yzqjw.com Open in urlscan Pro
198.38.91.55 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://warwickblarney.mcconnellsofjonesboro.com/
Effective URL:
http://yzqjw.com/warwickblarney/
Submission Tags: phish.gg anti.fish automated Search All
Submission: On September 16 via api (September 16th 2023, 1:10:50 pm UTC) from DE — Scanned from GB

Summary HTTP 73 Redirects Behaviour Indicators

Summary

This website contacted 16 IPs in 5 countries across 13 domains to perform 73 HTTP transactions. The main IP is 198.38.91.55, located in United Kingdom and belongs to SERVERCENTRAL, US. The main domain is yzqjw.com.

This is the only time yzqjw.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7 24	198.38.91.55 198.38.91.55	23352 (SERVERCEN...) (SERVERCENTRAL)
8	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	104.20.219.77 104.20.219.77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
8	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 3	35.181.29.184 35.181.29.184	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
73	16

24 198.38.91.55 (United Kingdom) 7 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: mocha3034-web1.mochahost.com

warwickblarney.mcconnellsofjonesboro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
yzqjw.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.20.219.77 (None, )

ASN13335 (CLOUDFLARENET, US)

www.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.181.29.184 (Paris, France) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-181-29-184.eu-west-3.compute.amazonaws.com

cs.mytheresa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mix-phoenix.commander1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	criteo.net static.criteo.net — Cisco Umbrella Rank: 660 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9832 csm.eu.criteo.net — Cisco Umbrella Rank: 9485	210 KB
23	yzqjw.com 6 redirects yzqjw.com	414 KB
12	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 tpc.googlesyndication.com — Cisco Umbrella Rank: 152	226 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 47	19 KB
3	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 9400 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 17123 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10535	62 KB
2	mytheresa.com 1 redirects cs.mytheresa.com — Cisco Umbrella Rank: 47165	2 KB
2	statcounter.com www.statcounter.com — Cisco Umbrella Rank: 16331 c.statcounter.com — Cisco Umbrella Rank: 10650	15 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 248	5 KB
1	commander1.com 1 redirects mix-phoenix.commander1.com — Cisco Umbrella Rank: 111719	1 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 221	57 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1183	603 B
1	mcconnellsofjonesboro.com 1 redirects warwickblarney.mcconnellsofjonesboro.com	241 B
73	13

	Domain	Requested by
23	yzqjw.com	6 redirects yzqjw.com
19	imageproxy.eu.criteo.net	ads.eu.criteo.com
8	static.criteo.net	ads.eu.criteo.com
7	pagead2.googlesyndication.com	yzqjw.com pagead2.googlesyndication.com www.googletagservices.com tpc.googlesyndication.com
5	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	csm.eu.criteo.net	ads.eu.criteo.com
2	cs.mytheresa.com	1 redirects ads.eu.criteo.com
1	www.google.com	tpc.googlesyndication.com
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	mix-phoenix.commander1.com	1 redirects
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	rtb.fr3.eu.criteo.com	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	c.statcounter.com	www.statcounter.com
1	www.statcounter.com	yzqjw.com
1	warwickblarney.mcconnellsofjonesboro.com	1 redirects
73	19

This site contains no links.

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
statcounter.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-24` - `2023-12-24`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-29`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-27` - `2023-10-22`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-08` - `2023-11-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh

This page contains 7 frames:

Primary Page: http://yzqjw.com/warwickblarney/
Frame ID: 38B36F927FFFC89E5BB9161ED40AFB0F
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20190131/zrt_lookup.html
Frame ID: 4C95EEEA41570F0824DA71B8D97E07E5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9487194768751455&output=html&h=90&slotname=3715867313&adk=512885590&adf=2252284331&pi=t.ma~as.3715867313&w=728&lmt=1662536058&format=728x90&url=http%3A%2F%2Fyzqjw.com%2Fwarwickblarney%2F&wgl=1&dt=1694869839919&bpp=4&bdt=961&idt=226&shv=r20230913&mjsv=m202309130101&ptt=9&saldr=aa&abxe=1&correlator=5797910496969&frm=20&pv=2&ga_vid=797531372.1694869840&ga_sid=1694869840&ga_hid=1189770603&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=347&ady=683&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31077698%2C44795921%2C31077909&oid=2&pvsid=3287554509701709&tmod=1603200724&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=N5FPaaB06k&p=http%3A//yzqjw.com&dtd=246
Frame ID: DA04D2EF078D08A41B4F1520E182C828
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9487194768751455&output=html&adk=1812271804&adf=3025194257&lmt=1662536058&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=http%3A%2F%2Fyzqjw.com%2Fwarwickblarney%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&dt=1694869839941&bpp=1&bdt=983&idt=232&shv=r20230913&mjsv=m202309130101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=5797910496969&frm=20&pv=1&ga_vid=797531372.1694869840&ga_sid=1694869840&ga_hid=1189770603&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31077698%2C44795921%2C31077909&oid=2&pvsid=3287554509701709&tmod=1603200724&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=243
Frame ID: 8FB2D8B2F877F7C4BFC48E81E317C403
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQWpUAADN18I9k7jAAmRJuGlsYREybpvpktwJA&u=%7CSuqg17AgVfLHmbs607unef1hofkjDyIgs781pUhIZAY%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC862pY1b8XOk2r3uCCz7RDLP_nR8wsXpaWsW35pGjeD3R-zi-AJxUV2uTaGuAUd8eJlCqHGUg48ZuF4UkmX_6HanYBvPLe7jrpiMbr6fyZrMMxCntjOzoY7urdsb3Zy7ykvWH78-yIC2i8nFbhFhKvwKC97_DfEVSfFHyMr9SVS4XoVrB83DYompKlfxXXhROWk2ji-1g-eW0aQlHl8eVTckDizXxVTDp-6Akl78hIgR3hm2Tq4HUEjexYvPh-NeL0cot1iwfPd_YcYEfbqAB3OTe1J3BZ6jlxDO_g0IVw0JcaMoQJrvgvAZsNmV2tx4ukhKFqMpkqjhA4Jlzup90Y6NvYi-Ci9fwkGR0Fvov9GQUfmcH3YrCoco7-7d0t9jD2H6fHRMnpHr6eMR2sIE-8dukcKRE6VXso3Tbllz9LEvRiuKxcHg4Al8oAnSEiKmBDD79gED4rcXpmI1eevYL93QCSNTYvsumCkTiiN_Bnwg2nmJtDsT_CPPSHPqKyHkRE1QF09D1IlJ_-3hdPSXDFJIq0jtEyUBjy3KgnARUbIDhWVkOeN3G-fgMKvh56EbU9L322sYLeHXC_bugGffVkFTqfg3ZpHa-2Zw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgh7cUKkFZd_uDOOd2fcPpqKmuAfkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi05NDg3MTk0NzY4NzUxNDU1yAEJqQIQ_D4AhMa0PqgDAcgDAqoE7AFP0BLrtailIb_HB1sRv2VbGFM1EBxrIgReLSNEaQIdvx9k03riqWsKrKbXf3Qb3BOzPPGuBEW84wh0Aeq9t1nUGH-TrGQ8_9OiD53haeRgZKJlJlGmcrAAulRWMFyWlvVAw1RSiv3vG84aVN-wiO0IUCLcjgVTJtlcVtpUovXhCy-VvzU_zjhggcf7Gj0ejsUrKh0-NmXkefjvhxviR1mEV0zvgZjmiFKnKYcCBj9KZ1XFwrL7To4obq8DrpAiANW511uuvLtdVKlcQKdojy8xkyoaGDM5mBHbcc1fN6UJUGsIuiykL1c1JW0yRIAGsfj4n8jsn9lRoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0d58Z5WTLec5sxmp1epqDVsYf2GA%26client%3Dca-pub-9487194768751455%26adurl%3D
Frame ID: 84418131FCAF6703485CD9BD5A81817D
Requests: 34 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 23B03570FB65B948EC7B1CEA19BECC0C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5723D473C59796954A3B40D29B7A470F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Blarney Station

Page URL History Show full URLs

http://warwickblarney.mcconnellsofjonesboro.com/ HTTP 302
http://yzqjw.com/warwickblarney/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Statcounter (Analytics) Expand

Overall confidence: 100%
Detected patterns

statcounter\.com/counter/counter

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

73
Requests

75 %
HTTPS

73 %
IPv6

13
Domains

19
Subdomains

16
IPs

5
Countries

1008 kB
Transfer

1741 kB
Size

13
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://warwickblarney.mcconnellsofjonesboro.com/ HTTP 302
http://yzqjw.com/warwickblarney/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

http://yzqjw.com/web/20170111033413im_/http://www.topekadentalclinic.com/wp-content/themes/clickbump/styles/velocity/header.gif HTTP 301
http://yzqjw.com/web/20170111033413im_/http:/www.topekadentalclinic.com/wp-content/themes/clickbump/styles/velocity/header.gif

Request Chain 12

http://yzqjw.com/web/20170111033413im_/http://www.topekadentalclinic.com/wp-content/themes/clickbump/styles/velocity/gradient.png HTTP 301
http://yzqjw.com/web/20170111033413im_/http:/www.topekadentalclinic.com/wp-content/themes/clickbump/styles/velocity/gradient.png

Request Chain 13

http://yzqjw.com/web/20170111033413im_/http://www.topekadentalclinic.com/wp-content/themes/clickbump/styles/velocity/sidebar.gif HTTP 301
http://yzqjw.com/web/20170111033413im_/http:/www.topekadentalclinic.com/wp-content/themes/clickbump/styles/velocity/sidebar.gif

Request Chain 14

http://yzqjw.com/web/20170111033413im_/http://www.topekadentalclinic.com/wp-content/themes/clickbump/styles/velocity/header.png HTTP 301
http://yzqjw.com/web/20170111033413im_/http:/www.topekadentalclinic.com/wp-content/themes/clickbump/styles/velocity/header.png

Request Chain 15

http://yzqjw.com/web/20170111033413im_/http://www.topekadentalclinic.com/wp-content/themes/clickbump/styles/velocity/spot.gif HTTP 301
http://yzqjw.com/web/20170111033413im_/http:/www.topekadentalclinic.com/wp-content/themes/clickbump/styles/velocity/spot.gif

Request Chain 16

http://yzqjw.com/web/20170111033413im_/http://www.topekadentalclinic.com/wp-content/themes/clickbump/styles/velocity/spot2.gif HTTP 301
http://yzqjw.com/web/20170111033413im_/http:/www.topekadentalclinic.com/wp-content/themes/clickbump/styles/velocity/spot2.gif

Request Chain 36

https://cs.mytheresa.com/mix/v3/?tcs=3504&rand=6505a94fe1e87f4fdbc84e07ccb03e4a&chn=display_pro&src=criteo&cmp=criteo_gb&tarea=gb&ptyp=dynamic&gdpr=1& HTTP 307
https://mix-phoenix.commander1.com/mix/v3/?TC_CHECK_COOKIES_SUPPORT=1&tc_first=cs.mytheresa.com&tcs=3504&rand=6505a94fe1e87f4fdbc84e07ccb03e4a&chn=display_pro&src=criteo&cmp=criteo_gb&tarea=gb&ptyp=dynamic&gdpr=1& HTTP 307
https://cs.mytheresa.com/mix/v3/?tc_id=202309161510413168475094&tcs=3504&rand=6505a94fe1e87f4fdbc84e07ccb03e4a&chn=display_pro&src=criteo&cmp=criteo_gb&tarea=gb&ptyp=dynamic&gdpr=1&

73 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
yzqjw.com/warwickblarney/
Redirect Chain

http://warwickblarney.mcconnellsofjonesboro.com/
http://yzqjw.com/warwickblarney/

5 KB
5 KB

434ms
128ms

Document
text/html

198.38.91.55
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: http://yzqjw.com/warwickblarney/
Protocol: HTTP/1.1
Server: 198.38.91.55 , United Kingdom, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: mocha3034-web1.mochahost.com
Software: Apache /
Resource Hash: 887cf434238938e9a157481c689f5a43dc025ce8731883dbd09e9b7fa37ea671

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Upgrade, Keep-Alive
Content-Length: 4909
Content-Type: text/html
Date: Sat, 16 Sep 2023 13:10:36 GMT
Keep-Alive: timeout=5, max=100
Last-Modified: Wed, 07 Sep 2022 08:34:18 GMT
Server: Apache
Upgrade: h2,h2c

Redirect headers

Connection: Keep-Alive
Content-Length: 216
Content-Type: text/html; charset=iso-8859-1
Date: Sat, 16 Sep 2023 13:10:36 GMT
Keep-Alive: timeout=5, max=100
Location: http://yzqjw.com/warwickblarney/
Server: Apache

GET
H/1.1 200
OK banner-styles.css
yzqjw.com/warwickblarney/index/ 12 KB
12 KB 137ms
136ms Stylesheet
text/css 198.38.91.55
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: http://yzqjw.com/warwickblarney/index/banner-styles.css
Requested by: Host: yzqjw.com
URL: http://yzqjw.com/warwickblarney/
Protocol: HTTP/1.1
Server: 198.38.91.55 , United Kingdom, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: mocha3034-web1.mochahost.com
Software: Apache /
Resource Hash: a8c29e9c30e8ef1170f7cd31b00c788916fee78696e3b3ded99a1f77062a1c71

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://yzqjw.com/warwickblarney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Sat, 16 Sep 2023 13:10:36 GMT
Last-Modified: Fri, 01 Jan 2021 19:17:18 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 12080

GET
H/1.1 200
OK iconochive.css
yzqjw.com/warwickblarney/index/ 6 KB
6 KB 138ms
136ms Stylesheet
text/css 198.38.91.55
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: http://yzqjw.com/warwickblarney/index/iconochive.css
Requested by: Host: yzqjw.com
URL: http://yzqjw.com/warwickblarney/
Protocol: HTTP/1.1
Server: 198.38.91.55 , United Kingdom, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: mocha3034-web1.mochahost.com
Software: Apache /
Resource Hash: bc2ff0a6b9cf9b088c61c1eefb303f3e9e592a66d37b699d751fcdfc1fcef560

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://yzqjw.com/warwickblarney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Sat, 16 Sep 2023 13:10:36 GMT
Last-Modified: Fri, 01 Jan 2021 19:17:18 GMT
Server: Apache
Upgrade: h2,h2c
Content-Type: text/css
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 5825

GET
H/1.1 200
OK flexslider.css
yzqjw.com/warwickblarney/ 5 KB
5 KB 241ms
124ms Stylesheet
text/css 198.38.91.55
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: http://yzqjw.com/warwickblarney/flexslider.css
Requested by: Host: yzqjw.com
URL: http://yzqjw.com/warwickblarney/
Protocol: HTTP/1.1
Server: 198.38.91.55 , United Kingdom, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: mocha3034-web1.mochahost.com
Software: Apache /
Resource Hash: b195d4decdee271cd55b415886a16d840aa9672a9daa5f55f7b1ac818ce98be7

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://yzqjw.com/warwickblarney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Sat, 16 Sep 2023 13:10:36 GMT
Last-Modified: Fri, 01 Jan 2021 19:17:18 GMT
Server: Apache
Upgrade: h2,h2c
Content-Type: text/css
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 4633

GET
H/1.1 200
OK jquery-1.7.1.min.js Show response
yzqjw.com/warwickblarney/ 92 KB
92 KB 248ms
131ms Script
application/javascript 198.38.91.55
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: http://yzqjw.com/warwickblarney/jquery-1.7.1.min.js
Requested by: Host: yzqjw.com
URL: http://yzqjw.com/warwickblarney/
Protocol: HTTP/1.1
Server: 198.38.91.55 , United Kingdom, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: mocha3034-web1.mochahost.com
Software: Apache /
Resource Hash: 863cd492b5b90e6518292dd9684fa54a5485d361a229b81a85cfc08de6ce899f

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://yzqjw.com/warwickblarney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Sat, 16 Sep 2023 13:10:36 GMT
Last-Modified: Fri, 01 Jan 2021 19:17:18 GMT
Server: Apache
Upgrade: h2,h2c
Content-Type: application/javascript
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 93871

GET
H/1.1 200
OK jquery.flexslider-min.js Show response
yzqjw.com/warwickblarney/ 42 KB
43 KB 246ms
130ms Script
application/javascript 198.38.91.55
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: http://yzqjw.com/warwickblarney/jquery.flexslider-min.js
Requested by: Host: yzqjw.com
URL: http://yzqjw.com/warwickblarney/
Protocol: HTTP/1.1
Server: 198.38.91.55 , United Kingdom, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: mocha3034-web1.mochahost.com
Software: Apache /
Resource Hash: c44d74e6968fccb5562a352785a577c8c2272ee13e943f6ebe24baec31cda4eb

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://yzqjw.com/warwickblarney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Sat, 16 Sep 2023 13:10:36 GMT
Last-Modified: Fri, 01 Jan 2021 19:17:18 GMT
Server: Apache
Upgrade: h2,h2c
Content-Type: application/javascript
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 43496

GET
H/1.1 200
OK styles.v68.css
yzqjw.com/warwickblarney/index/ 55 KB
56 KB 242ms
125ms Stylesheet
text/css 198.38.91.55
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: http://yzqjw.com/warwickblarney/index/styles.v68.css
Requested by: Host: yzqjw.com
URL: http://yzqjw.com/warwickblarney/
Protocol: HTTP/1.1
Server: 198.38.91.55 , United Kingdom, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: mocha3034-web1.mochahost.com
Software: Apache /
Resource Hash: 0fc9e9d565e2272fc503b5bd70a7ebef3a29185491f03f9ec6b12b90ff5f2af5

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://yzqjw.com/warwickblarney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Sat, 16 Sep 2023 13:10:36 GMT
Last-Modified: Fri, 01 Jan 2021 19:17:18 GMT
Server: Apache
Upgrade: h2,h2c
Content-Type: text/css
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 56602

GET
H/1.1 200
OK 10b82fda29aa46ef15a5772092d57ffb.jpg
yzqjw.com/warwickblarney/imgs/sd/ 53 KB
53 KB 125ms
124ms Image
image/jpeg 198.38.91.55
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://yzqjw.com/warwickblarney/imgs/sd/10b82fda29aa46ef15a5772092d57ffb.jpg
Requested by: Host: yzqjw.com
URL: http://yzqjw.com/warwickblarney/
Protocol: HTTP/1.1
Server: 198.38.91.55 , United Kingdom, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: mocha3034-web1.mochahost.com
Software: Apache /
Resource Hash: 991070b3b1e03bd666f6d0fcd5c4a6e06bb8bff10bf1b14d9d7d2c35c6dcd41d

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://yzqjw.com/warwickblarney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Sat, 16 Sep 2023 13:10:37 GMT
Last-Modified: Sun, 06 Jun 2021 23:30:54 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 53803

GET
H/1.1 200
OK 200fb5ab67a8922ecc89b79ec8b08e12.jpg
yzqjw.com/warwickblarney/imgs/sd/ 45 KB
45 KB 134ms
133ms Image
image/jpeg 198.38.91.55
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://yzqjw.com/warwickblarney/imgs/sd/200fb5ab67a8922ecc89b79ec8b08e12.jpg
Requested by: Host: yzqjw.com
URL: http://yzqjw.com/warwickblarney/
Protocol: HTTP/1.1
Server: 198.38.91.55 , United Kingdom, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: mocha3034-web1.mochahost.com
Software: Apache /
Resource Hash: 70ff2527a023a3fee40fd40721e2ad5692d4f6193b871b8c2bed5b9471266ac1

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://yzqjw.com/warwickblarney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Sat, 16 Sep 2023 13:10:37 GMT
Last-Modified: Sun, 06 Jun 2021 23:30:54 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 46345

GET
H/1.1 200
OK 897347f64a3bd4d4a0f440cada94228b.jpg
yzqjw.com/warwickblarney/imgs/sd/ 46 KB
46 KB 124ms
123ms Image
image/jpeg 198.38.91.55
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://yzqjw.com/warwickblarney/imgs/sd/897347f64a3bd4d4a0f440cada94228b.jpg
Requested by: Host: yzqjw.com
URL: http://yzqjw.com/warwickblarney/
Protocol: HTTP/1.1
Server: 198.38.91.55 , United Kingdom, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: mocha3034-web1.mochahost.com
Software: Apache /
Resource Hash: 620a85f820eed60c043793e265dbec61b4cf285b0d1cb7c177988ec8a0d5922f

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://yzqjw.com/warwickblarney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Sat, 16 Sep 2023 13:10:37 GMT
Last-Modified: Sun, 06 Jun 2021 23:30:54 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 46750

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 245ms
141ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: yzqjw.com
URL: http://yzqjw.com/warwickblarney/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38908df054c04e62fabcffc0f3b8784493a0606b581a415e1be9e64fc4f364d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://yzqjw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 13:10:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50703
x-xss-protection: 0
server: cafe
etag: 10825427769698331288
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 16 Sep 2023 13:10:39 GMT

GET
H2 200 counter.js Show response
www.statcounter.com/counter/ 40 KB
15 KB 105ms
42ms Script
application/javascript 104.20.219.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.statcounter.com/counter/counter.js
Requested by: Host: yzqjw.com
URL: http://yzqjw.com/warwickblarney/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18ccd9972995ccfdf1c4ce53d0195550e2b44e9acbd5c0cf826088149fa7e7c6

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://yzqjw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 13:10:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 15 Sep 2023 17:27:07 GMT
server: cloudflare
age: 37561
etag: W/"650493eb-a067"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 807959d1eb9c35fb-MAN
expires: Sat, 16 Sep 2023 14:44:38 GMT

GET
H/1.1

404
Not Found

header.gif
yzqjw.com/web/20170111033413im_/http:/www.topekadentalclinic.com/wp-content/themes/clickbump/styles/velocity/
Redirect Chain

http://yzqjw.com/web/20170111033413im_/http://www.topekadentalclinic.com/wp-content/themes/clickbump/styles/velocity/header.gif
http://yzqjw.com/web/20170111033413im_/http:/www.topekadentalclinic.com/wp-content/themes/clickbump/styles/velocity/header.gif

925 B
925 B

3241ms
3118ms

Image
text/html

198.38.91.55
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://yzqjw.com/web/20170111033413im_/http:/www.topekadentalclinic.com/wp-content/themes/clickbump/styles/velocity/header.gif
Requested by: Host: yzqjw.com
URL: http://yzqjw.com/warwickblarney/index/styles.v68.css
Protocol: HTTP/1.1
Server: 198.38.91.55 , United Kingdom, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: mocha3034-web1.mochahost.com
Software: Apache / PHP/7.4.33
Resource Hash: 684eb00098751e20cc7e650df938c20784df41b6eda9101bac3fe457e1555d42

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://yzqjw.com/warwickblarney/index/styles.v68.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Sat, 16 Sep 2023 13:10:39 GMT
Server: Apache
X-Powered-By: PHP/7.4.33
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Link: <https://yzqjw.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=97
Expires: Wed, 11 Jan 1984 05:00:00 GMT

Redirect headers

Date: Sat, 16 Sep 2023 13:10:37 GMT
Server: Apache
X-Powered-By: PHP/7.4.33
X-Redirect-By: WordPress
Content-Type: text/html; charset=UTF-8
Location: http://yzqjw.com/web/20170111033413im_/http:/www.topekadentalclinic.com/wp-content/themes/clickbump/styles/velocity/header.gif
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 0
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1

404
Not Found

gradient.png
yzqjw.com/web/20170111033413im_/http:/www.topekadentalclinic.com/wp-content/themes/clickbump/styles/velocity/
Redirect Chain

http://yzqjw.com/web/20170111033413im_/http://www.topekadentalclinic.com/wp-content/themes/clickbump/styles/velocity/gradient.png
http://yzqjw.com/web/20170111033413im_/http:/www.topekadentalclinic.com/wp-content/themes/clickbump/styles/velocity/gradient.png

925 B
925 B

2184ms
2184ms

Image
text/html

198.38.91.55
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://yzqjw.com/web/20170111033413im_/http:/www.topekadentalclinic.com/wp-content/themes/clickbump/styles/velocity/gradient.png
Requested by: Host: yzqjw.com
URL: http://yzqjw.com/warwickblarney/index/styles.v68.css
Protocol: HTTP/1.1
Server: 198.38.91.55 , United Kingdom, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: mocha3034-web1.mochahost.com
Software: Apache / PHP/7.4.33
Resource Hash: 684eb00098751e20cc7e650df938c20784df41b6eda9101bac3fe457e1555d42

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://yzqjw.com/warwickblarney/index/styles.v68.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Sat, 16 Sep 2023 13:10:39 GMT
Server: Apache
X-Powered-By: PHP/7.4.33
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Link: <https://yzqjw.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=98
Expires: Wed, 11 Jan 1984 05:00:00 GMT

Redirect headers

Date: Sat, 16 Sep 2023 13:10:37 GMT
Server: Apache
X-Powered-By: PHP/7.4.33
X-Redirect-By: WordPress
Content-Type: text/html; charset=UTF-8
Location: http://yzqjw.com/web/20170111033413im_/http:/www.topekadentalclinic.com/wp-content/themes/clickbump/styles/velocity/gradient.png
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 0
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1

404
Not Found

sidebar.gif
yzqjw.com/web/20170111033413im_/http:/www.topekadentalclinic.com/wp-content/themes/clickbump/styles/velocity/
Redirect Chain

http://yzqjw.com/web/20170111033413im_/http://www.topekadentalclinic.com/wp-content/themes/clickbump/styles/velocity/sidebar.gif
http://yzqjw.com/web/20170111033413im_/http:/www.topekadentalclinic.com/wp-content/themes/clickbump/styles/velocity/sidebar.gif

12 KB
12 KB

2692ms
2692ms

Image
text/html

198.38.91.55
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://yzqjw.com/web/20170111033413im_/http:/www.topekadentalclinic.com/wp-content/themes/clickbump/styles/velocity/sidebar.gif
Requested by: Host: yzqjw.com
URL: http://yzqjw.com/warwickblarney/index/styles.v68.css
Protocol: HTTP/1.1
Server: 198.38.91.55 , United Kingdom, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: mocha3034-web1.mochahost.com
Software: Apache / PHP/7.4.33
Resource Hash: 63a11b8e59e1c0f91ffb4c31ea09bf384b0ac8076ab3d0b568ab7ab115d6e283

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://yzqjw.com/warwickblarney/index/styles.v68.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Sat, 16 Sep 2023 13:10:39 GMT
Server: Apache
X-Powered-By: PHP/7.4.33
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Link: <https://yzqjw.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=98
Expires: Wed, 11 Jan 1984 05:00:00 GMT

Redirect headers

Date: Sat, 16 Sep 2023 13:10:37 GMT
Server: Apache
X-Powered-By: PHP/7.4.33
X-Redirect-By: WordPress
Content-Type: text/html; charset=UTF-8
Location: http://yzqjw.com/web/20170111033413im_/http:/www.topekadentalclinic.com/wp-content/themes/clickbump/styles/velocity/sidebar.gif
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 0
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1

404
Not Found

header.png
yzqjw.com/web/20170111033413im_/http:/www.topekadentalclinic.com/wp-content/themes/clickbump/styles/velocity/
Redirect Chain

http://yzqjw.com/web/20170111033413im_/http://www.topekadentalclinic.com/wp-content/themes/clickbump/styles/velocity/header.png
http://yzqjw.com/web/20170111033413im_/http:/www.topekadentalclinic.com/wp-content/themes/clickbump/styles/velocity/header.png

12 KB
12 KB

2646ms
2646ms

Image
text/html

198.38.91.55
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://yzqjw.com/web/20170111033413im_/http:/www.topekadentalclinic.com/wp-content/themes/clickbump/styles/velocity/header.png
Requested by: Host: yzqjw.com
URL: http://yzqjw.com/warwickblarney/index/styles.v68.css
Protocol: HTTP/1.1
Server: 198.38.91.55 , United Kingdom, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: mocha3034-web1.mochahost.com
Software: Apache / PHP/7.4.33
Resource Hash: 63a11b8e59e1c0f91ffb4c31ea09bf384b0ac8076ab3d0b568ab7ab115d6e283

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://yzqjw.com/warwickblarney/index/styles.v68.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Sat, 16 Sep 2023 13:10:40 GMT
Server: Apache
X-Powered-By: PHP/7.4.33
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Link: <https://yzqjw.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=97
Expires: Wed, 11 Jan 1984 05:00:00 GMT

Redirect headers

Date: Sat, 16 Sep 2023 13:10:37 GMT
Server: Apache
X-Powered-By: PHP/7.4.33
X-Redirect-By: WordPress
Content-Type: text/html; charset=UTF-8
Location: http://yzqjw.com/web/20170111033413im_/http:/www.topekadentalclinic.com/wp-content/themes/clickbump/styles/velocity/header.png
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 0
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1

404
Not Found

spot.gif
yzqjw.com/web/20170111033413im_/http:/www.topekadentalclinic.com/wp-content/themes/clickbump/styles/velocity/
Redirect Chain

http://yzqjw.com/web/20170111033413im_/http://www.topekadentalclinic.com/wp-content/themes/clickbump/styles/velocity/spot.gif
http://yzqjw.com/web/20170111033413im_/http:/www.topekadentalclinic.com/wp-content/themes/clickbump/styles/velocity/spot.gif

7 KB
7 KB

2171ms
2170ms

Image
text/html

198.38.91.55
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://yzqjw.com/web/20170111033413im_/http:/www.topekadentalclinic.com/wp-content/themes/clickbump/styles/velocity/spot.gif
Requested by: Host: yzqjw.com
URL: http://yzqjw.com/warwickblarney/index/styles.v68.css
Protocol: HTTP/1.1
Server: 198.38.91.55 , United Kingdom, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: mocha3034-web1.mochahost.com
Software: Apache / PHP/7.4.33
Resource Hash: df6d5e1b9a5bf0c6b8b4a6c164af1d13641fd87b0d455174c6993cc4aed46545

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://yzqjw.com/warwickblarney/index/styles.v68.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Sat, 16 Sep 2023 13:10:40 GMT
Server: Apache
X-Powered-By: PHP/7.4.33
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Link: <https://yzqjw.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=97
Expires: Wed, 11 Jan 1984 05:00:00 GMT

Redirect headers

Date: Sat, 16 Sep 2023 13:10:37 GMT
Server: Apache
X-Powered-By: PHP/7.4.33
X-Redirect-By: WordPress
Content-Type: text/html; charset=UTF-8
Location: http://yzqjw.com/web/20170111033413im_/http:/www.topekadentalclinic.com/wp-content/themes/clickbump/styles/velocity/spot.gif
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 0
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1

404
Not Found

spot2.gif
yzqjw.com/web/20170111033413im_/http:/www.topekadentalclinic.com/wp-content/themes/clickbump/styles/velocity/
Redirect Chain

http://yzqjw.com/web/20170111033413im_/http://www.topekadentalclinic.com/wp-content/themes/clickbump/styles/velocity/spot2.gif
http://yzqjw.com/web/20170111033413im_/http:/www.topekadentalclinic.com/wp-content/themes/clickbump/styles/velocity/spot2.gif

12 KB
12 KB

2674ms
2674ms

Image
text/html

198.38.91.55
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://yzqjw.com/web/20170111033413im_/http:/www.topekadentalclinic.com/wp-content/themes/clickbump/styles/velocity/spot2.gif
Requested by: Host: yzqjw.com
URL: http://yzqjw.com/warwickblarney/index/styles.v68.css
Protocol: HTTP/1.1
Server: 198.38.91.55 , United Kingdom, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: mocha3034-web1.mochahost.com
Software: Apache / PHP/7.4.33
Resource Hash: 63a11b8e59e1c0f91ffb4c31ea09bf384b0ac8076ab3d0b568ab7ab115d6e283

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://yzqjw.com/warwickblarney/index/styles.v68.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Sat, 16 Sep 2023 13:10:40 GMT
Server: Apache
X-Powered-By: PHP/7.4.33
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Link: <https://yzqjw.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=96
Expires: Wed, 11 Jan 1984 05:00:00 GMT

Redirect headers

Date: Sat, 16 Sep 2023 13:10:37 GMT
Server: Apache
X-Powered-By: PHP/7.4.33
X-Redirect-By: WordPress
Content-Type: text/html; charset=UTF-8
Location: http://yzqjw.com/web/20170111033413im_/http:/www.topekadentalclinic.com/wp-content/themes/clickbump/styles/velocity/spot2.gif
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 0
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 200
OK arr.png
yzqjw.com/warwickblarney/images/ 2 KB
2 KB 2510ms
123ms Image
image/png 198.38.91.55
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://yzqjw.com/warwickblarney/images/arr.png
Requested by: Host: yzqjw.com
URL: http://yzqjw.com/warwickblarney/flexslider.css
Protocol: HTTP/1.1
Server: 198.38.91.55 , United Kingdom, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: mocha3034-web1.mochahost.com
Software: Apache /
Resource Hash: 6feb3c93187f025ce24ccad4737597b8d90519ea7efb2c35b33e2aa766bac93d

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://yzqjw.com/warwickblarney/flexslider.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Sat, 16 Sep 2023 13:10:39 GMT
Last-Modified: Fri, 01 Jan 2021 19:17:18 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2185

GET
H2 200 t.php Show response
c.statcounter.com/ 192 B
566 B 174ms
160ms XHR
application/json 104.20.219.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.statcounter.com/t.php?sc_project=12543887&u1=7F6EC2BBE4E14F5BC44BAA9FB5D88A70&java=1&security=bcaf11d8&sc_snum=1&sess=c49b29&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=http%3A//yzqjw.com/warwickblarney/&t=Blarney%20Station&invisible=1&sc_rum_e_s=1700&sc_rum_e_e=1708&sc_rum_f_s=0&sc_rum_f_e=1692&get_config=true
Requested by: Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://yzqjw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 13:10:39 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/json
access-control-allow-origin: http://yzqjw.com
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials: true
cf-ray: 807959d25c8f35fb-MAN
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309130101/ 379 KB
129 KB 119ms
118ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9487194768751455&plah=yzqjw.com&bust=31077909

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6efa48a159cfa2d8919db958e8c927db75b5a85e92f75d25c30b016f625eefa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://yzqjw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 13:10:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131528
x-xss-protection: 0
server: cafe
etag: 7628269214878166207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 16 Sep 2023 13:10:39 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230913/r20190131/ Frame 4C95 10 KB
5 KB 143ms
44ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230913/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://yzqjw.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 57859
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4438
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Sep 2023 21:06:21 GMT
etag: 8554266389219770021
expires: Fri, 29 Sep 2023 21:06:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 385 B
603 B 180ms
52ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=yzqjw.com&callback=_gfp_s_&client=ca-pub-9487194768751455

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9487194768751455&plah=yzqjw.com&bust=31077909

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4676da3fcee939f8636c3c587628d167ccc0070e0333bf02602eef0acdddeba4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://yzqjw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 13:10:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 252
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DA04 34 KB
14 KB 252ms
251ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9487194768751455&output=html&h=90&slotname=3715867313&adk=512885590&adf=2252284331&pi=t.ma~as.3715867313&w=728&lmt=1662536058&format=728x90&url=http%3A%2F%2Fyzqjw.com%2Fwarwickblarney%2F&wgl=1&dt=1694869839919&bpp=4&bdt=961&idt=226&shv=r20230913&mjsv=m202309130101&ptt=9&saldr=aa&abxe=1&correlator=5797910496969&frm=20&pv=2&ga_vid=797531372.1694869840&ga_sid=1694869840&ga_hid=1189770603&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=347&ady=683&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31077698%2C44795921%2C31077909&oid=2&pvsid=3287554509701709&tmod=1603200724&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=N5FPaaB06k&p=http%3A//yzqjw.com&dtd=246

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46d40af0e540794d81b9b439d3f7f8d79ab145275024072c0a4521232092cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://yzqjw.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 14082
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 16 Sep 2023 13:10:40 GMT
expires: Sat, 16 Sep 2023 13:10:40 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8FB2 0
180 B 55ms
54ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9487194768751455&output=html&adk=1812271804&adf=3025194257&lmt=1662536058&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=http%3A%2F%2Fyzqjw.com%2Fwarwickblarney%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&dt=1694869839941&bpp=1&bdt=983&idt=232&shv=r20230913&mjsv=m202309130101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=5797910496969&frm=20&pv=1&ga_vid=797531372.1694869840&ga_sid=1694869840&ga_hid=1189770603&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31077698%2C44795921%2C31077909&oid=2&pvsid=3287554509701709&tmod=1603200724&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=243

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://yzqjw.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 16 Sep 2023 13:10:40 GMT
expires: Sat, 16 Sep 2023 13:10:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 8441 212 KB
61 KB 215ms
98ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQWpUAADN18I9k7jAAmRJuGlsYREybpvpktwJA&u=%7CSuqg17AgVfLHmbs607unef1hofkjDyIgs781pUhIZAY%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC862pY1b8XOk2r3uCCz7RDLP_nR8wsXpaWsW35pGjeD3R-zi-AJxUV2uTaGuAUd8eJlCqHGUg48ZuF4UkmX_6HanYBvPLe7jrpiMbr6fyZrMMxCntjOzoY7urdsb3Zy7ykvWH78-yIC2i8nFbhFhKvwKC97_DfEVSfFHyMr9SVS4XoVrB83DYompKlfxXXhROWk2ji-1g-eW0aQlHl8eVTckDizXxVTDp-6Akl78hIgR3hm2Tq4HUEjexYvPh-NeL0cot1iwfPd_YcYEfbqAB3OTe1J3BZ6jlxDO_g0IVw0JcaMoQJrvgvAZsNmV2tx4ukhKFqMpkqjhA4Jlzup90Y6NvYi-Ci9fwkGR0Fvov9GQUfmcH3YrCoco7-7d0t9jD2H6fHRMnpHr6eMR2sIE-8dukcKRE6VXso3Tbllz9LEvRiuKxcHg4Al8oAnSEiKmBDD79gED4rcXpmI1eevYL93QCSNTYvsumCkTiiN_Bnwg2nmJtDsT_CPPSHPqKyHkRE1QF09D1IlJ_-3hdPSXDFJIq0jtEyUBjy3KgnARUbIDhWVkOeN3G-fgMKvh56EbU9L322sYLeHXC_bugGffVkFTqfg3ZpHa-2Zw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgh7cUKkFZd_uDOOd2fcPpqKmuAfkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi05NDg3MTk0NzY4NzUxNDU1yAEJqQIQ_D4AhMa0PqgDAcgDAqoE7AFP0BLrtailIb_HB1sRv2VbGFM1EBxrIgReLSNEaQIdvx9k03riqWsKrKbXf3Qb3BOzPPGuBEW84wh0Aeq9t1nUGH-TrGQ8_9OiD53haeRgZKJlJlGmcrAAulRWMFyWlvVAw1RSiv3vG84aVN-wiO0IUCLcjgVTJtlcVtpUovXhCy-VvzU_zjhggcf7Gj0ejsUrKh0-NmXkefjvhxviR1mEV0zvgZjmiFKnKYcCBj9KZ1XFwrL7To4obq8DrpAiANW511uuvLtdVKlcQKdojy8xkyoaGDM5mBHbcc1fN6UJUGsIuiykL1c1JW0yRIAGsfj4n8jsn9lRoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0d58Z5WTLec5sxmp1epqDVsYf2GA%26client%3Dca-pub-9487194768751455%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9487194768751455&output=html&h=90&slotname=3715867313&adk=512885590&adf=2252284331&pi=t.ma~as.3715867313&w=728&lmt=1662536058&format=728x90&url=http%3A%2F%2Fyzqjw.com%2Fwarwickblarney%2F&wgl=1&dt=1694869839919&bpp=4&bdt=961&idt=226&shv=r20230913&mjsv=m202309130101&ptt=9&saldr=aa&abxe=1&correlator=5797910496969&frm=20&pv=2&ga_vid=797531372.1694869840&ga_sid=1694869840&ga_hid=1189770603&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=347&ady=683&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31077698%2C44795921%2C31077909&oid=2&pvsid=3287554509701709&tmod=1603200724&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=N5FPaaB06k&p=http%3A//yzqjw.com&dtd=246

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

478108782c9e48f7bb9a5ef27204bf0a314bcae4669006333b37adc28ecf9491

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sat, 16 Sep 2023 13:10:39 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=6C7t5JPvOHvyatC9DVt-9BGzsnvFjB97aGHoKFvPxWJS71WNPB5mmPrr3trpx1XUutzr9JIL9je5DfEnYKrDmz-U9N3rlwqCmefLMcYHEIv5PLYcf89VTsHf_laCK-kk6joBFWG69oRsLdgvgA8H67fPT3bx2u85eg-luYppb0igI44n0u3bFlEdr4Ksw3Z-cXFyQy1vk3nx-UlD_y3rbGjLhcbdhOUeDdAhbjFvYb6T0fF-s8-1nmfhbsdfAcwLyMjlJQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 59187696
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame DA04 3 KB
1 KB 147ms
49ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 11:40:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5392
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Sep 2023 11:40:48 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame DA04 20 KB
8 KB 141ms
44ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 18:29:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67242
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Sep 2023 18:29:58 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DA04 182 KB
57 KB 73ms
65ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 13:10:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57988
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694604874705780"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Sep 2023 13:10:40 GMT

GET
DATA 200
OK truncated
/ Frame DA04 222 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a511f2ce1976be8308d983d17dfebf491527708a754adc9099e33e9ebe0d5e65

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame DA04 0
23 B 86ms
86ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CtzokUKkFZd_uDOOd2fcPpqKmuAfkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi05NDg3MTk0NzY4NzUxNDU1yAEJqQIQ_D4AhMa0PqgDAcgDAqoE6QFP0BLrtailIb_HB1sRv2VbGFM1EBxrIgReLSNEaQIdvx9k03riqWsKrKbXf3Qb3BOzPPGuBEW84wh0Aeq9t1nUGH-TrGQ8_9OiD53haeRgZKJlJlGmcrAAulRWMFyWlvVAw1RSiv3vG84aVN-wiO0IUCLcjgVTJtlcVtpUovXhCy-VvzU_zjhggcf7Gj0ejsUrKh0-NmXkefjvhxviR1mEV0zvgZjmiFKnKYcCBj9KZ1XFwrL7To4obq8DrpAiANW511vsvprPjQDfJDvr0pWL1qOIAxQzJBv1aRbRrMGV8dQWljRGhfVwrIAGsfj4n8jsn9lRoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTk0ODcxOTQ3Njg3NTE0NTUYAA&sigh=6I7Lkq2zsxs&uach_m=[UACH]&cid=CAQSGwBpAlJWH9O-YgwbtjY3B2W8yDAMgn7P-435_hgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9487194768751455&output=html&h=90&slotname=3715867313&adk=512885590&adf=2252284331&pi=t.ma~as.3715867313&w=728&lmt=1662536058&format=728x90&url=http%3A%2F%2Fyzqjw.com%2Fwarwickblarney%2F&wgl=1&dt=1694869839919&bpp=4&bdt=961&idt=226&shv=r20230913&mjsv=m202309130101&ptt=9&saldr=aa&abxe=1&correlator=5797910496969&frm=20&pv=2&ga_vid=797531372.1694869840&ga_sid=1694869840&ga_hid=1189770603&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=347&ady=683&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31077698%2C44795921%2C31077909&oid=2&pvsid=3287554509701709&tmod=1603200724&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=N5FPaaB06k&p=http%3A//yzqjw.com&dtd=246
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 16 Sep 2023 13:10:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 16 Sep 2023 13:10:40 GMT

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame DA04 0
126 B 141ms
37ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kMicF8qBMNgFWof6VxgCAAAARuG4JbOhk88QT6kFZSdiXzElFHmm1LkAABIAAAoKQVFVQkR3RUJEdw&wp=ZQWpUAADN18I9k7jAAmRJuGlsYREybpvpktwJA&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 13:10:40 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 158537
server: Kestrel
content-length: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 8441 2 KB
1 KB 113ms
36ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQWpUAADN18I9k7jAAmRJuGlsYREybpvpktwJA&u=%7CSuqg17AgVfLHmbs607unef1hofkjDyIgs781pUhIZAY%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC862pY1b8XOk2r3uCCz7RDLP_nR8wsXpaWsW35pGjeD3R-zi-AJxUV2uTaGuAUd8eJlCqHGUg48ZuF4UkmX_6HanYBvPLe7jrpiMbr6fyZrMMxCntjOzoY7urdsb3Zy7ykvWH78-yIC2i8nFbhFhKvwKC97_DfEVSfFHyMr9SVS4XoVrB83DYompKlfxXXhROWk2ji-1g-eW0aQlHl8eVTckDizXxVTDp-6Akl78hIgR3hm2Tq4HUEjexYvPh-NeL0cot1iwfPd_YcYEfbqAB3OTe1J3BZ6jlxDO_g0IVw0JcaMoQJrvgvAZsNmV2tx4ukhKFqMpkqjhA4Jlzup90Y6NvYi-Ci9fwkGR0Fvov9GQUfmcH3YrCoco7-7d0t9jD2H6fHRMnpHr6eMR2sIE-8dukcKRE6VXso3Tbllz9LEvRiuKxcHg4Al8oAnSEiKmBDD79gED4rcXpmI1eevYL93QCSNTYvsumCkTiiN_Bnwg2nmJtDsT_CPPSHPqKyHkRE1QF09D1IlJ_-3hdPSXDFJIq0jtEyUBjy3KgnARUbIDhWVkOeN3G-fgMKvh56EbU9L322sYLeHXC_bugGffVkFTqfg3ZpHa-2Zw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgh7cUKkFZd_uDOOd2fcPpqKmuAfkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi05NDg3MTk0NzY4NzUxNDU1yAEJqQIQ_D4AhMa0PqgDAcgDAqoE7AFP0BLrtailIb_HB1sRv2VbGFM1EBxrIgReLSNEaQIdvx9k03riqWsKrKbXf3Qb3BOzPPGuBEW84wh0Aeq9t1nUGH-TrGQ8_9OiD53haeRgZKJlJlGmcrAAulRWMFyWlvVAw1RSiv3vG84aVN-wiO0IUCLcjgVTJtlcVtpUovXhCy-VvzU_zjhggcf7Gj0ejsUrKh0-NmXkefjvhxviR1mEV0zvgZjmiFKnKYcCBj9KZ1XFwrL7To4obq8DrpAiANW511uuvLtdVKlcQKdojy8xkyoaGDM5mBHbcc1fN6UJUGsIuiykL1c1JW0yRIAGsfj4n8jsn9lRoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0d58Z5WTLec5sxmp1epqDVsYf2GA%26client%3Dca-pub-9487194768751455%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 13:10:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 10 Sep 2024 13:10:40 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 8441 2 KB
1 KB 113ms
37ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 13:10:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 10 Sep 2024 13:10:40 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 8441 308 B
636 B 113ms
37ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 13:10:40 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Tue, 10 Sep 2024 13:10:40 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 8441 293 B
621 B 113ms
38ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 13:10:40 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Tue, 10 Sep 2024 13:10:40 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 8441 43 B
348 B 152ms
39ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=uiuRXmLOrrfwHXyposwUP2iCQ7gARFNDtQNy0A-dwxltI1BacoiIgdL1O-9DZ591xZrcLW97RFn8iwPRXfP128bMMn6gaYKq_4XvSe1QdqwROi7eU7WLnmIYV3F06S2BuS4_9Y90mHDrXAIr0MNo_sH-11clDn-Ole2B4zgW5AWwECsE5C9DMCIk5TOfmDS04NHHdFxzRbO6IHt2PaKvSzKkPqQgzoh__8X0DePEWwGklgnSTcfYaW4maHIggn0zb2ZGkMhNGzcsMszXeFD0nLp-q10s54aZLD8eLYV6S0vPZ7Ah8Lpj68Lh8Ef2-9j-0n--8rV8sbgV9TyuxkGASh9Qa5lPdh82rjmFia5xfpxzIBozvsjswnipD09mPJs84fIc9gQNwHrDp2MgrUUfIOQH7vRaywmY6oxw0OTkAX7B9-MLLNFaaQm3lH4-x5uAUQYeuMtYTfACuFmbY1EQxuif1DM

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Sep 2023 13:10:40 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1696862
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

/
cs.mytheresa.com/mix/v3/ Frame 8441
Redirect Chain

https://cs.mytheresa.com/mix/v3/?tcs=3504&rand=6505a94fe1e87f4fdbc84e07ccb03e4a&chn=display_pro&src=criteo&cmp=criteo_gb&tarea=gb&ptyp=dynamic&gdpr=1&
https://mix-phoenix.commander1.com/mix/v3/?TC_CHECK_COOKIES_SUPPORT=1&tc_first=cs.mytheresa.com&tcs=3504&rand=6505a94fe1e87f4fdbc84e07ccb03e4a&chn=display_pro&src=criteo&cmp=criteo_gb&tarea=gb&ptyp...
https://cs.mytheresa.com/mix/v3/?tc_id=202309161510413168475094&tcs=3504&rand=6505a94fe1e87f4fdbc84e07ccb03e4a&chn=display_pro&src=criteo&cmp=criteo_gb&tarea=gb&ptyp=dynamic&gdpr=1&

43 B
990 B

44ms
44ms

Image
image/gif

35.181.29.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.mytheresa.com/mix/v3/?tc_id=202309161510413168475094&tcs=3504&rand=6505a94fe1e87f4fdbc84e07ccb03e4a&chn=display_pro&src=criteo&cmp=criteo_gb&tarea=gb&ptyp=dynamic&gdpr=1&
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQWpUAADN18I9k7jAAmRJuGlsYREybpvpktwJA&u=%7CSuqg17AgVfLHmbs607unef1hofkjDyIgs781pUhIZAY%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC862pY1b8XOk2r3uCCz7RDLP_nR8wsXpaWsW35pGjeD3R-zi-AJxUV2uTaGuAUd8eJlCqHGUg48ZuF4UkmX_6HanYBvPLe7jrpiMbr6fyZrMMxCntjOzoY7urdsb3Zy7ykvWH78-yIC2i8nFbhFhKvwKC97_DfEVSfFHyMr9SVS4XoVrB83DYompKlfxXXhROWk2ji-1g-eW0aQlHl8eVTckDizXxVTDp-6Akl78hIgR3hm2Tq4HUEjexYvPh-NeL0cot1iwfPd_YcYEfbqAB3OTe1J3BZ6jlxDO_g0IVw0JcaMoQJrvgvAZsNmV2tx4ukhKFqMpkqjhA4Jlzup90Y6NvYi-Ci9fwkGR0Fvov9GQUfmcH3YrCoco7-7d0t9jD2H6fHRMnpHr6eMR2sIE-8dukcKRE6VXso3Tbllz9LEvRiuKxcHg4Al8oAnSEiKmBDD79gED4rcXpmI1eevYL93QCSNTYvsumCkTiiN_Bnwg2nmJtDsT_CPPSHPqKyHkRE1QF09D1IlJ_-3hdPSXDFJIq0jtEyUBjy3KgnARUbIDhWVkOeN3G-fgMKvh56EbU9L322sYLeHXC_bugGffVkFTqfg3ZpHa-2Zw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgh7cUKkFZd_uDOOd2fcPpqKmuAfkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi05NDg3MTk0NzY4NzUxNDU1yAEJqQIQ_D4AhMa0PqgDAcgDAqoE7AFP0BLrtailIb_HB1sRv2VbGFM1EBxrIgReLSNEaQIdvx9k03riqWsKrKbXf3Qb3BOzPPGuBEW84wh0Aeq9t1nUGH-TrGQ8_9OiD53haeRgZKJlJlGmcrAAulRWMFyWlvVAw1RSiv3vG84aVN-wiO0IUCLcjgVTJtlcVtpUovXhCy-VvzU_zjhggcf7Gj0ejsUrKh0-NmXkefjvhxviR1mEV0zvgZjmiFKnKYcCBj9KZ1XFwrL7To4obq8DrpAiANW511uuvLtdVKlcQKdojy8xkyoaGDM5mBHbcc1fN6UJUGsIuiykL1c1JW0yRIAGsfj4n8jsn9lRoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0d58Z5WTLec5sxmp1epqDVsYf2GA%26client%3Dca-pub-9487194768751455%26adurl%3D
Protocol: HTTP/1.1
Server: 35.181.29.184 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-181-29-184.eu-west-3.compute.amazonaws.com
Software: web /
Resource Hash: 546c5cf136073615afda5cab173feff341171a26a848cf7ce09bb8bd8b07ce89

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: private
date: Sat, 16 Sep 2023 13:10:41 GMT
content-encoding: gzip
server: web
transfer-encoding: chunked
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=486000, pre-check=486000
expires: Fri, 15 Dec 23 15:10:41 +0100

Redirect headers

pragma: private
date: Sat, 16 Sep 2023 13:10:41 GMT
server: web
transfer-encoding: chunked
content-type: text/html
location: https://cs.mytheresa.com/mix/v3/?tc_id=202309161510413168475094&tcs=3504&rand=6505a94fe1e87f4fdbc84e07ccb03e4a&chn=display_pro&src=criteo&cmp=criteo_gb&tarea=gb&ptyp=dynamic&gdpr=1&
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
cache-control: private, max-age=486000, pre-check=486000
expires: Fri, 15 Dec 23 15:10:41 +0100

GET
H2 200 a13f5a089b9f4fa68a01887fffacd2e9_futurastdbook.woff
static.criteo.net/design/dt/ Frame 8441 16 KB
16 KB 148ms
74ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/a13f5a089b9f4fa68a01887fffacd2e9_futurastdbook.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f9854564eea51b88c56b7da87ae2606311a8bc5b5f4fe6c07536ffc6d59873ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 13:10:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Jun 2018 14:45:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5b34f4a7-3fb8"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 10 Sep 2024 13:10:40 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 8441 12 KB
5 KB 111ms
44ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 13:10:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1885370
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4418
last-modified: Thu, 22 Jun 2023 11:22:44 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942f04-1142"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g317Wow5JdGMXVGriEss%2BPqkEraJjynCzcOQbqiq9uNMI2FqbvFxT12RqMMdiEUPpiAeCR9TsY3D7ySFIq0sD2miBJg%2F5vy2oNhwDA%2BC9dw2kHCg%2Ba13qnlLbHhl48zXvhChgegKy7eKrkY%2FcOq6xVdS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 807959d8e9df45a0-LHR
expires: Thu, 05 Sep 2024 13:10:40 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 8441 12 KB
6 KB 81ms
69ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 13:10:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 10 Sep 2024 13:10:40 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 8441 10 KB
10 KB 150ms
43ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=176&m=0&partner=14984&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F14984%2F230404%2Fede8cd00951647e29d578f11eb846d58_horizontal%28with_claim%29.png&v=3&w=256&s=BLKChzV2PbSXI-nl6XY7e42W

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a1a23be17fe4befeff2dc3605364acb9c2b728f0db2b5520eecf17f7b7ab23ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 13:10:40 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 10325
expires: Tue, 03 Sep 2024 08:04:26 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 8441 8 KB
8 KB 180ms
73ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=14984&q=80&r=0&u=https%3A%2F%2Fimg.mytheresa.com%2F1000%2F1000%2F95%2Fjpeg%2Fcatalog%2Fproduct%2Fff%2FP00396963.jpg&v=3&w=400&s=dtgy7VvfIa5AOASBp7kAFJvU&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

51d9c4db985da022d17cc87de5d9ac39adeb108d1d6472a0abc174726c075d9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 13:10:40 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=42278
content-length: 8204
expires: Sat, 16 Sep 2023 23:00:06 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 8441 9 KB
9 KB 216ms
109ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=14984&q=80&r=0&u=https%3A%2F%2Fimg.mytheresa.com%2F1000%2F1000%2F95%2Fjpeg%2Fcatalog%2Fproduct%2Fa9%2FP00815434.jpg&v=3&w=400&s=DM0Nyinl1pFj7-F70zvm0V_y&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9d72fefaf1f469ab31914c6fe68388590c4f101af5edf12c8a45d28fa539b988

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 13:10:40 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=38030
content-length: 9320
expires: Sat, 16 Sep 2023 14:44:11 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 8441 7 KB
7 KB 213ms
106ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=14984&q=80&r=0&u=https%3A%2F%2Fimg.mytheresa.com%2F1000%2F1000%2F95%2Fjpeg%2Fcatalog%2Fproduct%2F88%2FP00430506.jpg&v=3&w=400&s=x_gPU9zIHCF594TeGyitzUx9&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

93fc520a683579513536502a5feff3637e8f28b3b84fae113e54e6fa7750227b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 13:10:40 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=43200
content-length: 6800
expires: Sat, 16 Sep 2023 16:52:37 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 8441 9 KB
9 KB 196ms
89ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=14984&q=80&r=0&u=https%3A%2F%2Fimg.mytheresa.com%2F1000%2F1000%2F95%2Fjpeg%2Fcatalog%2Fproduct%2F71%2FP00819870.jpg&v=3&w=400&s=ZywATDEunPG8bwm4SUwSCDtP&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

84dc947f58a7cbc62e8bc337c668fdc475d6e343bf334f6a82732c3f351ced7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 13:10:40 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=43200
content-length: 9498
expires: Sun, 17 Sep 2023 00:55:11 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 8441 10 KB
10 KB 189ms
82ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=14984&q=80&r=0&u=https%3A%2F%2Fimg.mytheresa.com%2F1000%2F1000%2F95%2Fjpeg%2Fcatalog%2Fproduct%2Fdb%2FP00850311.jpg&v=3&w=400&s=xs_THzGFvNI94sxrUR_SZ1jT&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9adfa9a9d99d32994eb09069a0df5757905fa4b9ff42b1a0c365d474169b348f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 13:10:40 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=35015
content-length: 9756
expires: Sat, 16 Sep 2023 14:31:16 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 8441 5 KB
5 KB 81ms
80ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=14984&q=80&r=0&u=https%3A%2F%2Fimg.mytheresa.com%2F1000%2F1000%2F95%2Fjpeg%2Fcatalog%2Fproduct%2F01%2FP00829770.jpg&v=3&w=400&s=Hvf0IEtB9Dga1XXoV6kpzEUk&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

354d6a3379612af75b2b9be330bfe9a42ed1c7d19a134899aed99aab422063d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 13:10:40 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=43200
content-length: 5398
expires: Sat, 16 Sep 2023 23:44:25 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 8441 15 KB
16 KB 87ms
85ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=14984&q=80&r=0&u=https%3A%2F%2Fimg.mytheresa.com%2F1000%2F1000%2F95%2Fjpeg%2Fcatalog%2Fproduct%2Ff0%2FP00627119.jpg&v=3&w=400&s=H2zD38ymZ-paA4zh3BBWDbKM&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b06141c6983a8bfba476d1608df104998572cdc6ff3d3abf238ad694ff0e8f6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 13:10:40 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=36748
content-length: 15866
expires: Sat, 16 Sep 2023 14:19:49 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 8441 5 KB
5 KB 82ms
81ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=14984&q=80&r=0&u=https%3A%2F%2Fimg.mytheresa.com%2F1000%2F1000%2F95%2Fjpeg%2Fcatalog%2Fproduct%2F74%2FP00826381.jpg&v=3&w=400&s=mcW_yATjxRGqpb6-zC5LxYha&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5500e2fbc380384829818b478ac0ee2f186cca407d90c0f401b4962fbd92f208

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 13:10:40 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=35607
content-length: 5044
expires: Sat, 16 Sep 2023 15:03:07 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 8441 6 KB
7 KB 105ms
103ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=14984&q=80&r=0&u=https%3A%2F%2Fimg.mytheresa.com%2F1000%2F1000%2F95%2Fjpeg%2Fcatalog%2Fproduct%2Fdb%2FP00834786.jpg&v=3&w=400&s=LL2z5UzswXqRHJfReBL6QBBi&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

8d280fdde091054edc598e6b4f7aef8dcb791252c2761659cf7b530c1fc21fa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 13:10:39 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=43200
content-length: 6600
expires: Sat, 16 Sep 2023 22:55:59 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 8441 5 KB
5 KB 91ms
89ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=14984&q=80&r=0&u=https%3A%2F%2Fimg.mytheresa.com%2F1000%2F1000%2F95%2Fjpeg%2Fcatalog%2Fproduct%2F9e%2FP00846474.jpg&v=3&w=400&s=eIPCZcmCIHsHi5DCLWqo5VNy&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f6cce2a6ea9d9ac961797749715598378af61d35098174b85b3f745509c5e711

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 13:10:40 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=34351
content-length: 4640
expires: Sat, 16 Sep 2023 22:36:43 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 8441 12 KB
13 KB 95ms
93ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=14984&q=80&r=0&u=https%3A%2F%2Fimg.mytheresa.com%2F1000%2F1000%2F95%2Fjpeg%2Fcatalog%2Fproduct%2F86%2FP00857525.jpg&v=3&w=400&s=I56i_croj9o1VvKC6SyvQRSr&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ee01af7fb6745baca10bf212f1311962e705a1c153aa002413cd549a16b942aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 13:10:40 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=43200
content-length: 12750
expires: Sat, 16 Sep 2023 21:39:42 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 8441 8 KB
8 KB 135ms
134ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=14984&q=80&r=0&u=https%3A%2F%2Fimg.mytheresa.com%2F1000%2F1000%2F95%2Fjpeg%2Fcatalog%2Fproduct%2Fe4%2FP00803110.jpg&v=3&w=400&s=Ka-K5qgTW4RHIvAEiKVII7Ou&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d19ec1fb5c1d930e9abef01b09f68d89b9cff3d0a7c072725a63cf1d88ddc579

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 13:10:40 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=43200
content-length: 8336
expires: Sat, 16 Sep 2023 14:35:25 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 8441 13 KB
13 KB 113ms
112ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=14984&q=80&r=0&u=https%3A%2F%2Fimg.mytheresa.com%2F1000%2F1000%2F95%2Fjpeg%2Fcatalog%2Fproduct%2F2b%2FP00842851.jpg&v=3&w=400&s=PoSWQyrAv2xGwY45GZDOSegb&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

14dc11e9b1ce9ae02678f9ca161c3522553be6931b4045ac76c24aa31125bcb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 13:10:40 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=43200
content-length: 13508
expires: Sat, 16 Sep 2023 22:00:18 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 8441 2 KB
2 KB 109ms
107ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=14984&q=80&r=0&u=https%3A%2F%2Fimg.mytheresa.com%2F1000%2F1000%2F95%2Fjpeg%2Fcatalog%2Fproduct%2Fe3%2FP00843260.jpg&v=3&w=400&s=Yu9m4-WfGp9Q7Vbu0T6kXE-d&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

90c14988d4316ce3d839944a2a165367700891aadfd49ecc72230b18d8992bdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 13:10:40 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=35193
content-length: 1954
expires: Sat, 16 Sep 2023 18:01:16 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 8441 22 KB
22 KB 122ms
121ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=14984&q=80&r=0&u=https%3A%2F%2Fimg.mytheresa.com%2F1000%2F1000%2F95%2Fjpeg%2Fcatalog%2Fproduct%2Fc5%2FP00764389.jpg&v=3&w=400&s=T_rJACsVPG5zAjyAVPZ73rw_&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6976f66a0ecb0c76b1d1425e65f6fe5db58bec994f013dea88c3fc759612d307

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 13:10:40 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=43200
content-length: 22024
expires: Sat, 16 Sep 2023 15:33:45 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 8441 13 KB
13 KB 118ms
116ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=14984&q=80&r=0&u=https%3A%2F%2Fimg.mytheresa.com%2F1000%2F1000%2F95%2Fjpeg%2Fcatalog%2Fproduct%2F52%2FP00806052.jpg&v=3&w=400&s=2ocotYYPFo0c4CvdF8xk_TZr&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

91e25da8327a68da6b99946fa57b85a02d7f93870b4afd7721f7474b8944a5c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 13:10:40 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=34420
content-length: 13084
expires: Sat, 16 Sep 2023 14:40:23 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 8441 8 KB
8 KB 129ms
127ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=14984&q=80&r=0&u=https%3A%2F%2Fimg.mytheresa.com%2F1000%2F1000%2F95%2Fjpeg%2Fcatalog%2Fproduct%2F3a%2FP00836315.jpg&v=3&w=400&s=JU0SmAeLEGP-J96E5w184euV&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5580242d11894c6be4d048c394fbcfaec6c3459242b7a242b4102c18f108e55f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 13:10:40 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=39442
content-length: 7878
expires: Sat, 16 Sep 2023 14:56:02 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 8441 10 KB
11 KB 131ms
130ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=14984&q=80&r=0&u=https%3A%2F%2Fimg.mytheresa.com%2F1000%2F1000%2F95%2Fjpeg%2Fcatalog%2Fproduct%2Fc5%2FP00825056.jpg&v=3&w=400&s=SIMU5z8i7RJft72_exaXmzKt&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

186c4b698713ee5d87944f72263e725fc184d11201d37ee3fbd9b96312819a36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 13:10:39 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=36522
content-length: 10688
expires: Sat, 16 Sep 2023 15:20:11 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 8441 0
128 B 139ms
35ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=6C7t5JPvOHvyatC9DVt-9BGzsnvFjB97aGHoKFvPxWJS71WNPB5mmPrr3trpx1XUutzr9JIL9je5DfEnYKrDmz-U9N3rlwqCmefLMcYHEIv5PLYcf89VTsHf_laCK-kk6joBFWG69oRsLdgvgA8H67fPT3bx2u85eg-luYppb0igI44n0u3bFlEdr4Ksw3Z-cXFyQy1vk3nx-UlD_y3rbGjLhcbdhOUeDdAhbjFvYb6T0fF-s8-1nmfhbsdfAcwLyMjlJQ&sds=2&rev=88356&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 16 Sep 2023 13:10:40 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 8441 2 KB
1 KB 36ms
36ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 13:10:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 10 Sep 2024 13:10:40 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 8441 2 KB
1 KB 40ms
39ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 13:10:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 10 Sep 2024 13:10:40 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DA04 42 B
64 B 239ms
151ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuT8zM4YJaCPheUi3FKaPZsq4gjpuaMgYI40yQKMZw3jgragi2Q7cz1EmbcyaVqGQacz6akzwNzzRHMBFOIRSWAEUSt1Rcc2isVJVki&sig=Cg0ArKJSzIeCMIkdFrgFEAE&id=lidar2&mcvt=1001&p=0,0,90,728&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230913&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=512885590&rs=2&la=0&cr=0&vs=4&r=v&rst=1694869840167&rpt=472&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Sep 2023 13:10:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 8441 0
127 B 36ms
36ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 16 Sep 2023 13:10:41 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 93ms
92ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230913&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

015e4e3306eae4d9295c9a9a1cc3fc82f8c9c25fe8cd743ab8f2678388675684

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://yzqjw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 13:10:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12038
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 71ms
70ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://yzqjw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 13:10:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 16 Sep 2023 13:10:45 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 23B0 13 KB
5 KB 44ms
43ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://yzqjw.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 10613
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 16 Sep 2023 10:13:52 GMT
expires: Sun, 15 Sep 2024 10:13:52 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5723 829 B
1 KB 147ms
52ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0d8d8a245b7e4da9d8b21256d022666c2dde7519e7e7677b1348b46d80321195

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-iCLIcok4S76z3Cqe2tt-fg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://yzqjw.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 536
content-security-policy: script-src 'report-sample' 'nonce-iCLIcok4S76z3Cqe2tt-fg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 16 Sep 2023 13:10:45 GMT
expires: Sat, 16 Sep 2023 13:10:45 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js Show response
pagead2.googlesyndication.com/bg/ Frame 23B0 37 KB
14 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f7f22f2872f88cca7b3addb165c73d38e78ec21a055c749b12f15652ff97636

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 10:13:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10613
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14739
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 20:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 15 Sep 2024 10:13:52 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5723 0
0 145ms
144ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230913&jk=3287554509701709&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 23B0 0
10 B 44ms
44ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?TebCNw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 13:10:45 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 231ms
231ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230913&jk=3287554509701709&bg=!NTalNnnNAAbP3fMH7907ADQBe5WfOMQzqlk-3loSAsQk_qbiDN8zHQzAZow9ej05KHM7jItktHkQwEtnPbb5m1fyqJtAAgAAAFtSAAAACmgBBwoASYxVYZPpr_ixP8ms6_WmC83Jb4sEI7HSu34N6S4kFoLN7lqM4SsYRj9ZTu_BfyNtUc5sjCAhHLpKMlrHLR528hKSswsDortGF7GZAuPX39thyPJJHM1QmHZyHKnlLEm3C_03zxZtsiiuN46gAjiLHeGqSXA0ahYRWUluQRLNQRyzkoU851F_zf1eX3_qHy3tzSK0bIKou0PAzGDIJl8JESKt_Q9PbW2s8CTir1hRbeqqhm6mO-dxO3O-27c2T7a8bLfeYt3lxJ-buSxnKvj6XHalat9pitD37Xme_Uq2Jquqfa9VcrnUzIC_oLUGueTcjuN58THMCunn8proYY2af-nM64IIeVd483A7NBrjNfJwVPgz0LnZgdy5rgRc447_KLaPWOB662Iyi3LNH4JowMzQe2ljX4tA6bbZ8IrZqONNe6ata2vz4Nx6IwWz0Em438nRJlalSLyHl4y4ivAPpS6clgfs8d-4e9ybgF-xnaw7qsk7okpy20UyyiQfUm5ldqbmQ8bNW3WqUllWr6CKROAbUj7YzqbHERpsT7jZYDMQCvQwM74UacvsH2xANWAytc0Alqhp8DIIUESo4xwg8gqEmvYmLTxNU6Iwt9GLgD5YxVk9g3h2HzkRG_Iu6bajFgArsVKDVVBp7mHipZ4c_xyZsk3KWLu-grWr3aoSiDZkK4MfJqEKJeOLlQY3rD6iVZoRTyquwEFeaDSFpug12NPQiaRYrYuqdGlTle2XG2APovBEUA0Gw--2slY2ncE5clj-RzNy2rXVxgfxPeeXqhdEEB4AfInNNmCRi3SUE5eP0o8RCBTHnihSwUtBVIQXALBdWTCEd0SEZFgId6-5Mizf6r4Tku4CFKO0A8-d0XQINZokiz2YcMXmJrJPGdTbZxSHHTICk48t70B5mYRfjH7lVd2wzoWhijYL9J29Jvs26p9oCX0mkbiZqJsl1Yxm6hUA29M64gSPZPALfaEuMXhCWU56mvFzK5pYOerJmQneY5kODqPSOEq1l9-HG62U7l6kueJaxk_74errrrNDWh5JwfQbkQXnxVBwF47Z9-syJCWmgP2L1Qwazfj5Fwuz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://yzqjw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

POST
H2 200 all
csm.eu.criteo.net/ Frame 8441 0
127 B 37ms
36ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 16 Sep 2023 13:10:47 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.yzqjw.com/	1970-01-21 00:23:49	Name: sc_is_visitor_unique Value: rx12543887.1694869840.7F6EC2BBE4E14F5BC44BAA9FB5D88A70.1.1.1.1.1.1.1.1.1
.statcounter.com/	1970-01-21 00:23:49	Name: is_unique Value: sc12543887.1694869839.0
.statcounter.com/	1970-01-21 00:23:49	Name: is_visitor_unique Value: 1694869839124450961
.yzqjw.com/	1970-01-21 00:09:25	Name: __gads Value: ID=d7e9fbb32e758df7-2231fc5ae9e3001c:T=1694869840:RT=1694869840:S=ALNI_MYm-S13ouiVkF2QyUfMFCMiaIluNA
.yzqjw.com/	1970-01-21 00:09:25	Name: __gpi Value: UID=00000c76487cca90:T=1694869840:RT=1694869840:S=ALNI_MZhJzhceOMmJ5jnSh90LgBfwe3G8w
.doubleclick.net/	1970-01-21 00:09:25	Name: IDE Value: AHWqTUkxugxTcNoy1xjrVS3sAqUinaQ5DHypQzVBxhF5jzZLfAJquUwtc-mGXkyEZ3Q
.mytheresa.com/	1970-01-20 23:33:25	Name: tc_cj_v2_cmp Value: %7D-%24%2F%20%2Ay%22%7C
.mytheresa.com/	1969-12-31 23:59:59	Name: TC_CHECK_COOKIES_SUPPORT Value: 1
.mix-phoenix.commander1.com/	1970-01-20 23:33:25	Name: tc_cj_v2 Value: ~%24.%2B%27%7B4y%2B-%2AZZZ%7D-%24%2F%20%2AZZZKPSNRPSRNKJJJZZZpc_q
.mix-phoenix.commander1.com/	1970-01-20 23:33:25	Name: tc_cj_v2_cmp Value: %7D-%24%2F%20%2Ay%22%7C
.commander1.com/	1970-01-20 23:33:25	Name: TCID Value: 202309161510413168475094
.mytheresa.com/	1970-01-20 23:33:25	Name: tc_cj_v2 Value: ~%24.%2B%27%7B4y%2B-%2AZZZ%7D-%24%2F%20%2AZZZKPSNRPSRNKJJJZZZpc_q
.mytheresa.com/	1970-01-20 23:33:25	Name: CAID Value: 202309161510413168475094

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9487194768751455&output=html&h=90&slotname=3715867313&adk=512885590&adf=2252284331&pi=t.ma~as.3715867313&w=728&lmt=1662536058&format=728x90&url=http%3A%2F%2Fyzqjw.com%2Fwarwickblarney%2F&wgl=1&dt=1694869839919&bpp=4&bdt=961&idt=226&shv=r20230913&mjsv=m202309130101&ptt=9&saldr=aa&abxe=1&correlator=5797910496969&frm=20&pv=2&ga_vid=797531372.1694869840&ga_sid=1694869840&ga_hid=1189770603&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=347&ady=683&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31077698%2C44795921%2C31077909&oid=2&pvsid=3287554509701709&tmod=1603200724&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=N5FPaaB06k&p=http%3A//yzqjw.com&dtd=246 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
network	error	URL: http://yzqjw.com/web/20170111033413im_/http:/www.topekadentalclinic.com/wp-content/themes/clickbump/styles/velocity/gradient.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://yzqjw.com/web/20170111033413im_/http:/www.topekadentalclinic.com/wp-content/themes/clickbump/styles/velocity/spot.gif Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://yzqjw.com/web/20170111033413im_/http:/www.topekadentalclinic.com/wp-content/themes/clickbump/styles/velocity/sidebar.gif Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://yzqjw.com/web/20170111033413im_/http:/www.topekadentalclinic.com/wp-content/themes/clickbump/styles/velocity/header.gif Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://yzqjw.com/web/20170111033413im_/http:/www.topekadentalclinic.com/wp-content/themes/clickbump/styles/velocity/header.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://yzqjw.com/web/20170111033413im_/http:/www.topekadentalclinic.com/wp-content/themes/clickbump/styles/velocity/spot2.gif Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
c.statcounter.com
cat.nl3.eu.criteo.com
cdnjs.cloudflare.com
cs.mytheresa.com
csm.eu.criteo.net
googleads.g.doubleclick.net
imageproxy.eu.criteo.net
mix-phoenix.commander1.com
pagead2.googlesyndication.com
partner.googleadservices.com
rtb.fr3.eu.criteo.com
static.criteo.net
tpc.googlesyndication.com
warwickblarney.mcconnellsofjonesboro.com
www.google.com
www.googletagservices.com
www.statcounter.com
yzqjw.com
104.20.219.77
178.250.1.6
198.38.91.55
2606:4700::6811:190e
2a00:1450:4001:803::2002
2a00:1450:4001:806::2004
2a00:1450:4001:809::2002
2a00:1450:4001:813::2002
2a00:1450:4001:829::2001
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:d::c
35.181.29.184
015e4e3306eae4d9295c9a9a1cc3fc82f8c9c25fe8cd743ab8f2678388675684
04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
0d8d8a245b7e4da9d8b21256d022666c2dde7519e7e7677b1348b46d80321195
0f7f22f2872f88cca7b3addb165c73d38e78ec21a055c749b12f15652ff97636
0fc9e9d565e2272fc503b5bd70a7ebef3a29185491f03f9ec6b12b90ff5f2af5
14dc11e9b1ce9ae02678f9ca161c3522553be6931b4045ac76c24aa31125bcb2
186c4b698713ee5d87944f72263e725fc184d11201d37ee3fbd9b96312819a36
18ccd9972995ccfdf1c4ce53d0195550e2b44e9acbd5c0cf826088149fa7e7c6
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
354d6a3379612af75b2b9be330bfe9a42ed1c7d19a134899aed99aab422063d8
38908df054c04e62fabcffc0f3b8784493a0606b581a415e1be9e64fc4f364d4
4676da3fcee939f8636c3c587628d167ccc0070e0333bf02602eef0acdddeba4
46d40af0e540794d81b9b439d3f7f8d79ab145275024072c0a4521232092cc38
478108782c9e48f7bb9a5ef27204bf0a314bcae4669006333b37adc28ecf9491
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51d9c4db985da022d17cc87de5d9ac39adeb108d1d6472a0abc174726c075d9d
546c5cf136073615afda5cab173feff341171a26a848cf7ce09bb8bd8b07ce89
5500e2fbc380384829818b478ac0ee2f186cca407d90c0f401b4962fbd92f208
5580242d11894c6be4d048c394fbcfaec6c3459242b7a242b4102c18f108e55f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
620a85f820eed60c043793e265dbec61b4cf285b0d1cb7c177988ec8a0d5922f
63a11b8e59e1c0f91ffb4c31ea09bf384b0ac8076ab3d0b568ab7ab115d6e283
684eb00098751e20cc7e650df938c20784df41b6eda9101bac3fe457e1555d42
6976f66a0ecb0c76b1d1425e65f6fe5db58bec994f013dea88c3fc759612d307
6feb3c93187f025ce24ccad4737597b8d90519ea7efb2c35b33e2aa766bac93d
70ff2527a023a3fee40fd40721e2ad5692d4f6193b871b8c2bed5b9471266ac1
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
84dc947f58a7cbc62e8bc337c668fdc475d6e343bf334f6a82732c3f351ced7e
863cd492b5b90e6518292dd9684fa54a5485d361a229b81a85cfc08de6ce899f
887cf434238938e9a157481c689f5a43dc025ce8731883dbd09e9b7fa37ea671
8d280fdde091054edc598e6b4f7aef8dcb791252c2761659cf7b530c1fc21fa2
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
90c14988d4316ce3d839944a2a165367700891aadfd49ecc72230b18d8992bdb
91e25da8327a68da6b99946fa57b85a02d7f93870b4afd7721f7474b8944a5c9
93fc520a683579513536502a5feff3637e8f28b3b84fae113e54e6fa7750227b
991070b3b1e03bd666f6d0fcd5c4a6e06bb8bff10bf1b14d9d7d2c35c6dcd41d
9adfa9a9d99d32994eb09069a0df5757905fa4b9ff42b1a0c365d474169b348f
9d72fefaf1f469ab31914c6fe68388590c4f101af5edf12c8a45d28fa539b988
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1a23be17fe4befeff2dc3605364acb9c2b728f0db2b5520eecf17f7b7ab23ca
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a511f2ce1976be8308d983d17dfebf491527708a754adc9099e33e9ebe0d5e65
a6efa48a159cfa2d8919db958e8c927db75b5a85e92f75d25c30b016f625eefa
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a8c29e9c30e8ef1170f7cd31b00c788916fee78696e3b3ded99a1f77062a1c71
b06141c6983a8bfba476d1608df104998572cdc6ff3d3abf238ad694ff0e8f6d
b195d4decdee271cd55b415886a16d840aa9672a9daa5f55f7b1ac818ce98be7
bc2ff0a6b9cf9b088c61c1eefb303f3e9e592a66d37b699d751fcdfc1fcef560
c44d74e6968fccb5562a352785a577c8c2272ee13e943f6ebe24baec31cda4eb
d19ec1fb5c1d930e9abef01b09f68d89b9cff3d0a7c072725a63cf1d88ddc579
df6d5e1b9a5bf0c6b8b4a6c164af1d13641fd87b0d455174c6993cc4aed46545
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
ee01af7fb6745baca10bf212f1311962e705a1c153aa002413cd549a16b942aa
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6cce2a6ea9d9ac961797749715598378af61d35098174b85b3f745509c5e711
f9854564eea51b88c56b7da87ae2606311a8bc5b5f4fe6c07536ffc6d59873ea

yzqjw.com Open in urlscan Pro 198.38.91.55 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

73 Requests

75 %HTTPS

73 %IPv6

13 Domains

19 Subdomains

16 IPs

5 Countries

1008 kBTransfer

1741 kBSize

13 Cookies

0 Outgoing links

Page URL History

Redirected requests

73 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

yzqjw.com Open in urlscan Pro
198.38.91.55 Public Scan

Screenshot
Live screenshot

Full Image

73
Requests

75 %
HTTPS

73 %
IPv6

13
Domains

19
Subdomains

16
IPs

5
Countries

1008 kB
Transfer

1741 kB
Size

13
Cookies

73 HTTP transactions
1 data transactions