
0

2_1615444322_photo_IMG_20210308_134828.jpg
ab-hwc.nhp.gov.in/beta/uploads/event_images/
0
0

17_1615199161_photo_IMG_20200307_104531-01.jpeg
ab-hwc.nhp.gov.in/beta/uploads/event_images/
0
0

17_1618827138_photo_IMG-20210419-WA0062.jpg
ab-hwc.nhp.gov.in/beta/uploads/event_images/
0
0

17_1624369704_photo_IMG-20210622-WA0014.jpg
ab-hwc.nhp.gov.in/beta/uploads/event_images/
0
0

17_1619094802_photo_IMG-20210422-WA0003.jpg
ab-hwc.nhp.gov.in/beta/uploads/event_images/
0
0

17_1619952040_photo_IMG_20210502_130511.jpg
ab-hwc.nhp.gov.in/beta/uploads/event_images/
0
0

13_1622274562_photo_IMG-20210529-WA0006.jpg
ab-hwc.nhp.gov.in/beta/uploads/event_images/
0
0

17_1622212063_photo_IMG-20210528-WA0053.jpg
ab-hwc.nhp.gov.in/beta/uploads/event_images/
0
0

17_1618317199_photo_IMG_20210413_121008.jpg
ab-hwc.nhp.gov.in/beta/uploads/event_images/
0
0

17_1618168605_photo_20210409_122618.jpg
ab-hwc.nhp.gov.in/beta/uploads/event_images/
0
0

17_1618308572_photo_IMG-20210413-WA0002.jpg
ab-hwc.nhp.gov.in/beta/uploads/event_images/
0
0

17_1618479568_photo_IMG-20210415-WA0026.jpg
ab-hwc.nhp.gov.in/beta/uploads/event_images/
0
0

13_1618569202_photo_IMG-20210416-WA0033.jpg
ab-hwc.nhp.gov.in/beta/uploads/event_images/
0
0

13_1618569215_photo_IMG-20210416-WA0030.jpg
ab-hwc.nhp.gov.in/beta/uploads/event_images/
0
0

17_1618470734_photo_IMG-20210415-WA0018.jpg
ab-hwc.nhp.gov.in/beta/uploads/event_images/
0
0

17_1619181965_photo_IMG-20210422-WA0016.jpg
ab-hwc.nhp.gov.in/beta/uploads/event_images/
0
0

17_1619599453_photo_IMG-20210428-WA0021.jpg
ab-hwc.nhp.gov.in/beta/uploads/event_images/
0
0

1618909136_hwc_photo_IMG_20210417_124128.jpg
ab-hwc.nhp.gov.in/beta/uploads/event_images/
0
0

1618909136_hwc_photo_IMG_20210417_140321.jpg
ab-hwc.nhp.gov.in/beta/uploads/event_images/
0
0

7_1618573470_photo_IMG-20210416-WA0083.jpg
ab-hwc.nhp.gov.in/beta/uploads/event_images/
0
0

1_1618165180_photo_20210407_134935.jpg
ab-hwc.nhp.gov.in/beta/uploads/event_images/
0
0

17_1618639905_photo_IMG-20210417-WA0000.jpg
ab-hwc.nhp.gov.in/beta/uploads/event_images/
0
0

17_1622011930_photo_20210526_085029.jpg
ab-hwc.nhp.gov.in/beta/uploads/event_images/
0
0

17_1619947264_photo_IMG_20210305_112742.jpg
ab-hwc.nhp.gov.in/beta/uploads/event_images/
0
0

17_1619938247_photo_IMG-20210424-WA0004.jpg
ab-hwc.nhp.gov.in/beta/uploads/event_images/
0
0

17_1618463331_photo_IMG-20210413-WA0051.jpg
ab-hwc.nhp.gov.in/beta/uploads/event_images/
0
0

17_1619599870_photo_IMG-20210424-WA0014.jpg
ab-hwc.nhp.gov.in/beta/uploads/event_images/
0
0

17_1620312039_photo_IMG20210504103222.jpg
ab-hwc.nhp.gov.in/beta/uploads/event_images/
0
0

13_1618979907_photo_IMG_20210420_095401.jpg
ab-hwc.nhp.gov.in/beta/uploads/event_images/
0
0

1618991555_hwc_photo_IMG-20210419-WA0028.jpg
ab-hwc.nhp.gov.in/beta/uploads/event_images/
0
0

1622447989_hwc_photo_16224479243463654833314341076524.jpg
ab-hwc.nhp.gov.in/beta/uploads/event_images/
0
0

12_1619440606_photo_IMG-20210423-WA0010.jpg
ab-hwc.nhp.gov.in/beta/uploads/event_images/
0
0

1618418039_hwc_photo_IMG-20210414-WA0008.jpg
ab-hwc.nhp.gov.in/beta/uploads/event_images/
0
0

1618418096_photo_IMG-20210414-WA0010.jpg
ab-hwc.nhp.gov.in/beta/uploads/event_images/
0
0

2_1618811975_photo_IMG_20210415_131245.jpg
ab-hwc.nhp.gov.in/beta/uploads/event_images/
0
0

20170731092639-yoga-hobby-relax.jpeg
assets.entrepreneur.com/content/3x2/2000/
36 KB
36 KB
Image
General
Full URL
https://assets.entrepreneur.com/content/3x2/2000/20170731092639-yoga-hobby-relax.jpeg?auto=webp&quality=95&crop=16:9&width=675
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
deea7b4b0a564ccbaf31ff7c55a3e473c8e6e624601a694ce81bd3a07b8895e8
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id
3pRcWITcOS4Y4AR4VnpPnbqhfJwYs1e3
via
1.1 varnish, 1.1 varnish
etag
"i1p//oeHVKUQqJFVfBOR0UOjKy5ZvkdihXg05poDyXc"
age
672794
x-cache
HIT, HIT
fastly-io-info
ifsz=268585 idim=2000x1334 ifmt=jpeg ofsz=36548 odim=675x380 ofmt=webp
fastly-stats
io=1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
36548
x-amz-id-2
8aZUnAraUKbARXQTkAnGw12seWtlQ7u0T2mB36FoXdI0kD2mmxs9uyxxRzVqmgM2JdDrH0+zITk=
x-served-by
cache-sjc10024-SJC, cache-hhn4026-HHN
server
AmazonS3
x-timer
S1659495534.562696,VS0,VE0
date
Wed, 03 Aug 2022 02:58:53 GMT
vary
Accept
strict-transport-security
max-age=31557600
x-amz-request-id
8J1BXAQKDG5YTQC3
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
content-type
image/webp
x-cache-hits
1, 8
AVvXsEjxtZhlXrtgVx58nhFBvRPpRc_vYwrBcBEQoS2sKYvgiIxG6AFaIbml-XJ1oa2tYbAm1aVDBunv6iyDF-8uFy89RHWNPPAz4a9LewXlVu-hIUCghBqY3tZ7W1e0oo7fH4r1kyk-G8hHWLkAbyxPXAVeAlXgcZyHbxf1r2_ZU2h2OpRYOzO4rkePx9vPZA
blogger.googleusercontent.com/img/a/
292 KB
292 KB
Image
General
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEjxtZhlXrtgVx58nhFBvRPpRc_vYwrBcBEQoS2sKYvgiIxG6AFaIbml-XJ1oa2tYbAm1aVDBunv6iyDF-8uFy89RHWNPPAz4a9LewXlVu-hIUCghBqY3tZ7W1e0oo7fH4r1kyk-G8hHWLkAbyxPXAVeAlXgcZyHbxf1r2_ZU2h2OpRYOzO4rkePx9vPZA
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
7b5d0a3313246a18b59183fa8e24f35e2ad5f923ef25e545d564f2c1e09b5300
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:53 GMT
x-content-type-options
nosniff
server
fife
etag
"v5af2"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Jharkhand Government Calendar 2022.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
299421
x-xss-protection
0
expires
Thu, 04 Aug 2022 02:58:53 GMT
AVvXsEghKH2D1bIntaMKO-GG2wtS1qYBnFDM21_EbaP6WvEncfIoNC_Eh5vDf8u5CRZj9uRmx2WAjeb3woMTA1vnJVkZlHTlBTdq2zGf6E9XLhS6SuE-eHtzo7MQxd4zUhisZ0-b_yRcHuQ1civLgaWYAlpRzEvZvrKrElznyz-kGAJqQwiPzZeJLQdWbqGPlA
blogger.googleusercontent.com/img/a/
135 KB
135 KB
Image
General
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEghKH2D1bIntaMKO-GG2wtS1qYBnFDM21_EbaP6WvEncfIoNC_Eh5vDf8u5CRZj9uRmx2WAjeb3woMTA1vnJVkZlHTlBTdq2zGf6E9XLhS6SuE-eHtzo7MQxd4zUhisZ0-b_yRcHuQ1civLgaWYAlpRzEvZvrKrElznyz-kGAJqQwiPzZeJLQdWbqGPlA
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
bc829cb56b9523f9730d1733291f946ed60bc8b162fd99b5b9502e06501687cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:53 GMT
x-content-type-options
nosniff
server
fife
etag
"v5af0"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Bihar Government Calendar 2022.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
138484
x-xss-protection
0
expires
Thu, 04 Aug 2022 02:58:53 GMT
AVvXsEjfOTm2FNey1QoS6why6AiqSg5E_cfCfGyQ9RhxtM65nIQRbPV9d3DfJWFaw8zy31QFmtHDabc8v2-251aMv5xCxJHHIWSMiCFycA0wUZMjWol1u0lIe3hjeIg9QL33Fgh17m3xKcA394KlpMej_7mtvQ-X20qVGfQpbeB0nlmxde14Je2MpBNenFo-Vg
blogger.googleusercontent.com/img/a/
1 MB
1 MB
Image
General
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEjfOTm2FNey1QoS6why6AiqSg5E_cfCfGyQ9RhxtM65nIQRbPV9d3DfJWFaw8zy31QFmtHDabc8v2-251aMv5xCxJHHIWSMiCFycA0wUZMjWol1u0lIe3hjeIg9QL33Fgh17m3xKcA394KlpMej_7mtvQ-X20qVGfQpbeB0nlmxde14Je2MpBNenFo-Vg
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
395e998f4579af1ac13e3db03558d7fec588aac2b1fdd45248e3fb3f9d9d9403
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:53 GMT
x-content-type-options
nosniff
server
fife
etag
"v5ae7"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Bihar Government Calendar 2022 January to December.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1312343
x-xss-protection
0
expires
Thu, 04 Aug 2022 02:58:53 GMT
AVvXsEjF_R8S6Zf3A-nh1N4jH4ZpZLltu24diw6U9UTQQPSc6a2jIoaX9tW3OGV4u2TAj_spWZ4o4LFdopqRknn5_kpbRf1FRmqaoxk4ywzvqG1-shA5u1MLujOZ9O1dLF6eD15LjXhZSY3f7DBIBP8gbKbeTK8sz3oWrPaiPqIrC7Pi4loc4Op8SL5l057d3g
blogger.googleusercontent.com/img/a/
276 KB
276 KB
Image
General
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEjF_R8S6Zf3A-nh1N4jH4ZpZLltu24diw6U9UTQQPSc6a2jIoaX9tW3OGV4u2TAj_spWZ4o4LFdopqRknn5_kpbRf1FRmqaoxk4ywzvqG1-shA5u1MLujOZ9O1dLF6eD15LjXhZSY3f7DBIBP8gbKbeTK8sz3oWrPaiPqIrC7Pi4loc4Op8SL5l057d3g
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
ae361eee98790e9c0ec98cc9c14864144b4e40cef4e4ee492510d876a51e9d43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:53 GMT
x-content-type-options
nosniff
server
fife
etag
"v59db"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Bihar Government Calendar 2022 (1).jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
282217
x-xss-protection
0
expires
Thu, 04 Aug 2022 02:58:53 GMT
AVvXsEiSeXr6dZy09BfRsJHNkwpIN7U0JX81u72Z8KYC2my3x6armc1iU6gXN9KyG54ZvSpWoJSK3wZgIkFjGvdOv8MDq1Wj38zNWUD_e7fq3OLymz5f8uYVWoiEdPKKHuaEXw-ycDmuGTiH0cJu__n04_EGtk34Hw6Nhb90hO_6XYdjaybHcP2Fgt1bJ3bujQ
blogger.googleusercontent.com/img/a/
276 KB
277 KB
Image
General
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEiSeXr6dZy09BfRsJHNkwpIN7U0JX81u72Z8KYC2my3x6armc1iU6gXN9KyG54ZvSpWoJSK3wZgIkFjGvdOv8MDq1Wj38zNWUD_e7fq3OLymz5f8uYVWoiEdPKKHuaEXw-ycDmuGTiH0cJu__n04_EGtk34Hw6Nhb90hO_6XYdjaybHcP2Fgt1bJ3bujQ
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
3aa530ebd940676f164fd7b1b0064cd4ca982d04086e76eb58874de28d9451e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:53 GMT
x-content-type-options
nosniff
server
fife
etag
"v59db"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Bihar Government Calendar 2022 (2).jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
283071
x-xss-protection
0
expires
Thu, 04 Aug 2022 02:58:53 GMT
AVvXsEjH_I65Rt9HvWHFs54tZUAH7mN8lePn_YHPKYtZeZfLCebzwBqw1tAhgQw2YqPHER9k5hsnx5ZSiUZfxILEhB9gzIXSa1XaAM-yjrc0xmu0cgNfIBdQ87jHcyv440YNP1Oa4222chAn1t1BYFqdf0OTl4h7nTpHy0s5q8ysNoNHjOC3mdL1d4_1kTd65g
blogger.googleusercontent.com/img/a/
103 KB
103 KB
Image
General
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEjH_I65Rt9HvWHFs54tZUAH7mN8lePn_YHPKYtZeZfLCebzwBqw1tAhgQw2YqPHER9k5hsnx5ZSiUZfxILEhB9gzIXSa1XaAM-yjrc0xmu0cgNfIBdQ87jHcyv440YNP1Oa4222chAn1t1BYFqdf0OTl4h7nTpHy0s5q8ysNoNHjOC3mdL1d4_1kTd65g
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
8b08d8144e3cbc8e87193d17b77fff6ae4a954c9436630371de4090531da41ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:53 GMT
x-content-type-options
nosniff
server
fife
etag
"v59dd"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Bihar Government Calendar 2022 (3).jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
105168
x-xss-protection
0
expires
Thu, 04 Aug 2022 02:58:53 GMT
AVvXsEgpCjvy_Ecv0-vSW8m9AWUnSixKWXPEBsqI_3YYvQ8wwbofUnPMK1QTMd0O3c_yok5iQnTflJclFGZ4i2COBNcxHbvS2kftVpxcF6dT9767lQd7iatTDk_RFkFMq37m1KKe4NchKoWCttcxOlXUqwsGun2Xb3uxtRDjtfGQlDDDJ9UFGOhp0UjIrgw2IQ
blogger.googleusercontent.com/img/a/
263 KB
263 KB
Image
General
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEgpCjvy_Ecv0-vSW8m9AWUnSixKWXPEBsqI_3YYvQ8wwbofUnPMK1QTMd0O3c_yok5iQnTflJclFGZ4i2COBNcxHbvS2kftVpxcF6dT9767lQd7iatTDk_RFkFMq37m1KKe4NchKoWCttcxOlXUqwsGun2Xb3uxtRDjtfGQlDDDJ9UFGOhp0UjIrgw2IQ
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
91a249fd02f4aef1b0b3549045bada6fdcd59cedd65d6c64fa44100c2641d998
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:53 GMT
x-content-type-options
nosniff
server
fife
etag
"v59d9"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Bihar Government Calendar 2022 (4).jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
268883
x-xss-protection
0
expires
Thu, 04 Aug 2022 02:58:53 GMT
AVvXsEgwvymSUVElrO55w3i1s7i-Va1JVtAc-1esN0FlKB_EOeEYVhFyNZw5Z8fmcKSbU6pw1PhCQ9BzrofDm8k5pcuE9iAZLlxuTAeC-l3gi-N1fq5difVKzEmvc9sjjTfHWkukVemc-a-elTa1zAfvP8YpBLGp2Zez708eWvkzw4v813c9xN81t9aLflgjQA
blogger.googleusercontent.com/img/a/
84 KB
84 KB
Image
General
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEgwvymSUVElrO55w3i1s7i-Va1JVtAc-1esN0FlKB_EOeEYVhFyNZw5Z8fmcKSbU6pw1PhCQ9BzrofDm8k5pcuE9iAZLlxuTAeC-l3gi-N1fq5difVKzEmvc9sjjTfHWkukVemc-a-elTa1zAfvP8YpBLGp2Zez708eWvkzw4v813c9xN81t9aLflgjQA
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
1c0a8aba8676e7ac92890d46aa8a54fe8670dea8631d33c9bfd1a36c68108b36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:53 GMT
x-content-type-options
nosniff
server
fife
etag
"v59da"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Bihar Government Calendar 2022 (5).jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
86227
x-xss-protection
0
expires
Thu, 04 Aug 2022 02:58:53 GMT
AVvXsEiMN5YBNpQe1pneujvsZQOt-AzhbHSVNGyLtGD78ExHuGW8LZBhTOmbdBIcqHqtdh0qeTIITR0QndGMOEjCvbalShxnqXKSoVq2eCZ3uxLmxivCPYwee7ZGTNo6ZixUjYnkrMLvr_YCU-epbcqzV8MqCbvcOB50hdJLbkrXSGy4u9EdCMN83cPkclg0cg
blogger.googleusercontent.com/img/a/
81 KB
81 KB
Image
General
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEiMN5YBNpQe1pneujvsZQOt-AzhbHSVNGyLtGD78ExHuGW8LZBhTOmbdBIcqHqtdh0qeTIITR0QndGMOEjCvbalShxnqXKSoVq2eCZ3uxLmxivCPYwee7ZGTNo6ZixUjYnkrMLvr_YCU-epbcqzV8MqCbvcOB50hdJLbkrXSGy4u9EdCMN83cPkclg0cg
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
fc1f3214a4c91db0341a0639b316ccf6417f8bff14054300bf3941ec865e960e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:53 GMT
x-content-type-options
nosniff
server
fife
etag
"v59db"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Bihar Government Calendar 2022 (6).jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83112
x-xss-protection
0
expires
Thu, 04 Aug 2022 02:58:53 GMT
AVvXsEjuPiIU0YIetdXQxIlcKl8sQw_j1pqrhlixX1kLrPKznB_237gosN02Xgvo3gDG01cX45JyODXgYvhpME9zkS60xOPQAd2gBtIycEyolrlU-46BdQ-9-fFB2QPvXqvY-FLQfb3WYtSI4fValiSqtGbMFf83k-_XkCgMoF9_XIiyStX7UZCQ6EOTV5CEMg
blogger.googleusercontent.com/img/a/
202 KB
202 KB
Image
General
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEjuPiIU0YIetdXQxIlcKl8sQw_j1pqrhlixX1kLrPKznB_237gosN02Xgvo3gDG01cX45JyODXgYvhpME9zkS60xOPQAd2gBtIycEyolrlU-46BdQ-9-fFB2QPvXqvY-FLQfb3WYtSI4fValiSqtGbMFf83k-_XkCgMoF9_XIiyStX7UZCQ6EOTV5CEMg
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
6e48524befb65a98356489d7b7c37417171c9acf435df7ab377d93d74c8696be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:53 GMT
x-content-type-options
nosniff
server
fife
etag
"v59dc"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Official Letter Bihar Government Calendar 2022 (1).jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
206387
x-xss-protection
0
expires
Thu, 04 Aug 2022 02:58:53 GMT
AVvXsEi2X5GFBSy8vI-gQeP9NxcTqyufwe5da2q1G7LqV-9hGWUcWbgNvnPs6MpK_7Z9pzfsWD3rkHkNseRXpbjlLzkTGG89H8K9EFaUGp20aR1fqQBGWrfyBqvebV7hGQZ6UP81Xf7h7Ovb5JuhGGoLoymEi5SBgtgp3lxi6fGj2Mr-OoNp67JJuYYv3DxOsg
blogger.googleusercontent.com/img/a/
273 KB
273 KB
Image
General
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEi2X5GFBSy8vI-gQeP9NxcTqyufwe5da2q1G7LqV-9hGWUcWbgNvnPs6MpK_7Z9pzfsWD3rkHkNseRXpbjlLzkTGG89H8K9EFaUGp20aR1fqQBGWrfyBqvebV7hGQZ6UP81Xf7h7Ovb5JuhGGoLoymEi5SBgtgp3lxi6fGj2Mr-OoNp67JJuYYv3DxOsg
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
67cca6efdfe24101a2ab2550e041de6d67dd143aaa847e02be6e70fd2fa471d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:53 GMT
x-content-type-options
nosniff
server
fife
etag
"v59dd"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Official Letter Bihar Government Calendar 2022 (2).jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
279327
x-xss-protection
0
expires
Thu, 04 Aug 2022 02:58:53 GMT
pexels-photo-8460343.jpeg
images.pexels.com/photos/8460343/
32 KB
33 KB
Image
General
Full URL
https://images.pexels.com/photos/8460343/pexels-photo-8460343.jpeg?auto=compress&cs=tinysrgb&dpr=1&w=500
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d066 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9a5a9cc955eaf2edc62bb791f586cf5f8f18e6cf912282b4365cd8562ba9e74
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:53 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
36861
cf-polished
qual=85, origFmt=jpeg, origSize=36900
x-cache
HIT, MISS
x-imgix-id
98b87ea4d5b971b593de2704ab9ddfdeec5c3dbf
content-disposition
inline; filename="pexels-photo-8460343.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33198
x-served-by
cache-sjc10037-SJC, cache-fra19155-FRA
last-modified
Mon, 04 Jul 2022 18:51:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
expires
Thu, 03 Aug 2023 02:58:53 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
734bcb4cdce468f8-FRA
cross-origin-resource-policy
cross-origin
cf-bgj
imgq:85,h2pri
vitm.jpg
www.vismuseum.gov.in/wp-content/uploads/2020/08/
893 KB
893 KB
Image
General
Full URL
https://www.vismuseum.gov.in/wp-content/uploads/2020/08/vitm.jpg
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
101.53.156.127 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS
e2e-56-127.ssdcloudindia.net
Software
Apache /
Resource Hash
739f22ecf7f029bc4bf353f999079989bb750f3199b5a6fa3240a40353c8a45d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 02:58:56 GMT
Last-Modified
Mon, 17 Aug 2020 07:35:28 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
914203
android.png
www.vismuseum.gov.in/wp-content/uploads/2020/07/
2 KB
2 KB
Image
General
Full URL
https://www.vismuseum.gov.in/wp-content/uploads/2020/07/android.png
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
101.53.156.127 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS
e2e-56-127.ssdcloudindia.net
Software
Apache /
Resource Hash
b8ccc11c6aeb2bcdf8ea5ffaa9ed73f630e5bc8c632a34f735d127ab88ee816b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 02:58:56 GMT
Last-Modified
Sun, 26 Jul 2020 11:40:20 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2180
ios.png
www.vismuseum.gov.in/wp-content/uploads/2020/07/
1 KB
1 KB
Image
General
Full URL
https://www.vismuseum.gov.in/wp-content/uploads/2020/07/ios.png
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
101.53.156.127 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS
e2e-56-127.ssdcloudindia.net
Software
Apache /
Resource Hash
6d2de6db96ee618a5721768fde6b793c34bde192a5800fe0987de3a8630956cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 02:58:56 GMT
Last-Modified
Sun, 26 Jul 2020 11:40:22 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1231
DSC_0954.jpg
www.vismuseum.gov.in/wp-content/uploads/2019/10/
468 KB
468 KB
Image
General
Full URL
https://www.vismuseum.gov.in/wp-content/uploads/2019/10/DSC_0954.jpg
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
101.53.156.127 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS
e2e-56-127.ssdcloudindia.net
Software
Apache /
Resource Hash
0c6be3f6b1fa97a56d044885dbc44944bf5332530c0f9bd9ded3542a24964f72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 02:58:56 GMT
Last-Modified
Sat, 25 Jul 2020 15:21:14 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
479376
DSC_0316.jpg
www.vismuseum.gov.in/wp-content/uploads/2019/10/
567 KB
567 KB
Image
General
Full URL
https://www.vismuseum.gov.in/wp-content/uploads/2019/10/DSC_0316.jpg
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
101.53.156.127 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS
e2e-56-127.ssdcloudindia.net
Software
Apache /
Resource Hash
ae5b89c3c1ac96f7ac5be676385486ea9bcfeedd42dc16c83732fe834c1fe8b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 02:58:57 GMT
Last-Modified
Sat, 25 Jul 2020 15:21:46 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
580365
DSC_0046.jpg
www.vismuseum.gov.in/wp-content/uploads/2019/10/
572 KB
572 KB
Image
General
Full URL
https://www.vismuseum.gov.in/wp-content/uploads/2019/10/DSC_0046.jpg
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
101.53.156.127 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS
e2e-56-127.ssdcloudindia.net
Software
Apache /
Resource Hash
8d9fdf5e97634f6e3ba7772ede23912ea642cf05de90401aaaca99035da62eef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 02:58:57 GMT
Last-Modified
Sat, 25 Jul 2020 15:24:26 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
585244
DSC_0035.jpg
www.vismuseum.gov.in/wp-content/uploads/2019/10/
560 KB
560 KB
Image
General
Full URL
https://www.vismuseum.gov.in/wp-content/uploads/2019/10/DSC_0035.jpg
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
101.53.156.127 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS
e2e-56-127.ssdcloudindia.net
Software
Apache /
Resource Hash
e5283d9724936de68a15a6b821607d7daf4681aafc505d64ca1803fdffff3606

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 02:58:57 GMT
Last-Modified
Sat, 25 Jul 2020 15:22:06 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
573135
DSC_0012.jpg
www.vismuseum.gov.in/wp-content/uploads/2019/10/
568 KB
569 KB
Image
General
Full URL
https://www.vismuseum.gov.in/wp-content/uploads/2019/10/DSC_0012.jpg
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
101.53.156.127 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS
e2e-56-127.ssdcloudindia.net
Software
Apache /
Resource Hash
1fd19004521d39a3b6a19f4cf1d673d1b1113f0e322f3231818441cd4fe10fd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 02:58:57 GMT
Last-Modified
Sat, 25 Jul 2020 15:23:04 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
582073
DSC_0008-2.jpg
www.vismuseum.gov.in/wp-content/uploads/2019/10/
520 KB
520 KB
Image
General
Full URL
https://www.vismuseum.gov.in/wp-content/uploads/2019/10/DSC_0008-2.jpg
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
101.53.156.127 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS
e2e-56-127.ssdcloudindia.net
Software
Apache /
Resource Hash
ef72587d305b2883f75e0e3ba001f4a7018bb1fbff06c50f332f6ee2de366531

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 02:58:58 GMT
Last-Modified
Sat, 25 Jul 2020 15:19:26 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
532721
BEL-1-DSC_0273.jpg
www.vismuseum.gov.in/wp-content/uploads/2019/10/
5 MB
5 MB
Image
General
Full URL
https://www.vismuseum.gov.in/wp-content/uploads/2019/10/BEL-1-DSC_0273.jpg
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
101.53.156.127 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS
e2e-56-127.ssdcloudindia.net
Software
Apache /
Resource Hash
b210b750323bbecc279a8b5c6053d14de46cfb364df1613e3f3eaab099f49590

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 02:58:58 GMT
Last-Modified
Sat, 25 Jul 2020 15:21:20 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
5251082
BEL-2-DSC_0274.jpg
www.vismuseum.gov.in/wp-content/uploads/2019/10/
5 MB
5 MB
Image
General
Full URL
https://www.vismuseum.gov.in/wp-content/uploads/2019/10/BEL-2-DSC_0274.jpg
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
101.53.156.127 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS
e2e-56-127.ssdcloudindia.net
Software
Apache /
Resource Hash
7f8e73d36b6e11a1072eef84e42101cd5b120b1076c51ecf7bf859c683574cc4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 02:58:58 GMT
Last-Modified
Sat, 25 Jul 2020 15:28:56 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
5179243
DSC_0395.jpg
www.vismuseum.gov.in/wp-content/uploads/2019/10/
446 KB
447 KB
Image
General
Full URL
https://www.vismuseum.gov.in/wp-content/uploads/2019/10/DSC_0395.jpg
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
101.53.156.127 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS
e2e-56-127.ssdcloudindia.net
Software
Apache /
Resource Hash
2dec63cac924d792fa0133691ec61890d4a434870bf0e9c65b3fb2de3421875c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 02:58:59 GMT
Last-Modified
Sat, 25 Jul 2020 15:35:32 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
457170
DSC_0429.jpg
www.vismuseum.gov.in/wp-content/uploads/2019/10/
412 KB
412 KB
Image
General
Full URL
https://www.vismuseum.gov.in/wp-content/uploads/2019/10/DSC_0429.jpg
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
101.53.156.127 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS
e2e-56-127.ssdcloudindia.net
Software
Apache /
Resource Hash
bcc9b625a4d0f9ecfd75b7e951ba080fbfd3ef6ef38517f08f9acecb79244f9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 02:59:00 GMT
Last-Modified
Sat, 25 Jul 2020 15:23:12 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
421508
DSC_0263.jpg
www.vismuseum.gov.in/wp-content/uploads/2019/10/
430 KB
430 KB
Image
General
Full URL
https://www.vismuseum.gov.in/wp-content/uploads/2019/10/DSC_0263.jpg
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
101.53.156.127 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS
e2e-56-127.ssdcloudindia.net
Software
Apache /
Resource Hash
e7d305914e8f7363f66818891dc0d7071b30a7049e50f15b2e9c4012eb8c83a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 02:59:01 GMT
Last-Modified
Sat, 25 Jul 2020 15:33:30 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
440240
DSC_0273-1.jpg
www.vismuseum.gov.in/wp-content/uploads/2019/10/
435 KB
435 KB
Image
General
Full URL
https://www.vismuseum.gov.in/wp-content/uploads/2019/10/DSC_0273-1.jpg
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
101.53.156.127 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS
e2e-56-127.ssdcloudindia.net
Software
Apache /
Resource Hash
beea6bb99696682b642689702ef4ecba136b6d506773c4c519b8e9aa7763ca52

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 02:59:01 GMT
Last-Modified
Sat, 25 Jul 2020 15:24:48 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
445658
DSC_0886.jpg
www.vismuseum.gov.in/wp-content/uploads/2019/10/
453 KB
453 KB
Image
General
Full URL
https://www.vismuseum.gov.in/wp-content/uploads/2019/10/DSC_0886.jpg
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
101.53.156.127 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS
e2e-56-127.ssdcloudindia.net
Software
Apache /
Resource Hash
4cf7b5efd123125c17bef367c0c32b44b2ddcc0decf7b20bd18c63ef71a5c488

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 02:59:02 GMT
Last-Modified
Sat, 25 Jul 2020 15:31:46 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
463391
DSC_0890.jpg
www.vismuseum.gov.in/wp-content/uploads/2019/10/
496 KB
497 KB
Image
General
Full URL
https://www.vismuseum.gov.in/wp-content/uploads/2019/10/DSC_0890.jpg
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
101.53.156.127 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS
e2e-56-127.ssdcloudindia.net
Software
Apache /
Resource Hash
40bd3f4decea4802bfc00e1ac8436c8ad8b4db2ad8e4a26acfc6bc668bc7c086

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 02:59:02 GMT
Last-Modified
Sat, 25 Jul 2020 15:29:36 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
508277
DSC_0900.jpg
www.vismuseum.gov.in/wp-content/uploads/2019/10/
443 KB
443 KB
Image
General
Full URL
https://www.vismuseum.gov.in/wp-content/uploads/2019/10/DSC_0900.jpg
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
101.53.156.127 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS
e2e-56-127.ssdcloudindia.net
Software
Apache /
Resource Hash
0707e489a448da35e5100d37f6e31c40e839bb04496e97f2d43ec7469cbe1670

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 02:59:02 GMT
Last-Modified
Sat, 25 Jul 2020 15:22:12 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
453460
DSC_0876.jpg
www.vismuseum.gov.in/wp-content/uploads/2019/10/
427 KB
428 KB
Image
General
Full URL
https://www.vismuseum.gov.in/wp-content/uploads/2019/10/DSC_0876.jpg
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
101.53.156.127 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS
e2e-56-127.ssdcloudindia.net
Software
Apache /
Resource Hash
f58c4daa06d91e29f30e3588876643f6f0e47c099e35657e3d156e8c5acbe5fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 02:59:03 GMT
Last-Modified
Sat, 25 Jul 2020 15:33:38 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
437662
DSC_0267.jpg
www.vismuseum.gov.in/wp-content/uploads/2019/10/
458 KB
458 KB
Image
General
Full URL
https://www.vismuseum.gov.in/wp-content/uploads/2019/10/DSC_0267.jpg
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
101.53.156.127 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS
e2e-56-127.ssdcloudindia.net
Software
Apache /
Resource Hash
b78b8a562f2e4d64db1a9ed9d9d451af2b36fde7a995baa484f0095196c04240

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 02:59:03 GMT
Last-Modified
Sat, 25 Jul 2020 15:33:36 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
469115
DSC_0865.jpg
www.vismuseum.gov.in/wp-content/uploads/2019/10/
508 KB
508 KB
Image
General
Full URL
https://www.vismuseum.gov.in/wp-content/uploads/2019/10/DSC_0865.jpg
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
101.53.156.127 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS
e2e-56-127.ssdcloudindia.net
Software
Apache /
Resource Hash
a90095b5f7951614878fab8dbc6806a0aa8cd73dd77fb18ab97ef2bd7600c3a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 02:59:04 GMT
Last-Modified
Sat, 25 Jul 2020 15:33:26 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
520073
DSC_0896.jpg
www.vismuseum.gov.in/wp-content/uploads/2019/10/
453 KB
453 KB
Image
General
Full URL
https://www.vismuseum.gov.in/wp-content/uploads/2019/10/DSC_0896.jpg
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
101.53.156.127 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS
e2e-56-127.ssdcloudindia.net
Software
Apache /
Resource Hash
67c825531bbdf427c5171f4dbe6f0a8a25b9fb386030c3b10b80f3d9e3912c29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 02:59:05 GMT
Last-Modified
Sat, 25 Jul 2020 15:30:46 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=91
Content-Length
464096
DSC_0918.jpg
www.vismuseum.gov.in/wp-content/uploads/2019/10/
492 KB
492 KB
Image
General
Full URL
https://www.vismuseum.gov.in/wp-content/uploads/2019/10/DSC_0918.jpg
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
101.53.156.127 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS
e2e-56-127.ssdcloudindia.net
Software
Apache /
Resource Hash
9163d3934bd1670c64caf761f38c6ca8c6af73f771dbbb25bc9e71f1576c4c09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 02:59:05 GMT
Last-Modified
Sat, 25 Jul 2020 15:19:32 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
504064
DSC_0914.jpg
www.vismuseum.gov.in/wp-content/uploads/2019/10/
449 KB
450 KB
Image
General
Full URL
https://www.vismuseum.gov.in/wp-content/uploads/2019/10/DSC_0914.jpg
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
101.53.156.127 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS
e2e-56-127.ssdcloudindia.net
Software
Apache /
Resource Hash
4feaa18be02363ab442dd468621c8bbc6314495882ff605c1c6bb88f1b847976

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 02:59:06 GMT
Last-Modified
Sat, 25 Jul 2020 15:19:22 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=90
Content-Length
460214
DSC_0911.jpg
www.vismuseum.gov.in/wp-content/uploads/2019/10/
482 KB
482 KB
Image
General
Full URL
https://www.vismuseum.gov.in/wp-content/uploads/2019/10/DSC_0911.jpg
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
101.53.156.127 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS
e2e-56-127.ssdcloudindia.net
Software
Apache /
Resource Hash
debbc0ff32ad8542b4e538aea2ccf1245a7acbe4a25b8447b88c1b9af71786e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 02:59:06 GMT
Last-Modified
Sat, 25 Jul 2020 15:35:06 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=91
Content-Length
493182
DSC_0275.jpg
www.vismuseum.gov.in/wp-content/uploads/2019/10/
434 KB
434 KB
Image
General
Full URL
https://www.vismuseum.gov.in/wp-content/uploads/2019/10/DSC_0275.jpg
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
101.53.156.127 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS
e2e-56-127.ssdcloudindia.net
Software
Apache /
Resource Hash
1c9aa1d6a53a6dcef06d5a9d1ea72a88bdcfb99c591cb3f7d7beeb177420faf3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 02:59:06 GMT
Last-Modified
Sat, 25 Jul 2020 15:31:10 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=89
Content-Length
444513
DSC_0922.jpg
www.vismuseum.gov.in/wp-content/uploads/2019/10/
521 KB
522 KB
Image
General
Full URL
https://www.vismuseum.gov.in/wp-content/uploads/2019/10/DSC_0922.jpg
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
101.53.156.127 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS
e2e-56-127.ssdcloudindia.net
Software
Apache /
Resource Hash
1118e3ae86e0d6ba810c75fd58d262a821498188aa2dab358bc333683bb0baea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 02:59:07 GMT
Last-Modified
Sat, 25 Jul 2020 15:30:14 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=88
Content-Length
533801
DSC_0929.jpg
www.vismuseum.gov.in/wp-content/uploads/2019/10/
506 KB
506 KB
Image
General
Full URL
https://www.vismuseum.gov.in/wp-content/uploads/2019/10/DSC_0929.jpg
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
101.53.156.127 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS
e2e-56-127.ssdcloudindia.net
Software
Apache /
Resource Hash
a345bc4415a2265a9e95189defae3b35e8c840ff4da5c31cf3790115b6e538d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 02:59:07 GMT
Last-Modified
Sat, 25 Jul 2020 15:18:56 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=90
Content-Length
518269
jj_thomson.jpg
www.vismuseum.gov.in/wp-content/uploads/2019/10/
164 KB
164 KB
Image
General
Full URL
https://www.vismuseum.gov.in/wp-content/uploads/2019/10/jj_thomson.jpg
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
101.53.156.127 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS
e2e-56-127.ssdcloudindia.net
Software
Apache /
Resource Hash
cb0d66ff7b3d7b5802bd0ffff425bb58a941654b99938172f00e482c7206837d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 02:59:07 GMT
Last-Modified
Sat, 25 Jul 2020 15:25:26 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
167426
DSC_0905.jpg
www.vismuseum.gov.in/wp-content/uploads/2019/10/
456 KB
456 KB
Image
General
Full URL
https://www.vismuseum.gov.in/wp-content/uploads/2019/10/DSC_0905.jpg
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
101.53.156.127 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS
e2e-56-127.ssdcloudindia.net
Software
Apache /
Resource Hash
126b58bdd36382692ed6bc2b0c99fe6b1a66db0ab7a1a6090c360b035ec897a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 02:59:08 GMT
Last-Modified
Sat, 25 Jul 2020 15:31:36 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
467161
nanotechnology.jpg
www.vismuseum.gov.in/wp-content/uploads/2019/10/
220 KB
221 KB
Image
General
Full URL
https://www.vismuseum.gov.in/wp-content/uploads/2019/10/nanotechnology.jpg
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
101.53.156.127 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS
e2e-56-127.ssdcloudindia.net
Software
Apache /
Resource Hash
ed641d1558c60255d5d4f514b16153d34c3d0c5b188c41874e33155f8c05cffe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 02:59:08 GMT
Last-Modified
Sat, 25 Jul 2020 15:29:38 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=87
Content-Length
225627
DSC_0925.jpg
www.vismuseum.gov.in/wp-content/uploads/2019/10/
401 KB
401 KB
Image
General
Full URL
https://www.vismuseum.gov.in/wp-content/uploads/2019/10/DSC_0925.jpg
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
101.53.156.127 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS
e2e-56-127.ssdcloudindia.net
Software
Apache /
Resource Hash
8966c829a9050f5b6bf685c7662fa543a21add7790d165b4afeb1e5cde9e6a2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 02:59:08 GMT
Last-Modified
Sat, 25 Jul 2020 15:28:30 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
410403
DSC_0926.jpg
www.vismuseum.gov.in/wp-content/uploads/2019/10/
431 KB
432 KB
Image
General
Full URL
https://www.vismuseum.gov.in/wp-content/uploads/2019/10/DSC_0926.jpg
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
101.53.156.127 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS
e2e-56-127.ssdcloudindia.net
Software
Apache /
Resource Hash
0cac22357446dd4c21660f29ec02ca8d1a1a0ea8124bd6691789586cb0d155fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 02:59:08 GMT
Last-Modified
Sat, 25 Jul 2020 15:18:58 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
441766
anchor
www.google.com/recaptcha/api2/ Frame 7223
41 KB
21 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=de&v=5JGZgxkKwe0uOXDdUvSaNtk_&size=invisible&cb=bkr3va8c1m5p
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5JGZgxkKwe0uOXDdUvSaNtk_/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e7bc12d9a9642fa0d240854109d6b881b70166ef5b02aa02e053e41c31b816ff
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-KD-w6n-0ciSJK7dBFspdYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.blogger.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
21933
content-security-policy
script-src 'report-sample' 'nonce-KD-w6n-0ciSJK7dBFspdYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 03 Aug 2022 02:58:53 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
who-uses-scratch.jpg
scratch.mit.edu/images/about/
84 KB
85 KB
Image
General
Full URL
https://scratch.mit.edu/images/about/who-uses-scratch.jpg
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
59229e4f8c7fdc356403d70f115d681ca020745634602fe730a57eec9d29b3b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:59:08 GMT
via
1.1 varnish
age
7
x-cache
HIT
content-length
86492
x-xss-protection
1; mode=block
x-served-by
cache-hhn4028-HHN
last-modified
Fri, 14 Oct 2016 20:07:59 GMT
x-timer
S1659495548.258641,VS0,VE1
x-frame-options
SAMEORIGIN
etag
"5cfcae579dccff520c2d11297f93e8d5"
strict-transport-security
max-age=31536000
content-type
image/jpeg
cache-control
no-cache,public,max-age=3600
x-vcl-version
725
accept-ranges
bytes
x-cache-hits
1
around-the-world.png
scratch.mit.edu/images/about/
84 KB
84 KB
Image
General
Full URL
https://scratch.mit.edu/images/about/around-the-world.png
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b5ddf5ffe909c19823560c01e0d33b52cc4a2af94c97d3a2ae256c2709582ede
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:59:08 GMT
via
1.1 varnish
age
7
x-cache
HIT
content-length
85686
x-xss-protection
1; mode=block
x-served-by
cache-hhn4028-HHN
last-modified
Thu, 11 Mar 2021 15:52:37 GMT
x-timer
S1659495548.258900,VS0,VE1
x-frame-options
SAMEORIGIN
etag
"43a621ca27171ec340d2bcad2665465d"
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
no-cache,public,max-age=3600
x-vcl-version
725
accept-ranges
bytes
x-cache-hits
1
scratch-in-schools.jpg
scratch.mit.edu/images/about/
94 KB
94 KB
Image
General
Full URL
https://scratch.mit.edu/images/about/scratch-in-schools.jpg
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
92f914e5f860201d70196b8e96cb562904632318acbe57b4322ca01f11295de7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:59:08 GMT
via
1.1 varnish
age
7
x-cache
HIT
content-length
96585
x-xss-protection
1; mode=block
x-served-by
cache-hhn4028-HHN
last-modified
Fri, 14 Oct 2016 20:07:59 GMT
x-timer
S1659495548.258883,VS0,VE1
x-frame-options
SAMEORIGIN
etag
"398f51d0697e368b705a37440c18d8e8"
strict-transport-security
max-age=31536000
content-type
image/jpeg
cache-control
no-cache,public,max-age=3600
x-vcl-version
725
accept-ranges
bytes
x-cache-hits
1
quotes.gif
scratch.mit.edu/images/about/
31 KB
31 KB
Image
General
Full URL
https://scratch.mit.edu/images/about/quotes.gif
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9ef58fa59dc10f5d2dd07fafa4cef910222e45a2b314be0dbea53ba63978d1ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:59:08 GMT
via
1.1 varnish
age
7
x-cache
HIT
content-length
31724
x-xss-protection
1; mode=block
x-served-by
cache-hhn4028-HHN
last-modified
Fri, 14 Oct 2016 20:07:58 GMT
x-timer
S1659495548.258883,VS0,VE1
x-frame-options
SAMEORIGIN
etag
"81f389de76179012793ba251eeb08f98"
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
no-cache,public,max-age=3600
x-vcl-version
725
accept-ranges
bytes
x-cache-hits
1
research-remix.png
scratch.mit.edu/images/about/
45 KB
45 KB
Image
General
Full URL
https://scratch.mit.edu/images/about/research-remix.png
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7a449d4dd5e2320e88cb27fefb1cff6aded1bc72d1f578e1e34b8fb541876d97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:59:08 GMT
via
1.1 varnish
age
7
x-cache
HIT
content-length
45644
x-xss-protection
1; mode=block
x-served-by
cache-hhn4028-HHN
last-modified
Fri, 14 Oct 2016 20:07:59 GMT
x-timer
S1659495548.258870,VS0,VE1
x-frame-options
SAMEORIGIN
etag
"388fdca76436e2516d81545c0e7f9e96"
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
no-cache,public,max-age=3600
x-vcl-version
725
accept-ranges
bytes
x-cache-hits
1
ANbyha3Ua0fzHgowk5Oq2C5qTD8e9gj3rSzdr7_wBXjB9Iw69bSIRiSZefoafnZdAkC7T4jxcQu7q9IcguBLtwpbzbzFBV2R0sd_VFvLCliQULsoPGkYcI1lW4Ophs5d2nyILOw5=w72-h72-p-k-no-nu
lh3.googleusercontent.com/blogger_img_proxy/
0
0
Image
General
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/ANbyha3Ua0fzHgowk5Oq2C5qTD8e9gj3rSzdr7_wBXjB9Iw69bSIRiSZefoafnZdAkC7T4jxcQu7q9IcguBLtwpbzbzFBV2R0sd_VFvLCliQULsoPGkYcI1lW4Ophs5d2nyILOw5=w72-h72-p-k-no-nu
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://speakdoor.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

activeview
pagead2.googlesyndication.com/pcs/ Frame 0822
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssHOQrhLVW7F6zy1YZZmWPWpXnrDYybSMRYwSJ-9LWSJ69SJZq7mWDB2LGp8KwW6BcY_UJUmCTv_IJCNo9qF5Pcafg&sig=Cg0ArKJSzGplvNFrd6rTEAE&id=lidar2&mcvt=1000&p=0,0,280,970&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220801&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3515622465&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1659495531719&rpt=435&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Aug 2022 02:58:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/5JGZgxkKwe0uOXDdUvSaNtk_/ Frame 7223
51 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/5JGZgxkKwe0uOXDdUvSaNtk_/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=de&v=5JGZgxkKwe0uOXDdUvSaNtk_&size=invisible&cb=bkr3va8c1m5p
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 15:58:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39598
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 25 Jul 2022 04:02:22 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 02 Aug 2023 15:58:55 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/5JGZgxkKwe0uOXDdUvSaNtk_/ Frame 7223
381 KB
151 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/5JGZgxkKwe0uOXDdUvSaNtk_/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=de&v=5JGZgxkKwe0uOXDdUvSaNtk_&size=invisible&cb=bkr3va8c1m5p
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee16f3ddf9a9263254797764cbefb769d06e772345ccf658d13951a64318af34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 21:03:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21338
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
154709
x-xss-protection
0
last-modified
Mon, 25 Jul 2022 04:02:22 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 02 Aug 2023 21:03:15 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3D5E
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvRkIXjLrH34HBSkZHxpvglZn62FKC-Ayur4fOGYAVRk7XaO62mhxlDI4uaiDk9tEQq3rGPnNxWQW9PZGGHlohtPTc&sig=Cg0ArKJSzG4hJ9u57zCiEAE&id=lidar2&mcvt=1000&p=0,0,280,588&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220801&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3235462141&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1659495531759&rpt=474&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Aug 2022 02:58:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D501
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst5hoIHs3ozLnnveK-dhSQilw2-odcZz9xMDwjtHG4pOx8tJQTfL7U3-JvOyV6WvytPLkFPgqcsKll8ItxoDJOOHYA&sig=Cg0ArKJSzFRdNDfafeW2EAE&id=lidar2&mcvt=1001&p=0,0,600,160&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220801&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1087211778&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1659495532017&rpt=235&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Aug 2022 02:58:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame 210E
0
127 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=t2E_ojfX20-jaVR3WBvtzUrJsyCsZh-BDLZegZ9ryKwIHqhM65uiW-0M3kkOETe1An2Hgn_xmrONrkQXmRycFnUhurEzM7b9XIppfSVJx1sjTi9bE2SB0VuwauBHOf30X9mBSFnBmry3Vb79vvSP_vZ8BLsWiyLnJmWBmbqaK9zPpZcqonnAdMXgU9my86Lp0t9PBMVaV91kRNixUCOl40FUu7EOK06TvWsdvDTdVIpdC8SmPwodBkswgkCKzeboB2D-BA&sds=2&rev=82250&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawALVmcIu-WTAAJ55SNfpvOurZVgviooRg&u=%7CPcGAtcajvHPHlPb2UcmyndfF4v3nimGRG7Aqw%2BnV8l8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-EmSBxF9gVT5n1MXNKzDdgZj0YA9-KFVsubJ8ETM2ZS1JSHu-xkc1vdtSyaueNzr69KpbsnxWtt3aP2RtSz_85tcohTt9MA4pDFO068EMt8BKXEA4aAzOLSC70s8qpltRCopz7JZIny7Y5wCge_9Gk8i7SdMWQ8FPz2haBqC6WAVnXyxuMAVOm6ue6p74CuAo2ijY5cCt8JN80XIBkqrKWMTMRbK68ejmSwP-mJwDljnCjSgNhLepZAoP-xkbqtYlwI5XYFSt91Ou4hdPrN5TxY_IKGI6yG1nonOEMgJsCp7dt40OSlVC1WgZG2587eNW1sFwlJfVa7CJSTfOD2H2cM3a-gLuVXchA3r7qabEkX5f_tch-kQsZV19fTrdzTHNyd7IyKNdcym-RpWvdpLxZcAtAj28kjwlS5&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCytnPa-TpYuesLZPL7_UP5fOJyA3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ7M9XT6Q2xPqgDAaoE7AFP0F0fQPcR5RJb0NKNRzAvjYwAe7wKpZUQcnQftbUK99-eJhhnpn6ltNAqfk2-BakdV_OclIh9DSixtSW8G_cBEP2VwstCmEkC22xGX7nfwN_A_HZFXW5XihwHRXeiGszqw8rsxGA86TdwpT4hq9OSc011k96trKUwJcvFHS03lQOouE6cT6HyHOoE3sUZwcQqYOHGvmgO36AEPN_HiAJzBN2Mv9PArauUf9-P6QaX2iST1tDZ8RnzDScRe8gce0XerF23fTI7mVCZpqBUxg26A9YMZ7c0qFYM7C50d8akEjH_qRJVeafGG-tEe4AGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1pj0x13NEUlCCZNvBgB5e5bYP1lQ%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 03 Aug 2022 02:58:52 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
all
csm.eu.criteo.net/ Frame EE39
0
127 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=A0SIVTfX20-jaVR3Mq9djOPzoCXiW1F9-zG1-RJSH0gYgjYOqwQQSh8TPggGrwgiYsfv-maEnGGF20bm1qf0KSvPULM53cwj0tfMtIsg5mODBwjGJBqN3i0TMvKOcatKyl2MFuKuAuwYEEiAsVcKVRjX8zxbcOcnWzUx4jrn82bAe8QiG1DRhE8zlI1xLGL0fFPirWEeAzCXw1BH7QwlPCUDWlYJbmUSdX8zgyhRD0yqV0GJ_wwUPKroVFDhV3BqaUm2Mg&sds=2&rev=82250&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAM3AcIu-G3AAQwIR3unTy4LpRgBjET1g&u=%7CPcGAtcajvHP9sF5nffzrog4nkOEK169emKuPBEkhJ3g%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgN28ygJ6EDhxdQI20RAwqy4lxuDNMTGFUkOWP8zlyBsbJY-zLVbz_2taJdYygYpDCfFFeLi3aW0ZqLTfR5Rwn47WNzAaYN7T32DpeHdlF9WvkUf6hbA5AZuC0NRd-0dE8wXGW5kAVTpq4K4nApfba2kUBwK-XZmgP2dnjWoSH8f1JSzFJaDJGrcY9KDvCyKlX1ouUkoJXk-i6VPLERU8uapkjFl_E4zy8NYIcaUx0rS7BUAYRwK7bUvpV6WPWpPbYGIoIxg1Lv1efFOUUwdb_dloCPdFTLBfUqi-93OGlmh4IsWiHjGwgKusgmISoaxyrDKQZ9q6LvVisHZmfeg-iCEWOHAffiGE41H71RHzhXlYOAcVkN4w1G9n1N3whfIn0ZQOtadfb7hP0tjtm_q5NRCB7GbEJgdoXCR03Da7-OXBg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfvZEa-TpYoe4M7fD7_UPoeCQ4AnJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ7M9XT6Q2xPqgDAaoE7AFP0CpH2LmOJ5Rgz4SotV3QeWwW5aVlxwhc26not56ZYiIr_91ikjubn-x-vuM_PVgTFDWdls01pwcK1gBQ-cCrlEwqA9DX-AzTXYt6__Xczd5EXsNigttSUSVhrYkTpGZX-qn0IaswZb7qFHcMC4tefZJHTd3GAPFCD4FyjT9Cs4ucwKkXfjKaqHTb3HRQsj4Fa1fxE3u8XBc9nUnJy_JIuZlX-UIvB6G5_kiDgdDQLjSlDU-KPjsl5HKSVdPN9pvu0zhSQnc_aZB8n2HftZKXB5qHbpVboP7AvQCTn12FUymKAnn-w22E9gYA54AGh_mR8dqPjtUUoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_08Wv_zMKpbPws_Xnqrn6KQQxw-yw%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 03 Aug 2022 02:58:53 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 7223
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5JGZgxkKwe0uOXDdUvSaNtk_/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/5JGZgxkKwe0uOXDdUvSaNtk_/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 19:40:09 GMT
x-content-type-options
nosniff
age
458324
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Thu, 04 Aug 2022 19:40:09 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7223
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=de&v=5JGZgxkKwe0uOXDdUvSaNtk_&size=invisible&cb=bkr3va8c1m5p
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 17:06:41 GMT
x-content-type-options
nosniff
age
35532
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 02 Aug 2023 17:06:41 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7223
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=de&v=5JGZgxkKwe0uOXDdUvSaNtk_&size=invisible&cb=bkr3va8c1m5p
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 01 Aug 2022 22:21:19 GMT
x-content-type-options
nosniff
age
103054
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 01 Aug 2023 22:21:19 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 7223
102 B
134 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=5JGZgxkKwe0uOXDdUvSaNtk_
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=de&v=5JGZgxkKwe0uOXDdUvSaNtk_&size=invisible&cb=bkr3va8c1m5p
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1e6c1ada8a36b7a73bdab54507668e5f123c29a3300d19a82fa6a532ef731021
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=de&v=5JGZgxkKwe0uOXDdUvSaNtk_&size=invisible&cb=bkr3va8c1m5p
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 02:58:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Wed, 03 Aug 2022 02:58:53 GMT
all
csm.eu.criteo.net/ Frame DE5B
0
127 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=KCbJnzfX20-jaVR36u5jMhGeJXhyk7xaeFi4_e9i93fWQf7SwZg3TpQbjsIqED9TXZE_TxxVvmPyL-1r4gT9fsQeyfV9pAE3ASbw2joly_8MeR8YfQWjbxwm49G7ra6Eg-BIDLdRvsFCh7Q7n7aISMFm0nBHWhONF3pyuxsr3dO4aEu90Dh2pu4kukGglLEasG7PFNq1JyW8Y2TdXrVcwaWTaAvLG0M5FMRlbg-VDidjAbMWpHWeTXiKIb6bMpUETAYq7A&sds=2&rev=82250&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAL7rsH_YuJAAje5IgFp06GvEgKDiclow&u=%7CPcGAtcajvHO0ANmpo881aJ3jiaqrA5SOsPafE6vvrWo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-Em2JF7kAG8z86GXLEmVN-29o0JqLNUc-JiAckm9GsDG4wavTlTTCXlwAUgpELson0EH0bvtLj2Xw7LuOdyFv1jKvYfBgEv-H7pX7LVs1RouGindVCSYP0ev6FPYCPF_qQzhlutXktRyaeSeznNz1jj66izBj3AKdjgg09sSe68lhXlILWM8wZk62f6qMWiBfpXP6W1qL2KZtl3kw1cpXHk9apjIYEby6GYThApiOJIQk5yZYI9Wllry0--jhAZQdugHDeotZ0QQ5Ceca6xaKwBnQ5epX8dNrZThUiJ3ncGM83uz0Po6YLhcQVFjV0bXDXsfMMyfmOAVGQ0riYSjhouw4wJpwNMvmRnzj7YQXHe_9mJ6CA3N9PT-i0TlKNx-sW6r1BnE1w3-iuxL1Ly2_EEjg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgYP3a-TpYrvdL4mX9u8P5L2j6AvJntKxXMWymPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ1U99zWw6xPqgDAcgDAqoE7AFP0NUFJfelGsRwfl1_3u-FNITxSHGNV0-edjYnoqFebCw3Wx8hIVl401hU8TGc2-PV9YvaVc29CplWcEBzKqk2K5cK7EMMc1InoFx66T5dXP1xwMl-57KJJEBENy2JQ7Hjts51ObKA7Lnsv9NVtSgDS3aFE1DmLD_f2FxLqMpJiSKTF2g5vh4fhxugdOS8ndf8DL3dTRYtbIETcIr-f9BcbWgftyOXOBD11Of-OR_T5zWwUbHUFHMdwJERB1UhrnFrsoM2UsOwZiWEsLPcgdykFfOdQdzKEyI8qHypZ9O58-NiSPVEpU30iGHEyoAGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0j4KqIk7RLVJsLTnxwK5xyCt79hw%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 03 Aug 2022 02:58:52 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
cspreport
www.blogger.com/_/BloggerCommentUi/ Frame 01F4
0
26 B
Other
General
Full URL
https://www.blogger.com/_/BloggerCommentUi/cspreport
Requested by
Host: speakdoor.blogspot.com
URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport, script-src 'report-sample' 'nonce-V1JLjfACWc1mRw38pkyD1A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self', script-src 'nonce-V1JLjfACWc1mRw38pkyD1A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/BloggerCommentUi/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 03 Aug 2022 02:58:53 GMT
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport, script-src 'report-sample' 'nonce-V1JLjfACWc1mRw38pkyD1A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self', script-src 'nonce-V1JLjfACWc1mRw38pkyD1A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/BloggerCommentUi/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E2DE
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssrlG_J6dZGakcdaYeR3rYhEzntAnAaA8bdpGB0O2DpjYT4Khu4DNrYODr3nFiP65OBtiRPIy04ipLdqKkr3aaTmmg&sig=Cg0ArKJSzB_ERJLELg_rEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=243,912,1000,1000,1000&tos=243,669,88,0,0&v=20220801&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1659495532113&rpt=486&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Aug 2022 02:58:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame 1F12
0
127 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=6c3bZjfX20-jaVR3W7r4FrZ_UuPaf7bOuzlUYooZfYccB5twMBQy5fFR8sTXsD31kF2UE1_sPZrRt1SKMOdd5Ds9yuQ8GUWv0D5iH4Owb2joijZ4uzonEQO9yZ84u5Pbr5cSV3dqZM5QRpjuuIwWbdo4QQUBiiTgnJJBvHPcXlFZurCQ6rt9DhDfujuCKoTiNkHtmiMFz3_CD8ec4WsD1Aw9960J1K_unKQAHlw84IXK0Bkbzibes3YgbVQmZbSBoQeNcQ&sds=2&rev=82250&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAK85QH_YFIAAWQn8gq7HM3HqJvduWHmQ&u=%7CPcGAtcajvHPFLl9ZX%2BtSdoT1aVRby0QxXaCnjV%2BJAOY%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-EmeEBKDJIlZExN5DTY5nQePSLhPFm1S_J63JJCCtFmg6yo0P9kgGOr3Gk9jK_dEK6UjOqyoRh7PrM9WL2tCezjYT6DeNI1Xitg8hAK4xl_QH4YVd-oLQGME2Se8q3aRAHD5qQFwvGb0yJ3V--47RAbnIAzBXqKo-NjDrcXCsS-pfkYVxdXfhju6FQgrVMPuNEd5TGdut2rb8XNhK9pawL9OYboHJUVdZGVDTiebYtkrchzqaTb-BUsuzq3KMzfZa_xl4pH1YYjlnuWWMjeenDCHEwMSn7vizQg5nHC3jvG2M4avVKDD4hbRw1RsbXZhOxKMM7wZS8REWtB7A0sSLd_m7a1RkBldL7fx59v1bUlZOHUQgdn-lqRALFTIamNN6KL&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCitWNa-TpYpTnK8iC9u8Pn6GW-A3JntKxXKX8k_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTLIAQmpAnsz1dPpDbE-qAMBqgTtAU_Qr_lCYk7IwTAsMWJBQvtEGaApgHzLLL8HmbidYDIwr1KG1CWZjcBV44yxckdodafOWOMd_HRKmISfVj_ZvBrx27bjU14BxWvGq31qAfPPi901VDFqs8bTiJtDZ97bWj_WvdXxRAQCto6N-jce3sSnd1c5bA2pyBhTk_CMK1yn95RBqPAgD701NXEHNd4ZRsPdqr0N2yEd-covAMx76MdtXMMQtoLnSRwwjCDuEqDBm8QgCd_cuy_jvfl3BUyZm-FDm6thmNhBGYbFje5tfTby-LT2V-znuLJdAPeJeU2cb_WeyQH7JTCbZULFYYAGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_09OgULVkQrnQvEtkCGoqNs89iIQQ%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 03 Aug 2022 02:58:53 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
all
csm.eu.criteo.net/ Frame 210E
0
127 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=t2E_ojfX20-jaVR3WBvtzUrJsyCsZh-BDLZegZ9ryKwIHqhM65uiW-0M3kkOETe1An2Hgn_xmrONrkQXmRycFnUhurEzM7b9XIppfSVJx1sjTi9bE2SB0VuwauBHOf30X9mBSFnBmry3Vb79vvSP_vZ8BLsWiyLnJmWBmbqaK9zPpZcqonnAdMXgU9my86Lp0t9PBMVaV91kRNixUCOl40FUu7EOK06TvWsdvDTdVIpdC8SmPwodBkswgkCKzeboB2D-BA&sds=2&rev=82250&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawALVmcIu-WTAAJ55SNfpvOurZVgviooRg&u=%7CPcGAtcajvHPHlPb2UcmyndfF4v3nimGRG7Aqw%2BnV8l8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-EmSBxF9gVT5n1MXNKzDdgZj0YA9-KFVsubJ8ETM2ZS1JSHu-xkc1vdtSyaueNzr69KpbsnxWtt3aP2RtSz_85tcohTt9MA4pDFO068EMt8BKXEA4aAzOLSC70s8qpltRCopz7JZIny7Y5wCge_9Gk8i7SdMWQ8FPz2haBqC6WAVnXyxuMAVOm6ue6p74CuAo2ijY5cCt8JN80XIBkqrKWMTMRbK68ejmSwP-mJwDljnCjSgNhLepZAoP-xkbqtYlwI5XYFSt91Ou4hdPrN5TxY_IKGI6yG1nonOEMgJsCp7dt40OSlVC1WgZG2587eNW1sFwlJfVa7CJSTfOD2H2cM3a-gLuVXchA3r7qabEkX5f_tch-kQsZV19fTrdzTHNyd7IyKNdcym-RpWvdpLxZcAtAj28kjwlS5&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCytnPa-TpYuesLZPL7_UP5fOJyA3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ7M9XT6Q2xPqgDAaoE7AFP0F0fQPcR5RJb0NKNRzAvjYwAe7wKpZUQcnQftbUK99-eJhhnpn6ltNAqfk2-BakdV_OclIh9DSixtSW8G_cBEP2VwstCmEkC22xGX7nfwN_A_HZFXW5XihwHRXeiGszqw8rsxGA86TdwpT4hq9OSc011k96trKUwJcvFHS03lQOouE6cT6HyHOoE3sUZwcQqYOHGvmgO36AEPN_HiAJzBN2Mv9PArauUf9-P6QaX2iST1tDZ8RnzDScRe8gce0XerF23fTI7mVCZpqBUxg26A9YMZ7c0qFYM7C50d8akEjH_qRJVeafGG-tEe4AGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1pj0x13NEUlCCZNvBgB5e5bYP1lQ%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 03 Aug 2022 02:58:59 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
all
csm.eu.criteo.net/ Frame D3B4
0
127 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=hiC9WTfX20-jaVR3w7jlfE5HLzEjdsnWsFH13MPIuZk8RjcA6xJnvRd_UavAi7jnRH-OC95XQsq8vuFwJr5AmglYA_BVdVqWXnzHfMp-HNwRN8inTHwM22Ug_jyXrEhLtIQQzp2GMvJ8fm6gGotoxiqHTVcYYe3Nly_Kuh1NE9Q_DPdencmaIhbKx7S1XhJlt-kKF-yjzHfbL_n06BlUCK6bka96IiSswvciAWsLtwZ49bmzVShLkhMFXXWs8EytaInC8w&sds=2&rev=82250&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAMTHYH_ZJvAAGC92w4eK7GZS48co8Liw&u=%7CPcGAtcajvHPNj%2B6rggXbeU8jZxiIx20958XyO8mplQw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-Em2JF7kAG8z86GXLEmVN-29ssmfspfyGhVzisVULS66n2dGaP1V9j8atLVX_QLF-rwnGWDQlNEZNXHyFf49GyU1si658_1gtc_NbQP26ZQTdC0ww9KGo383AlvAc5Kdxz7tF5AOIXU3RdAb2oL0b869FNQqnn0pouotKHww_OLLFabz534Ja-_kbyGm9boabrtQdl-3IChVuwUt4xjEuUvZrAuMLBerLpy8NEJD2hb2RYiHTu4-x-SG_mq5zRIEghVQaPxCPQijxoYaV764LSyft3-iV8EO7y6cTWmE4WEbtidaG-Ywvef_o6-ysjZpJHuCPCLl6uRQ3eG76qX5b05Iq1LkX5gx6TvhUARexGehQ8z9VqVOqrpXyzcaYNW60JCzik9egwVfCU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfXJDa-TpYvaYMe-k9u8P94WG-A_JntKxXPXalvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTKgAdW20uoDyAEJqQJ1U99zWw6xPqgDAaoE8QFP0KultPC5yhQyMqU3-dMSMKtQK0XUA5HT3E8v4wZcrjf7xl0pJcy6MsEw3FilyMS3y8kA3reECVY2sdr1GHCX4bOF3lV7s3SYTDyKoB3YV8vOgDuZCW0JttfBaaGpM40FaOdA65VorSRnpWvHv0F2kozJVJsG5WfRk-DVyYEXHNQrNn5uTIi5Mxj0HBq1guwwWkC4mJQX11BQbHCg5AmnMB1mz3ySJJ6iXDfaVAmrc9oXLjjEiGUegb_lubephG3KjJqLk2Ed_h8VcCjB17bxJ9c4WAttBmp8Xih_ysG3SYFMb0Ojjv9Cfb-VLmhZ2U75gAaeoLeMwZmgsm6gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3DaoepKe97xl6MMSpE1oAnEgfSPA%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 03 Aug 2022 02:58:59 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
all
csm.eu.criteo.net/ Frame 1F12
0
127 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=6c3bZjfX20-jaVR3W7r4FrZ_UuPaf7bOuzlUYooZfYccB5twMBQy5fFR8sTXsD31kF2UE1_sPZrRt1SKMOdd5Ds9yuQ8GUWv0D5iH4Owb2joijZ4uzonEQO9yZ84u5Pbr5cSV3dqZM5QRpjuuIwWbdo4QQUBiiTgnJJBvHPcXlFZurCQ6rt9DhDfujuCKoTiNkHtmiMFz3_CD8ec4WsD1Aw9960J1K_unKQAHlw84IXK0Bkbzibes3YgbVQmZbSBoQeNcQ&sds=2&rev=82250&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YunkawAK85QH_YFIAAWQn8gq7HM3HqJvduWHmQ&u=%7CPcGAtcajvHPFLl9ZX%2BtSdoT1aVRby0QxXaCnjV%2BJAOY%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w5vNEltV-EmeEBKDJIlZExN5DTY5nQePSLhPFm1S_J63JJCCtFmg6yo0P9kgGOr3Gk9jK_dEK6UjOqyoRh7PrM9WL2tCezjYT6DeNI1Xitg8hAK4xl_QH4YVd-oLQGME2Se8q3aRAHD5qQFwvGb0yJ3V--47RAbnIAzBXqKo-NjDrcXCsS-pfkYVxdXfhju6FQgrVMPuNEd5TGdut2rb8XNhK9pawL9OYboHJUVdZGVDTiebYtkrchzqaTb-BUsuzq3KMzfZa_xl4pH1YYjlnuWWMjeenDCHEwMSn7vizQg5nHC3jvG2M4avVKDD4hbRw1RsbXZhOxKMM7wZS8REWtB7A0sSLd_m7a1RkBldL7fx59v1bUlZOHUQgdn-lqRALFTIamNN6KL&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCitWNa-TpYpTnK8iC9u8Pn6GW-A3JntKxXKX8k_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyODQ1MTAyNjkxNTg4OTLIAQmpAnsz1dPpDbE-qAMBqgTtAU_Qr_lCYk7IwTAsMWJBQvtEGaApgHzLLL8HmbidYDIwr1KG1CWZjcBV44yxckdodafOWOMd_HRKmISfVj_ZvBrx27bjU14BxWvGq31qAfPPi901VDFqs8bTiJtDZ97bWj_WvdXxRAQCto6N-jce3sSnd1c5bA2pyBhTk_CMK1yn95RBqPAgD701NXEHNd4ZRsPdqr0N2yEd-covAMx76MdtXMMQtoLnSRwwjCDuEqDBm8QgCd_cuy_jvfl3BUyZm-FDm6thmNhBGYbFje5tfTby-LT2V-znuLJdAPeJeU2cb_WeyQH7JTCbZULFYYAGnqC3jMGZoLJuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_09OgULVkQrnQvEtkCGoqNs89iIQQ%26client%3Dca-pub-2284510269158892%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 03 Aug 2022 02:58:59 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.blogger.com
URL
https://www.blogger.com/comment/frame/8022190083811535766?po=5427073714583874335&hl=en-GB&skin=contempo&blogspotRpcToken=3120113
Domain
s7.addthis.com
URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Domain
ab-hwc.nhp.gov.in
URL
https://ab-hwc.nhp.gov.in/beta/uploads/event_images/2_1607751785_photo_IMG20201212095021.jpg
Domain
ab-hwc.nhp.gov.in
URL
https://ab-hwc.nhp.gov.in/beta/uploads/event_images/2_1607751716_photo_IMG20201212093858.jpg
Domain
ab-hwc.nhp.gov.in
URL
https://ab-hwc.nhp.gov.in/beta/uploads/event_images/17_1614765411_photo_IMG-20210303-WA0070.jpg
Domain
ab-hwc.nhp.gov.in
URL
https://ab-hwc.nhp.gov.in/beta/uploads/event_images/2_1622214973_photo_20210526_101604.jpg
Domain
ab-hwc.nhp.gov.in
URL
https://ab-hwc.nhp.gov.in/beta/uploads/event_images/1_1622134789_photo_IMG-20210527-WA0004.jpg
Domain
ab-hwc.nhp.gov.in
URL
https://ab-hwc.nhp.gov.in/beta/uploads/event_images/1622868037_hwc_photo_IMG20210604101306.jpg
Domain
ab-hwc.nhp.gov.in
URL
https://ab-hwc.nhp.gov.in/beta/uploads/event_images/1623304848_hwc_photo_IMG20210609113248.jpg
Domain
ab-hwc.nhp.gov.in
URL
https://ab-hwc.nhp.gov.in/beta/uploads/event_images/17_1624191696_photo_IMG-20210619-WA0000.jpg
Domain
ab-hwc.nhp.gov.in
URL
https://ab-hwc.nhp.gov.in/beta/uploads/event_images/17_1624804758_photo_IMG-20210627-WA0014.jpg
Domain
ab-hwc.nhp.gov.in
URL
https://ab-hwc.nhp.gov.in/beta/uploads/event_images/17_1622993812_photo_IMG-20210602-WA0005.jpg
Domain
ab-hwc.nhp.gov.in
URL
https://ab-hwc.nhp.gov.in/beta/uploads/event_images/1622209103_hwc_photo_IMG-20210527-WA0009.jpg
Domain
ab-hwc.nhp.gov.in
URL
https://ab-hwc.nhp.gov.in/beta/uploads/event_images/13_1615278555_photo_20210309_115500.jpg
Domain
ab-hwc.nhp.gov.in
URL
https://ab-hwc.nhp.gov.in/beta/uploads/event_images/2_1615444322_photo_IMG_20210308_134828.jpg
Domain
ab-hwc.nhp.gov.in
URL
https://ab-hwc.nhp.gov.in/beta/uploads/event_images/17_1615199161_photo_IMG_20200307_104531-01.jpeg
Domain
ab-hwc.nhp.gov.in
URL
https://ab-hwc.nhp.gov.in/beta/uploads/event_images/17_1618827138_photo_IMG-20210419-WA0062.jpg
Domain
ab-hwc.nhp.gov.in
URL
https://ab-hwc.nhp.gov.in/beta/uploads/event_images/17_1624369704_photo_IMG-20210622-WA0014.jpg
Domain
ab-hwc.nhp.gov.in
URL
https://ab-hwc.nhp.gov.in/beta/uploads/event_images/17_1619094802_photo_IMG-20210422-WA0003.jpg
Domain
ab-hwc.nhp.gov.in
URL
https://ab-hwc.nhp.gov.in/beta/uploads/event_images/17_1619952040_photo_IMG_20210502_130511.jpg
Domain
ab-hwc.nhp.gov.in
URL
https://ab-hwc.nhp.gov.in/beta/uploads/event_images/13_1622274562_photo_IMG-20210529-WA0006.jpg
Domain
ab-hwc.nhp.gov.in
URL
https://ab-hwc.nhp.gov.in/beta/uploads/event_images/17_1622212063_photo_IMG-20210528-WA0053.jpg
Domain
ab-hwc.nhp.gov.in
URL
https://ab-hwc.nhp.gov.in/beta/uploads/event_images/17_1618317199_photo_IMG_20210413_121008.jpg
Domain
ab-hwc.nhp.gov.in
URL
https://ab-hwc.nhp.gov.in/beta/uploads/event_images/17_1618168605_photo_20210409_122618.jpg
Domain
ab-hwc.nhp.gov.in
URL
https://ab-hwc.nhp.gov.in/beta/uploads/event_images/17_1618308572_photo_IMG-20210413-WA0002.jpg
Domain
ab-hwc.nhp.gov.in
URL
https://ab-hwc.nhp.gov.in/beta/uploads/event_images/17_1618479568_photo_IMG-20210415-WA0026.jpg
Domain
ab-hwc.nhp.gov.in
URL
https://ab-hwc.nhp.gov.in/beta/uploads/event_images/13_1618569202_photo_IMG-20210416-WA0033.jpg
Domain
ab-hwc.nhp.gov.in
URL
https://ab-hwc.nhp.gov.in/beta/uploads/event_images/13_1618569215_photo_IMG-20210416-WA0030.jpg
Domain
ab-hwc.nhp.gov.in
URL
https://ab-hwc.nhp.gov.in/beta/uploads/event_images/17_1618470734_photo_IMG-20210415-WA0018.jpg
Domain
ab-hwc.nhp.gov.in
URL
https://ab-hwc.nhp.gov.in/beta/uploads/event_images/17_1619181965_photo_IMG-20210422-WA0016.jpg
Domain
ab-hwc.nhp.gov.in
URL
https://ab-hwc.nhp.gov.in/beta/uploads/event_images/17_1619599453_photo_IMG-20210428-WA0021.jpg
Domain
ab-hwc.nhp.gov.in
URL
https://ab-hwc.nhp.gov.in/beta/uploads/event_images/1618909136_hwc_photo_IMG_20210417_124128.jpg
Domain
ab-hwc.nhp.gov.in
URL
https://ab-hwc.nhp.gov.in/beta/uploads/event_images/1618909136_hwc_photo_IMG_20210417_140321.jpg
Domain
ab-hwc.nhp.gov.in
URL
https://ab-hwc.nhp.gov.in/beta/uploads/event_images/7_1618573470_photo_IMG-20210416-WA0083.jpg
Domain
ab-hwc.nhp.gov.in
URL
https://ab-hwc.nhp.gov.in/beta/uploads/event_images/1_1618165180_photo_20210407_134935.jpg
Domain
ab-hwc.nhp.gov.in
URL
https://ab-hwc.nhp.gov.in/beta/uploads/event_images/17_1618639905_photo_IMG-20210417-WA0000.jpg
Domain
ab-hwc.nhp.gov.in
URL
https://ab-hwc.nhp.gov.in/beta/uploads/event_images/17_1622011930_photo_20210526_085029.jpg
Domain
ab-hwc.nhp.gov.in
URL
https://ab-hwc.nhp.gov.in/beta/uploads/event_images/17_1619947264_photo_IMG_20210305_112742.jpg
Domain
ab-hwc.nhp.gov.in
URL
https://ab-hwc.nhp.gov.in/beta/uploads/event_images/17_1619938247_photo_IMG-20210424-WA0004.jpg
Domain
ab-hwc.nhp.gov.in
URL
https://ab-hwc.nhp.gov.in/beta/uploads/event_images/17_1618463331_photo_IMG-20210413-WA0051.jpg
Domain
ab-hwc.nhp.gov.in
URL
https://ab-hwc.nhp.gov.in/beta/uploads/event_images/17_1619599870_photo_IMG-20210424-WA0014.jpg
Domain
ab-hwc.nhp.gov.in
URL
https://ab-hwc.nhp.gov.in/beta/uploads/event_images/17_1620312039_photo_IMG20210504103222.jpg
Domain
ab-hwc.nhp.gov.in
URL
https://ab-hwc.nhp.gov.in/beta/uploads/event_images/13_1618979907_photo_IMG_20210420_095401.jpg
Domain
ab-hwc.nhp.gov.in
URL
https://ab-hwc.nhp.gov.in/beta/uploads/event_images/1618991555_hwc_photo_IMG-20210419-WA0028.jpg
Domain
ab-hwc.nhp.gov.in
URL
https://ab-hwc.nhp.gov.in/beta/uploads/event_images/1622447989_hwc_photo_16224479243463654833314341076524.jpg
Domain
ab-hwc.nhp.gov.in
URL
https://ab-hwc.nhp.gov.in/beta/uploads/event_images/12_1619440606_photo_IMG-20210423-WA0010.jpg
Domain
ab-hwc.nhp.gov.in
URL
https://ab-hwc.nhp.gov.in/beta/uploads/event_images/1618418039_hwc_photo_IMG-20210414-WA0008.jpg
Domain
ab-hwc.nhp.gov.in
URL
https://ab-hwc.nhp.gov.in/beta/uploads/event_images/1618418096_photo_IMG-20210414-WA0010.jpg
Domain
ab-hwc.nhp.gov.in
URL
https://ab-hwc.nhp.gov.in/beta/uploads/event_images/2_1618811975_photo_IMG_20210415_131245.jpg

Verdicts & Comments Add Verdict or Comment

171 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| monthFormat string| noThumbnail number| postPerPage boolean| fixedSidebar string| commentsSystem string| disqusShortname object| adsbygoogle string| disqus_blogger_current_url string| disqus_blogger_homepage_url string| disqus_blogger_canonical_homepage_url object| webpackChunkpublisher_sdk function| Shareaholic object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc number| google_rum_task_id_counter string| google_user_agent_client_hint function| BLOG_CMT_createIframe object| messages function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto object| _Hasync string| pubID undefined| a undefined| href object| vglnk function| chfh function| chfh2 string| _HST_cntval object| Histats object| _0xfd4a string| cId function| Processfn function| addEvent function| cuelinksUrl function| parse_url boolean| cueLinks string| installationSource boolean| __@@##MUH boolean| __v5k function| vl_cB function| vl_disable function| vglnk_16594955315616 undefined| vglnk_16594955315617 function| $ function| jQuery object| _0x5029 function| _0x198fe4 function| _0x5efc function| _0x4fc7f1 function| _0x1a00a3 function| _0x1e490a function| _0x469f function| BLOG_attachCsiOnload function| _WidgetManager function| _WidgetInfo function| widget_module_provide function| _AdSenseView function| _BlogArchiveView function| _AttributionView function| _BlogView function| _BlogListView function| _BlogSearchView function| _ContactFormView function| _ExampleView function| _FeaturedPostView function| _FeedView function| _FollowersView function| _HeaderView function| _TextView function| _HTMLView function| _ImageView function| _LabelView function| _TextListView function| _LinkListView function| _BloggerButtonView function| _NavbarView function| _PageListView function| _PollView function| _PopularPostsView function| _ProfileView function| _RecentPostsView function| _ReportAbuseView function| _SharingView function| _StatsView function| _SubscribeView function| _SW_toggleReaderList function| _SW_hideReaderList function| _TranslateView function| _WikipediaView string| __wavt function| __gjsload__ object| cookieChoices object| addthis_share object| addthis_config object| jQuery112403947256310584799 function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| FB undefined| vglnk_16594955317309 object| _atw string| addthis_exclude boolean| addthis_use_personalization string| addthis_options_default string| addthis_options_rank string| addthis_options object| __callbacks object| __buffer boolean| publisherConfigLoaded string| GoogleAnalyticsObject function| __shrTracker object| _HistatsCounterGraphics_0_setValues object| google_llp object| gaplugins object| gaData object| googletag

17 Cookies

Domain/Path Name / Value
speakdoor.blogspot.com/ Name: HstCfa4131786
Value: 1659495531549
speakdoor.blogspot.com/ Name: HstCla4131786
Value: 1659495531549
speakdoor.blogspot.com/ Name: HstCmu4131786
Value: 1659495531549
speakdoor.blogspot.com/ Name: HstPn4131786
Value: 1
speakdoor.blogspot.com/ Name: HstPt4131786
Value: 1
speakdoor.blogspot.com/ Name: HstCnv4131786
Value: 1
speakdoor.blogspot.com/ Name: HstCns4131786
Value: 1
speakdoor.blogspot.com/ Name: __atuvc
Value: 1%7C31
speakdoor.blogspot.com/ Name: __atuvs
Value: 62e9e46be35a5cc9000
.addthis.com/ Name: uvc
Value: 1%7C31
.addthis.com/ Name: loc
Value: MDAwMDBFVURFQlkyMjkzMTkwMTAwNTAwMDBDSA==
.doubleclick.net/ Name: IDE
Value: AHWqTUmrqX3Q4h137f1fhdHqJL6tYiDYiUlXwRSeLBC7HIleuwW4wksHCbWQ9IqTtGU
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.speakdoor.blogspot.com/ Name: _ga
Value: GA1.3.1415982526.1659495532
.speakdoor.blogspot.com/ Name: _gid
Value: GA1.3.72982036.1659495532
.www.indiancancersociety.org/ Name: ARRAffinitySameSite
Value: 3bf8829b4314cc88291bac4130bb39f2498ea1af76e709ccc5192f2a63139759
.pexels.com/ Name: __cf_bm
Value: 2tU5zJ.rC5hYu2.MotkTXBs9RePTUGs6zX5guUWWFJ8-1659495533-0-AT9lB8BumEchBHzKI9Pc5pDgz8levEpeks93Dv5TBVDPOW3PtiHW0IJ48MQHztvaSZkayohB/qw+7OT+KCBBKkI=

10 Console Messages

Source Level URL
Text
network error URL: https://lh3.googleusercontent.com/blogger_img_proxy/ANbyha3Ua0fzHgowk5Oq2C5qTD8e9gj3rSzdr7_wBXjB9Iw69bSIRiSZefoafnZdAkC7T4jxcQu7q9IcguBLtwpbzbzFBV2R0sd_VFvLCliQULsoPGkYcI1lW4Ophs5d2nyILOw5=w72-h72-p-k-no-nu
Message:
Failed to load resource: the server responded with a status of 404 ()
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
security error URL: https://speakdoor.blogspot.com/2021/05/mypaint.html
Message:
Refused to execute script from 'https://api.viglink.com/api/sync.js?key=d41145dd420ce89217c1f5f5763b23f0' because its MIME type ('image/gif') is not executable.
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2284510269158892&output=html&h=280&slotname=6199451114&adk=3515622465&adf=3804959376&pi=t.ma~as.6199451114&w=970&fwrn=4&fwrnh=100&lmt=1659493775&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fspeakdoor.blogspot.com%2F2021%2F05%2Fmypaint.html&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659495531396&bpp=2&bdt=273&idt=318&shv=r20220728&mjsv=m202207280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2793839140486&frm=20&pv=1&ga_vid=1415982526.1659495532&ga_sid=1659495532&ga_hid=1944273415&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531607%2C44769661&oid=2&pvsid=4218468948237186&tmod=440477505&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9SnV2ElN33&p=https%3A//speakdoor.blogspot.com&dtd=323
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://lh3.googleusercontent.com/blogger_img_proxy/ANbyha3Ua0fzHgowk5Oq2C5qTD8e9gj3rSzdr7_wBXjB9Iw69bSIRiSZefoafnZdAkC7T4jxcQu7q9IcguBLtwpbzbzFBV2R0sd_VFvLCliQULsoPGkYcI1lW4Ophs5d2nyILOw5=w72-h72-p-k-no-nu
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://lh3.googleusercontent.com/blogger_img_proxy/ANbyha3Ua0fzHgowk5Oq2C5qTD8e9gj3rSzdr7_wBXjB9Iw69bSIRiSZefoafnZdAkC7T4jxcQu7q9IcguBLtwpbzbzFBV2R0sd_VFvLCliQULsoPGkYcI1lW4Ophs5d2nyILOw5=w72-h72-p-k-no-nu
Message:
Failed to load resource: the server responded with a status of 404 ()
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://lh3.googleusercontent.com/blogger_img_proxy/ANbyha3K1p9UV1ibAldHhVtjyiitvUYiarLpbAd1uv3Tu-DCqVYm62_a4KVLjCF8c26klNqiGX9-DYtY5kdzPXhNesp2do7p92jLa5wPnnqVV5RH-OQd3Wpd0-a32LWcFH-A1NujJJz03FyQ7l8z8mOWIB0-KW2SbBCtTKJmq6KAyhXEFr3DwoFE9KsaUWSWXQvoAO6Z1R56=w75-h60-p-k-no-nu
Message:
Failed to load resource: the server responded with a status of 500 ()
network error URL: https://lh3.googleusercontent.com/blogger_img_proxy/ANbyha17Uc0Id_G8fm7FxMNxWfrmtvu8_BK1ulGZTE8FAg2UGL4LChHfLAMvSbnIFNBvrR5BaLnoQxwTusRzZseRmYRxFeafu9KWe_Iw_rxyKg9XfAIKuLtkKZ9-a2VPGdkGm54-sn9hyLYIAqj35GRHdUrt3UhwMOHtesNfhmeoX02-ou-uGL7DWbGM5_zxNQgC=w72-h72-p-k-no-nu
Message:
Failed to load resource: the server responded with a status of 500 ()
network error URL: https://lh3.googleusercontent.com/blogger_img_proxy/ANbyha3K1p9UV1ibAldHhVtjyiitvUYiarLpbAd1uv3Tu-DCqVYm62_a4KVLjCF8c26klNqiGX9-DYtY5kdzPXhNesp2do7p92jLa5wPnnqVV5RH-OQd3Wpd0-a32LWcFH-A1NujJJz03FyQ7l8z8mOWIB0-KW2SbBCtTKJmq6KAyhXEFr3DwoFE9KsaUWSWXQvoAO6Z1R56=w72-h72-p-k-no-nu
Message:
Failed to load resource: the server responded with a status of 500 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
2.bp.blogspot.com
4.bp.blogspot.com
ab-hwc.nhp.gov.in
ads.eu.criteo.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
analytics.shareaholic.com
api.viglink.com
assets.entrepreneur.com
blogger.googleusercontent.com
cat.fr.eu.criteo.com
cdn.shareaholic.net
cdn.soft112.com
cdn.viglink.com
cdn0.cuelinks.com
cdnjs.cloudflare.com
connect.facebook.net
csm.eu.criteo.net
fonts.gstatic.com
go.shareaholic.com
googleads.g.doubleclick.net
images.pexels.com
lh3.googleusercontent.com
m.addthis.com
m9m6e2w5.stackpathcdn.com
pagead2.googlesyndication.com
partner.googleadservices.com
partner.shareaholic.com
pbs.twimg.com
pix.eu.criteo.net
play.google.com
recs.shareaholic.com
rtb.fr.eu.criteo.com
rtb.nl.eu.criteo.com
s10.histats.com
s4.histats.com
s7.addthis.com
scratch.mit.edu
secure-gl.imrworldwide.com
speakdoor.blogspot.com
static.criteo.net
tmc.gov.in
tpc.googlesyndication.com
v1.addthisedge.com
www.blogger.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.indiancancersociety.org
www.libreoffice.org
www.shareaholic.net
www.vismuseum.gov.in
z.moatads.com
ab-hwc.nhp.gov.in
s7.addthis.com
www.blogger.com
101.53.156.127
104.75.88.126
107.20.147.136
142.250.185.98
151.101.1.91
151.101.2.133
151.139.128.11
178.250.0.139
178.250.0.160
178.250.2.150
184.73.100.94
192.99.0.58
20.192.98.160
23.111.9.35
23.47.209.169
2405:8a00:6013::101
2600:9000:206f:5e00:1e:a43d:b640:93a1
2606:4700:3033::6815:231e
2606:4700::6810:a00d
2606:4700::6811:180e
2606:4700::6811:d066
2a00:1450:4001:800::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2002
2a00:1450:4001:810::2004
2a00:1450:4001:811::2002
2a00:1450:4001:828::2001
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::200e
2a00:1450:4001:830::200a
2a00:1450:4001:831::2003
2a00:1450:4001:831::2009
2a00:1828:a012:168::1
2a02:2638:1::2
2a02:2638:1::3
2a02:2638::2
2a02:2638::b
2a03:2880:f007:8:face:b00c:0:1
2a04:4e42:6f::159
3.208.36.4
35.171.122.58
46.105.201.240
54.154.223.183
002123d897452aa127f3e88e7529a9b03fae8aa95cfb5a01f537db9619f858ed
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
01d8f5a43111dca2908ec56932789448935deaaf1d7d8f6cc71449d7b70b8b16
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
06d6e10886ed7de5561acab1935bce1c46174baa9cbd0bcb319aa3b69594131f
0707e489a448da35e5100d37f6e31c40e839bb04496e97f2d43ec7469cbe1670
0803fe007fad869e084745368c965e8d55f9be108559cfd8a3d802cde1fe34c1
091c8d18b18ad6979e690fbebe9cab8362beef4fbfc810b8170020013debec8d
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09d864850ee427736c6d330964c250a508f8b6d3d766a05b815e1af2e17b66c0
0b1680a8e4662f0539158fdc3b97f89656dfb10b4f9400396b7f9681b9e21859
0c6be3f6b1fa97a56d044885dbc44944bf5332530c0f9bd9ded3542a24964f72
0cac22357446dd4c21660f29ec02ca8d1a1a0ea8124bd6691789586cb0d155fb
1118e3ae86e0d6ba810c75fd58d262a821498188aa2dab358bc333683bb0baea
126b58bdd36382692ed6bc2b0c99fe6b1a66db0ab7a1a6090c360b035ec897a2
12d6f2cc08c97c56eed865540784456fab04f1511531765d785585a7b90093f1
1402de6546f43fecb9df964454fe9d79d87ca54b93713c71f511d1a51eebac38
17ae181511ff74f23ecbb12af7cd591e8313ccb6edf63213bec2744a548e3a01
1a3a1fe85d2444a49a47761a34e95c126b5d82daa1a11dc4cb17bae30ce5e995
1ac5ae5a9394b620eb48bf18c6b9920ac72b1d2bc0214359298b768c74e5af24
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1bfadef87734f2dca7f2e6fca45fee23b2113ccae2fd0de80850484055fb7647
1c0a8aba8676e7ac92890d46aa8a54fe8670dea8631d33c9bfd1a36c68108b36
1c9aa1d6a53a6dcef06d5a9d1ea72a88bdcfb99c591cb3f7d7beeb177420faf3
1e04cc8c7f4f0ea9326b4de881d5734b2a1f8a96e9b11c11f6a24ff5997d9b18
1e6c1ada8a36b7a73bdab54507668e5f123c29a3300d19a82fa6a532ef731021
1e881df9713df5d1063c70b5de21a23a11210d2a6998911d1779bf66be113789
1fd19004521d39a3b6a19f4cf1d673d1b1113f0e322f3231818441cd4fe10fd7
23a5d9441d8e99f387e05f4898eea61dd92426fb61b8942242a9b9f05d56e865
24575a0833bfd34af74c67cee04f58ac161975ff4cd834d572a14bde9839bdb6
26cbc34b60320d9ed93095bcba5f6d7d5fdef6fa622eb95e1a4733e388620a3a
28fdda1121b007f5a8046e069c155aea681e7a77be87ead36bb46f5f518584a8
2b708c415e0acba472a2ec055943b7a21d1169badd4b6e7a453167f7b5e4a3d8
2dec63cac924d792fa0133691ec61890d4a434870bf0e9c65b3fb2de3421875c
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
307a964bc6b653fe6cc1fff5962b2afeae59ad718897317da12447ec37148e2d
30f952c8f65312b34a19736eb0da1c8ee7b4774f5df5786d2f822989267a7b9d
3223dd6921ebecca9a640a6ec21d0a80fb4da2ae171475d890ce0a321038fa57
357ae23995168f39c444d8432ecc26483a55b1d6649038a45d00b4e5d5f16087
36d934d9521a33bb571f35a8080a047914dd2964506a5e29a2d083227854f3fd
3767802fb6e81fa5b0f0b86afdd332b0528fadb019728eab6444e9c42a6dab6e
376f60790a82b805974739e2243d6518721c0200c24471e47d65fe755fbab6fd
395e998f4579af1ac13e3db03558d7fec588aac2b1fdd45248e3fb3f9d9d9403
3aa530ebd940676f164fd7b1b0064cd4ca982d04086e76eb58874de28d9451e3
3ae635aa632e6e57598324d48c5b288e1bf21441b4e46d8ef54c40130a7780b9
3bca595b1e3228fcfa8edc95a7c4ae364c4589e7e6e440a426cf4bbdc6687088
3c63b1da0d19abc611b8d544a6691c608d60afd3bd2921a4254ecf453d777208
3d487fb8539bc46cf92a29e818b90290739981953ee56e264f12c969895325e1
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40bd3f4decea4802bfc00e1ac8436c8ad8b4db2ad8e4a26acfc6bc668bc7c086
413ef1dd78b2ad40c10809518ec8fdff9da166c9e8d45d9eda64a9b0316e2e21
46b12afb08dc52a9f50161094e95fc99f08cbb726b869573c640365e1e6b6fd2
490319aff00a55cfc00d9e24f71f39fc0801858055c62c07bec8fabf2f6e24ff
4a68cace09422fdece37206780f5d02f7af5d262f3d882504aea3a6b16b66ff6
4c44b7ac3b0fb4895714ee8a35ed0a452b849df7759ee470ed8a7455ed15270f
4cf7b5efd123125c17bef367c0c32b44b2ddcc0decf7b20bd18c63ef71a5c488
4d071d69e25eb8288369459a7fa77275fd654bc22f4965e50ca2e95fe63931c3
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e75a96d71e536ee965f27d12fef7547fd95ea8173b40f0c58c3d6b849520e4e
4eb8d36e8cf815a9337b2e41642e4f7e04540b7d7525bec13ac9b9c621e80c8a
4feaa18be02363ab442dd468621c8bbc6314495882ff605c1c6bb88f1b847976
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
510f9663fe6f69cbde6f7a6ea2bc12b88a365dee2fa897091e81f907fb880c99
53e619915ed5b611160b88380ea4f9cd992ad13b6ce17c3817f88183eb58cf35
562dfa20bdc290f5be78f96990ce309f14698ce7b7219115b01c9b819a6207c8
59229e4f8c7fdc356403d70f115d681ca020745634602fe730a57eec9d29b3b2
59b04a15dacf5d7c6befe6dd8f0c26a66bfab4ac12cf05b7d9acd177e22f5b03
5a5a1218761c898afd6653b7f582d10440f3db1acf76474629076e8f3563d4a2
5a61be86510e957b0b1398525c7ad8083cccb683a3899dcf78641dad73d07de5
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5aeca3b44d1a071a3a4271a080470f383d077f1c0d1298845266e690449e6607
5cd70f8c2c548ec95cc3450bb485b839cec7a8ea050897353100add4a5d4cddf
5e5ee07c0b9aebe4b9fe10f351068879e9046771eaae0fecc0d06a320e75d472
5f0127ae6568d5203a03d96a6e5c1375c49114dcd590506eaf510f3c55e87ae0
607adf46c67a9119b2e6e39fd963516a2b7df0aa355aae0c84fdb6ed2d136a65
60ba67021201dbce9a21495e904af6bac894567da6af853b8375b944c4872402
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
622763fd5e9148c1e40b0ae71618ac93c2b539ba5fb8faeab1ee4863309a7cc2
639665b9e97aad7d30114d5b9b4d4b391d1ee6e870fd4515ec28e5a24c22863a
65b9adfa57197d0ace575ed09ccd04e10008227bf2f192f5f245152d5312ed53
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
67c825531bbdf427c5171f4dbe6f0a8a25b9fb386030c3b10b80f3d9e3912c29
67cca6efdfe24101a2ab2550e041de6d67dd143aaa847e02be6e70fd2fa471d1
6cc31ffbfbcc139080ae8b9525e184111a7c2bed2e40aef76e1e996fb0339208
6d2de6db96ee618a5721768fde6b793c34bde192a5800fe0987de3a8630956cf
6e48524befb65a98356489d7b7c37417171c9acf435df7ab377d93d74c8696be
6ed92bf9e67712bf822ccdf0744fa198a0238525139c0bac9af0db4de441e507
71df315dcc2246dd411ac9e3198e8e0717ab889bc13c690b66b7d8b50b95ef9d
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
73073ed7160406dcfbe826dcabd7ec807cf2aa72afe0303424f518767120cf2e
7361c06eb56be2d9dabeed83e8daafaa4fd18ee226fe43f4dae507161ffd6751
739f22ecf7f029bc4bf353f999079989bb750f3199b5a6fa3240a40353c8a45d
73c152db974db6a54befb152227706bdde865095dfb7fb1cef4f3b14b218ac06
75918ebeb9caa44ae131405d51ebdebffb4f2e729daf02ca992e60432d505524
77002f317af306cd1836fd40f9948c441dec62997fa2733262a6ea68ff0b3f08
77b26cbbfb6dda4321c81a784d52b231b8ab8c99391aea5a29ca7a5cce06339d
78d1c56b85bd295ec918a2b0540f25742e3bdd3afdcf971d2cb23491f48505c3
7a449d4dd5e2320e88cb27fefb1cff6aded1bc72d1f578e1e34b8fb541876d97
7a5a82f2e97d82cf3a0c6b04f8d062f731f6fc3f5a7fca5984a7ee288afab94c
7b2ca959b234d69f91e182be13da3a8e4d9fb47514ba3dd490c8061687805ae1
7b5d0a3313246a18b59183fa8e24f35e2ad5f923ef25e545d564f2c1e09b5300
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7e7d255192a1412b92862071022468a10917dd6c99e51d30613cbc8262fda29d
7f7bc9396245531479db6df2e50f241182925d5168d232561861eaa94c687396
7f8e73d36b6e11a1072eef84e42101cd5b120b1076c51ecf7bf859c683574cc4
81b3a0e1a674b19b86930db69495ebf54f462859737be1bae1ccb8ddf472d540
820e00de6abb3aaa6d599d967f94efe32c51e88950dfdb53bb9028b806a81d57
83d3e85aa95dbdf5729e777496f70db6ef3d8e7d896b1fd418a6fee0b30336a6
86b47d7617dd5c529595041389e833bf7c381ff38ccca48c76aa47b979837742
88f34d90cb970c712d57f802cb4fd4fdcf3ba9a247a359b1c255f2b503b30766
8966c829a9050f5b6bf685c7662fa543a21add7790d165b4afeb1e5cde9e6a2c
897e3372189781bc03dca169574bc3c145cd1adff7595cf2fa233207c071b032
89ada6cbc8b51401f6ce47c24714981ee4c13a35f92460e8bcd2bb026df6ebde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b08d8144e3cbc8e87193d17b77fff6ae4a954c9436630371de4090531da41ed
8d8a11589e97b835e0aefafbfa4c6336f982e138ffb67968034d7fe03c5da72f
8d9fdf5e97634f6e3ba7772ede23912ea642cf05de90401aaaca99035da62eef
8e6435769dea358b59b3472298f81ca14ea97c5de7fdda93aa1e01708d14cc44
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
900877c3f6342ae0289e6287759b3cf36eb1bfe95813de9f49d3665485c4a9ba
9163d3934bd1670c64caf761f38c6ca8c6af73f771dbbb25bc9e71f1576c4c09
91a249fd02f4aef1b0b3549045bada6fdcd59cedd65d6c64fa44100c2641d998
92aaa12adb4161114f57fe1c38584f80895525c642d8778be4d5b2d68fcab715
92bf2667e3434750097f9212feca904c5e7ac36d9155463d25d79f1415018219
92f914e5f860201d70196b8e96cb562904632318acbe57b4322ca01f11295de7
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9e4cf3c1b8ee231ae6346311d558c7017ff7efaf00f8c81380a953d3620f16a7
9ef58fa59dc10f5d2dd07fafa4cef910222e45a2b314be0dbea53ba63978d1ec
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a345bc4415a2265a9e95189defae3b35e8c840ff4da5c31cf3790115b6e538d4
a3884aed17cfa72eaf7bb7e875d0a378fc641ba237c33ae8eebc991d8790ef5b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6c11502463f3445d37d3184cef1016bb3c77dbc12b88636788632bfe5e87b98
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a90095b5f7951614878fab8dbc6806a0aa8cd73dd77fb18ab97ef2bd7600c3a9
a9c3152b1f921defaf879a7f6514623aa21e0656a12f143b20cde6648ff5036c
aa368f5437dc419e7f3449cb246b23518c139be828585a92542a411feb95fe90
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ae361eee98790e9c0ec98cc9c14864144b4e40cef4e4ee492510d876a51e9d43
ae5b89c3c1ac96f7ac5be676385486ea9bcfeedd42dc16c83732fe834c1fe8b7
aefa99336f3bf14e3cea83dcc4c5b32461a5e248333f7dafb634eb25bf16a95b
b210b750323bbecc279a8b5c6053d14de46cfb364df1613e3f3eaab099f49590
b5ddf5ffe909c19823560c01e0d33b52cc4a2af94c97d3a2ae256c2709582ede
b6d018729b6cc00b3732df6a76d2d350e205062eac8b2e6ac254db938eeab31b
b71c6b3347e7804291084cc452443506f307553c22934ce1c36122a78a29f270
b78b8a562f2e4d64db1a9ed9d9d451af2b36fde7a995baa484f0095196c04240
b8ccc11c6aeb2bcdf8ea5ffaa9ed73f630e5bc8c632a34f735d127ab88ee816b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc829cb56b9523f9730d1733291f946ed60bc8b162fd99b5b9502e06501687cd
bcc9b625a4d0f9ecfd75b7e951ba080fbfd3ef6ef38517f08f9acecb79244f9e
beea6bb99696682b642689702ef4ecba136b6d506773c4c519b8e9aa7763ca52
bfcd7a262745ac2a8520d46dbe261c5db424c001970e9ebe83c440bfb48454f7
c1fa96d44ae34a667340961fe3ca599dd2a64beb963edc550f7c04c56dd88198
c2f68b18f05ed6261ccf24ee90132bce5c4fe89cc001720e5c88242c0fa96632
c743d2e0a1681d4d6c392d8b3a5e8b08d4fa33457058bad29606a44fa5d0e9c4
c7a01833f8e2f655cd4aa0243c19e6becc6e490cce37994ec738ab5af58777ba
ca0b35aa0f48d8359e7fce9feec83f90ed60c0b857cdf29784f0803b70de4e55
cad95c8b81dcc30d1bc32c7e29978f63efc76c7ed99da7594794e10facc31eff
cb0d66ff7b3d7b5802bd0ffff425bb58a941654b99938172f00e482c7206837d
cd5c0df13009943b3fdf4190f148764693d7a0d820d6c76430a5382d154a979e
cde9e51128d4ee7ca1a42dddb79b1cc1c3b23387aa3b610b2a866971a70c8707
d169914045934d7c4fb847ab9fc924865d2dc3f776d9a2dbb27d889b47530a72
d55fcdfc70077b934ae0a2735ba01b0ef57f0c3955be10f9dc076a75b2709057
d84d4a0c5427d346b2ceb12588dfb9a16bb523f3362c7e5ed08772705237020c
d8a6f5b2f6b0a036dd8f45469c1e67144167dbb72c5bf2bc9ae42671f7dd4c21
d8d5f139f97f7e9ceb21cb9b4e685f7cc1e0ea7a0ab64c0704ff012fe6a71930
d8eb28791e16c37c7f0706c00da6f250e9aa1a7f0a60f6681bc730c4848c9e2e
daf34e90a5a60fff8fd3adbf8e765943cc8b32805921647e91ab402e49708d4d
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
debbc0ff32ad8542b4e538aea2ccf1245a7acbe4a25b8447b88c1b9af71786e7
deea7b4b0a564ccbaf31ff7c55a3e473c8e6e624601a694ce81bd3a07b8895e8
e1fa72e38624f68bc2039aded02a054eead1fbf24646f4df60abcacc665a8690
e21bdd287570ecca2d6f8450c8ebd20ab7c625ec7a5c22d7f2156d1eccd6059f
e2f40b3a8aaf4a2abb1987007547690206251ee187f7594db715cfaebad6b654
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b58a351151e4da3ebfac8c923fc7c19c7bbbd6696d716a2f3465bf869f1138
e5283d9724936de68a15a6b821607d7daf4681aafc505d64ca1803fdffff3606
e7bc12d9a9642fa0d240854109d6b881b70166ef5b02aa02e053e41c31b816ff
e7d305914e8f7363f66818891dc0d7071b30a7049e50f15b2e9c4012eb8c83a6
e801530c93fa2410663b47482b43c034bcc51c0f839002503538ce0e40ef0421
e9a5a9cc955eaf2edc62bb791f586cf5f8f18e6cf912282b4365cd8562ba9e74
ec726bd933fd745a283039066e9e60536ce6c98df3221b078164ef72ceb570eb
ed641d1558c60255d5d4f514b16153d34c3d0c5b188c41874e33155f8c05cffe
ee16f3ddf9a9263254797764cbefb769d06e772345ccf658d13951a64318af34
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef72587d305b2883f75e0e3ba001f4a7018bb1fbff06c50f332f6ee2de366531
f1209899a0cbbf58df073110347d1429e0ad4d254b584f0fff016f395a09cfff
f58c4daa06d91e29f30e3588876643f6f0e47c099e35657e3d156e8c5acbe5fe
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f919590c3edd5d2226fc61ee0fe10b623c6caabd9154fa527d8451af4dcb1219
faa013fc80a89a4fd73a31e0ba4f4bb0430880709dc29b554caee68222f18399
fb35ebb5f496f09ed4148015a0c3f569595d38d6214bc5d00941b37464782290
fc1f3214a4c91db0341a0639b316ccf6417f8bff14054300bf3941ec865e960e
fd0959173b226adaa48c9dd2f5e567ea840f1a5bfca6679109f39b803e5755e3
fd7739e2674c5fe13e0a51140a51189b82c5bbaf087c18a04d30b62fad9648a8
fe756fda126ce5fbc429e07ffb9a25cb339816c4dfcb4b089922dfb877391d24