caraprint.blogspot.com Open in urlscan Pro
2607:f8b0:4006:824::2001 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://caraprint.blogspot.com/
Submission: On August 21 via api (August 21st 2023, 8:39:25 pm UTC) from US — Scanned from US

Summary HTTP 49 Redirects Behaviour Indicators

Summary

This website contacted 17 IPs in 1 countries across 10 domains to perform 49 HTTP transactions. The main IP is 2607:f8b0:4006:824::2001, located in Stony Point, United States and belongs to GOOGLE, US. The main domain is caraprint.blogspot.com.
TLS certificate: Issued by GTS CA 1C3 on July 31st 2023. Valid for: 3 months.

This is the only time caraprint.blogspot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2607:f8b0:400... 2607:f8b0:4006:824::2001	15169 (GOOGLE) (GOOGLE)
7	2607:f8b0:400... 2607:f8b0:4006:81c::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:806::2003	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:817::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80f::2002	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:81d::2001	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:816::2001	() ()
1	2620:100:a001... 2620:100:a001::24	() ()
1	2607:f8b0:400... 2607:f8b0:4006:80d::2002	() ()
1	2607:f8b0:400... 2607:f8b0:4006:823::2004	() ()
8	2620:100:a001::4 2620:100:a001::4	() ()
1	74.119.119.147 74.119.119.147	() ()
1	2606:4700::68... 2606:4700::6811:180e	() ()
12	2620:100:a001::9 2620:100:a001::9	() ()
1	2620:100:a001... 2620:100:a001::16	() ()
1	2620:100:a001::3 2620:100:a001::3	() ()
49	17

1 2607:f8b0:4006:824::2001 (Stony Point, United States)

ASN15169 (GOOGLE, US)

caraprint.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:81c::2002 (Stony Point, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:806::2003 (Stony Point, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:817::2002 (Stony Point, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80f::2002 (Stony Point, United States)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81d::2001 (Stony Point, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:816::2001 (None, )

ASN- ()

4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::24 (None, )

ASN- ()

ads.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80d::2002 (None, )

ASN- ()

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:823::2004 (None, )

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2620:100:a001::4 (None, )

ASN- ()

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.147 (None, )

ASN- ()

cat.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (None, )

ASN- ()

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2620:100:a001::9 (None, )

ASN- ()

imageproxy.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::16 (None, )

ASN- ()

csm.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::3 (None, )

ASN- ()

rtb.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	criteo.net static.criteo.net imageproxy.us.criteo.net csm.us.criteo.net	183 KB
11	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 125 tpc.googlesyndication.com — Cisco Umbrella Rank: 163	281 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 55	28 KB
3	criteo.com ads.us.criteo.com cat.va.us.criteo.com rtb.va.us.criteo.com	48 KB
2	gstatic.com fonts.gstatic.com	32 KB
2	blogspot.com caraprint.blogspot.com 4.bp.blogspot.com	154 KB
1	cloudflare.com cdnjs.cloudflare.com	5 KB
1	google.com www.google.com	1 KB
1	googletagservices.com www.googletagservices.com	57 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1244	605 B
49	10

	Domain	Requested by
12	imageproxy.us.criteo.net	ads.us.criteo.com
8	static.criteo.net	ads.us.criteo.com
7	pagead2.googlesyndication.com	caraprint.blogspot.com pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
4	tpc.googlesyndication.com	pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	fonts.gstatic.com	caraprint.blogspot.com
1	rtb.va.us.criteo.com	googleads.g.doubleclick.net
1	csm.us.criteo.net	ads.us.criteo.com
1	cdnjs.cloudflare.com	ads.us.criteo.com
1	cat.va.us.criteo.com	ads.us.criteo.com
1	www.google.com	tpc.googlesyndication.com
1	www.googletagservices.com	googleads.g.doubleclick.net
1	ads.us.criteo.com	googleads.g.doubleclick.net
1	4.bp.blogspot.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	caraprint.blogspot.com
49	16

This site contains no links.

Subject Issuer	Validity	Valid
misc-sni.blogspot.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.us.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-27` - `2023-09-23`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
*.va.us.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-11` - `2023-10-13`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.us.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-09` - `2023-11-07`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://caraprint.blogspot.com/
Frame ID: CB64569F95C19A2B7949DD690D2B2E57
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20190131/zrt_lookup.html
Frame ID: 420B6E1A854B76544D8E9DA43545E718
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7149456845471596&output=html&adk=3953984709&adf=2873229911&lmt=1692508417&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fcaraprint.blogspot.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692650349090&bpp=42&bdt=1443&idt=452&shv=r20230817&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=834972403937&frm=20&pv=2&ga_vid=1308975259.1692650351&ga_sid=1692650351&ga_hid=194712719&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077091%2C31077148%2C31076997%2C31077159%2C21065725&oid=2&pvsid=3711376801407383&tmod=399679448&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1630
Frame ID: 295F2E934B30BDF3A57B696F309622BC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1
Frame ID: 203C9A0725F785070E543C1352567F1B
Requests: 8 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=ZOPLbgAORukKn4iMAAlrjCZt64tIJ6IHWtd5zQ&u=%7C%2BmoIH5sHvdkJj1NK6FvHyLdzfowhajeJGjhKkA%2F2Tro%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE46jlJVEZly3akTBMFdgR12h6pdX6s0NNxMs-9f_o4dHHwFWWJoUDnwTDqfOZjDpA-T9UKvsBZLnoDTw6Tan3epOB4VMZclwdseaDfHrlq31YEr-cCK0GsCCQUaI2uvGIQUDuXPeNBP0_0CUuLD6uW_1NtzMo2VdpCaDFThpT5JWSfpPFGUXtJ5uPpYAhp7fUkBJfTSr5gLIver7qmKz2fEoFknpap4I8_nqBcTIIjd9u7OwO34lOHWuvnmt7V3b_Z0q9Tip2eIOr5coxeSFihi-zb4ubUE1-_mop8-fBpATrlwX79aHuYCGiUSihbXpH1FKlv4qzZVIKT3PHZgaG4b3x3_OIQvjikSrqknyJIjYruLjwCnyWeAIAQqpitoMsb9RaApYEdnJmLVIhB6r2SNgrctuIFuPtKJu4uNyCiOIxTzQuD83knULFaoh1ItL0X_ENMSXIZopciKnAavwerNOfnp1TmKg1W2gEdV8pbKu6bSUkRejRAJPgWVTD6eB8jIrEShROJtL4I30BUHVwUj0Rfygr6DihFqljv7rtYAHmXVnIiJBds6g8VBrx50FG5SlONpCDWw1fSMOGT7zFXGiOpL8KrVAhs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4M6BbsvjZOmNOYyR_gSM16WQDJyB77BcyqapqnTAjbcBEAEgAGDJhoCA3KPEEIIBF2NhLXB1Yi03MTQ5NDU2ODQ1NDcxNTk2yAEJqAMByAMCqgTyAU_QeyhnhJBBA54c9vFoE4vY7RQ4SsqRTnieGCZCSZG0dvoVzTnFrfw_s3D__f2zEhK6UwG48iR0AdHnKx4u5c76u0frf7d646B_u52JAdspYg6wW_-DjHPqKqRwK6rBKvEqGbBIfBOQFePz2D-iFjgd3uhcu8saOTkRqcZ5yX0u56h0ArhQe7VhUWmcRclCaV5k4qidmnzTvhKJ55qNolQyQpZJnEphqob9XE-eotoMhZ9a4htH62W_Ub1iy1sBo3OWNIaGHn3pcxZ7ugwVPHSdINOV_J1_O6O0QV08GJRZsY2rCZVvehgE8F-91un-h8_DgAaB9d7T_P7zqVCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3Tvq121fwwF7Rwl1fuZ-HyTxCoww%26client%3Dca-pub-7149456845471596%26adurl%3D
Frame ID: 8A25CF153C97778A1E17365FBADD4CCB
Requests: 25 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FCC54FAADD3D02CADB330589A9EE833B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C16D887EDE6FA1507C81E8107FFE8118
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

49
Requests

96 %
HTTPS

94 %
IPv6

10
Domains

16
Subdomains

17
IPs

1
Countries

790 kB
Transfer

2226 kB
Size

Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

49 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
caraprint.blogspot.com/ 731 KB
86 KB 935ms
742ms Document
text/html 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://caraprint.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f54097dcd5b11e81eb2e218cc74486fa299aaa77d8719e960b1103f1c191556a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: gzip
content-length: 87554
content-type: text/html; charset=UTF-8
date: Mon, 21 Aug 2023 20:39:07 GMT
etag: W/"8c0154560c7c71c0d5a6c62d2ed09a8b4831e955b73c52f7fa5db683193b55f7"
expires: Mon, 21 Aug 2023 20:39:07 GMT
last-modified: Sat, 19 Aug 2023 19:13:37 GMT
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
50 KB 262ms
98ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7149456845471596

Requested by

Host: caraprint.blogspot.com
URL: https://caraprint.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a362f0f4e8a74981f83e9dbad997ba1791af6f74425625b5db0452b505ee215

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://caraprint.blogspot.com/
Origin: https://caraprint.blogspot.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 20:39:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50957
x-xss-protection: 0
server: cafe
etag: 17546773855901617028
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 21 Aug 2023 20:39:07 GMT

GET
DATA 200
OK truncated
/ 26 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v11/ 16 KB
16 KB 287ms
95ms Font
font/woff2 2607:f8b0:4006:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v11/o-0IIpQlx3QUlC5A4PNr5TRA.woff2

Requested by

Host: caraprint.blogspot.com
URL: https://caraprint.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2003 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://caraprint.blogspot.com/
Origin: https://caraprint.blogspot.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 08:50:56 GMT
x-content-type-options: nosniff
age: 215292
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16056
x-xss-protection: 0
last-modified: Fri, 25 Sep 2020 00:08:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Aug 2024 08:50:56 GMT

GET
H2 200 o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v11/ 16 KB
16 KB 301ms
116ms Font
font/woff2 2607:f8b0:4006:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v11/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2

Requested by

Host: caraprint.blogspot.com
URL: https://caraprint.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2003 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://caraprint.blogspot.com/
Origin: https://caraprint.blogspot.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 20:14:25 GMT
x-content-type-options: nosniff
age: 347083
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16180
x-xss-protection: 0
last-modified: Thu, 24 Sep 2020 23:50:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Aug 2024 20:14:25 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/ 392 KB
132 KB 240ms
113ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/show_ads_impl_fy2021.js?bust=31077159

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7149456845471596

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37cd45164bda322f25544177c38fa60f1afcc6dfa2c52809d37f01e08c8715a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://caraprint.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 20:39:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134689
x-xss-protection: 0
server: cafe
etag: 13915295820253284882
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Aug 2023 20:39:09 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230817/r20190131/ Frame 420B 10 KB
5 KB 209ms
62ms Document
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230817/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7149456845471596

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://caraprint.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 3880
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4542
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 21 Aug 2023 19:34:29 GMT
etag: 13776922816869014096
expires: Mon, 04 Sep 2023 19:34:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
605 B 260ms
108ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=caraprint.blogspot.com&callback=_gfp_s_&client=ca-pub-7149456845471596

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/show_ads_impl_fy2021.js?bust=31077159

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cdff6f7e4cda584673c7565970d4489fd5b81befaed2937ffeb99774e372cdb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://caraprint.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 20:39:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 253
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 295F 56 KB
18 KB 449ms
434ms Document
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7149456845471596&output=html&adk=3953984709&adf=2873229911&lmt=1692508417&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fcaraprint.blogspot.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692650349090&bpp=42&bdt=1443&idt=452&shv=r20230817&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=834972403937&frm=20&pv=2&ga_vid=1308975259.1692650351&ga_sid=1692650351&ga_hid=194712719&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077091%2C31077148%2C31076997%2C31077159%2C21065725&oid=2&pvsid=3711376801407383&tmod=399679448&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1630

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/show_ads_impl_fy2021.js?bust=31077159

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7017b7cb3bd4164c4d280141a70283edd66b11565eb48ff2a3111defc9e8ab6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://caraprint.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 18627
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 21 Aug 2023 20:39:11 GMT
expires: Mon, 21 Aug 2023 20:39:11 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 154ms
95ms XHR
application/json 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230817&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/show_ads_impl_fy2021.js?bust=31077159

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

539170a62c56015e2751dde62bb6789cb4f28d5a1391b03afdf494490f9fa5da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://caraprint.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 20:39:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11606
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/ 154 KB
52 KB 231ms
179ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/reactive_library_fy2021.js?bust=31077159

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/show_ads_impl_fy2021.js?bust=31077159

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

32d6568ca239e41015ba79810bacac7df293b68a521cc3d6e8e2ea49122b0aeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://caraprint.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 20:39:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53666
x-xss-protection: 0
server: cafe
etag: 5864404391651748084
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Aug 2023 20:39:11 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 351ms
165ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/show_ads_impl_fy2021.js?bust=31077159

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://caraprint.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 20:39:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 21 Aug 2023 20:39:12 GMT

GET
H2 200 Foto%2Bsalah%2Bsatu%2Bsituasi%2BKongres%2BJong%2BJava.jpg
4.bp.blogspot.com/-yqS_aX5PN84/W6miPk-lIJI/AAAAAAAAF1s/9KaHXVcp3SgERVksTmC32m13HnfYeihZACLcBGAs/w600-h300-p-k-no-nu/ 68 KB
69 KB 571ms
296ms Image
image/jpeg 2607:f8b0:4006:816::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-yqS_aX5PN84/W6miPk-lIJI/AAAAAAAAF1s/9KaHXVcp3SgERVksTmC32m13HnfYeihZACLcBGAs/w600-h300-p-k-no-nu/Foto%2Bsalah%2Bsatu%2Bsituasi%2BKongres%2BJong%2BJava.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 -, , ASN (),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://caraprint.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 20:39:12 GMT
x-content-type-options: nosniff
server: fife
etag: "v175c"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Foto salah satu situasi Kongres Jong Java.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69852
x-xss-protection: 0
expires: Tue, 22 Aug 2023 20:39:12 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/ Frame 203C 10 KB
4 KB 85ms
69ms Document
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/show_ads_impl_fy2021.js?bust=31077159

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://caraprint.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 85335
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4542
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 20 Aug 2023 20:56:57 GMT
etag: 13776922816869014096
expires: Sun, 03 Sep 2023 20:56:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 afr.php
ads.us.criteo.com/delivery/r/ Frame 8A25 140 KB
47 KB 525ms
138ms Document
text/html 2620:100:a001::24

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=ZOPLbgAORukKn4iMAAlrjCZt64tIJ6IHWtd5zQ&u=%7C%2BmoIH5sHvdkJj1NK6FvHyLdzfowhajeJGjhKkA%2F2Tro%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE46jlJVEZly3akTBMFdgR12h6pdX6s0NNxMs-9f_o4dHHwFWWJoUDnwTDqfOZjDpA-T9UKvsBZLnoDTw6Tan3epOB4VMZclwdseaDfHrlq31YEr-cCK0GsCCQUaI2uvGIQUDuXPeNBP0_0CUuLD6uW_1NtzMo2VdpCaDFThpT5JWSfpPFGUXtJ5uPpYAhp7fUkBJfTSr5gLIver7qmKz2fEoFknpap4I8_nqBcTIIjd9u7OwO34lOHWuvnmt7V3b_Z0q9Tip2eIOr5coxeSFihi-zb4ubUE1-_mop8-fBpATrlwX79aHuYCGiUSihbXpH1FKlv4qzZVIKT3PHZgaG4b3x3_OIQvjikSrqknyJIjYruLjwCnyWeAIAQqpitoMsb9RaApYEdnJmLVIhB6r2SNgrctuIFuPtKJu4uNyCiOIxTzQuD83knULFaoh1ItL0X_ENMSXIZopciKnAavwerNOfnp1TmKg1W2gEdV8pbKu6bSUkRejRAJPgWVTD6eB8jIrEShROJtL4I30BUHVwUj0Rfygr6DihFqljv7rtYAHmXVnIiJBds6g8VBrx50FG5SlONpCDWw1fSMOGT7zFXGiOpL8KrVAhs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4M6BbsvjZOmNOYyR_gSM16WQDJyB77BcyqapqnTAjbcBEAEgAGDJhoCA3KPEEIIBF2NhLXB1Yi03MTQ5NDU2ODQ1NDcxNTk2yAEJqAMByAMCqgTyAU_QeyhnhJBBA54c9vFoE4vY7RQ4SsqRTnieGCZCSZG0dvoVzTnFrfw_s3D__f2zEhK6UwG48iR0AdHnKx4u5c76u0frf7d646B_u52JAdspYg6wW_-DjHPqKqRwK6rBKvEqGbBIfBOQFePz2D-iFjgd3uhcu8saOTkRqcZ5yX0u56h0ArhQe7VhUWmcRclCaV5k4qidmnzTvhKJ55qNolQyQpZJnEphqob9XE-eotoMhZ9a4htH62W_Ub1iy1sBo3OWNIaGHn3pcxZ7ugwVPHSdINOV_J1_O6O0QV08GJRZsY2rCZVvehgE8F-91un-h8_DgAaB9d7T_P7zqVCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3Tvq121fwwF7Rwl1fuZ-HyTxCoww%26client%3Dca-pub-7149456845471596%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::24 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 21 Aug 2023 20:39:12 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=sXmRhUlof54VYe5vGwmESs8mVOUbfQwaiTTRz0VCm3gA4WwkLQCbeiIt8HCXORpgYJBo76cJC0drCuNBQ48Hg5_Dr2PApo0_ncN14jvbDqBhjXgYfLRZSM7pWyMCJ13cSgqUXFMICQd3BV0_kKWlwQfn8wQGvb73w3PSpr0H9DFlzS8KwbPBYJCckfxYk0g7IJ0ynUOxBz5oOmcSCt2zuAAy_Nyhd_CYR0v76IMArRLOQHhRBVZ_LBXIIAiIyz5PY-KRVnMccfnMwmtO"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 81236605
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame 203C 3 KB
1 KB 141ms
131ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 16:49:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13793
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 16:49:19 GMT

GET
H2 200 qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame 203C 20 KB
8 KB 106ms
96ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 16:49:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13793
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 16:49:19 GMT

GET
H2 200 rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 203C 180 KB
57 KB 483ms
78ms Script
text/javascript 2607:f8b0:4006:80d::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 20:39:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Aug 2023 20:39:13 GMT

GET
H3 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FCC5 13 KB
5 KB 242ms
108ms Document
text/html 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://caraprint.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 21522
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 21 Aug 2023 14:40:30 GMT
expires: Tue, 20 Aug 2024 14:40:30 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe
www.google.com/recaptcha/api2/ Frame C16D 829 B
1 KB 437ms
82ms Document
text/html 2607:f8b0:4006:823::2004

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2004 -, , ASN (),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-z7mU_f__rm9mHX7HwkgxQg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://caraprint.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 538
content-security-policy: script-src 'report-sample' 'nonce-z7mU_f__rm9mHX7HwkgxQg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 21 Aug 2023 20:39:13 GMT
expires: Mon, 21 Aug 2023 20:39:13 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame 203C 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 8A25 2 KB
1 KB 307ms
37ms Image
image/svg+xml 2620:100:a001::4

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZOPLbgAORukKn4iMAAlrjCZt64tIJ6IHWtd5zQ&u=%7C%2BmoIH5sHvdkJj1NK6FvHyLdzfowhajeJGjhKkA%2F2Tro%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE46jlJVEZly3akTBMFdgR12h6pdX6s0NNxMs-9f_o4dHHwFWWJoUDnwTDqfOZjDpA-T9UKvsBZLnoDTw6Tan3epOB4VMZclwdseaDfHrlq31YEr-cCK0GsCCQUaI2uvGIQUDuXPeNBP0_0CUuLD6uW_1NtzMo2VdpCaDFThpT5JWSfpPFGUXtJ5uPpYAhp7fUkBJfTSr5gLIver7qmKz2fEoFknpap4I8_nqBcTIIjd9u7OwO34lOHWuvnmt7V3b_Z0q9Tip2eIOr5coxeSFihi-zb4ubUE1-_mop8-fBpATrlwX79aHuYCGiUSihbXpH1FKlv4qzZVIKT3PHZgaG4b3x3_OIQvjikSrqknyJIjYruLjwCnyWeAIAQqpitoMsb9RaApYEdnJmLVIhB6r2SNgrctuIFuPtKJu4uNyCiOIxTzQuD83knULFaoh1ItL0X_ENMSXIZopciKnAavwerNOfnp1TmKg1W2gEdV8pbKu6bSUkRejRAJPgWVTD6eB8jIrEShROJtL4I30BUHVwUj0Rfygr6DihFqljv7rtYAHmXVnIiJBds6g8VBrx50FG5SlONpCDWw1fSMOGT7zFXGiOpL8KrVAhs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4M6BbsvjZOmNOYyR_gSM16WQDJyB77BcyqapqnTAjbcBEAEgAGDJhoCA3KPEEIIBF2NhLXB1Yi03MTQ5NDU2ODQ1NDcxNTk2yAEJqAMByAMCqgTyAU_QeyhnhJBBA54c9vFoE4vY7RQ4SsqRTnieGCZCSZG0dvoVzTnFrfw_s3D__f2zEhK6UwG48iR0AdHnKx4u5c76u0frf7d646B_u52JAdspYg6wW_-DjHPqKqRwK6rBKvEqGbBIfBOQFePz2D-iFjgd3uhcu8saOTkRqcZ5yX0u56h0ArhQe7VhUWmcRclCaV5k4qidmnzTvhKJ55qNolQyQpZJnEphqob9XE-eotoMhZ9a4htH62W_Ub1iy1sBo3OWNIaGHn3pcxZ7ugwVPHSdINOV_J1_O6O0QV08GJRZsY2rCZVvehgE8F-91un-h8_DgAaB9d7T_P7zqVCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3Tvq121fwwF7Rwl1fuZ-HyTxCoww%26client%3Dca-pub-7149456845471596%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 20:39:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 15 Aug 2024 20:39:13 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 8A25 2 KB
1 KB 308ms
39ms Image
image/svg+xml 2620:100:a001::4

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 20:39:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 15 Aug 2024 20:39:13 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 8A25 308 B
636 B 158ms
70ms Image
image/svg+xml 2620:100:a001::4

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 20:39:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 15 Aug 2024 20:39:13 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 8A25 293 B
621 B 115ms
28ms Image
image/svg+xml 2620:100:a001::4

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 20:39:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Thu, 15 Aug 2024 20:39:13 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame 8A25 43 B
348 B 292ms
57ms Image
image/gif 74.119.119.147

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=QVLJB_rjzbzV8u-BB-EBrmwrYPZUaVbbq4lFXsEymSHaaM6_1ScJx4LRX1naVRgN5Vk97M06WtguZn4SBNXbZWoISJkV1nrhYKu9lDXeyacIZjBZ70awJmSf7JyXGs6BrIscIQpPqB4fTEG1XXfo7KJdJ_uTO1PBH5_DYFw7Hv03uLIqAXL8NKdxHk4Kwck4n0T3nDkhKJA9aqToA8i6P8KvwTW89JeIIijRBLE7PTm9dC4bA-Tk_KK6d2pB1YIh-RxlDRWdaXQxpk4iDRK2ukuu2C3wDH3rrfxJaz04SMoccKlK7gHplfSPSYPDg3qUMY1Cd7gWu5010TrLqKJfoBzdPfGIJblOEJ_ecEBw6J9v6WGrCnDtwHH2BFa1fii6hgy9woOHAGnTVbIP5bFhYxTipR0vX7RteYfI21Ib5v-QuV7CIQobdTFD_Ce4Gje9sxww9hrzilfeZxGtuCRuU6nB23o

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 20:39:13 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1720490
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 8A25 12 KB
5 KB 254ms
42ms Script
application/javascript 2606:4700::6811:180e

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 20:39:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 438685
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4418
last-modified: Thu, 22 Jun 2023 11:22:44 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942f04-1142"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4N6Fif19qxSuiTIK5tkLi1Rm42TwGWJBtsC9ry2MbXv%2FtgbNUpap7CWAG4yd8cj4aafVcS6t4mq2ByExYCeYiAvckjILS8U9ufS7FGT6GHmWVTCDlgo28Ql8Ldd%2Ba19M95G9SqkX90IahjxgDmhLVlRa"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7fa5af271e4631f8-MIA
expires: Sat, 10 Aug 2024 20:39:13 GMT

GET
H3 200 VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js
pagead2.googlesyndication.com/bg/ Frame FCC5 37 KB
14 KB 189ms
156ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 06:50:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 308912
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14636
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 17 Aug 2024 06:50:41 GMT

GET
H2 200 animejs.js
static.criteo.net/animejs/ Frame 8A25 12 KB
6 KB 81ms
76ms Script
text/javascript 2620:100:a001::4

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 20:39:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 15 Aug 2024 20:39:13 GMT

GET
H2 200 5ab904e70ba04f04aab36995c6fce95d_futura+book+font.woff
static.criteo.net/design/dt/ Frame 8A25 24 KB
24 KB 288ms
61ms Font
application/octet-stream 2620:100:a001::4

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/5ab904e70ba04f04aab36995c6fce95d_futura+book+font.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 20:39:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 12 Feb 2018 16:12:56 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5a81bd08-5f2c"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 15 Aug 2024 20:39:13 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 8A25 6 KB
7 KB 383ms
83ms Image
image/png 2620:100:a001::9

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?h=244&m=0&partner=29137&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F29137%2F230519%2Fdb251ee6af524e8f8107647457d4cc50_logo_n_horizontal.png&v=3&w=196&s=Lw-MrmDmYy65SFncj3wPHAqK

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 20:39:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 6573
expires: Wed, 31 Jul 2024 03:26:45 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 8A25 13 KB
13 KB 379ms
79ms Image
image/webp 2620:100:a001::9

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=29137&q=80&r=0&u=https%3A%2F%2Fcontent.homenetiol.com%2F2002890%2F2214404%2F640x480%2F66f02cadc4124bc9b34aae6c26dc319f.jpg&v=3&w=400&s=pF1cEx-TQFvNRjWPqEglw6ab&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 20:39:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 12908
expires: Wed, 31 Jul 2024 09:47:34 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 8A25 13 KB
13 KB 519ms
220ms Image
image/webp 2620:100:a001::9

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=29137&q=80&r=0&u=https%3A%2F%2Fcontent.homenetiol.com%2F2002890%2F2214402%2F640x480%2Fbeb50315eb57406587872214f15c783b.jpg&v=3&w=400&s=D5duzSo-lqdKBRLSvm_-TiHX&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 20:39:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 12920
expires: Mon, 29 Jul 2024 15:45:23 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 8A25 13 KB
13 KB 587ms
288ms Image
image/webp 2620:100:a001::9

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=29137&q=80&r=0&u=https%3A%2F%2Fcontent.homenetiol.com%2F2002890%2F2214404%2F640x480%2F6b21e2e080554761b81ee86bcb91efdb.jpg&v=3&w=400&s=OAwl_pbGbDXbo7CLtxBihpJA&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 20:39:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 13416
expires: Mon, 22 Jul 2024 00:28:06 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 8A25 13 KB
13 KB 402ms
103ms Image
image/webp 2620:100:a001::9

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=29137&q=80&r=0&u=https%3A%2F%2Fcontent.homenetiol.com%2F2002890%2F2214403%2F640x480%2F7f0fb031607f4280965028868fddd43f.jpg&v=3&w=400&s=pqbOD-ooUs0X0XZPOABMK0nG&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 20:39:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 13554
expires: Mon, 22 Jul 2024 00:27:31 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 8A25 14 KB
14 KB 517ms
218ms Image
image/webp 2620:100:a001::9

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=29137&q=80&r=0&u=https%3A%2F%2Fcontent.homenetiol.com%2F2002890%2F2214402%2F640x480%2F2c27a46378734c8899b8f3ddd7a455a0.jpg&v=3&w=400&s=TwNmq6WSnx4l-kVh4LH5JtlX&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 20:39:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 14606
expires: Wed, 14 Aug 2024 00:29:54 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 8A25 0
128 B 350ms
56ms Ping
text/plain 2620:100:a001::16

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=sXmRhUlof54VYe5vGwmESs8mVOUbfQwaiTTRz0VCm3gA4WwkLQCbeiIt8HCXORpgYJBo76cJC0drCuNBQ48Hg5_Dr2PApo0_ncN14jvbDqBhjXgYfLRZSM7pWyMCJ13cSgqUXFMICQd3BV0_kKWlwQfn8wQGvb73w3PSpr0H9DFlzS8KwbPBYJCckfxYk0g7IJ0ynUOxBz5oOmcSCt2zuAAy_Nyhd_CYR0v76IMArRLOQHhRBVZ_LBXIIAiIyz5PY-KRVnMccfnMwmtO&sds=2&rev=88037&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 -, , ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 21 Aug 2023 20:39:13 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 8A25 2 KB
1 KB 170ms
0ms Image
image/svg+xml 2620:100:a001::4

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 20:39:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 15 Aug 2024 20:39:14 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 8A25 2 KB
1 KB 167ms
0ms Image
image/svg+xml 2620:100:a001::4

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 20:39:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 15 Aug 2024 20:39:14 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C16D 0
0 355ms
257ms Image
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230817&jk=3711376801407383&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 203C 42 B
64 B 160ms
140ms Fetch
image/gif 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvAsO_ZKVCAiNnsw29FYvXBY1JV3oWEMM0b5yQqwYMDPSjV_p8SZFHxDM6dHVZRe1_jknfJ-yQeCiEskkY-84KaReb01AD0ok8iv2k&sig=Cg0ArKJSzD-cClwXYLm8EAE&id=lidar2&mcvt=1073&p=0,0,124,1005&mtos=736,1073,1073,1073,1073&tos=736,337,0,0,0&v=20230816&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3953984701&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692650352333&rpt=1122&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 20:39:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 8A25 13 KB
13 KB 84ms
12ms Image
image/webp 2620:100:a001::9

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 20:39:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 12908
expires: Wed, 31 Jul 2024 09:47:34 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 8A25 6 KB
7 KB 104ms
34ms Image
image/png 2620:100:a001::9

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 20:39:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 6573
expires: Wed, 31 Jul 2024 03:26:45 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 8A25 13 KB
13 KB 99ms
28ms Image
image/webp 2620:100:a001::9

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 20:39:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 13554
expires: Mon, 22 Jul 2024 00:27:31 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 8A25 14 KB
14 KB 109ms
39ms Image
image/webp 2620:100:a001::9

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=29137&q=80&r=0&u=https%3A%2F%2Fcontent.homenetiol.com%2F2002890%2F2214402%2F640x480%2F2c27a46378734c8899b8f3ddd7a455a0.jpg&v=3&w=400&s=TwNmq6WSnx4l-kVh4LH5JtlX&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 20:39:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 14606
expires: Wed, 14 Aug 2024 00:29:54 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 8A25 13 KB
13 KB 97ms
80ms Image
image/webp 2620:100:a001::9

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 20:39:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 12920
expires: Mon, 29 Jul 2024 15:45:23 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 8A25 13 KB
13 KB 88ms
72ms Image
image/webp 2620:100:a001::9

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=29137&q=80&r=0&u=https%3A%2F%2Fcontent.homenetiol.com%2F2002890%2F2214404%2F640x480%2F6b21e2e080554761b81ee86bcb91efdb.jpg&v=3&w=400&s=OAwl_pbGbDXbo7CLtxBihpJA&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 20:39:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 13416
expires: Mon, 22 Jul 2024 00:28:06 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 203C 0
23 B 199ms
197ms Image
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CErLebsvjZOmNOYyR_gSM16WQDJyB77BcyqapqnTAjbcBEAEgAGDJhoCA3KPEEIIBF2NhLXB1Yi03MTQ5NDU2ODQ1NDcxNTk2yAEJqAMByAMCqgTvAU_QeyhnhJBBA54c9vFoE4vY7RQ4SsqRTnieGCZCSZG0dvoVzTnFrfw_s3D__f2zEhK6UwG48iR0AdHnKx4u5c76u0frf7d646B_u52JAdspYg6wW_-DjHPqKqRwK6rBKvEqGbBIfBOQFePz2D-iFjgd3uhcu8saOTkRqcZ5yX0u56h0ArhQe7VhUWmcRclCaV5k4qidmnzTvhKJ55qNolQyQpZJnEphqob9XE-eotoMhZ9a4htH62W_Ub1iy1sBo3OWNIaGHn3pcxY5uCyHl4YUIBAckRGUQSp39mEUEbpBdRZYcxymxAYo6PZrR-k9gAaB9d7T_P7zqVCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTcxNDk0NTY4NDU0NzE1OTYYAA&sigh=H5zqCad8Mr4&uach_m=[UACH]&cid=CAQSGwBpAlJWNHXrv9uUoTOP8SVP_zd4JWLWUVqJLhgB&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 21 Aug 2023 20:39:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 21 Aug 2023 20:39:15 GMT

GET
H2 200 notify
rtb.va.us.criteo.com/google/auction/ Frame 203C 0
126 B 273ms
54ms Image
text/plain 2620:100:a001::3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=ksDDFM36RO0HfOIinRcCAAAAGSAnUhzPHFyCrb87EG7L42TsJ76wieP1oIH9AAASAAAKCkFRVUJDZ0VQQ2c&wp=ZOPLbgAORukKn4iMAAlrjCZt64tIJ6IHWtd5zQ&cbvp=2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::3 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 20:39:14 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 235118
server: Kestrel
content-length: 0

GET generate_204
tpc.googlesyndication.com/ Frame FCC5 0
0

POST all
csm.us.criteo.net/ Frame 8A25 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/generate_204?rc5sPA

Domain: csm.us.criteo.net
URL: https://csm.us.criteo.net/all?cppv=3&cpp=sXmRhUlof54VYe5vGwmESs8mVOUbfQwaiTTRz0VCm3gA4WwkLQCbeiIt8HCXORpgYJBo76cJC0drCuNBQ48Hg5_Dr2PApo0_ncN14jvbDqBhjXgYfLRZSM7pWyMCJ13cSgqUXFMICQd3BV0_kKWlwQfn8wQGvb73w3PSpr0H9DFlzS8KwbPBYJCckfxYk0g7IJ0ynUOxBz5oOmcSCt2zuAAy_Nyhd_CYR0v76IMArRLOQHhRBVZ_LBXIIAiIyz5PY-KRVnMccfnMwmtO&sds=2&rev=88037&sendBeacon=true

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1(Line 21) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4.bp.blogspot.com
ads.us.criteo.com
caraprint.blogspot.com
cat.va.us.criteo.com
cdnjs.cloudflare.com
csm.us.criteo.net
fonts.gstatic.com
googleads.g.doubleclick.net
imageproxy.us.criteo.net
pagead2.googlesyndication.com
partner.googleadservices.com
rtb.va.us.criteo.com
static.criteo.net
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
csm.us.criteo.net
tpc.googlesyndication.com
2606:4700::6811:180e
2607:f8b0:4006:806::2003
2607:f8b0:4006:80d::2002
2607:f8b0:4006:80f::2002
2607:f8b0:4006:816::2001
2607:f8b0:4006:817::2002
2607:f8b0:4006:81c::2002
2607:f8b0:4006:81d::2001
2607:f8b0:4006:823::2004
2607:f8b0:4006:824::2001
2620:100:a001::16
2620:100:a001::24
2620:100:a001::3
2620:100:a001::4
2620:100:a001::9
74.119.119.147
2a362f0f4e8a74981f83e9dbad997ba1791af6f74425625b5db0452b505ee215
32d6568ca239e41015ba79810bacac7df293b68a521cc3d6e8e2ea49122b0aeb
37cd45164bda322f25544177c38fa60f1afcc6dfa2c52809d37f01e08c8715a7
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec
539170a62c56015e2751dde62bb6789cb4f28d5a1391b03afdf494490f9fa5da
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
7017b7cb3bd4164c4d280141a70283edd66b11565eb48ff2a3111defc9e8ab6e
8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5
a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd
cdff6f7e4cda584673c7565970d4489fd5b81befaed2937ffeb99774e372cdb8
f54097dcd5b11e81eb2e218cc74486fa299aaa77d8719e960b1103f1c191556a

caraprint.blogspot.com Open in urlscan Pro 2607:f8b0:4006:824::2001 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

49 Requests

96 %HTTPS

94 %IPv6

10 Domains

16 Subdomains

17 IPs

1 Countries

790 kBTransfer

2226 kBSize

Cookies

0 Outgoing links

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

caraprint.blogspot.com Open in urlscan Pro
2607:f8b0:4006:824::2001 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

96 %
HTTPS

94 %
IPv6

10
Domains

16
Subdomains

17
IPs

1
Countries

790 kB
Transfer

2226 kB
Size

49 HTTP transactions
2 data transactions