blog.xiaoz.org Open in urlscan Pro
154.22.123.129 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://blog.xiaoz.org/archives/12863
Submission: On August 08 via api (August 8th 2023, 5:30:27 pm UTC) from US — Scanned from DE

Summary HTTP 108 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 19 IPs in 6 countries across 11 domains to perform 108 HTTP transactions. The main IP is 154.22.123.129, located in United States and belongs to HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK. The main domain is blog.xiaoz.org.
TLS certificate: Issued by TrustAsia RSA DV TLS CA G2 on February 12th 2023. Valid for: a year.

This is the only time blog.xiaoz.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	154.22.123.129 154.22.123.129	139646 (HKMTC-AS-...) (HKMTC-AS-AP HONG KONG Megalayer Technology Co.)
14	2606:4700:303... 2606:4700:3032::6815:ddd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	42.192.153.76 42.192.153.76	45090 (TENCENT-N...) (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited)
5	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
4	66.90.106.250 66.90.106.250	174 (COGENT-174) (COGENT-174)
4	61.170.79.234 61.170.79.234	4812 (CHINANET-...) (CHINANET-SH-AP China Telecom Group)
2	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
6	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3	2a02:2638:d::4 2a02:2638:d::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
25	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.7.9 178.250.7.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a02:2638:d::11 2a02:2638:d::11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
11	2a02:2638:d::13 2a02:2638:d::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
108	19

3 154.22.123.129 (United States)

ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK)

blog.xiaoz.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:3032::6815:ddd (United States)

ASN13335 (CLOUDFLARENET, US)

libs.xiaoz.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 42.192.153.76 (China)

ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)

tj.rss.ink	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 66.90.106.250 (Austria)

ASN174 (COGENT-174, US)

img.rss.ink	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 61.170.79.234 (China)

ASN4812 (CHINANET-SH-AP China Telecom Group, CN)
PTR: 234.79.170.61.broad.xw.sh.dynamic.163data.com.cn

cdn.xiaoz.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:d::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.7.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:d::11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:2638:d::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	criteo.net static.criteo.net — Cisco Umbrella Rank: 623 csm.eu.criteo.net — Cisco Umbrella Rank: 8330 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 8483	402 KB
18	xiaoz.top libs.xiaoz.top cdn.xiaoz.top gravatar.xiaoz.top Failed	303 KB
11	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 tpc.googlesyndication.com — Cisco Umbrella Rank: 158	256 KB
7	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 8262 cat.fr3.eu.criteo.com — Cisco Umbrella Rank: 9619 rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 14246	165 KB
6	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 54	41 KB
5	rss.ink tj.rss.ink img.rss.ink	221 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 257	14 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 219	169 KB
3	xiaoz.org blog.xiaoz.org	16 KB
2	baidu.com hm.baidu.com — Cisco Umbrella Rank: 9097	12 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1192	601 B
108	11

	Domain	Requested by
25	static.criteo.net	ads.eu.criteo.com googleads.g.doubleclick.net
14	libs.xiaoz.top	blog.xiaoz.org libs.xiaoz.top
11	imageproxy.eu.criteo.net	ads.eu.criteo.com
6	tpc.googlesyndication.com	googleads.g.doubleclick.net
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com blog.xiaoz.org
5	pagead2.googlesyndication.com	blog.xiaoz.org pagead2.googlesyndication.com www.googletagservices.com
4	csm.eu.criteo.net	ads.eu.criteo.com
4	cdn.xiaoz.top	blog.xiaoz.org
4	img.rss.ink	blog.xiaoz.org
3	cdnjs.cloudflare.com	ads.eu.criteo.com
3	cat.fr3.eu.criteo.com	ads.eu.criteo.com
3	www.googletagservices.com	googleads.g.doubleclick.net
3	ads.eu.criteo.com	googleads.g.doubleclick.net
3	blog.xiaoz.org	blog.xiaoz.org
2	hm.baidu.com	blog.xiaoz.org
1	rtb.nl3.eu.criteo.com	blog.xiaoz.org
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	tj.rss.ink	blog.xiaoz.org
0	gravatar.xiaoz.top Failed	blog.xiaoz.org
108	19

This site contains links to these domains. Also see Links.

Domain
www.imgurl.ink
ip.rss.ink
soft.xiaoz.org
imgurl.org
nf.video
www.xiaoz.me
www.yundianseo.com
repostone.home.blog
blog.naibabiji.com
t.me
my.yecaoyun.com

Subject Issuer	Validity	Valid
blog.xiaoz.org TrustAsia RSA DV TLS CA G2	`2023-02-12` - `2024-02-12`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-26` - `2024-02-25`	a year	crt.sh
tj.rss.ink Encryption Everywhere DV TLS CA - G1	`2023-05-18` - `2024-05-18`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
img.rss.ink R3	`2023-06-19` - `2023-09-17`	3 months	crt.sh
cdn.xiaoz.top Encryption Everywhere DV TLS CA - G2	`2023-03-12` - `2024-03-11`	a year	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2023-07-06` - `2024-08-06`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-29`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-08` - `2023-11-08`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-27` - `2023-10-22`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://blog.xiaoz.org/archives/12863
Frame ID: FE8E589A9897CACD97F3741F9AE9BE63
Requests: 42 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230803/r20190131/zrt_lookup.html
Frame ID: 5B400CBC5838E1895C17F975CC9441CB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1198592826613859&output=html&adk=1812271804&adf=3025194257&lmt=1691515798&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fblog.xiaoz.org%2Farchives%2F12863&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691515798439&bpp=4&bdt=2230&idt=212&shv=r20230803&mjsv=m202308030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1240750216447&frm=20&pv=2&ga_vid=1238652592.1691515799&ga_sid=1691515799&ga_hid=1255988795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076088%2C31076733%2C42531706&oid=2&pvsid=3542720325648137&tmod=904832753&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=236
Frame ID: 136362E1899139742469945F823E3107
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230803/r20110914/zrt_lookup.html?fsb=1
Frame ID: 95D760FA86E15FBBD6AE4F5E6798D7D3
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230803/r20110914/zrt_lookup.html?fsb=1
Frame ID: F9F1088A9621D09DF398C08F8F2C41AA
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230803/r20110914/zrt_lookup.html?fsb=1
Frame ID: 3FB7CAA6DA282AE3F78EA0C210CF462B
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZNJ7lgALCi4K02XPAAhoUwDWehvYiZKZd-qikw&u=%7CItMEtweDVZahPSDki%2F%2FRuiN8gqcRPomLbXcGIleK%2FE8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_TxsjMnoTLheSjnEjabYkkKWoBH8RVpwUFSIhZg2uUOx1yTKDwEf5tYcBUmXrvXHY1wUG7uETU87dPN0XdOKsxH1rndUx1OlELNzdynUWDcFsvkstP3YDpXqV3YsjvpZWlQ1rilRwIX0KPtvVzkgYa6XwJjHosUQ2Z0EwL8R4xlGTKA9CHWevYV_b5F_5CotB_YQK0k87sC04xXANsia6V0E_AXUWXCjAUFKZ23ZRVo0D_NDjbhekWsdRRsiBwY90IxWf6mlb-5Fg4etUZjattK9g4YaUCVKBORbHqp4znxL5v5nVwFSwyhQASjkLq3WlwgKkmsbQuCX49-p9x9_m3RCQaAvfs5nZXgY9TufxY51j-gmHUtEw585DgleOW-GMh_mRd1W96piP66VT2A_dWi_VDsyY3YVPe1ufxN8Xp5qEo2R95RAVwtLWhN64zBoXasEMEWLFsDjHR273P-pC-AxT22UbeH9Be8z3YwT9xSvhcG5vF0Jk46wEiYYx_awUVdzl-hF5A48cYJ5pfvR7cwcYj6VNACMNawLjhUsdGKSO9a5xEHcrrYsicQLeP2DkEMP7E2UmGlHt5EPMaOFrSxvABNLMrA_aDALzk9mH-Z8A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtqo9lnvSZK6ULM_LzQbT0KGYDMme0rFczeGS93DAjbcBEAEgAGCVkq6CtAeCARdjYS1wdWItMTE5ODU5MjgyNjYxMzg1OcgBCakCPWurWzxosj6oAwHIAwKqBM4BT9APVWGi2CZ0aRpKdzecQt9QQS-l8oHtGHHV78e6vpscenJrR7LEbpJgu2dGL6LhdEvPLKV87rUHjuuDFCWyVQNURpPQFFzhQtZvEly9dtrqqHF1AvZq2N1_bsWoUcQKh2AvRRm3vymCu9ZMFretEzgGZLWvXEkQyf77jHI5y7dLrrgRtXV8m4yFtO_Jqn3mePS4dkrpVEmos8lcBXcnLsAqrp37TN9gyEw4QvMnNkhTrvjmghTB423Igp-G8Nedn_JYARvAfueCQbe6oiCABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Ao7RXfG-9Ke-VMHslngtlw1TXOQ%26client%3Dca-pub-1198592826613859%26adurl%3D
Frame ID: B85A21BB3EB81499253A0D4A932C9952
Requests: 12 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZNJ7lgALCi8K02XPAAhoUzLz2wAGLmTJsxBo1w&u=%7CItMEtweDVZZaXzCAj8Ml45PfnnKnfdm5RZSv0%2FH5%2FKk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_TxsjMnoTLheSjnEjabYkkKUZhio9LhMlf4pMt-kZcJLezWJYfvp7vFbuVkW1kHWzcetg6JGx2gNnubj9sU8ETkKxWqfx4eWJY7PDbS8MEFLf3p7Gwnsdc9U2qBySysDMyboBVSSCSO0tqNU3q_BQ3f_NA9q3EMWmrcb2yYfpo83qpmnvwjLb0dPLTZlxR3tg2eRpctsXRBFXnVcVP_V9BYCBNmI5ofoPiwx6slItAnqbZfLtJoEHEXBPs0bqcMVizBbvIovPGUzxTti1BYEsSJuzukKZjdTcfoi6Og5jfB7CqX_JnvnqXd2LOqkHbiC3NSC56vY02bqjT0qgzkC517YZA-4EjnFrTDB1PwjFEyfXYyk9I3viE0JqCce3zHzAJsC1ITOeFy6f528_2dXmUZllLaNLSnieCum--ZRGwP4nJeJ-clq1WByY6wPJvObS0FWnb1y-j6IzzH-y5nxXZAVQnaGPb_j0XJr9c7f36ZPMjZKXyYQkEvL6hRFKAQ7EBsXAH9t1ANUmYpv-Y1EMdZZ1M8hlZNMx-1xgxikb9Ao1QfS846V4PZkig2WKYF_y7WYJSpXDImZT2mBjOyRiWUMxtY94qBPE4A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3jkOlnvSZK-ULM_LzQbT0KGYDMme0rFczeGS93DAjbcBEAEgAGCVkq6CtAeCARdjYS1wdWItMTE5ODU5MjgyNjYxMzg1OcgBCakCPWurWzxosj6oAwHIAwKqBM4BT9CGvw2hf4d_u2DerIqLfEKAY37BQszpuyc9crQvfjTjgM_KU2mDKHNguCthZ054Ilvg8qLC3UoeYD01cuth0jE2wJkKpIi4nklTE-EmD20Vm8Lsi6Qb4Em8mC8zRFXD4C_q2Hf2gLYeAqIylJeTds2NG2yfPIGRCCRrvjZ8NrAATb_PqDSy1GcsdPU-x8qEwfjUyvZISitrvVC_QJCMywndzMH2BFxVhzjv2BvO22o98kwG3hckLz21sLe8ssObPpLEEGKeYzTLGiuKO92ABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_169kHAYGY38KAXOD9Vdl3xyjB36Q%26client%3Dca-pub-1198592826613859%26adurl%3D
Frame ID: 817765F1AFCFB40D0D7DE2EB149EDDEA
Requests: 12 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZNJ7lgALCjAK02XPAAhoUzdKsIxYYmxCnjc9EQ&u=%7CItMEtweDVZYo9vklprE%2For9RlvRHNG5wUPZdPtaVPFo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANddNRPYHnj5twBJ-vtli4qQzre0SMiMzBXXLixZxZXwizx8zN7_CUWkdN931Y1Yd6s_w4V0_O7X0OM5aKfMJIPgVGI1uYYXxpXATy42uOXLSG_cJgfEIG4SH_T2JacnA7U5jmdJJYkUEMt7W1N9sPFdwDN2hYjcysWddsE-Xs8kvYigb26dpSjEDiceDF_omc4i532aIlEfZiMgUg5EYmpSBGIpZTdxmiRw180qp9UzSUEjZfFZdcP592wUPy3rNcJjgtCqOIrfVD-TuDkhfkSHLwiZngPMg9ltK18raxiFKhjsamlmotVy8Alwh3BtrYm66_xpz4pqUOJ5aSDrkMWdaL766-Zh6Got5XYIZsPfE8xrACLg1WcxGspJY9ho6g1DYtN9B1KUHAHoXZzYEuBttfC5yJMy1OqNndXovATJT7knDulxqy65eSTXOipky1ASWNKFaV4A6yaP7IqiRgTd-T0rUV4vTEkTUuYX5QTCUbnYa9x5US_Em9MYIw2Uvj8qmmacbwDCntsI4JuseZXOjTXFNifPV5MWI_caWRrwKmy6HbQ9g-NJcmVxBanhM6xgy1qUdGzZs9Epbk5_hL-o&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIRkolnvSZLCULM_LzQbT0KGYDMme0rFczeGS93DAjbcBEAEgAGCVkq6CtAeCARdjYS1wdWItMTE5ODU5MjgyNjYxMzg1OcgBCakCPWurWzxosj6oAwHIAwKqBM8BT9BZEQk0IYboUdfgCRZHhLvhoVIto5th0QrL_3OW-2pBJgdTtpzjXJ4Lf4qUV4BwarStSgjLSSpeCmpO1SP_LJtHpY7waLChPT46ZcM2uNlthWMYSu1kcchjfBMXSdVjrKaGbLIowhrFrhq54gYr3P-TPY6y0hl_LqjiIa8_nvqAOH8yqWX1EcdHuNw3hM6Bq6xXmXzHTwig2hQCribk-KhUtE_9sWyTM42QOdQZUNbZeXLHFWedxttRDtGI4GtIQDVziK9A0i1LiN-pIVNUgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3MV14EToxkM2xKV-ISYZo2Z185HA%26client%3Dca-pub-1198592826613859%26adurl%3D
Frame ID: 698729C1BF2B32DB602EC95B09C1910B
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

使用Nginx端口转发来改善Zoho Mail收发速度 - 小z博客

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Highlight.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/(?:([\d.])+/)?highlight(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

108
Requests

92 %
HTTPS

67 %
IPv6

11
Domains

19
Subdomains

19
IPs

6
Countries

1600 kB
Transfer

3259 kB
Size

6
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://www.imgurl.ink/
Title: 免费图床（ImgURL）

Search URL Search Domain Scan URL

URL: https://ip.rss.ink/
Title: IP查询（IPRss）

Search URL Search Domain Scan URL

URL: http://soft.xiaoz.org/
Title: 软件下载（Zdir）

Search URL Search Domain Scan URL

URL: https://imgurl.org/
Title: ImgURL图床

Search URL Search Domain Scan URL

URL: https://nf.video/KvbA7

Search URL Search Domain Scan URL

URL: https://www.xiaoz.me/laoxue
Title: 老薛主机，快速免备案，下单享7.5折优惠

Search URL Search Domain Scan URL

URL: https://www.yundianseo.com/
Title: 云点SEO

Search URL Search Domain Scan URL

URL: https://repostone.home.blog/
Title: repostone

Search URL Search Domain Scan URL

URL: https://blog.naibabiji.com/
Title: 奶爸de笔记

Search URL Search Domain Scan URL

URL: https://www.xiaoz.me/archives/17403
Title: ImgURL图床扩容码，限时优惠9.9元

Search URL Search Domain Scan URL

URL: https://www.xiaoz.me/archives/9633
Title: UltraVPS新用户85折，适合建站。

Search URL Search Domain Scan URL

URL: https://www.xiaoz.me/archives/12774
Title: Vultr 16机房可选，注册送50$

Search URL Search Domain Scan URL

URL: https://www.xiaoz.me/archives/9190
Title: Anycast DNS解析，免费试用1个月。

Search URL Search Domain Scan URL

URL: https://t.me/xiaozblog
Title: https://t.me/xiaozblog

Search URL Search Domain Scan URL

URL: https://my.yecaoyun.com/aff.php?aff=634

Search URL Search Domain Scan URL

URL: https://www.xiaoz.me/archives/13225
Title: ImgURL Pro专业版发布，支持多个外部存储，6折促销

Search URL Search Domain Scan URL

URL: https://www.xiaoz.me/archives/9094
Title: 国外主机/VPS/服务器购买指南

Search URL Search Domain Scan URL

URL: https://www.xiaoz.me/archives/14336
Title: CCAA 2.0，Linux一键安装Aria2 + AriaNg + Filebrowser实现离线下载、在线播放

Search URL Search Domain Scan URL

URL: https://www.xiaoz.me/archives/8480
Title: CentOS 7一键安装Seafile搭建私有云存储

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

108 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 12863 Show response
blog.xiaoz.org/archives/ 36 KB
10 KB 1202ms
157ms Document
text/html 154.22.123.129
HKMTC-AS-AP HONG ...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.xiaoz.org/archives/12863
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 154.22.123.129 , United States, ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK),
Reverse DNS
Software: nginx /
Resource Hash: b07d08299e486890f182e5b775e1146cdd43531aee7ba65667a581f0be11e165

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=43200
cdn-cache: HIT
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 08 Aug 2023 17:32:55 GMT
expires: Wed, 09 Aug 2023 05:32:55 GMT
link: <https://blog.xiaoz.org/wp-json/>; rel="https://api.w.org/" <https://blog.xiaoz.org/?p=12863>; rel=shortlink
server: nginx
vary: Accept-Encoding

GET
H2 200 layui.css
libs.xiaoz.top/layui/v2.5.4/css/ 71 KB
14 KB 1989ms
15ms Stylesheet
text/css 2606:4700:3032::6815:ddd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://libs.xiaoz.top/layui/v2.5.4/css/layui.css
Requested by: Host: blog.xiaoz.org
URL: https://blog.xiaoz.org/archives/12863
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:ddd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6a8c3962f79f9fe584f617aa9e48056ab93b21a9010bd2c2a8739654c3e1e5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.xiaoz.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

ohc-file-size: 13209
date: Tue, 08 Aug 2023 17:29:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51605
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
ohc-cache-hit: suz2ct53 [2], qdix124 [2]
last-modified: Fri, 20 Mar 2020 09:35:30 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, HEAD
content-type: text/css; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V7sjWVR7q73gjqiJwpQMFzYgpwmTFTZ7NxkQx7BH6cry00qR3ND2SOk3RcTyu5jRsDS4hnvSq0qo0cE6UfbjDbnCA3SoLApqC4LevSgvys3uKA7aGIiFtv8KMVSJHaGWBgWK4aKcvG%2B%2FaVR%2B%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type
cache-control: max-age=604800
access-control-allow-credentials: true
ohc-global-saved-time: Mon, 07 Aug 2023 03:31:16 GMT
cf-ray: 7f397c0aeb673648-FRA
access-control-allow-headers: Content-Type, AccessToken, X-CSRF-Token, Authorization, Token,X-Token,X-Cid
expires: Mon, 14 Aug 2023 03:31:16 GMT

GET
H2 200 font-awesome.min.css
libs.xiaoz.top/font-awesome/4.7.0/css/ 30 KB
7 KB 2003ms
30ms Stylesheet
text/css 2606:4700:3032::6815:ddd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://libs.xiaoz.top/font-awesome/4.7.0/css/font-awesome.min.css
Requested by: Host: blog.xiaoz.org
URL: https://blog.xiaoz.org/archives/12863
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:ddd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.xiaoz.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

ohc-file-size: 7050
date: Tue, 08 Aug 2023 17:29:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51605
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
ohc-cache-hit: suz2ct67 [2], cdix99 [2]
last-modified: Fri, 20 Mar 2020 09:34:56 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, HEAD
content-type: text/css; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2BytjQRTKV9UebWDqnWac3wl8AAWhZVn9Z3CQFWdPYScu2l5P1LfZNN5MzepNUzPBiMZpBGUVh3j2BKAgYN2hdGnFO6tHUPv7%2Bz93CQPZkETCBujAVCGGoF6gqV6v2QnWw%2BniAx0PLtCA817rg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type
cache-control: max-age=604800
access-control-allow-credentials: true
ohc-global-saved-time: Sat, 22 Jul 2023 02:26:25 GMT
cf-ray: 7f397c0aeb693648-FRA
access-control-allow-headers: Content-Type, AccessToken, X-CSRF-Token, Authorization, Token,X-Token,X-Cid
expires: Sat, 29 Jul 2023 02:26:25 GMT

GET
H2 200 github.min.css
libs.xiaoz.top/highlight.js/9.12.0/styles/ 872 B
1 KB 1987ms
14ms Stylesheet
text/css 2606:4700:3032::6815:ddd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://libs.xiaoz.top/highlight.js/9.12.0/styles/github.min.css
Requested by: Host: blog.xiaoz.org
URL: https://blog.xiaoz.org/archives/12863
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:ddd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd833a037a47e1014297d59b494f285c5e4de96ff6ca5bd6d28da0f99e9398b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.xiaoz.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

ohc-file-size: 375
date: Tue, 08 Aug 2023 17:29:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 412196
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
ohc-cache-hit: suz2ct53 [2], csix53 [2]
last-modified: Fri, 20 Mar 2020 09:35:13 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, HEAD
content-type: text/css; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bGPPbf0tz%2Bgu49IzTO6FjDYmGP3SKQ83llRm9B7ehuB69LKKgJpjq2geZDlKzzdUoP0gGNSL2WOgZL5MjEkIsYQAkErVsqhHcgKUAhw7FJ7pKtg41BYSRr9CvWXdH%2B1LzMH4nkcFJ0CM8FdGlw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type
cache-control: max-age=604800
access-control-allow-credentials: true
ohc-global-saved-time: Sat, 08 Jul 2023 03:30:29 GMT
cf-ray: 7f397c0aeb6b3648-FRA
access-control-allow-headers: Content-Type, AccessToken, X-CSRF-Token, Authorization, Token,X-Token,X-Cid
expires: Sat, 15 Jul 2023 03:30:29 GMT

GET
H2 200 style.css
blog.xiaoz.org/wp-content/themes/msimple/ 13 KB
3 KB 167ms
167ms Stylesheet
text/css 154.22.123.129
HKMTC-AS-AP HONG ...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.xiaoz.org/wp-content/themes/msimple/style.css?v=1.13
Requested by: Host: blog.xiaoz.org
URL: https://blog.xiaoz.org/archives/12863
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 154.22.123.129 , United States, ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK),
Reverse DNS
Software: nginx /
Resource Hash: 3adb1404bf05b268691f7037e71bc78fb8c3e5a5bc204db7e42644e69ab2f917

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.xiaoz.org/archives/12863
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:32:56 GMT
content-encoding: br
last-modified: Sat, 28 Mar 2020 11:58:01 GMT
server: nginx
etag: W/"5e7f3bc9-34ec"
vary: Accept-Encoding
content-type: text/css
cdn-cache: HIT
cache-control: max-age=43200
expires: Wed, 09 Aug 2023 05:32:56 GMT

GET
H2 200 umami.js Show response
tj.rss.ink/ 3 KB
2 KB 1299ms
266ms Script
application/javascript 42.192.153.76
TENCENT-NET-AP Sh...

General

Check archive.org

Show headers Download Go to

Full URL

https://tj.rss.ink/umami.js

Requested by

Host: blog.xiaoz.org
URL: https://blog.xiaoz.org/archives/12863

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

42.192.153.76 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),

Reverse DNS

Software

nginx /

Resource Hash

ef16539c1d38c323f79d96e30ead5634e9d1ef6fe3edb28078291415ab43de35

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src *; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' api.umami.is; frame-ancestors 'self';
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.xiaoz.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:29:59 GMT
content-security-policy: default-src 'self'; img-src *; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' api.umami.is; frame-ancestors 'self';
content-encoding: gzip
last-modified: Thu, 26 Jan 2023 04:50:55 GMT
server: nginx
etag: W/"a6e-185ec6a1b98"
x-dns-prefetch-control: on
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-cache: EXPIRED
cache-control: max-age=43200
accept-ranges: bytes
expires: Wed, 09 Aug 2023 05:29:59 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
50 KB 133ms
95ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: blog.xiaoz.org
URL: https://blog.xiaoz.org/archives/12863

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d35e6b4b0504f83a8ebf8c9e4ee1b0c774befb0fd9e3e5bf440cfeb5a5a5402

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.xiaoz.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:29:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50536
x-xss-protection: 0
server: cafe
etag: 11769510086630849347
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 08 Aug 2023 17:29:58 GMT

GET
H2 200 ab7e38083fa8ad7b.jpg
img.rss.ink/imgs/2023/08/04/ 31 KB
32 KB 2354ms
60ms Image
image/jpeg 66.90.106.250
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.rss.ink/imgs/2023/08/04/ab7e38083fa8ad7b.jpg
Requested by: Host: blog.xiaoz.org
URL: https://blog.xiaoz.org/archives/12863
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.90.106.250 , Austria, ASN174 (COGENT-174, US),
Reverse DNS
Software: nginx /
Resource Hash: 2d1be63b64994a5d61624fb8111c64108bab0a1b94e9addce51d021750c3d555

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.xiaoz.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:30:00 GMT
last-modified: Fri, 04 Aug 2023 01:23:24 GMT
server: nginx
x-edge-location: Vienna, AT
etag: "64cc530c-7dbf"
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-edge-ip: 66.90.106.250
x-age: 401136
accept-ranges: bytes
content-length: 32191
x-storage: 16563259:8001
expires: Sun, 03 Sep 2023 02:04:24 GMT

GET
H2 200 zoho_mail_600.jpg
cdn.xiaoz.top/wp-content/uploads/2019/05/ 13 KB
13 KB 4238ms
1049ms Image
image/jpeg 61.170.79.234
CHINANET-SH-AP Ch...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.xiaoz.top/wp-content/uploads/2019/05/zoho_mail_600.jpg
Requested by: Host: blog.xiaoz.org
URL: https://blog.xiaoz.org/archives/12863
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 61.170.79.234 , China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN),
Reverse DNS: 234.79.170.61.broad.xw.sh.dynamic.163data.com.cn
Software: Tengine /
Resource Hash: 06dfc51a36d963a96b478d90eae6172e708bfd9b800efa2399c0862fbe31d960

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.xiaoz.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:30:01 GMT
via: cache15.l2cn3036[59,58,200-0,M], cache65.l2cn3036[60,0], ens-cache31.cn6011[96,95,200-0,M], ens-cache28.cn6011[107,0]
x-swift-cachetime: 2592000
x-cache: MISS TCP_MISS dirn:-2:-2
x-swift-savetime: Tue, 08 Aug 2023 17:30:01 GMT
content-length: 13319
last-modified: Sun, 16 Feb 2020 11:24:07 GMT
server: Tengine
etag: "5e492657-3407"
ali-swift-global-savetime: 1691515801
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
eagleid: 3daa4f3016915158015747252e
expires: Thu, 07 Sep 2023 17:30:01 GMT

GET
H2 200 zhuanfa.jpg
cdn.xiaoz.top/wp-content/uploads/2019/05/ 17 KB
17 KB 4140ms
951ms Image
image/jpeg 61.170.79.234
CHINANET-SH-AP Ch...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.xiaoz.top/wp-content/uploads/2019/05/zhuanfa.jpg
Requested by: Host: blog.xiaoz.org
URL: https://blog.xiaoz.org/archives/12863
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 61.170.79.234 , China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN),
Reverse DNS: 234.79.170.61.broad.xw.sh.dynamic.163data.com.cn
Software: Tengine /
Resource Hash: a56b61d45fec45796145776c5cee0a6226aac7ddc5f11fd171361058296fbffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.xiaoz.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 01:02:32 GMT
via: cache47.l2cn3036[0,14,200-0,H], cache5.l2cn3036[16,0], ens-cache18.cn6011[36,36,200-0,M], ens-cache28.cn6011[54,0]
age: 750449
x-swift-cachetime: 1841551
x-cache: MISS TCP_MISS dirn:-2:-2
x-swift-savetime: Tue, 08 Aug 2023 17:30:01 GMT
content-length: 17540
last-modified: Sun, 16 Feb 2020 11:24:07 GMT
server: Tengine
etag: "5e492657-4484"
ali-swift-global-savetime: 1690765352
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
eagleid: 3daa4f3016915158015867297e
expires: Wed, 30 Aug 2023 01:02:32 GMT

GET 44298dd91254f5209d5b43aeaca35367
gravatar.xiaoz.top/avatar/ 0
0

GET d219af79b45e5891507fda4c4c2139a0
gravatar.xiaoz.top/avatar/ 0
0

GET 74242ff548975ef430c690678bd49615
gravatar.xiaoz.top/avatar/ 0
0

GET
H2 200 wechat_xiaozblog_min.png
cdn.xiaoz.top/wp-content/uploads/2022/03/ 54 KB
55 KB 3753ms
565ms Image
image/png 61.170.79.234
CHINANET-SH-AP Ch...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.xiaoz.top/wp-content/uploads/2022/03/wechat_xiaozblog_min.png
Requested by: Host: blog.xiaoz.org
URL: https://blog.xiaoz.org/archives/12863
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 61.170.79.234 , China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN),
Reverse DNS: 234.79.170.61.broad.xw.sh.dynamic.163data.com.cn
Software: Tengine /
Resource Hash: 93efac2252862450b1c9d90b036a92b4461cc6f7d402b35f9aefcc01496db896

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.xiaoz.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 16:09:09 GMT
via: cache39.l2cn3022[0,0,200-0,H], cache27.l2cn3022[1,0], ens-cache24.cn6011[0,0,200-0,H], ens-cache28.cn6011[5,0]
age: 2251252
x-swift-cachetime: 1769585
x-cache: HIT TCP_MEM_HIT dirn:8:108415973
x-swift-savetime: Sun, 23 Jul 2023 04:36:04 GMT
content-length: 55511
last-modified: Fri, 11 Mar 2022 02:11:41 GMT
server: Tengine
etag: "622aafdd-d8d7"
ali-swift-global-savetime: 1689264549
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
eagleid: 3daa4f3016915158015867295e
expires: Sat, 12 Aug 2023 16:09:09 GMT

GET
H2 200 3135658621242040.png
img.rss.ink/imgs/2023/03/26/ 68 KB
68 KB 2335ms
42ms Image
image/png 66.90.106.250
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.rss.ink/imgs/2023/03/26/3135658621242040.png
Requested by: Host: blog.xiaoz.org
URL: https://blog.xiaoz.org/archives/12863
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.90.106.250 , Austria, ASN174 (COGENT-174, US),
Reverse DNS
Software: nginx /
Resource Hash: 96d7cce38db70e320ee5f5dee2c6d7624461b0179f677a60a8259e62e499b751

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.xiaoz.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:30:00 GMT
last-modified: Sun, 26 Mar 2023 13:07:18 GMT
server: nginx
x-edge-location: Vienna, AT
etag: "64204386-10e62"
x-cache: HIT
content-type: image/png
cache-control: max-age=2592000
x-edge-ip: 66.90.106.250
x-age: 1715010
accept-ranges: bytes
content-length: 69218
x-storage: 16563259:8001
expires: Wed, 19 Jul 2023 15:00:57 GMT

GET
H2 200 4991687807f82b71.jpg
img.rss.ink/imgs/2023/08/04/ 93 KB
93 KB 2268ms
20ms Image
image/jpeg 66.90.106.250
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.rss.ink/imgs/2023/08/04/4991687807f82b71.jpg
Requested by: Host: blog.xiaoz.org
URL: https://blog.xiaoz.org/archives/12863
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.90.106.250 , Austria, ASN174 (COGENT-174, US),
Reverse DNS
Software: nginx /
Resource Hash: 630ae1699c28db814e9ded2b95087c4e4f45d94d0083ef4b4930d7cdcc87cb54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.xiaoz.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:30:00 GMT
last-modified: Fri, 04 Aug 2023 01:27:22 GMT
server: nginx
x-edge-location: Vienna, AT
etag: "64cc53fa-172b4"
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
x-edge-ip: 66.90.106.250
x-age: 401135
accept-ranges: bytes
content-length: 94900
x-storage: 16563259:8001
expires: Sun, 03 Sep 2023 02:04:25 GMT

GET 456b7c3d43fe95972fb7dfa62bdefd61
gravatar.xiaoz.top/avatar/ 0
0

GET d596fb032766fd458b70e3d8b06ab6ba
gravatar.xiaoz.top/avatar/ 0
0

GET 64f440991c5da52ccac850ba95ea3616
gravatar.xiaoz.top/avatar/ 0
0

GET 06ccdab9fbc3d817abf00c5c85f398ec
gravatar.xiaoz.top/avatar/ 0
0

GET
H2 200 laoxue_logo.png
cdn.xiaoz.top/wp-content/uploads/2018/11/ 16 KB
17 KB 4059ms
916ms Image
image/png 61.170.79.234
CHINANET-SH-AP Ch...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.xiaoz.top/wp-content/uploads/2018/11/laoxue_logo.png
Requested by: Host: blog.xiaoz.org
URL: https://blog.xiaoz.org/archives/12863
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 61.170.79.234 , China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN),
Reverse DNS: 234.79.170.61.broad.xw.sh.dynamic.163data.com.cn
Software: Tengine /
Resource Hash: f0d2e5fc4d1e8b451ebc13e3212d588867e524a20b2f5a18506b516341b9190e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.xiaoz.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 16:13:52 GMT
via: cache66.l2cn3022[0,19,200-0,H], cache40.l2cn3022[20,0], ens-cache2.cn6011[0,0,200-0,H], ens-cache28.cn6011[10,0]
age: 2250969
x-swift-cachetime: 1769868
x-cache: HIT TCP_MEM_HIT dirn:10:422321661
x-swift-savetime: Sun, 23 Jul 2023 04:36:04 GMT
content-length: 16809
last-modified: Sun, 16 Feb 2020 11:24:32 GMT
server: Tengine
etag: "5e492670-41a9"
ali-swift-global-savetime: 1689264832
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
eagleid: 3daa4f3016915158015867301e
expires: Sat, 12 Aug 2023 16:13:52 GMT

GET
H2 200 147212d86e9aa824.png
img.rss.ink/imgs/2023/01/06/ 26 KB
26 KB 2309ms
61ms Image
image/png 66.90.106.250
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.rss.ink/imgs/2023/01/06/147212d86e9aa824.png
Requested by: Host: blog.xiaoz.org
URL: https://blog.xiaoz.org/archives/12863
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.90.106.250 , Austria, ASN174 (COGENT-174, US),
Reverse DNS
Software: nginx /
Resource Hash: 9fb70cff785adef0e824b529458a8443d226a3411c0b0007cbef43c94245cc91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.xiaoz.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:30:00 GMT
last-modified: Fri, 06 Jan 2023 04:15:09 GMT
server: nginx
x-edge-location: Vienna, AT
etag: "63b7a04d-681d"
x-cache: HIT
content-type: image/png
cache-control: max-age=2592000
x-edge-ip: 66.90.106.250
x-age: 1715010
accept-ranges: bytes
content-length: 26653
x-storage: 16563259:8001
expires: Wed, 19 Jul 2023 15:00:57 GMT

GET
H2 200 jquery.min.js Show response
libs.xiaoz.top/jquery/2.2.4/ 84 KB
31 KB 1717ms
1716ms Script
text/javascript 2606:4700:3032::6815:ddd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://libs.xiaoz.top/jquery/2.2.4/jquery.min.js
Requested by: Host: blog.xiaoz.org
URL: https://blog.xiaoz.org/archives/12863
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:ddd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.xiaoz.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

ohc-file-size: 85578
date: Tue, 08 Aug 2023 17:29:59 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
ohc-cache-hit: suz2ct67 [2], suzix195 [4]
last-modified: Fri, 20 Mar 2020 09:35:20 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sdf8%2BAB%2Fqm3R5ckTV%2F1EG8Wn4wkI%2BJJUzN%2BlMCMSvH9eBHMeEp88RejCNFPHWIYpwziVmIDyy034Y5E3Dt5Wz0%2B4xqUBJB2dN1gDiu5mBvQA1GKJ2J8fawbXyQoVt%2BIk6F%2BWMXUnR9qG8zidtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type
cache-control: max-age=604800
access-control-allow-credentials: true
ohc-global-saved-time: Sun, 09 Apr 2023 03:59:48 GMT
timing-allow-origin: *
access-control-allow-headers: Content-Type, AccessToken, X-CSRF-Token, Authorization, Token,X-Token,X-Cid
cf-ray: 7f397c0afb893648-FRA
expires: Mon, 14 Aug 2023 03:25:54 GMT

GET
H3 200 layui.js Show response
libs.xiaoz.top/layui/v2.5.4/ 7 KB
4 KB 2740ms
2740ms Script
text/javascript 2606:4700:3032::6815:ddd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://libs.xiaoz.top/layui/v2.5.4/layui.js
Requested by: Host: blog.xiaoz.org
URL: https://blog.xiaoz.org/archives/12863
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:ddd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a96bd7f62b2ecae7c48814d199559247bef02d030dd19bc93ccfdeb98aca3acb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.xiaoz.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

ohc-file-size: 2911
date: Tue, 08 Aug 2023 17:30:00 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
ohc-cache-hit: suz2ct52 [4], cdix52 [4]
last-modified: Fri, 20 Mar 2020 09:35:47 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KYuCCNpAyYhuVizlU81Uc20LVghvSYhQUhx6o2PjVsQQfN9RWZW5VN%2FXuxfpgKQBuzrgxwhA6UU74Jbe%2BwX93ps5BBvEdrriluy8Hb8lcAm20QLnWR2y3QbyVM8Zw9CLPFSCCBE7u8eligdfNw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type
cache-control: max-age=604800
access-control-allow-credentials: true
ohc-global-saved-time: Tue, 01 Aug 2023 03:53:35 GMT
cf-ray: 7f397c0b1d6b9b46-FRA
access-control-allow-headers: Content-Type, AccessToken, X-CSRF-Token, Authorization, Token,X-Token,X-Cid
expires: Tue, 08 Aug 2023 03:53:35 GMT

GET
H3 200 highlight.min.js Show response
libs.xiaoz.top/highlight.js/9.12.0/ 45 KB
20 KB 2120ms
2119ms Script
text/javascript 2606:4700:3032::6815:ddd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://libs.xiaoz.top/highlight.js/9.12.0/highlight.min.js
Requested by: Host: blog.xiaoz.org
URL: https://blog.xiaoz.org/archives/12863
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:ddd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc17e22241e51e856285975ce9316e8fb3262744d6716b0c5e4783170862d33c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.xiaoz.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

ohc-file-size: 18684
date: Tue, 08 Aug 2023 17:30:00 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
ohc-cache-hit: suz2ct67 [4], cdix89 [4]
last-modified: Fri, 20 Mar 2020 09:35:13 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BZAEKJ7MMg1GR5HOHw%2Fc5cF7wB26oOR1bKRQzEoDy3qpN8vYBFus%2BLh7DO01K3w4MiHk%2B6xh7UpbKvS6R9g7Hx0y7tqFIGx1S0CUZu0d0g%2BYoLgrxb6vuupjRdqsEe523RluDYY5QThsvYLr6w%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type
cache-control: max-age=604800
access-control-allow-credentials: true
ohc-global-saved-time: Sun, 06 Aug 2023 09:59:05 GMT
cf-ray: 7f397c0b3d939b46-FRA
access-control-allow-headers: Content-Type, AccessToken, X-CSRF-Token, Authorization, Token,X-Token,X-Cid
expires: Sun, 13 Aug 2023 09:59:05 GMT

GET
H3 200 instantclick.min.js Show response
libs.xiaoz.top/instantclick/ 6 KB
3 KB 734ms
730ms Script
text/javascript 2606:4700:3032::6815:ddd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://libs.xiaoz.top/instantclick/instantclick.min.js
Requested by: Host: blog.xiaoz.org
URL: https://blog.xiaoz.org/archives/12863
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:ddd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d22b71a1f7dad23e108bfcf516f6a92d77d1972e23661736df02492be9a1c888

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.xiaoz.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

ohc-file-size: 2645
date: Tue, 08 Aug 2023 17:29:58 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
ohc-cache-hit: suz2ct54 [4], czix137 [4]
last-modified: Fri, 20 Mar 2020 09:35:19 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1eowYmstLLZFDFIGscXcZKiQHkmX9Yx6GAuuu4I96tY9i0a2g2p4dF6vp2EyPG%2F1wWAXL%2B4YATG26a1zN3vn3jjwiFAOS1HTshaJ8XwbQ84RsDDdmKFsHMUZjGz6FQyPzz1rxlj84UdH4cSIOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type
cache-control: max-age=604800
access-control-allow-credentials: true
ohc-global-saved-time: Fri, 04 Aug 2023 09:41:31 GMT
cf-ray: 7f397c0b3d969b46-FRA
access-control-allow-headers: Content-Type, AccessToken, X-CSRF-Token, Authorization, Token,X-Token,X-Cid
expires: Fri, 11 Aug 2023 09:41:31 GMT

GET
H2 200 embed.js Show response
blog.xiaoz.org/wp-content/themes/msimple/static/ 10 KB
3 KB 170ms
167ms Script
application/javascript 154.22.123.129
HKMTC-AS-AP HONG ...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.xiaoz.org/wp-content/themes/msimple/static/embed.js?v=0.20
Requested by: Host: blog.xiaoz.org
URL: https://blog.xiaoz.org/archives/12863
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 154.22.123.129 , United States, ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK),
Reverse DNS
Software: nginx /
Resource Hash: 172686c59f9ff470d9250477e8709a922d6bc83769edb3e23c4cc5d47d508381

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.xiaoz.org/archives/12863
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:32:58 GMT
content-encoding: br
last-modified: Wed, 01 Jun 2022 04:14:44 GMT
server: nginx
etag: W/"6296e7b4-2635"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8,gbk
cdn-cache: HIT
cache-control: max-age=43200
expires: Wed, 09 Aug 2023 05:32:58 GMT

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
12 KB 694ms
293ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?122c65c6dbd2900393fe6646ed641194

Requested by

Host: blog.xiaoz.org
URL: https://blog.xiaoz.org/archives/12863

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

a0f0de79bd79b30016cd7e3a56309f15f37cb302978a5009fd7f027d8c6ea249

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.xiaoz.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 17:29:58 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: befa7f414e1b97b3a9505a2791ceac8e
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11256

GET 456b7c3d43fe95972fb7dfa62bdefd61
gravatar.xiaoz.top/avatar/ 0
0

GET 06ccdab9fbc3d817abf00c5c85f398ec
gravatar.xiaoz.top/avatar/ 0
0

GET
H3 200 iconfont.woff2
libs.xiaoz.top/layui/v2.5.4/font/ 23 KB
23 KB 3170ms
3158ms Font
font/woff2 2606:4700:3032::6815:ddd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://libs.xiaoz.top/layui/v2.5.4/font/iconfont.woff2?v=250
Requested by: Host: libs.xiaoz.top
URL: https://libs.xiaoz.top/layui/v2.5.4/css/layui.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:ddd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78fa2837133a985a2178a6ed7070a92dc9c9faad910d8a296397c86d74b037d5

Request headers

Referer: https://libs.xiaoz.top/layui/v2.5.4/css/layui.css
Origin: https://blog.xiaoz.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

ohc-file-size: 23140
date: Tue, 08 Aug 2023 17:30:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 23140
ohc-cache-hit: suz2ct67 [2], csix67 [2]
last-modified: Fri, 20 Mar 2020 09:35:47 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, HEAD
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1nMhn01yApnDCzZfxzsr36NvS7v3%2Bj6N0BV%2BfgiEA7%2BA%2FP8wZ2iPIVNsc0uQ3Wra%2F1iaXQhQEEenHl0uNkDOGBMdh9WKJACumxfDOK%2Bya4P4Se%2BeKk5r%2BOe0sve0a4rWc5NWBUyDuvpfQ69Omw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type
cache-control: max-age=14400
access-control-allow-credentials: true
ohc-global-saved-time: Mon, 07 Aug 2023 03:26:25 GMT
accept-ranges: bytes
access-control-allow-headers: Content-Type, AccessToken, X-CSRF-Token, Authorization, Token,X-Token,X-Cid
cf-ray: 7f397c0b5bdb9950-FRA

GET
H3 200 fontawesome-webfont.woff2
libs.xiaoz.top/font-awesome/4.7.0/fonts/ 75 KB
76 KB 2554ms
2542ms Font
font/woff2 2606:4700:3032::6815:ddd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://libs.xiaoz.top/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: libs.xiaoz.top
URL: https://libs.xiaoz.top/font-awesome/4.7.0/css/font-awesome.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:ddd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://libs.xiaoz.top/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://blog.xiaoz.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

ohc-file-size: 77160
date: Tue, 08 Aug 2023 17:30:00 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 77160
ohc-cache-hit: suz2ct56 [2], qdix244 [2]
last-modified: Fri, 20 Mar 2020 09:34:57 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, HEAD
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YLeKd7bExfKfQrQ7bfrpPmxFWXXFuVQ2me%2Bis8YAmNzxP7ggrN7j7%2FlE9dPB6plWSGj48WClACm0kFwnbG1YDOXrqHmsDhr10OH9eh8HGeW90PDH2adJPPyx%2F5KRIGYAt2FoquMxPXC4AzId6A%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type
cache-control: max-age=14400
access-control-allow-credentials: true
ohc-global-saved-time: Mon, 07 Aug 2023 03:23:56 GMT
accept-ranges: bytes
access-control-allow-headers: Content-Type, AccessToken, X-CSRF-Token, Authorization, Token,X-Token,X-Cid
cf-ray: 7f397c0b5bdc9950-FRA

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308030101/ 372 KB
126 KB 90ms
89ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1198592826613859&plah=blog.xiaoz.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7ab278ff0df5b663c9c8575ac39ea8b64dc3d4bfe11c653ead83a33ec390c03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.xiaoz.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:29:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128321
x-xss-protection: 0
server: cafe
etag: 12290584900739943830
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 08 Aug 2023 17:29:58 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230803/r20190131/ Frame 5B40 10 KB
5 KB 52ms
15ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230803/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.xiaoz.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 14472
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 08 Aug 2023 13:28:46 GMT
etag: 12368291122986407432
expires: Tue, 22 Aug 2023 13:28:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 385 B
601 B 59ms
23ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=blog.xiaoz.org&callback=_gfp_s_&client=ca-pub-1198592826613859

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1198592826613859&plah=blog.xiaoz.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c0a1663f1ca1784e528c6a6627f2ee89777825e956b42537b934aa47faa48c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.xiaoz.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:29:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1363 163 KB
23 KB 543ms
542ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1198592826613859&output=html&adk=1812271804&adf=3025194257&lmt=1691515798&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fblog.xiaoz.org%2Farchives%2F12863&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691515798439&bpp=4&bdt=2230&idt=212&shv=r20230803&mjsv=m202308030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1240750216447&frm=20&pv=2&ga_vid=1238652592.1691515799&ga_sid=1691515799&ga_hid=1255988795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076088%2C31076733%2C42531706&oid=2&pvsid=3542720325648137&tmod=904832753&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=236

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ee33a39ae58df490acf25fd8fe16738de1d72caa0f8db8813fdd26006450fb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.xiaoz.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 23074
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 08 Aug 2023 17:29:59 GMT
expires: Tue, 08 Aug 2023 17:29:59 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 112ms
112ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=wp-top&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: blog.xiaoz.org
URL: https://blog.xiaoz.org/archives/12863

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.xiaoz.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 17:29:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308030101/ 154 KB
52 KB 104ms
104ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308030101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3caa63d64ebedf83b8ebcbf63f148d184d62668230356731ffd3338503115cdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.xiaoz.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:29:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53653
x-xss-protection: 0
server: cafe
etag: 14157846264891710943
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Aug 2023 17:29:59 GMT

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 288ms
288ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=340723267&si=122c65c6dbd2900393fe6646ed641194&v=1.3.0&lv=1&sn=57449&r=0&ww=1600&u=https%3A%2F%2Fblog.xiaoz.org%2Farchives%2F12863&tt=%E4%BD%BF%E7%94%A8Nginx%E7%AB%AF%E5%8F%A3%E8%BD%AC%E5%8F%91%E6%9D%A5%E6%94%B9%E5%96%84Zoho%20Mail%E6%94%B6%E5%8F%91%E9%80%9F%E5%BA%A6%20-%20%E5%B0%8Fz%E5%8D%9A%E5%AE%A2

Requested by

Host: blog.xiaoz.org
URL: https://blog.xiaoz.org/archives/12863

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.xiaoz.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Aug 2023 17:29:59 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230803/r20110914/ Frame 95D7 10 KB
4 KB 14ms
14ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230803/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.xiaoz.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 50250
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 08 Aug 2023 03:32:29 GMT
etag: 12368291122986407432
expires: Tue, 22 Aug 2023 03:32:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230803/r20110914/ Frame F9F1 10 KB
4 KB 15ms
14ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230803/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.xiaoz.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 50250
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 08 Aug 2023 03:32:29 GMT
etag: 12368291122986407432
expires: Tue, 22 Aug 2023 03:32:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230803/r20110914/ Frame 3FB7 10 KB
4 KB 13ms
13ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230803/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.xiaoz.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 50250
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 08 Aug 2023 03:32:29 GMT
etag: 12368291122986407432
expires: Tue, 22 Aug 2023 03:32:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame B85A 164 KB
53 KB 156ms
85ms Document
text/html 2a02:2638:d::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZNJ7lgALCi4K02XPAAhoUwDWehvYiZKZd-qikw&u=%7CItMEtweDVZahPSDki%2F%2FRuiN8gqcRPomLbXcGIleK%2FE8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_TxsjMnoTLheSjnEjabYkkKWoBH8RVpwUFSIhZg2uUOx1yTKDwEf5tYcBUmXrvXHY1wUG7uETU87dPN0XdOKsxH1rndUx1OlELNzdynUWDcFsvkstP3YDpXqV3YsjvpZWlQ1rilRwIX0KPtvVzkgYa6XwJjHosUQ2Z0EwL8R4xlGTKA9CHWevYV_b5F_5CotB_YQK0k87sC04xXANsia6V0E_AXUWXCjAUFKZ23ZRVo0D_NDjbhekWsdRRsiBwY90IxWf6mlb-5Fg4etUZjattK9g4YaUCVKBORbHqp4znxL5v5nVwFSwyhQASjkLq3WlwgKkmsbQuCX49-p9x9_m3RCQaAvfs5nZXgY9TufxY51j-gmHUtEw585DgleOW-GMh_mRd1W96piP66VT2A_dWi_VDsyY3YVPe1ufxN8Xp5qEo2R95RAVwtLWhN64zBoXasEMEWLFsDjHR273P-pC-AxT22UbeH9Be8z3YwT9xSvhcG5vF0Jk46wEiYYx_awUVdzl-hF5A48cYJ5pfvR7cwcYj6VNACMNawLjhUsdGKSO9a5xEHcrrYsicQLeP2DkEMP7E2UmGlHt5EPMaOFrSxvABNLMrA_aDALzk9mH-Z8A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtqo9lnvSZK6ULM_LzQbT0KGYDMme0rFczeGS93DAjbcBEAEgAGCVkq6CtAeCARdjYS1wdWItMTE5ODU5MjgyNjYxMzg1OcgBCakCPWurWzxosj6oAwHIAwKqBM4BT9APVWGi2CZ0aRpKdzecQt9QQS-l8oHtGHHV78e6vpscenJrR7LEbpJgu2dGL6LhdEvPLKV87rUHjuuDFCWyVQNURpPQFFzhQtZvEly9dtrqqHF1AvZq2N1_bsWoUcQKh2AvRRm3vymCu9ZMFretEzgGZLWvXEkQyf77jHI5y7dLrrgRtXV8m4yFtO_Jqn3mePS4dkrpVEmos8lcBXcnLsAqrp37TN9gyEw4QvMnNkhTrvjmghTB423Igp-G8Nedn_JYARvAfueCQbe6oiCABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Ao7RXfG-9Ke-VMHslngtlw1TXOQ%26client%3Dca-pub-1198592826613859%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230803/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3333df840fd135b42dda93b763d5deea8df4d3e487650048b5be045229b10ef1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 08 Aug 2023 17:29:58 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=mfL2gUjS0b_W8-Kso_PjbPbRhIE2zy7d9XJ5z2m744Pzxa7wNxAxtUGUTq1ZnI1Al40HWwPWq8xhvmOVkTTJxa5ZUsycot0qyXvAFMx1VpiNNoxOtMkoB71q94nlEYEMXeMmaoLXUef6DnNGzrujMuAZ7BasBDlRW-dk39FmzKFZRANP8S5kv3n4DlAMwMz1309vA2bt-b3ZguAoNsaqIPe6iZ0beGNJk8YU1_nOFPSsAbGNWKBZ0D3S3_aPXtK-W4S_oA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 65491799
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 95D7 3 KB
1 KB 66ms
27ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230803/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 07:42:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35255
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Aug 2023 07:42:24 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 95D7 20 KB
8 KB 53ms
14ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230803/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 12:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16256
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8261
x-xss-protection: 0
server: cafe
etag: 3571037177597359341
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Aug 2023 12:59:03 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 95D7 179 KB
57 KB 95ms
57ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230803/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eee0766eb46bef89556b2773fdce2c71988c9273f80d5de1220ccab62ff59e7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:29:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57420
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1691408699217355"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Aug 2023 17:29:59 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 8177 159 KB
52 KB 176ms
118ms Document
text/html 2a02:2638:d::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZNJ7lgALCi8K02XPAAhoUzLz2wAGLmTJsxBo1w&u=%7CItMEtweDVZZaXzCAj8Ml45PfnnKnfdm5RZSv0%2FH5%2FKk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_TxsjMnoTLheSjnEjabYkkKUZhio9LhMlf4pMt-kZcJLezWJYfvp7vFbuVkW1kHWzcetg6JGx2gNnubj9sU8ETkKxWqfx4eWJY7PDbS8MEFLf3p7Gwnsdc9U2qBySysDMyboBVSSCSO0tqNU3q_BQ3f_NA9q3EMWmrcb2yYfpo83qpmnvwjLb0dPLTZlxR3tg2eRpctsXRBFXnVcVP_V9BYCBNmI5ofoPiwx6slItAnqbZfLtJoEHEXBPs0bqcMVizBbvIovPGUzxTti1BYEsSJuzukKZjdTcfoi6Og5jfB7CqX_JnvnqXd2LOqkHbiC3NSC56vY02bqjT0qgzkC517YZA-4EjnFrTDB1PwjFEyfXYyk9I3viE0JqCce3zHzAJsC1ITOeFy6f528_2dXmUZllLaNLSnieCum--ZRGwP4nJeJ-clq1WByY6wPJvObS0FWnb1y-j6IzzH-y5nxXZAVQnaGPb_j0XJr9c7f36ZPMjZKXyYQkEvL6hRFKAQ7EBsXAH9t1ANUmYpv-Y1EMdZZ1M8hlZNMx-1xgxikb9Ao1QfS846V4PZkig2WKYF_y7WYJSpXDImZT2mBjOyRiWUMxtY94qBPE4A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3jkOlnvSZK-ULM_LzQbT0KGYDMme0rFczeGS93DAjbcBEAEgAGCVkq6CtAeCARdjYS1wdWItMTE5ODU5MjgyNjYxMzg1OcgBCakCPWurWzxosj6oAwHIAwKqBM4BT9CGvw2hf4d_u2DerIqLfEKAY37BQszpuyc9crQvfjTjgM_KU2mDKHNguCthZ054Ilvg8qLC3UoeYD01cuth0jE2wJkKpIi4nklTE-EmD20Vm8Lsi6Qb4Em8mC8zRFXD4C_q2Hf2gLYeAqIylJeTds2NG2yfPIGRCCRrvjZ8NrAATb_PqDSy1GcsdPU-x8qEwfjUyvZISitrvVC_QJCMywndzMH2BFxVhzjv2BvO22o98kwG3hckLz21sLe8ssObPpLEEGKeYzTLGiuKO92ABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_169kHAYGY38KAXOD9Vdl3xyjB36Q%26client%3Dca-pub-1198592826613859%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230803/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c89af0d0c3b73e860539fb84d5f72ca53f039b552edf24e08b6945793488b0b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 08 Aug 2023 17:29:58 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=9h2RDEjS0b_W8-Ks9XsPkE9nL38XQGsvj5992V1EAyl4EiInzmON6-IQ7VqV5e_fp5yQbmqIivv3d_H1wCXfB0vmBBgvk823yEjuQ73hVavKBITY1rL85y_U0Z0EARRAJZfpjKtIRMmp3_fog1vy5r6_Ag4XgVMhv_QPbz98U1RIM9Y6avxp6J_mQm_jzNOqUHedSJleC2kE5OF4R42wwWVkggbnUQmBF4Ikw7PVlyYydGsabhsM5ASDVYvNJG8VqzrnuA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 68744275
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame F9F1 3 KB
1 KB 53ms
27ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230803/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 07:42:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35255
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Aug 2023 07:42:24 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame F9F1 20 KB
8 KB 43ms
18ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230803/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 12:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16256
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8261
x-xss-protection: 0
server: cafe
etag: 3571037177597359341
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Aug 2023 12:59:03 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F9F1 179 KB
56 KB 652ms
628ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230803/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eee0766eb46bef89556b2773fdce2c71988c9273f80d5de1220ccab62ff59e7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:30:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57420
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1691408699217355"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Aug 2023 17:30:00 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 6987 194 KB
59 KB 167ms
129ms Document
text/html 2a02:2638:d::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZNJ7lgALCjAK02XPAAhoUzdKsIxYYmxCnjc9EQ&u=%7CItMEtweDVZYo9vklprE%2For9RlvRHNG5wUPZdPtaVPFo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANddNRPYHnj5twBJ-vtli4qQzre0SMiMzBXXLixZxZXwizx8zN7_CUWkdN931Y1Yd6s_w4V0_O7X0OM5aKfMJIPgVGI1uYYXxpXATy42uOXLSG_cJgfEIG4SH_T2JacnA7U5jmdJJYkUEMt7W1N9sPFdwDN2hYjcysWddsE-Xs8kvYigb26dpSjEDiceDF_omc4i532aIlEfZiMgUg5EYmpSBGIpZTdxmiRw180qp9UzSUEjZfFZdcP592wUPy3rNcJjgtCqOIrfVD-TuDkhfkSHLwiZngPMg9ltK18raxiFKhjsamlmotVy8Alwh3BtrYm66_xpz4pqUOJ5aSDrkMWdaL766-Zh6Got5XYIZsPfE8xrACLg1WcxGspJY9ho6g1DYtN9B1KUHAHoXZzYEuBttfC5yJMy1OqNndXovATJT7knDulxqy65eSTXOipky1ASWNKFaV4A6yaP7IqiRgTd-T0rUV4vTEkTUuYX5QTCUbnYa9x5US_Em9MYIw2Uvj8qmmacbwDCntsI4JuseZXOjTXFNifPV5MWI_caWRrwKmy6HbQ9g-NJcmVxBanhM6xgy1qUdGzZs9Epbk5_hL-o&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIRkolnvSZLCULM_LzQbT0KGYDMme0rFczeGS93DAjbcBEAEgAGCVkq6CtAeCARdjYS1wdWItMTE5ODU5MjgyNjYxMzg1OcgBCakCPWurWzxosj6oAwHIAwKqBM8BT9BZEQk0IYboUdfgCRZHhLvhoVIto5th0QrL_3OW-2pBJgdTtpzjXJ4Lf4qUV4BwarStSgjLSSpeCmpO1SP_LJtHpY7waLChPT46ZcM2uNlthWMYSu1kcchjfBMXSdVjrKaGbLIowhrFrhq54gYr3P-TPY6y0hl_LqjiIa8_nvqAOH8yqWX1EcdHuNw3hM6Bq6xXmXzHTwig2hQCribk-KhUtE_9sWyTM42QOdQZUNbZeXLHFWedxttRDtGI4GtIQDVziK9A0i1LiN-pIVNUgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3MV14EToxkM2xKV-ISYZo2Z185HA%26client%3Dca-pub-1198592826613859%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230803/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a3810040c9020cc9be150c4f60d22ba20c058b6264a3f85612797b36640be667

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 08 Aug 2023 17:29:59 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=8Temn0jS0b_W8-Ks5N_iy-OZK4G0iK_tcaI0K5RnodDCTm0rJ6MgCmZ7CN5i-xvDu8_kP2CKyJDKXjj8Q9B2RDcZiwRcaos4Nra10IE1nzPr8unR_lUSR8Jx5yZHOtxfmpvEYZX9ieYmewgnvKKXnj_yNRBPzzjBb5IM0ieUuWj4UoggL1oGCU5QOdxJ9EnpnzL4es7S3xfkSFHfDAO6i09lDQLuWkaN44tLqppY4z4ucWgomr31Hue6CAXp120qGMXy8g"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 82917250
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 3FB7 3 KB
1 KB 34ms
28ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230803/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 07:42:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35255
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Aug 2023 07:42:24 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 3FB7 20 KB
8 KB 21ms
15ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230803/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 12:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16256
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8261
x-xss-protection: 0
server: cafe
etag: 3571037177597359341
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Aug 2023 12:59:03 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3FB7 179 KB
56 KB 623ms
618ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230803/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eee0766eb46bef89556b2773fdce2c71988c9273f80d5de1220ccab62ff59e7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:30:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57420
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1691408699217355"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Aug 2023 17:30:00 GMT

GET
DATA 200
OK truncated
/ Frame 3FB7 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c1cd62e1ea62904c5e2fffd4787e850409670d05f6cf7060263ef5490900f9ca

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame B85A 2 KB
1 KB 74ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZNJ7lgALCi4K02XPAAhoUwDWehvYiZKZd-qikw&u=%7CItMEtweDVZahPSDki%2F%2FRuiN8gqcRPomLbXcGIleK%2FE8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_TxsjMnoTLheSjnEjabYkkKWoBH8RVpwUFSIhZg2uUOx1yTKDwEf5tYcBUmXrvXHY1wUG7uETU87dPN0XdOKsxH1rndUx1OlELNzdynUWDcFsvkstP3YDpXqV3YsjvpZWlQ1rilRwIX0KPtvVzkgYa6XwJjHosUQ2Z0EwL8R4xlGTKA9CHWevYV_b5F_5CotB_YQK0k87sC04xXANsia6V0E_AXUWXCjAUFKZ23ZRVo0D_NDjbhekWsdRRsiBwY90IxWf6mlb-5Fg4etUZjattK9g4YaUCVKBORbHqp4znxL5v5nVwFSwyhQASjkLq3WlwgKkmsbQuCX49-p9x9_m3RCQaAvfs5nZXgY9TufxY51j-gmHUtEw585DgleOW-GMh_mRd1W96piP66VT2A_dWi_VDsyY3YVPe1ufxN8Xp5qEo2R95RAVwtLWhN64zBoXasEMEWLFsDjHR273P-pC-AxT22UbeH9Be8z3YwT9xSvhcG5vF0Jk46wEiYYx_awUVdzl-hF5A48cYJ5pfvR7cwcYj6VNACMNawLjhUsdGKSO9a5xEHcrrYsicQLeP2DkEMP7E2UmGlHt5EPMaOFrSxvABNLMrA_aDALzk9mH-Z8A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtqo9lnvSZK6ULM_LzQbT0KGYDMme0rFczeGS93DAjbcBEAEgAGCVkq6CtAeCARdjYS1wdWItMTE5ODU5MjgyNjYxMzg1OcgBCakCPWurWzxosj6oAwHIAwKqBM4BT9APVWGi2CZ0aRpKdzecQt9QQS-l8oHtGHHV78e6vpscenJrR7LEbpJgu2dGL6LhdEvPLKV87rUHjuuDFCWyVQNURpPQFFzhQtZvEly9dtrqqHF1AvZq2N1_bsWoUcQKh2AvRRm3vymCu9ZMFretEzgGZLWvXEkQyf77jHI5y7dLrrgRtXV8m4yFtO_Jqn3mePS4dkrpVEmos8lcBXcnLsAqrp37TN9gyEw4QvMnNkhTrvjmghTB423Igp-G8Nedn_JYARvAfueCQbe6oiCABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Ao7RXfG-9Ke-VMHslngtlw1TXOQ%26client%3Dca-pub-1198592826613859%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:29:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 02 Aug 2024 17:29:59 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame B85A 2 KB
1 KB 75ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:29:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 02 Aug 2024 17:29:59 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame B85A 308 B
636 B 83ms
25ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:29:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 02 Aug 2024 17:29:59 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame B85A 293 B
621 B 73ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:29:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Fri, 02 Aug 2024 17:29:59 GMT

GET
H2 200 lg.php
cat.fr3.eu.criteo.com/delivery/ Frame B85A 43 B
347 B 77ms
19ms Image
image/gif 178.250.7.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=NC97Q1pK7UNOzZVT8RZfYtdX4rBf3NJ3d7TOUNLnVUQuO5H4iO5d06kX5Gvcn_o9pNI1DPqIwUAUBqKnCQyAwMQxwCKQ1hhxZ1BKAd21MkXWGLUSQM8CxlbMW6BT70UxNisHWZC1SBHgzVQwZGCyiZkBgLYONRvFDJ4tWy9BAzthBv7ji7nQcP2MVVsRKUoJTnIZ4gKu3ymsIbPAb4PCWk4rK0QuOVkW63tYwoAJEJ_NBZF_eRjSlv_d2GIxsmu18R72vfc18eBbLus6kX2D8XPqfKbtIgy5URQFDQ-53lCNO7PFr7YfoE9K1ToeZ3FDprtLI3VEJXzpHHg5XSStSsbKJRhDgivCC2f4rAoPuRxnmg4nf1ldy6JrLoaOZwSmfoItQ6p6D1MemNCm8eknWoUDHT2AAoPwIqRli_okpxGzSsb0bbCxdtotn7tW2Zny86JWMqvkEZpvnOpS7M9foBIVeLo

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 17:29:59 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2096693
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame B85A 12 KB
5 KB 38ms
13ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:29:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1109966
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4418
last-modified: Thu, 22 Jun 2023 11:22:44 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942f04-1142"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vIoJt1x0gDJJMFYtcEZnM3MUw6kzW18AzUH52AUNGFnTH6PS6Jjjw6YVWgdzigUeaC%2B6FXJsbSAyDziAKaUWBdxIW5xDCJ4OBHLtKuzG4M0K8fWhfaWT15IJ6x2E1Q%2BzWUiFtxPVfpbqqbvl7V7G8gE6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f397c13df259028-FRA
expires: Sun, 28 Jul 2024 17:29:59 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame B85A 12 KB
6 KB 70ms
24ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:29:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 02 Aug 2024 17:29:59 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 8177 2 KB
1 KB 47ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZNJ7lgALCi8K02XPAAhoUzLz2wAGLmTJsxBo1w&u=%7CItMEtweDVZZaXzCAj8Ml45PfnnKnfdm5RZSv0%2FH5%2FKk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_TxsjMnoTLheSjnEjabYkkKUZhio9LhMlf4pMt-kZcJLezWJYfvp7vFbuVkW1kHWzcetg6JGx2gNnubj9sU8ETkKxWqfx4eWJY7PDbS8MEFLf3p7Gwnsdc9U2qBySysDMyboBVSSCSO0tqNU3q_BQ3f_NA9q3EMWmrcb2yYfpo83qpmnvwjLb0dPLTZlxR3tg2eRpctsXRBFXnVcVP_V9BYCBNmI5ofoPiwx6slItAnqbZfLtJoEHEXBPs0bqcMVizBbvIovPGUzxTti1BYEsSJuzukKZjdTcfoi6Og5jfB7CqX_JnvnqXd2LOqkHbiC3NSC56vY02bqjT0qgzkC517YZA-4EjnFrTDB1PwjFEyfXYyk9I3viE0JqCce3zHzAJsC1ITOeFy6f528_2dXmUZllLaNLSnieCum--ZRGwP4nJeJ-clq1WByY6wPJvObS0FWnb1y-j6IzzH-y5nxXZAVQnaGPb_j0XJr9c7f36ZPMjZKXyYQkEvL6hRFKAQ7EBsXAH9t1ANUmYpv-Y1EMdZZ1M8hlZNMx-1xgxikb9Ao1QfS846V4PZkig2WKYF_y7WYJSpXDImZT2mBjOyRiWUMxtY94qBPE4A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3jkOlnvSZK-ULM_LzQbT0KGYDMme0rFczeGS93DAjbcBEAEgAGCVkq6CtAeCARdjYS1wdWItMTE5ODU5MjgyNjYxMzg1OcgBCakCPWurWzxosj6oAwHIAwKqBM4BT9CGvw2hf4d_u2DerIqLfEKAY37BQszpuyc9crQvfjTjgM_KU2mDKHNguCthZ054Ilvg8qLC3UoeYD01cuth0jE2wJkKpIi4nklTE-EmD20Vm8Lsi6Qb4Em8mC8zRFXD4C_q2Hf2gLYeAqIylJeTds2NG2yfPIGRCCRrvjZ8NrAATb_PqDSy1GcsdPU-x8qEwfjUyvZISitrvVC_QJCMywndzMH2BFxVhzjv2BvO22o98kwG3hckLz21sLe8ssObPpLEEGKeYzTLGiuKO92ABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_169kHAYGY38KAXOD9Vdl3xyjB36Q%26client%3Dca-pub-1198592826613859%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:29:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 02 Aug 2024 17:29:59 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 8177 2 KB
1 KB 63ms
30ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:29:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 02 Aug 2024 17:29:59 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 8177 308 B
636 B 58ms
29ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:29:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 02 Aug 2024 17:29:59 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 8177 293 B
621 B 45ms
16ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:29:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Fri, 02 Aug 2024 17:29:59 GMT

GET
H2 200 lg.php
cat.fr3.eu.criteo.com/delivery/ Frame 8177 43 B
347 B 48ms
19ms Image
image/gif 178.250.7.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=5Q-6i1pK7UNOzZVT8RZfYtdX4rDP7sck_ddPaKeGzh_eXoVqcsWCB-j-QlTtz-mKv1M80cXz6lCDiM7sTjifIPBiG21v2GTBd0q-Xw-m1gqS8k_TVfa54mlCQ83Yoi5zrmIRt1ztg4z0APZfWnCMZWOyNoOLyH2H-Y5_Cc-KYjkT_gGnYjEQlvhGKKC5uJuzCja7tKu8seP8rKFhAz1YBg1zX4TJPowx1B9R1w0_r06wBjN6d6S-AxqQpOV-ylntmDzJ-Y_MpdO_2mW4FSQDDAg2D3gecKqStHKSn4hXQ-84WqIiGkpc-Y1aK25oQQhjVKb0HmrGewairTYMg5OcNJQ3L6AoogBa1YZfnDz3EoQ_VtR_kztRrzm8j-ljcNb-S9a8ECvbWPO84TopX3XXylQod-XKurrqc1D9TzdysXmG4HzoBczA3bkr-lPtMCqpQcb_7IzZqLQUbDz9MX_ueBOOIVo

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 17:29:59 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1894866
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame B85A 0
127 B 167ms
19ms Ping
text/plain 2a02:2638:d::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=mfL2gUjS0b_W8-Kso_PjbPbRhIE2zy7d9XJ5z2m744Pzxa7wNxAxtUGUTq1ZnI1Al40HWwPWq8xhvmOVkTTJxa5ZUsycot0qyXvAFMx1VpiNNoxOtMkoB71q94nlEYEMXeMmaoLXUef6DnNGzrujMuAZ7BasBDlRW-dk39FmzKFZRANP8S5kv3n4DlAMwMz1309vA2bt-b3ZguAoNsaqIPe6iZ0beGNJk8YU1_nOFPSsAbGNWKBZ0D3S3_aPXtK-W4S_oA&sds=2&rev=87880&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 08 Aug 2023 17:29:58 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame B85A 2 KB
1 KB 57ms
27ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:29:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 02 Aug 2024 17:29:59 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame B85A 2 KB
1 KB 16ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:29:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 02 Aug 2024 17:29:59 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 8177 12 KB
5 KB 20ms
20ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:29:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1109966
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4418
last-modified: Thu, 22 Jun 2023 11:22:44 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942f04-1142"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BcNTDZPtpWZyEKgggU3GxPRUVkoDrw4KvJFeFWWktkX7RKeQmjyVsSfSJwvt47bXgcpGEOGEJkWo66zndqTc01fN2PTWddj0%2BXGNQyhZCjC8RZZpQTMvQGnI9HLTYI8ITvdeEoBxCSUqddrl6dfonuwr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f397c13df2c9028-FRA
expires: Sun, 28 Jul 2024 17:29:59 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 8177 12 KB
6 KB 51ms
30ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:29:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 02 Aug 2024 17:29:59 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 6987 2 KB
1 KB 41ms
26ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZNJ7lgALCjAK02XPAAhoUzdKsIxYYmxCnjc9EQ&u=%7CItMEtweDVZYo9vklprE%2For9RlvRHNG5wUPZdPtaVPFo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANddNRPYHnj5twBJ-vtli4qQzre0SMiMzBXXLixZxZXwizx8zN7_CUWkdN931Y1Yd6s_w4V0_O7X0OM5aKfMJIPgVGI1uYYXxpXATy42uOXLSG_cJgfEIG4SH_T2JacnA7U5jmdJJYkUEMt7W1N9sPFdwDN2hYjcysWddsE-Xs8kvYigb26dpSjEDiceDF_omc4i532aIlEfZiMgUg5EYmpSBGIpZTdxmiRw180qp9UzSUEjZfFZdcP592wUPy3rNcJjgtCqOIrfVD-TuDkhfkSHLwiZngPMg9ltK18raxiFKhjsamlmotVy8Alwh3BtrYm66_xpz4pqUOJ5aSDrkMWdaL766-Zh6Got5XYIZsPfE8xrACLg1WcxGspJY9ho6g1DYtN9B1KUHAHoXZzYEuBttfC5yJMy1OqNndXovATJT7knDulxqy65eSTXOipky1ASWNKFaV4A6yaP7IqiRgTd-T0rUV4vTEkTUuYX5QTCUbnYa9x5US_Em9MYIw2Uvj8qmmacbwDCntsI4JuseZXOjTXFNifPV5MWI_caWRrwKmy6HbQ9g-NJcmVxBanhM6xgy1qUdGzZs9Epbk5_hL-o&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIRkolnvSZLCULM_LzQbT0KGYDMme0rFczeGS93DAjbcBEAEgAGCVkq6CtAeCARdjYS1wdWItMTE5ODU5MjgyNjYxMzg1OcgBCakCPWurWzxosj6oAwHIAwKqBM8BT9BZEQk0IYboUdfgCRZHhLvhoVIto5th0QrL_3OW-2pBJgdTtpzjXJ4Lf4qUV4BwarStSgjLSSpeCmpO1SP_LJtHpY7waLChPT46ZcM2uNlthWMYSu1kcchjfBMXSdVjrKaGbLIowhrFrhq54gYr3P-TPY6y0hl_LqjiIa8_nvqAOH8yqWX1EcdHuNw3hM6Bq6xXmXzHTwig2hQCribk-KhUtE_9sWyTM42QOdQZUNbZeXLHFWedxttRDtGI4GtIQDVziK9A0i1LiN-pIVNUgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3MV14EToxkM2xKV-ISYZo2Z185HA%26client%3Dca-pub-1198592826613859%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:29:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 02 Aug 2024 17:29:59 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 6987 2 KB
1 KB 30ms
16ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:29:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 02 Aug 2024 17:29:59 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 6987 308 B
636 B 29ms
27ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:29:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 02 Aug 2024 17:29:59 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 6987 293 B
621 B 30ms
29ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:29:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Fri, 02 Aug 2024 17:29:59 GMT

GET
H2 200 lg.php
cat.fr3.eu.criteo.com/delivery/ Frame 6987 43 B
348 B 19ms
18ms Image
image/gif 178.250.7.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=mYKLx3snO68UYrYiDu2RaQt1qcxhtvOuVGgwPwKymrGpCCIGGyQmswIFpzNTn306cXILQd9S2BfEDoLdLK7BlCq96RVNM7V7Y2jSrleJ1plw-0YgORjDVJCWEBuVcmEArXBicT-9cht7mKev4ZLU4IsDrDU6MAW6KH7oixBLbgRZ4x1x24xKge6Wn8-ECzBq8xtt0Ce7z7WqMt2IEa-cqeZFacg1-uaFoT0cKluX7TasZmc13UUzoFKVAIec0Ok69nerJ7ScRhlC0aQ_DxSdwEVttgjdz0yO3fB3dO3cd3aPToH-VCXashMZ52V6OusLHPc2InDvLl5AJqMqUAOC7te1t6HmtnSzhG-0SudhzQiebReWnmAloo62R0-IzvX1I6tai486Yu3bJLE9Y2ut6u2kJa9lgILL8m4MxSqqJE_BC83gLUIbBmhRlR7xQPMaXK571hHda97_Lo3aRm1L9CcF3q8

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 17:29:59 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1705303
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 8177 0
127 B 144ms
19ms Ping
text/plain 2a02:2638:d::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=9h2RDEjS0b_W8-Ks9XsPkE9nL38XQGsvj5992V1EAyl4EiInzmON6-IQ7VqV5e_fp5yQbmqIivv3d_H1wCXfB0vmBBgvk823yEjuQ73hVavKBITY1rL85y_U0Z0EARRAJZfpjKtIRMmp3_fog1vy5r6_Ag4XgVMhv_QPbz98U1RIM9Y6avxp6J_mQm_jzNOqUHedSJleC2kE5OF4R42wwWVkggbnUQmBF4Ikw7PVlyYydGsabhsM5ASDVYvNJG8VqzrnuA&sds=2&rev=87880&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 08 Aug 2023 17:29:59 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 8177 2 KB
1 KB 35ms
28ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:29:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 02 Aug 2024 17:29:59 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 8177 2 KB
1 KB 17ms
17ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:29:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 02 Aug 2024 17:29:59 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 6987 12 KB
5 KB 12ms
12ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:29:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1109966
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4418
last-modified: Thu, 22 Jun 2023 11:22:44 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942f04-1142"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vcu630LQjwWzUDDMSSDXMZ66NFGV7B7gWQk0QfoCiWWV7BvAHNUOimkcRdHGF1myRcz5xwSXpmyGmySzDqr2WQh4xblXABZK%2FHeUZLxCDNJ36rrlfOaVDbrpgYUEav4vfv3FlpngnrxjZ8X636iFHnjf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f397c140f799028-FRA
expires: Sun, 28 Jul 2024 17:29:59 GMT

GET
H2 200 0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
static.criteo.net/design/dt/ Frame 6987 38 KB
38 KB 68ms
41ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:29:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-97a8"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 02 Aug 2024 17:29:59 GMT

GET
H2 200 ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
static.criteo.net/design/dt/ Frame 6987 46 KB
46 KB 52ms
25ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:29:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-b778"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 02 Aug 2024 17:29:59 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 6987 12 KB
6 KB 15ms
15ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:29:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 02 Aug 2024 17:29:59 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6987 3 KB
4 KB 113ms
38ms Image
image/png 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=244&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F1344%2F230413%2Fc53e5f9a71444a36ae4d74a664fc7269_logo_n_horizontal_4.png&v=3&w=196&s=fh4-ZONnBdSnJWApyN4zFpvE

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

05c03c87d7017a903a21732e8c3bc93ca41ef0e82e023e22af527d3a8137ddea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:29:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 3552
expires: Tue, 30 Jul 2024 03:15:59 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6987 12 KB
12 KB 94ms
20ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F17303619-06a8SJzT.jpg&v=3&w=800&s=NbAfDdZTQEYQ5WGt2j0RMN5K&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d2e50cfe0f1c734e7763cd2f23eed60bd651806607bfc40338cb88a455cd54fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:29:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 12268
expires: Sun, 13 Aug 2023 12:44:26 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6987 16 KB
17 KB 132ms
59ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1657196544%2F22140627-9iKYAyTD.jpg&v=3&w=800&s=OHx4dqndKGxV_mBYS4JL3zUG&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

afbe9c0b4b5dd43f9c0c68185838211ac54d303acd52989a25fbec43538e2af1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:29:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 16760
expires: Mon, 14 Aug 2023 16:26:30 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6987 16 KB
16 KB 111ms
37ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1603789048%2F14173759-wL6jBrH5.jpg&v=3&w=800&s=3KThF2QgcbJN-mos2BY8TV6Y&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e040845c7ab244d08035f614cac12cc3573756c0589e9bfd2aec5a5118871e99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:29:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 16184
expires: Thu, 10 Aug 2023 13:58:00 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6987 31 KB
31 KB 127ms
54ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1643923296%2F22023703-SEcF0vu3.jpg&v=3&w=800&s=IGY4WZ2jHyY4LFwZoc-ndXuM&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

da20d961ec456ac0bf3670a6b7943b989e76d24a7deade6d285c383ebeb90894

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:29:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 31242
expires: Fri, 11 Aug 2023 04:28:36 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6987 20 KB
20 KB 126ms
53ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1624958249%2F21158096-8Frdwddd.jpg&v=3&w=800&s=V9tSLKaJA9BBwb-vN7s30b5Z&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

8cc80ef1382dab686c1c8b468cf35bec3e9c151a65be556b908f42a9e6bad986

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:29:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 20476
expires: Tue, 15 Aug 2023 15:14:50 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6987 10 KB
10 KB 50ms
50ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F17213415-Qucwi5uP.jpg&v=3&w=800&s=kuCnAfb-7_OmuhZQyaqvvIXP&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

afed5088ef7aa7af85af56ed99fa3873c194312748c298b70c84136389faf866

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:29:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 9774
expires: Wed, 09 Aug 2023 19:15:24 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6987 12 KB
12 KB 50ms
49ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F18070439-jDSN1l7M.jpg&v=3&w=800&s=4Ymhgk7NOfwNH7xeVDG0RinE&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

770d84ddce702b4055cbd09eec5b71fb212dd4813865c060045e8854f8c2b9ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:29:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 11848
expires: Wed, 09 Aug 2023 22:29:23 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6987 14 KB
14 KB 53ms
53ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1654072438%2F22122815-GV2BUaYh.jpg&v=3&w=800&s=NaTJv-r2D38GlBlEqPxbCrzb&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6460aef32518099b360de8f2f529ec5382d1a94961eab6ed94ef88fa2d55d51b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:29:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 14568
expires: Fri, 11 Aug 2023 07:37:05 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6987 17 KB
17 KB 59ms
59ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F21076699-WOJLGXr8.jpg&v=3&w=800&s=8M6iwJimtkWpULdbdqcRqKca&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0ba5f30077a32a89d7b859cab5a7c1a5866cc92a8ac4619dd214c34162c2b241

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:29:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 17438
expires: Wed, 09 Aug 2023 19:38:34 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6987 36 KB
36 KB 60ms
59ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F4837262%2F56e404bad853466788e2ef1fcaf4edfd_img_horizontal_1.jpg&v=3&w=1200&s=RPwrtOh44doFnmKQwv2v2ygV

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

8da0f927bf4a5774c05eb64aec80a34cfbe3569cbe92879b76f2f2d11b5c02dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:29:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 36448
expires: Fri, 05 Jul 2024 13:42:19 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 6987 0
128 B 29ms
18ms Ping
text/plain 2a02:2638:d::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=8Temn0jS0b_W8-Ks5N_iy-OZK4G0iK_tcaI0K5RnodDCTm0rJ6MgCmZ7CN5i-xvDu8_kP2CKyJDKXjj8Q9B2RDcZiwRcaos4Nra10IE1nzPr8unR_lUSR8Jx5yZHOtxfmpvEYZX9ieYmewgnvKKXnj_yNRBPzzjBb5IM0ieUuWj4UoggL1oGCU5QOdxJ9EnpnzL4es7S3xfkSFHfDAO6i09lDQLuWkaN44tLqppY4z4ucWgomr31Hue6CAXp120qGMXy8g&sds=2&rev=87880&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 08 Aug 2023 17:29:59 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 6987 2 KB
1 KB 13ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:29:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 02 Aug 2024 17:29:59 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 6987 2 KB
1 KB 15ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:29:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 02 Aug 2024 17:29:59 GMT

GET
H2 200 ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
static.criteo.net/design/dt/ Frame B85A 46 KB
46 KB 17ms
17ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:29:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-b778"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 02 Aug 2024 17:29:59 GMT

GET
H2 200 ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
static.criteo.net/design/dt/ Frame 8177 46 KB
46 KB 16ms
16ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230803/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:29:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-b778"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 02 Aug 2024 17:29:59 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3FB7 0
23 B 55ms
55ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C1oNmlnvSZLCULM_LzQbT0KGYDMme0rFczeGS93DAjbcBEAEgAGCVkq6CtAeCARdjYS1wdWItMTE5ODU5MjgyNjYxMzg1OcgBCakCPWurWzxosj6oAwHIAwKqBMwBT9BZEQk0IYboUdfgCRZHhLvhoVIto5th0QrL_3OW-2pBJgdTtpzjXJ4Lf4qUV4BwarStSgjLSSpeCmpO1SP_LJtHpY7waLChPT46ZcM2uNlthWMYSu1kcchjfBMXSdVjrKaGbLIowhrFrhq54gYr3P-TPY6y0hl_LqjiIa8_nvqAOH8yqWX1EcdHuNw3hM6Bq6xXmXzHTwig2hQCribk-KhUtE_9sS6REh8XtkgK70rN2qL6s5-U0tHnBP-QYt-AfZOBN7FsyqjhDMwWgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTExOTg1OTI4MjY2MTM4NTkYAA&sigh=IPTZdZ_Q0qc&uach_m=[UACH]&cid=CAQSGwBpAlJWT2fb4OMs9GF4DUhoR0A6OoLPqbe42hgB&cbvp=2&vis=1

Requested by

Host: blog.xiaoz.org
URL: https://blog.xiaoz.org/archives/12863

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230803/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 08 Aug 2023 17:30:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 08 Aug 2023 17:30:00 GMT

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 3FB7 0
126 B 147ms
14ms Image
text/plain 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kKW_EMz6RO0HfJ2DYgICAAAA-m5FqAGOobcQlnvSZNlakClJCBhPOEIAABIAAAoKQVFVQkFRRUJBUQ&wp=ZNJ7lgALCjAK02XPAAhoUzdKsIxYYmxCnjc9EQ&cbvp=2

Requested by

Host: blog.xiaoz.org
URL: https://blog.xiaoz.org/archives/12863

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:30:00 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 179937
server: Kestrel
content-length: 0

GET
H3 200 layer.js Show response
libs.xiaoz.top/layui/v2.5.4/lay/modules/ 22 KB
8 KB 876ms
876ms Script
text/javascript 2606:4700:3032::6815:ddd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://libs.xiaoz.top/layui/v2.5.4/lay/modules/layer.js
Requested by: Host: libs.xiaoz.top
URL: https://libs.xiaoz.top/layui/v2.5.4/layui.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:ddd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea5bb0fb4fb04ca3c56bead65dcd4bff40b328882c0e8d21cd7a594c4b01c2bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.xiaoz.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

ohc-file-size: 7759
date: Tue, 08 Aug 2023 17:30:01 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
ohc-cache-hit: suz2ct62 [4], xiangyix108 [2]
last-modified: Fri, 20 Mar 2020 09:35:43 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ysv1ATYUP%2B3Q%2Bl3SEHNDGthlUKxL%2FboCBThqEnIHgzG84w7u14pJFZWi1wrhvSrPEf%2BoxaCI8LykYpoyJY0RR%2BGmXwO1Baja8RvumtiB9%2BR0vFTRuDWNMDlbfLKRBS5CiQ2rMNOPNejtXNR5sw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type
cache-control: max-age=604800
access-control-allow-credentials: true
ohc-global-saved-time: Mon, 07 Aug 2023 09:54:17 GMT
cf-ray: 7f397c1c4c009b46-FRA
access-control-allow-headers: Content-Type, AccessToken, X-CSRF-Token, Authorization, Token,X-Token,X-Cid
expires: Mon, 14 Aug 2023 09:54:17 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3FB7 42 B
64 B 150ms
121ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvlvLnOj0uFc39p8phWlaTGbfqdAFR559px1S3UrCQuYKyPpQPtharuut-Q1W3GtnY04Zp3MEFwYLRKLkOzCLLCwjSrN2WuQmXXstU&sig=Cg0ArKJSzCinm6gJoU88EAE&id=lidar2&mcvt=1001&p=0,0,124,1005&mtos=464,1001,1001,1001,1001&tos=464,537,0,0,0&v=20230807&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1691515799406&rpt=730&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 17:30:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 6987 0
127 B 17ms
16ms Ping
text/plain 2a02:2638:d::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 08 Aug 2023 17:30:00 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 layer.css
libs.xiaoz.top/layui/v2.5.4/css/modules/layer/default/ 14 KB
4 KB 23ms
23ms Stylesheet
text/css 2606:4700:3032::6815:ddd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://libs.xiaoz.top/layui/v2.5.4/css/modules/layer/default/layer.css?v=3.1.1
Requested by: Host: libs.xiaoz.top
URL: https://libs.xiaoz.top/layui/v2.5.4/layui.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:ddd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5c5b678a088dd4c3d38caeed26a47b2c78ff166cdaae19301c7b9b8c30359a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.xiaoz.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

ohc-file-size: 2861
date: Tue, 08 Aug 2023 17:30:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 260067
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
ohc-cache-hit: suz2ct61 [2], suzix193 [2]
last-modified: Fri, 20 Mar 2020 09:35:31 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, HEAD
content-type: text/css; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lAftotR9di0UYBallefMayefRHJNGgB%2BSyVFWIpcvUKQwffyCfCFHuGDGe89tV%2BVrhr3HPPYtJ7yROoBo7eDy9QcxWqII7D0kI0HzxFlgw5v1rD7yUgfJk3CUaurkntiUbgNhSRnKrwtgaALVw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type
cache-control: max-age=604800
access-control-allow-credentials: true
ohc-global-saved-time: Sat, 08 Jul 2023 03:30:31 GMT
cf-ray: 7f397c21cc1f9b46-FRA
access-control-allow-headers: Content-Type, AccessToken, X-CSRF-Token, Authorization, Token,X-Token,X-Cid
expires: Sat, 15 Jul 2023 03:30:31 GMT

GET
H3 200 form.js Show response
libs.xiaoz.top/layui/v2.5.4/lay/modules/ 9 KB
4 KB 717ms
717ms Script
text/javascript 2606:4700:3032::6815:ddd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://libs.xiaoz.top/layui/v2.5.4/lay/modules/form.js
Requested by: Host: libs.xiaoz.top
URL: https://libs.xiaoz.top/layui/v2.5.4/layui.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:ddd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9eafa45f08c29969066f4650f96bfcb69ec7f30f0e9af59fd699ed31009390a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.xiaoz.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

ohc-file-size: 3764
date: Tue, 08 Aug 2023 17:30:02 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
ohc-cache-hit: suz2ct67 [4], bdix222 [2]
last-modified: Fri, 20 Mar 2020 09:35:45 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o2SXrI9rWSjpptBUu2kkFN363W9YrwfQ4zLRgw524dZmIVYbQ%2BQ%2FMeb7gTBdEZZzkPG4Lcgl9TOovBxYIld1eXULy4v1bInLDA%2BHjCFw15lcYU0MLKSgIhy5zNw4Beutk7hyxx9mLwsKkvnmLw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type
cache-control: max-age=604800
access-control-allow-credentials: true
ohc-global-saved-time: Mon, 10 Jul 2023 02:39:54 GMT
cf-ray: 7f397c21cc209b46-FRA
access-control-allow-headers: Content-Type, AccessToken, X-CSRF-Token, Authorization, Token,X-Token,X-Cid
expires: Mon, 17 Jul 2023 02:39:54 GMT

GET
H3 200 element.js Show response
libs.xiaoz.top/layui/v2.5.4/lay/modules/ 7 KB
3 KB 722ms
722ms Script
text/javascript 2606:4700:3032::6815:ddd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://libs.xiaoz.top/layui/v2.5.4/lay/modules/element.js
Requested by: Host: libs.xiaoz.top
URL: https://libs.xiaoz.top/layui/v2.5.4/layui.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:ddd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2b30b3efa063ac879784adaaed2667e5347f7e101073dd0dcee0c8f2a4c5a68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.xiaoz.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

ohc-file-size: 2554
date: Tue, 08 Aug 2023 17:30:03 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
ohc-cache-hit: suz2ct63 [4], cdix110 [4]
last-modified: Fri, 20 Mar 2020 09:35:44 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pTlhs7ohC8H1irEtazVoE4xq1Rw5M8tm0R1f5rYTjHVLKzVD5p%2FurNWxYm6NAbsEU0jwhBNeBSfLGG7Lu%2FyTngjtx5BGrq%2BfeqKKx8UxawkQaHDGz6GQVG73xRaNoAU6v9jbWxl24GPb31cIuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type
cache-control: max-age=604800
access-control-allow-credentials: true
ohc-global-saved-time: Tue, 01 Aug 2023 07:40:28 GMT
cf-ray: 7f397c264a019b46-FRA
access-control-allow-headers: Content-Type, AccessToken, X-CSRF-Token, Authorization, Token,X-Token,X-Cid
expires: Tue, 08 Aug 2023 07:40:28 GMT

GET
H3 200 carousel.js Show response
libs.xiaoz.top/layui/v2.5.4/lay/modules/ 4 KB
2 KB 658ms
657ms Script
text/javascript 2606:4700:3032::6815:ddd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://libs.xiaoz.top/layui/v2.5.4/lay/modules/carousel.js
Requested by: Host: libs.xiaoz.top
URL: https://libs.xiaoz.top/layui/v2.5.4/layui.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:ddd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 399a574824e59db613fa8b3504652956fe8bc81d05c9d77bd30754b57be141af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.xiaoz.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

ohc-file-size: 1394
date: Tue, 08 Aug 2023 17:30:03 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
ohc-cache-hit: suz2ct56 [2], csix83 [4]
last-modified: Fri, 20 Mar 2020 09:35:44 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BO%2FP70flMxIog5rGQU0P0QBCeW6OhoIswF3M60Kt0s8aHG2p2Tk5vC2fA8wHEcu9KovfaIVkNzpuj7qnw82iQbi%2FLegnZULWj2d368%2B5Ex4YHLCxuMizDR%2BPOlt9QDx5hmIGRIVnHjoGUdiy0g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type
cache-control: max-age=604800
access-control-allow-credentials: true
ohc-global-saved-time: Mon, 07 Aug 2023 03:31:18 GMT
cf-ray: 7f397c2ad85b9b46-FRA
access-control-allow-headers: Content-Type, AccessToken, X-CSRF-Token, Authorization, Token,X-Token,X-Cid
expires: Mon, 14 Aug 2023 03:31:18 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: gravatar.xiaoz.top
URL: https://gravatar.xiaoz.top/avatar/44298dd91254f5209d5b43aeaca35367?s=64&d=mm&r=g

Domain: gravatar.xiaoz.top
URL: https://gravatar.xiaoz.top/avatar/d219af79b45e5891507fda4c4c2139a0?s=64&d=mm&r=g

Domain: gravatar.xiaoz.top
URL: https://gravatar.xiaoz.top/avatar/74242ff548975ef430c690678bd49615?s=64&d=mm&r=g

Domain: gravatar.xiaoz.top
URL: https://gravatar.xiaoz.top/avatar/456b7c3d43fe95972fb7dfa62bdefd61?s=48&d=mm&r=g

Domain: gravatar.xiaoz.top
URL: https://gravatar.xiaoz.top/avatar/d596fb032766fd458b70e3d8b06ab6ba?s=48&d=mm&r=g

Domain: gravatar.xiaoz.top
URL: https://gravatar.xiaoz.top/avatar/64f440991c5da52ccac850ba95ea3616?s=48&d=mm&r=g

Domain: gravatar.xiaoz.top
URL: https://gravatar.xiaoz.top/avatar/06ccdab9fbc3d817abf00c5c85f398ec?s=48&d=mm&r=g

Domain: gravatar.xiaoz.top
URL: https://gravatar.xiaoz.top/avatar/456b7c3d43fe95972fb7dfa62bdefd61?s=48&d=mm&r=g

Domain: gravatar.xiaoz.top
URL: https://gravatar.xiaoz.top/avatar/06ccdab9fbc3d817abf00c5c85f398ec?s=48&d=mm&r=g

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.xiaoz.org/	1970-01-20 23:13:31	Name: __gads Value: ID=6ae037ec41442f34-22e206a34cde006e:T=1691515798:RT=1691515798:S=ALNI_Ma8uhlwy_t58njroaUvxkxQ3VQKdg
.xiaoz.org/	1970-01-20 23:13:31	Name: __gpi Value: UID=00000d89831041e8:T=1691515798:RT=1691515798:S=ALNI_MbQyR1W_JrYz1K-Wc1TWH5r1mDbwQ
.hm.baidu.com/	1970-01-20 23:27:55	Name: HMACCOUNT_BFESS Value: DF9D13A39CE60659
.blog.xiaoz.org/	1970-01-20 22:37:31	Name: Hm_lvt_122c65c6dbd2900393fe6646ed641194 Value: 1691515799
.blog.xiaoz.org/	1969-12-31 23:59:59	Name: Hm_lpvt_122c65c6dbd2900393fe6646ed641194 Value: 1691515799
.doubleclick.net/	1970-01-20 23:13:31	Name: IDE Value: AHWqTUnoE53M3NWioj_WYYoQvOUU19BUCGYGp3vixxquCDFvodUrUJc4TZmDxbxMUhU

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230803/r20110914/zrt_lookup.html?fsb=1(Line 21) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
blog.xiaoz.org
cat.fr3.eu.criteo.com
cdn.xiaoz.top
cdnjs.cloudflare.com
csm.eu.criteo.net
googleads.g.doubleclick.net
gravatar.xiaoz.top
hm.baidu.com
imageproxy.eu.criteo.net
img.rss.ink
libs.xiaoz.top
pagead2.googlesyndication.com
partner.googleadservices.com
rtb.nl3.eu.criteo.com
static.criteo.net
tj.rss.ink
tpc.googlesyndication.com
www.googletagservices.com
gravatar.xiaoz.top
103.235.46.191
154.22.123.129
178.250.7.9
2606:4700:3032::6815:ddd
2606:4700::6811:180e
2a00:1450:4001:808::2002
2a00:1450:4001:828::2002
2a00:1450:4001:829::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:831::2002
2a02:2638:3::3
2a02:2638:3::9
2a02:2638:d::11
2a02:2638:d::13
2a02:2638:d::4
42.192.153.76
61.170.79.234
66.90.106.250
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
05c03c87d7017a903a21732e8c3bc93ca41ef0e82e023e22af527d3a8137ddea
06dfc51a36d963a96b478d90eae6172e708bfd9b800efa2399c0862fbe31d960
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0ba5f30077a32a89d7b859cab5a7c1a5866cc92a8ac4619dd214c34162c2b241
172686c59f9ff470d9250477e8709a922d6bc83769edb3e23c4cc5d47d508381
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d1be63b64994a5d61624fb8111c64108bab0a1b94e9addce51d021750c3d555
2ee33a39ae58df490acf25fd8fe16738de1d72caa0f8db8813fdd26006450fb9
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3333df840fd135b42dda93b763d5deea8df4d3e487650048b5be045229b10ef1
399a574824e59db613fa8b3504652956fe8bc81d05c9d77bd30754b57be141af
3adb1404bf05b268691f7037e71bc78fb8c3e5a5bc204db7e42644e69ab2f917
3caa63d64ebedf83b8ebcbf63f148d184d62668230356731ffd3338503115cdd
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5c0a1663f1ca1784e528c6a6627f2ee89777825e956b42537b934aa47faa48c4
630ae1699c28db814e9ded2b95087c4e4f45d94d0083ef4b4930d7cdcc87cb54
6460aef32518099b360de8f2f529ec5382d1a94961eab6ed94ef88fa2d55d51b
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
770d84ddce702b4055cbd09eec5b71fb212dd4813865c060045e8854f8c2b9ad
78fa2837133a985a2178a6ed7070a92dc9c9faad910d8a296397c86d74b037d5
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7d35e6b4b0504f83a8ebf8c9e4ee1b0c774befb0fd9e3e5bf440cfeb5a5a5402
8cc80ef1382dab686c1c8b468cf35bec3e9c151a65be556b908f42a9e6bad986
8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92
8da0f927bf4a5774c05eb64aec80a34cfbe3569cbe92879b76f2f2d11b5c02dc
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e
93efac2252862450b1c9d90b036a92b4461cc6f7d402b35f9aefcc01496db896
96d7cce38db70e320ee5f5dee2c6d7624461b0179f677a60a8259e62e499b751
9eafa45f08c29969066f4650f96bfcb69ec7f30f0e9af59fd699ed31009390a8
9fb70cff785adef0e824b529458a8443d226a3411c0b0007cbef43c94245cc91
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a0f0de79bd79b30016cd7e3a56309f15f37cb302978a5009fd7f027d8c6ea249
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3810040c9020cc9be150c4f60d22ba20c058b6264a3f85612797b36640be667
a56b61d45fec45796145776c5cee0a6226aac7ddc5f11fd171361058296fbffd
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a96bd7f62b2ecae7c48814d199559247bef02d030dd19bc93ccfdeb98aca3acb
afbe9c0b4b5dd43f9c0c68185838211ac54d303acd52989a25fbec43538e2af1
afed5088ef7aa7af85af56ed99fa3873c194312748c298b70c84136389faf866
b07d08299e486890f182e5b775e1146cdd43531aee7ba65667a581f0be11e165
c1cd62e1ea62904c5e2fffd4787e850409670d05f6cf7060263ef5490900f9ca
c89af0d0c3b73e860539fb84d5f72ca53f039b552edf24e08b6945793488b0b9
ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d22b71a1f7dad23e108bfcf516f6a92d77d1972e23661736df02492be9a1c888
d2e50cfe0f1c734e7763cd2f23eed60bd651806607bfc40338cb88a455cd54fe
d6a8c3962f79f9fe584f617aa9e48056ab93b21a9010bd2c2a8739654c3e1e5e
da20d961ec456ac0bf3670a6b7943b989e76d24a7deade6d285c383ebeb90894
dd833a037a47e1014297d59b494f285c5e4de96ff6ca5bd6d28da0f99e9398b4
e040845c7ab244d08035f614cac12cc3573756c0589e9bfd2aec5a5118871e99
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5c5b678a088dd4c3d38caeed26a47b2c78ff166cdaae19301c7b9b8c30359a9
ea5bb0fb4fb04ca3c56bead65dcd4bff40b328882c0e8d21cd7a594c4b01c2bc
eee0766eb46bef89556b2773fdce2c71988c9273f80d5de1220ccab62ff59e7a
ef16539c1d38c323f79d96e30ead5634e9d1ef6fe3edb28078291415ab43de35
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0d2e5fc4d1e8b451ebc13e3212d588867e524a20b2f5a18506b516341b9190e
f2b30b3efa063ac879784adaaed2667e5347f7e101073dd0dcee0c8f2a4c5a68
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f7ab278ff0df5b663c9c8575ac39ea8b64dc3d4bfe11c653ead83a33ec390c03
fc17e22241e51e856285975ce9316e8fb3262744d6716b0c5e4783170862d33c

blog.xiaoz.org Open in urlscan Pro 154.22.123.129 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

108 Requests

92 %HTTPS

67 %IPv6

11 Domains

19 Subdomains

19 IPs

6 Countries

1600 kBTransfer

3259 kBSize

6 Cookies

19 Outgoing links

Redirected requests

108 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

blog.xiaoz.org Open in urlscan Pro
154.22.123.129 Public Scan

Screenshot
Live screenshot

Full Image

108
Requests

92 %
HTTPS

67 %
IPv6

11
Domains

19
Subdomains

19
IPs

6
Countries

1600 kB
Transfer

3259 kB
Size

6
Cookies

108 HTTP transactions
1 data transactions