urlscan.io logo urlscan.io
SecurityTrails logo

www.threatminer.org Open in urlscan Pro
2606:4700:20::681a:feb  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Submission: On March 17 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 54 IPs in 6 countries across 49 domains to perform 503 HTTP transactions. The main IP is 2606:4700:20::681a:feb, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.threatminer.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 28th 2021. Valid for: a year.
This is the only time www.threatminer.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
31 2606:4700:20:... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
7 2606:2800:234... 15133 (EDGECAST)
11 2606:4700:20:... 13335 (CLOUDFLAR...)
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 20 172.66.41.9 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 199.232.192.134 54113 (FASTLY)
24 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
3 2600:9000:215... 16509 (AMAZON-02)
1 151.101.64.134 54113 (FASTLY)
1 142.250.181.226 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 199.232.196.64 54113 (FASTLY)
4 199.232.196.134 54113 (FASTLY)
9 2a00:1450:400... 15169 (GOOGLE)
1 2 104.244.42.8 13414 (TWITTER)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 67.202.105.33 32748 (STEADFAST)
2 8 104.90.181.210 16625 (AKAMAI-AS)
1 51.89.9.253 16276 (OVH)
6 6 192.82.242.208 62713 (AS-PUBMATIC)
3 4 142.250.186.130 15169 (GOOGLE)
2 2 185.64.190.80 62713 (AS-PUBMATIC)
2 2 198.47.127.20 3257 (GTT-BACKB...)
2 4 35.227.248.159 15169 (GOOGLE)
4 4 37.252.173.27 29990 (ASN-APPNEX)
1 35.244.159.8 15169 (GOOGLE)
4 4 54.153.103.110 16509 (AMAZON-02)
4 4 213.19.147.44 3356 (LEVEL3)
2 3 35.71.131.137 16509 (AMAZON-02)
2 2 64.202.112.127 22075 (AS-OUTBRAIN)
1 178.162.133.149 60781 (LEASEWEB-...)
1 34.250.1.173 16509 (AMAZON-02)
1 174.137.133.49 27257 (WEBAIR-IN...)
2 2 34.255.218.80 16509 (AMAZON-02)
2 2 18.185.44.17 16509 (AMAZON-02)
1 2 38.27.122.158 174 (COGENT-174)
1 1 198.148.27.140 19189 (PULSEPOINT)
1 216.52.2.39 29791 (VOXEL-DOT...)
1 1 193.0.160.128 54312 (ROCKETFUEL)
1 67.202.105.24 32748 (STEADFAST)
65 151.101.193.44 54113 (FASTLY)
20 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
7 2a02:2638:1::2 44788 (ASN-CRITE...)
10 2a02:2638:1::11 44788 (ASN-CRITE...)
2 6 13.32.99.23 16509 (AMAZON-02)
1 2 209.54.177.54 16509 (AMAZON-02)
1 1 154.59.122.79 174 (COGENT-174)
1 1 2001:678:cb4:... 56396 (AMOBEE)
1 1 50.17.222.208 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
30 2606:2800:134... 15133 (EDGECAST)
70 2a02:2638::3 44788 (ASN-CRITE...)
7 2600:9000:225... 16509 (AMAZON-02)
10 178.250.2.148 44788 (ASN-CRITE...)
2 2a02:2638::2 44788 (ASN-CRITE...)
83 178.250.2.135 44788 (ASN-CRITE...)
13 178.250.2.150 44788 (ASN-CRITE...)
4 2606:2800:233... 15133 (EDGECAST)
2 2606:2800:233... 15133 (EDGECAST)
2 2a04:4e42:400... 54113 (FASTLY)
2 141.226.224.32 200478 (TABOOLA-AS)
503 54
31    2606:4700:20::681a:feb (United States)

ASN13335 (CLOUDFLARENET, US)
www.threatminer.org
6    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
7    2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
11    2606:4700:20::681a:672 (United States)

ASN13335 (CLOUDFLARENET, US)
thmirt.robtex.com
1    2606:4700:10::6814:9710 (United States)

ASN13335 (CLOUDFLARENET, US)
i.creativecommons.org
1    2606:4700:20::681a:5d6 (United States)

ASN13335 (CLOUDFLARENET, US)
licensebuttons.net
20    172.66.41.9 (United States)

ASN13335 (CLOUDFLARENET, US)
resources.infolinks.com
router.infolinks.com
rt3024.infolinks.com
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    199.232.192.134 (United States)

ASN54113 (FASTLY, US)
threatminer.disqus.com
24    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
5    2a00:1450:400e:810::200e (Ireland)

ASN15169 (GOOGLE, US)
cse.google.com
3    2600:9000:2156:d800:6:8656:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
c.disquscdn.com
1    151.101.64.134 (United States)

ASN54113 (FASTLY, US)
disqus.com
1    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
4    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    199.232.196.64 (United States)

ASN54113 (FASTLY, US)
tempest.services.disqus.com
4    199.232.196.134 (United States)

ASN54113 (FASTLY, US)
referrer.disqus.com
9    2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    104.244.42.8 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
1    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googleapis.com
1    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
clients1.google.com
1    67.202.105.33 (United States)

ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net
de.tynt.com
8    104.90.181.210 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-181-210.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
1    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
6    192.82.242.208 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
4    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
cm.g.doubleclick.net
2    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image4.pubmatic.com
4    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
4    37.252.173.27 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
4    54.153.103.110 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-153-103-110.us-west-1.compute.amazonaws.com
ups.analytics.yahoo.com
4    213.19.147.44 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
3    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    64.202.112.127 (Leesburg, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    178.162.133.149 (Rijswijk, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
1    34.250.1.173 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-1-173.eu-west-1.compute.amazonaws.com
s.cpx.to
1    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
2    34.255.218.80 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-218-80.eu-west-1.compute.amazonaws.com
ad.360yield.com
2    18.185.44.17 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-44-17.eu-central-1.compute.amazonaws.com
pixel.advertising.com
2    38.27.122.158 (Chestertown, United States)

ASN174 (COGENT-174, US)
match.bnmla.com
1    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    216.52.2.39 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
1    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    67.202.105.24 (United States)

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
65    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
15.taboola.com
images.taboola.com
vidstat.taboola.com
imprammp.taboola.com
20    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
10    2a00:1450:400e:810::2002 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagservices.com
7    2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl.eu.criteo.com
10    2a02:2638:1::11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
6    13.32.99.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-23.fra60.r.cloudfront.net
sb.scorecardresearch.com
2    209.54.177.54 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    154.59.122.79 (United States)

ASN174 (COGENT-174, US)
ums.acuityplatform.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    50.17.222.208 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-17-222-208.compute-1.amazonaws.com
nep.advangelists.com
1    2a00:1450:400e:811::200a (Ireland)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
30    2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)
cdn.syndication.twimg.com
pbs.twimg.com
70    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
7    2600:9000:225a:7400:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)
secure-gl.imrworldwide.com
10    178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl.eu.criteo.com
2    2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr.eu.criteo.com
83    178.250.2.135 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.am5.vip.prod.criteo.com
pix.eu.criteo.net
13    178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
4    2606:2800:233:8173:898f:63b3:95c3:79d2 (United States)

ASN15133 (EDGECAST, US)
abs.twimg.com
2    2606:2800:233:7ee2:97c:ab4c:6c70:be36 (United States)

ASN15133 (EDGECAST, US)
ton.twimg.com
2    2a04:4e42:400::300 (United States)

ASN54113 (FASTLY, US)
pips.taboola.com
2    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
Apex Domain
Subdomains		 Transfer
166 criteo.net
static.criteo.net — Cisco Umbrella Rank: 600
pix.eu.criteo.net — Cisco Umbrella Rank: 7328
csm.eu.criteo.net — Cisco Umbrella Rank: 7422
585 KB
69 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 971
trc.taboola.com — Cisco Umbrella Rank: 562
15.taboola.com — Cisco Umbrella Rank: 1773
images.taboola.com — Cisco Umbrella Rank: 1507
vidstat.taboola.com — Cisco Umbrella Rank: 1762
imprammp.taboola.com — Cisco Umbrella Rank: 11235
pips.taboola.com — Cisco Umbrella Rank: 1686
cds.taboola.com — Cisco Umbrella Rank: 997
4 MB
36 twimg.com
cdn.syndication.twimg.com — Cisco Umbrella Rank: 1236
pbs.twimg.com — Cisco Umbrella Rank: 615
abs.twimg.com — Cisco Umbrella Rank: 1748
ton.twimg.com — Cisco Umbrella Rank: 5352
597 KB
31 threatminer.org
www.threatminer.org
1 MB
29 criteo.com
rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 11348
ads.eu.criteo.com — Cisco Umbrella Rank: 7435
cat.nl.eu.criteo.com — Cisco Umbrella Rank: 9430
rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 12341
509 KB
26 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 90
tpc.googlesyndication.com — Cisco Umbrella Rank: 122
290 KB
25 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
cm.g.doubleclick.net — Cisco Umbrella Rank: 176
111 KB
20 infolinks.com
resources.infolinks.com — Cisco Umbrella Rank: 7674
router.infolinks.com — Cisco Umbrella Rank: 2493
rt3024.infolinks.com — Cisco Umbrella Rank: 65691
195 KB
19 google.com
cse.google.com — Cisco Umbrella Rank: 2215
adservice.google.com — Cisco Umbrella Rank: 57
www.google.com — Cisco Umbrella Rank: 2
clients1.google.com — Cisco Umbrella Rank: 386
221 KB
11 robtex.com
thmirt.robtex.com
100 KB
10 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 147
356 KB
10 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 570
image2.pubmatic.com — Cisco Umbrella Rank: 774
image4.pubmatic.com — Cisco Umbrella Rank: 765
3 KB
9 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 525
syndication.twitter.com — Cisco Umbrella Rank: 769
214 KB
8 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 476
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 496
9 KB
8 disqus.com
threatminer.disqus.com
disqus.com — Cisco Umbrella Rank: 2684
tempest.services.disqus.com — Cisco Umbrella Rank: 12787
referrer.disqus.com — Cisco Umbrella Rank: 6134
reporting.services.disqus.com Failed
61 KB
7 imrworldwide.com
secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1442
5 KB
6 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 125
4 KB
4 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 268
1 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 205
4 KB
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 365
1 KB
4 google.de
adservice.google.de — Cisco Umbrella Rank: 8832
1 KB
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 293
1 KB
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 491
2 KB
3 disquscdn.com
c.disquscdn.com — Cisco Umbrella Rank: 3984
240 KB
2 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 260
1 KB
2 bnmla.com
match.bnmla.com — Cisco Umbrella Rank: 1498
1 KB
2 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 307
674 B
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 630
648 B
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 528
605 B
2 googleapis.com
www.googleapis.com — Cisco Umbrella Rank: 29
imasdk.googleapis.com — Cisco Umbrella Rank: 399
124 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
20 KB
1 advangelists.com
nep.advangelists.com — Cisco Umbrella Rank: 1943
232 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 690
425 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 970
637 B
1 33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 807
72 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 631
759 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 594
277 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 517
413 B
1 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 3771
233 B
1 cpx.to
s.cpx.to — Cisco Umbrella Rank: 1700
945 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 843
474 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 829
475 B
1 openx.net
u.openx.net — Cisco Umbrella Rank: 621
305 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 797
814 B
1 tynt.com
de.tynt.com — Cisco Umbrella Rank: 1136
289 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 716
646 B
1 licensebuttons.net
licensebuttons.net — Cisco Umbrella Rank: 19955
1 KB
1 creativecommons.org
i.creativecommons.org — Cisco Umbrella Rank: 21462
314 B
0 inmobi.com Failed
sync.inmobi.com Failed
503 49
Domain Requested by
83 pix.eu.criteo.net ads.eu.criteo.com
70 static.criteo.net ads.eu.criteo.com
31 www.threatminer.org www.threatminer.org
29 pbs.twimg.com www.threatminer.org
platform.twitter.com
28 images.taboola.com www.threatminer.org
cdn.taboola.com
vidstat.taboola.com
21 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
20 tpc.googlesyndication.com googleads.g.doubleclick.net
16 cdn.taboola.com www.threatminer.org
cdn.taboola.com
14 router.infolinks.com 2 redirects resources.infolinks.com
router.infolinks.com
ssum-sec.casalemedia.com
13 csm.eu.criteo.net ads.eu.criteo.com
11 thmirt.robtex.com www.threatminer.org
thmirt.robtex.com
10 cat.nl.eu.criteo.com ads.eu.criteo.com
10 ads.eu.criteo.com googleads.g.doubleclick.net
10 www.googletagservices.com googleads.g.doubleclick.net
9 www.google.com cse.google.com
www.google.com
www.threatminer.org
googleads.g.doubleclick.net
8 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
7 secure-gl.imrworldwide.com ads.eu.criteo.com
7 rtb.nl.eu.criteo.com googleads.g.doubleclick.net
7 platform.twitter.com www.threatminer.org
platform.twitter.com
6 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
6 sb.scorecardresearch.com 2 redirects cdn.taboola.com
www.threatminer.org
6 image8.pubmatic.com 6 redirects
6 pagead2.googlesyndication.com www.threatminer.org
pagead2.googlesyndication.com
www.googletagservices.com
5 15.taboola.com cdn.taboola.com
5 trc.taboola.com cdn.taboola.com
www.threatminer.org
5 cse.google.com www.threatminer.org
www.google.com
cse.google.com
4 abs.twimg.com www.threatminer.org
4 ups.analytics.yahoo.com 4 redirects
4 ib.adnxs.com 4 redirects
4 pixel.tapad.com 2 redirects router.infolinks.com
4 cm.g.doubleclick.net 3 redirects ssum-sec.casalemedia.com
4 referrer.disqus.com www.threatminer.org
4 adservice.google.com pagead2.googlesyndication.com
4 adservice.google.de pagead2.googlesyndication.com
4 resources.infolinks.com www.threatminer.org
resources.infolinks.com
3 imprammp.taboola.com www.threatminer.org
3 match.adsrvr.org 2 redirects ssum-sec.casalemedia.com
3 sync.1rx.io 3 redirects
3 c.disquscdn.com threatminer.disqus.com
2 cds.taboola.com cdn.taboola.com
2 pips.taboola.com cdn.taboola.com
2 ton.twimg.com platform.twitter.com
2 rtb.fr.eu.criteo.com googleads.g.doubleclick.net
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 match.bnmla.com 1 redirects router.infolinks.com
2 pixel.advertising.com 2 redirects
2 ad.360yield.com 2 redirects
2 b1sync.zemanta.com 2 redirects
2 image4.pubmatic.com 2 redirects
2 image2.pubmatic.com 2 redirects
2 ssum-sec.casalemedia.com 1 redirects router.infolinks.com
2 rt3024.infolinks.com resources.infolinks.com
2 syndication.twitter.com 1 redirects platform.twitter.com
2 tempest.services.disqus.com threatminer.disqus.com
2 www.google-analytics.com www.threatminer.org
www.google-analytics.com
1 cdn.syndication.twimg.com platform.twitter.com
1 imasdk.googleapis.com resources.infolinks.com
1 nep.advangelists.com 1 redirects
1 ad.turn.com 1 redirects
1 ums.acuityplatform.com 1 redirects
1 ssc-cms.33across.com router.infolinks.com
1 p.rfihub.com 1 redirects
1 ap.lijit.com router.infolinks.com
1 bh.contextweb.com 1 redirects
1 dsp.adkernel.com router.infolinks.com
1 s.cpx.to router.infolinks.com
1 sync.go.sonobi.com router.infolinks.com
1 sync.targeting.unrulymedia.com 1 redirects
1 u.openx.net router.infolinks.com
1 onetag-sys.com router.infolinks.com
1 de.tynt.com router.infolinks.com
1 clients1.google.com www.threatminer.org
1 www.googleapis.com www.threatminer.org
1 partner.googleadservices.com pagead2.googlesyndication.com
1 disqus.com threatminer.disqus.com
1 threatminer.disqus.com www.threatminer.org
1 licensebuttons.net www.threatminer.org
1 i.creativecommons.org 1 redirects
0 reporting.services.disqus.com Failed www.threatminer.org
0 sync.inmobi.com Failed router.infolinks.com
503 80
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-28 -
2022-06-27		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-20 -
2022-10-19		 a year crt.sh
robtex.com
Cloudflare Inc ECC CA-3		 2022-01-04 -
2023-01-04		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.disqus.com
DigiCert SHA2 Secure Server CA		 2020-04-20 -
2022-05-09		 2 years crt.sh
*.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
a.disquscdn.com
Amazon		 2021-10-31 -
2022-11-28		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
*.services.disqus.com
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-01-31 -
2023-03-04		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G2		 2021-12-30 -
2023-01-31		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-15 -
2022-06-13		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-09 -
2022-04-10		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-02 -
2022-05-03		 3 months crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-04 -
2023-02-03		 a year crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-13 -
2022-06-09		 3 months crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-03 -
2022-05-02		 3 months crt.sh

This page contains 37 frames:

Primary Page: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Frame ID: 204DFEBEDD4064339949407D96458280
Requests: 101 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20190131/zrt_lookup.html
Frame ID: 8C7ADFBC3EC5CEDCCAF0DA20F214E45B
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Fwww.threatminer.org
Frame ID: 2330DC0EBC4C45E3E8D15E89FD47A65A
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=250&slotname=4491384285&adk=1382012186&adf=1527761000&pi=t.ma~as.4491384285&w=299&fwrn=4&fwrnh=100&lmt=1647548539&rafmt=3&psa=0&format=299x250&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538966&bpp=3&bdt=426&idt=137&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&correlator=4830888718068&frm=20&pv=2&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=229&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=aBaSKfZ2Hs&p=https%3A//www.threatminer.org&dtd=152
Frame ID: 855BFB59FFAFD2F41239245421094E95
Requests: 8 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=3241790&wsid=0&pdom=www.threatminer.org&purl=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com
Frame ID: 233FBD98522CE513C2FBCF0E66DFF0CE
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=600&slotname=6407101181&adk=2989800909&adf=2245449527&pi=t.ma~as.6407101181&w=299&fwrn=4&fwrnh=100&lmt=1647548539&rafmt=1&psa=0&format=299x600&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538969&bpp=1&bdt=428&idt=211&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&prev_fmts=299x250&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=507&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QIRl9h6rff&p=https%3A//www.threatminer.org&dtd=214
Frame ID: 5D21CDEC754EFC5166B0C13395C7123E
Requests: 7 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=threatminer&t_i=ip.acc.sogou.com&t_u=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&t_d=Domain%3A%20ip.acc.sogou.com%20%7C%20ThreatMiner.org&t_t=Domain%3A%20ip.acc.sogou.com%20%7C%20ThreatMiner.org&s_o=default
Frame ID: 2950A4E868881287724420D8F75F1C5B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=1381165906&adk=2644663765&adf=151644923&pi=t.ma~as.1381165906&w=1182&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1182x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538970&bpp=1&bdt=430&idt=252&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&prev_fmts=299x250%2C299x600&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=359&ady=115&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=QlNNHv7nVl&p=https%3A//www.threatminer.org&dtd=258
Frame ID: 68F54F468A445FE51574E5477332F917
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=6125219520&adk=3585176026&adf=1896753424&pi=t.ma~as.6125219520&w=1200&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538971&bpp=1&bdt=431&idt=261&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&prev_fmts=299x250%2C299x600%2C1182x200&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1119&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=dYfuRtYqdc&p=https%3A//www.threatminer.org&dtd=266
Frame ID: ADAE6125782DEA2D3A784697F80FC126
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=6496738703&adk=1604286506&adf=3735847537&pi=t.ma~as.6496738703&w=1200&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538971&bpp=1&bdt=431&idt=270&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6082e33e6cecd8b1-22fb64ad5ecd0061%3AT%3D1647548539%3ART%3D1647548539%3AS%3DALNI_MZOJkIAopPNiCdrpGiFt7OQj6kt6g&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1518&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=dH5x45j7ik&p=https%3A//www.threatminer.org&dtd=274
Frame ID: 003D1E0E9004BF244B5C9283F4C556C1
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=5742076145&adk=1588915182&adf=2105686797&pi=t.ma~as.5742076145&w=1200&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538972&bpp=1&bdt=432&idt=276&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6082e33e6cecd8b1-22fb64ad5ecd0061%3AT%3D1647548539%3ART%3D1647548539%3AS%3DALNI_MZOJkIAopPNiCdrpGiFt7OQj6kt6g&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200%2C1200x200&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=2125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=vo4CNxUBt4&p=https%3A//www.threatminer.org&dtd=280
Frame ID: C3934DCC0CA782CE8CD77E27834EDF0A
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=9669696950&adk=163335597&adf=2825014424&pi=t.ma~as.9669696950&w=1200&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538972&bpp=1&bdt=432&idt=283&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6082e33e6cecd8b1-22fb64ad5ecd0061%3AT%3D1647548539%3ART%3D1647548539%3AS%3DALNI_MZOJkIAopPNiCdrpGiFt7OQj6kt6g&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200%2C1200x200%2C1200x200&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=2524&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=jGmW2bJRP8&p=https%3A//www.threatminer.org&dtd=285
Frame ID: 899E67908BAE8F7CABA5157442C4C46F
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=1384012828&adk=4073000275&adf=2966224417&pi=t.ma~as.1384012828&w=1200&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com%23gsc.tab%3D0%26gsc.q%3Dip.acc.sogou.com%26gsc.page%3D1&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538973&bpp=1&bdt=433&idt=316&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6082e33e6cecd8b1-22fb64ad5ecd0061%3AT%3D1647548539%3ART%3D1647548539%3AS%3DALNI_MZOJkIAopPNiCdrpGiFt7OQj6kt6g&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200%2C1200x200%2C1200x200%2C1200x200&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=2923&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=8XElJ5EE7k&p=https%3A//www.threatminer.org&dtd=318
Frame ID: 43D84A56414FBEF6ACA5DC1E70FF134A
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=7757849485&adk=3516063199&adf=2426225322&pi=t.ma~as.7757849485&w=1200&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com%23gsc.tab%3D0%26gsc.q%3Dip.acc.sogou.com%26gsc.page%3D1&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538973&bpp=1&bdt=433&idt=336&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6082e33e6cecd8b1-22fb64ad5ecd0061%3AT%3D1647548539%3ART%3D1647548539%3AS%3DALNI_MZOJkIAopPNiCdrpGiFt7OQj6kt6g&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200%2C1200x200%2C1200x200%2C1200x200%2C1200x200&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=3380&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=owFqdgFJV3&p=https%3A//www.threatminer.org&dtd=340
Frame ID: 28267FB7A5CF3B4BFB7B026C4FD847C0
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&adk=1812271804&adf=3025194257&lmt=1647548539&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com%23gsc.tab%3D0%26gsc.q%3Dip.acc.sogou.com%26gsc.page%3D1&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538989&bpp=1&bdt=449&idt=333&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6082e33e6cecd8b1-22fb64ad5ecd0061%3AT%3D1647548539%3ART%3D1647548539%3AS%3DALNI_MZOJkIAopPNiCdrpGiFt7OQj6kt6g&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200%2C1200x200%2C1200x200%2C1200x200%2C1200x200%2C1200x200&nras=1&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=10&uci=a!a&fsb=1&dtd=340
Frame ID: 0C13742D2D27C45D60C2BFFA877B63FA
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
Frame ID: 8819ADBD46A70936F9AEA321B87CB360
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Frame ID: 148EC2F765D171F0AF390810674239A1
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90
Frame ID: 7118F6D4C8340C7CEDB7B1480D700C29
Requests: 1 HTTP requests in this frame

Frame: https://cse.google.com/cse_v2/ads?adsafe=low&pcsa=true&cx=009665096751685288782%3Ao6_z_tmwsge&client=google-coop&q=ip.acc.sogou.com&r=m&hl=en&type=0&oe=UTF-8&ie=UTF-8&fexp=20606%2C17300842%2C17300948%2C17300950&format=p4&ad=p4&nocache=6691647548539343&num=0&output=uds_ads_only&source=gcsc&v=3&bsl=10&pac=0&u_his=2&u_tz=0&dt=1647548539344&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=4198&frm=0&uio=-&qup=1&jsid=csa&jsv=12411&rurl=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com%23gsc.tab%3D0%26gsc.q%3Dip.acc.sogou.com%26gsc.page%3D1
Frame ID: 2CB88C140D1622285CE7CB94D2C81F28
Requests: 2 HTTP requests in this frame

Frame: https://reporting.services.disqus.com/_log/taboola?placement=%7B%22domain%22%3A%20%22https%3A%2F%2Fwww.threatminer.org%22%2C%20%22experiment%22%3A%20%22network_default%22%2C%20%22position%22%3A%20%22top%22%2C%20%22shortname%22%3A%20%22threatminer%22%2C%20%22variant%22%3A%20%22fallthrough%22%7D&is_taboola_named=false&language=en&colorscheme=light&typeface=sans-serif&variant=fallthrough&forum_id=5993718&source_url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&organization_id=4448595&taboola_publisher_name=disqus-widget-safetylevel20longtail09&experiment=network_default&mode=thumbnails-a&position=top&shortname=threatminer&referrer_url=https%3A%2F%2Fwww.threatminer.org%2F&canonical_url&q=ip.acc.sogou.com&1647548539358
Frame ID: A1CCF569FA1A542D568DFD55DE869975
Requests: 32 HTTP requests in this frame

Frame: https://reporting.services.disqus.com/_log/taboola?placement=%7B%22domain%22%3A%20%22https%3A%2F%2Fwww.threatminer.org%22%2C%20%22experiment%22%3A%20%22network_default%22%2C%20%22position%22%3A%20%22bottom%22%2C%20%22shortname%22%3A%20%22threatminer%22%2C%20%22variant%22%3A%20%22fallthrough%22%7D&is_taboola_named=false&language=en&colorscheme=light&typeface=sans-serif&variant=fallthrough&forum_id=5993718&source_url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&organization_id=4448595&taboola_publisher_name=disqus-widget-safetylevel20longtail09&experiment=network_default&mode=thumbnails-b&position=bottom&shortname=threatminer&referrer_url=https%3A%2F%2Fwww.threatminer.org%2F&canonical_url&q=ip.acc.sogou.com&1647548539368
Frame ID: 7E0E611B3872A067E2B1E69D7E6E1D5D
Requests: 36 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewACYC8Iu9hHAA6Zc2IMEmV7pL4UA-nx0w&u=%7C53p4L%2Bu0rWOLeLRoFW0xlvwbAwpN%2Fl7N8awjTUH7fMI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy__U_jolI7iL-L4oo_FnJwiubozSo-ehhClHR-RUc1pMORvr7HWGnt5CeKzYGx0_R3ZptaVSSnLpMm8-bs3vtYBCtohikjPe5sAD7gPCEzs1T3b7xX-L4_NFW2CtTa711-v7bWs9q-huGrUXm3LhIR7bXvVOJQK0aNg_IA--jTl4zzDy7VFQT7zrPL3Uux2KiaKXnHS9ChsP-Z-5hRlYb0RGKWYayAcK98t5b_9ThjMJdmi3Qawc1VHy5MJ-qibN0NKRP-x-GfXPWTJjF5eKQFPgpEx8oglQcP4IGkPzyE-n0zK8PEV8ee-uP-ReVkkdPxr32R5Ry_sq0ThlWXB_l_hd47Bfbsp-oulj3xHl7p-qmSWDyNVh802qC1Ykcs4ba0hQ7KQhJzbx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-uELe5gzYq_ACcew7_UP87K64ArJntKxXPXqoYaIAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakCe9G6FdCYsj6oAwGqBOgBT9DRNPF56QzUWZ4zcJPykuEZaESU8bqsx3CXMZb-hHkR7norcLcw_bI0m6NYUSBDqSEdkdcC5LBnqRZADpFRf_UFlGCvgCEhSRrFVLMaQthoW5UnmvPtUhAfiFmHflvMI9l6R-gErI0c387QCTvH1HcAl0JRuSCxoKcyftDD1qZyjvaEfZ8STWvgDXp9PFJSze1Nqrpj35uXB59DMzsNvQE0poqLoj9OsrxXm8W2k6tIar50Y0cVUSVBnyBWbB1TajHALw1fpHJRWRbCnc4XtGJOuMJlW3sfv7Hnx5YDdy-vQ4cR75GqrYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_10JrfhKJPOIpuJH7z7rbVC-2ND3w%26client%3Dca-pub-5720763271532377%26adurl%3D
Frame ID: 8F5AA9A6BF33479CF945E6D05AA87A3E
Requests: 22 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewADXXICHkxrAAFRu8OjsMStkraaigP-oQ&u=%7C53p4L%2Bu0rWNeNOTdpoEapHDst9Y9WVczfBlGGQUdgZ8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XQ0-yw8NmxFGL_UnDcLO3UySnFSdUVgWANakzpgPUeta3Dy4CP1u-c5o_1uKljUG0hjirO8NdI8MKYmcR_tFnZMBgXQ5J6xrYRc-Nh8OndtdIaAP3DROvFmevssvQpM-kxCADcFkDLubQ5lIDrHphA96olCiXTOsBq8li2-BfvmHn7XLC3Z90ohVsxlji-n3iStS96-ixn4EWVByjTy4UkJUXAtfk3GchJVdYU5YevWUB66KK1WI4MpFbfIPtPm-AnlcbXCgDkvcHJT0MPOFVoBmL1dNxnLk_pOoOp77MdIFr0H_1tt3QZQyA_gZrTAe7KxkjfGnO-iIHjvnuEzAqN1AJhoOTvcmxs4vQKO78q1sY0ks8v0H8hWqCdgS9wcon7rzwF4pjvhE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC52Aqe5gzYvK6DeuY-cAPu6OFkA7JntKxXM3x4t2IAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBOcBT9DmDDtdxphOqGelRqfklzHYnrdlFYz7cDJHMcR1cVRXdq4Z5jzGumiiPkdj3GuvdHgAly6HDGZikrmNWY8KqPraawYy8jjc7PhC4QYIS3NF5FIcl4vPqHbFE-FixzfkVABpsjkwYZks549UYbAEZt4GNsV1okfOdh_4Rgx8MKu_WQrD1a-0sGRXRU30VtAG42IV0pY7v7pGvngvY4hbhesJow617OuAQavW2O1820POkluQmMoq4XP4jjrwuyH2p5fZSNR_9j8CE4PbkoWEhXCg7x-T7ShXS30_YFhs3Qy1HrIKg9-LgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0ydKr-MGoAOCm_-VOZZ9EEyw7w4A%26client%3Dca-pub-5720763271532377%26adurl%3D
Frame ID: B6C60826A3E9102BDAD04432741CDF73
Requests: 22 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEJikKGU0QAA1KMgeVI_KPrKQZ1NQn4w&u=%7C53p4L%2Bu0rWOJoLpU%2BYTZ3OIFKjwUiOExSZYxUBAXJLU%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZ55jg2GioG1UNIFjG3inPavEoiWtYxQZz4Q9ofnHFKvp5tmIESiIMle3GPQat4DvzKiGgSbpZQzY_VRmW7eFbQbk6uNFEX7tavK404LuC1MEbFzzxWiIdyMYWgl4IJHj9qVfeN4ULFZsawAyyEjjer6PZIIlohMVDJIOomiLDjCOB2C29gV8xH0bdTeTBQ_SlzbhD4IPwoA8dCr7EAeCe0r5KkDw-5ylp0FoJMP06ZAhynKAMjcoTMVdC_TYLER7fvi17Xy-sj9Ak7jO2y3ci7d-gYL4mSezWZToHG7YLMGFnCW9m7dLdCGo_G-3VX9TRTXgWHprRvSIrWjM1KL9CcpX1uUAvMYI-MvGZ3uE_CRT6aU2Fj2eoy&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4dMze5gzYqnMEJCaZbKUtZgOyZ7SsVzFjIvgmgHAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTcyMDc2MzI3MTUzMjM3N6AB1bbS6gPIAQmpAu2N_Nuno7I-qAMBqgTvAU_QD05-yofHDk-7d6zWfLG2OkCnHbn3iblKBIERoA6sywWd2u0EyzIbSghwU8tck5pJlQjKvxMgrnlFYsj0smOe2IYdQHcZxLDVChWPbhtgVeJsWqkbF1b6YcYqozTdEMLjizmIkc2yP5-MglVcHQV0Y2n5QBVsF_jqmDJzK_vDTI9VctwvT7KKB5KmDMRAVgg6kN0Zjvx0m4uo3sBZUks11M35ZsyQjtjPSucrw3-ppeRqZK9AHD4gbWmTr45eD5G5pe8WMeEzFCLZ45A7kV7wK7GZe02gUxsXxJmcz-NxoIPY6NS5WxI0FDmFiKyXgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0dj-o0CYlVfpKDd88i_kIC78yxvQ%26client%3Dca-pub-5720763271532377%26adurl%3D
Frame ID: 9189DAB942FE47ED4DB14C89079A81D2
Requests: 24 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEBRgKwl6LAAKEXv664g0NaSbCJWcKyQ&u=%7C53p4L%2Bu0rWOz40uVORlbv9jHVFGy189UnSy90Gbl0dA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKywk3aerMLAZFsyz9DD3N0k1--LnXBitkMdeKTnUxXH-3iNVHErUWUFog4Xp6U3xcnVV4X8sI9s0oqlRGvaA5qebco6zguNpaYxSy4dJ2s9eC5-5snf4ikswnEgqm0RJN-rrR8FsiTKpzgq9eBwp9LIsJ5v-7J1U8aaxKkImkoX8fMVAHxyJqP7FajKpkP5oadx7cG947pMjTADfpHgvygaGtbKwhBq5immos8cr0fMnA4WfcjzHeH-aoirTW7lBkXgriN7_cwZ3pSu7J2oUw1P62W7EC5eVpMjCWuB0ILhYqUG642NscMcRRVw8g0MnQcZUH2M1DSgC1mcXVcg15RKoOUbfRPv9PaNTMfufnOCc9El0XbQik1nkJ1PpHMBJm5LBPJ_nJv7K3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCluXNe5gzYpiKEIu9iQbeiArJntKxXLWY49aTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBOkBT9D_DEO3-tH1QI137xX8ZJlO8jTLmr0MPUae-AwoZOhSE4cmZZXEVqs6ibt-ZUSHRkcu5rHwggLHSvVG5WRJWIG8mC-thCscu-YjBqQMPTTMpp5s8dhXqeK5T_MIa9zL2CSsaAldd2HmRNtHUn8cqBYC23g8g52qL7zashZhMSEz8xjDmHAA06Uwpw47sUK9EQK70QYPsvN-9f_ewcf35ahYD5usKTYKQhPjW8S0q0Ou9OtolXyL4LhYGA8-T5Jw33Epgcl-8U9xd1Rp4ODjgz_n52KTccVhIijhBf_q7386P_i20JsmeBKABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_26XfUpxHuy4m_QhzKj6jNfTc9A7Q%26client%3Dca-pub-5720763271532377%26adurl%3D
Frame ID: C318C79A94473CCF6236A47A19F188E9
Requests: 24 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAFBNQKwlSvAAr6C7Wf3l8tKt5G_N6MsQ&u=%7C53p4L%2Bu0rWNn4i3xCBKCIxYnCP%2FzJOWrZ%2B6D8H6ABdM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZaAgZ6Zq4A97VoyRtB5juWrbcTCGS5dG8n78RyvSsyonrnv6k0TN2Vw2r_H89DYzUrXZOjNvuLW31lxHy6-FkZboMzx3ZVxAMhxjPqpWNpcMHv0AuLjMFSxCiZzWxFxHo3-7SBq9y29En88DR45xIjItPZxf6LJOQBZh0fZIWdqUa2ll9xha5ZMkdSmEoAbOcQVwxKCzyGcmGvWwEadvbWDVpbAvwoxve1z8TZExayxcdXAviKINBd_XN5lupepBtibwGKOxQmQAM170gTU5KN3O4Ep684qGxIBDLK6IPL7uyvocqjQ7YrtvixP3_Nvke4R-EM55wfKDJGSs31b28EzobkZAVNQZI0T6iiposyj_b1AnKW3vRK1T3bvSu2wDA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbmdre5gzYtSJFK-piQaL9KvwCcme0rFc9eqhhogBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQLtjfzbp6OyPqgDAaoE7gFP0MH0kXzSeUKXy-CPaWSWqNaTZOrMvVp0HkGLqX1aLbiO4XbXzH5CHKAg9a2pL_pMaoj1H7UtLRvOy3oEu5r4vwIPkmxCfrnREYX6Mj9WqcxF1r3EcdClZMfvDOWxMYjjMV2fiOOIeIySqPJGHxCa7CrAtoWauYWmDo-O3-K89l_zN-7YbQKfOQJs19Q9O-0hhtGBu5ihjv8cAT2vkIKu78DD16lEk8QiD60r8jc10z0DVbY1DjczXmGzndE4YPM6EAYnVO6moqACSd6I5FL0sqBITQbbQxcKnSoMJ3nmgxq5u1iuoFjZSLpIvUHdgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_04DDEXhZq359YFxJbqUUK6sxcNjg%26client%3Dca-pub-5720763271532377%26adurl%3D
Frame ID: AD4C08496ED586118397F188F3D6D3E3
Requests: 23 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEVU8CHkaPAAyfC9FjAq2If5WfIw0mCw&u=%7C53p4L%2Bu0rWM%2BTsyFqirdRWCTyUNie9PYtftzCAkF%2FHg%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZ70Q6dia6bMfzyoS-aYT9Fx4ee-Awz8y4_TTAPGhvJRXzrsiDKrq10REObWzELP_66DRq458QX0gR7eWxdPlXaZT8SKOEAclUUMGNM4GccGo52zFKHTXtnRSBR_VaLD5HZz1rspDQQOPIas2FB3_qR3ucekWhQ3wBlBlpmLLI6lY8kJpG-2SSo8ym0EuloqJ8YqIHZWStKAUx7MstTKUveKWp3ebuPatzWy2OpKSii5Wq9iecsK1HbsxygoON7JxHchBWTeYTKiYqpijra0ZYqEVqla3op5K2v3ViApRk-kwLXOpxzE-5O-Prm8PDlPT3x98ccdxl4OkQiEwFLZOIyucCPg0RpEm_R4-QgIw7G0V87g5abZfPR&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-apqe5gzYs-qEY-N-cAPi76ymALJntKxXPXalvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQLtjfzbp6OyPqgDAaoE7gFP0G06ASU2uAT6jyKaLDBf3wKKz9gfNsbNvu4YSslJ4YhVMHE1AdtR78-YQsfhFFnMLcPLIYC8Hdm4ds1aR-OEUmPWaD7ENAD4uibJ3nXH33UvJkqlmjaOCHuS-iAylKPq295eVF2lfQP-m5twGXQzVSWPUIgKgULHblqNu8unWL5Uki6YA6NU8VqO41iLCI4kQV5PfJEhxnRVZEqxT1tAGm3q-IuzIwd8RlQJT8ulpCGpzzC_uEva2NhqlFa78TLb98o13LmDiciOk9vIgNAPZc33oUvgDhaPA--Ezm-M39V6ewH5Twtk1WhVTZUpgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0boZxqM0isbECGkIQIvkt8Dlw7Cg%26client%3Dca-pub-5720763271532377%26adurl%3D
Frame ID: 60511EDCEDAB6CCB75FC0292CB5F77CC
Requests: 21 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEavYKGRsCAA0K8fBPL5xdFtQ0QUk4Yw&u=%7C53p4L%2Bu0rWOy%2F1rxsRFMKk8g3%2FwCUHl5uNb%2FH5tIBVw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfbhC2m1A6WTTEufLo8HoGRYa45YGGUAqy4AywvQ9yT2o3NG4NRf_zk2AHO8p_D4_vw6pd7lHRffu6TqJCil9_8wBCVgY4uxrNspSo4_0e9Fz2qaio3WlqPiJDlw2CDCbzwuVhocKugljEil8NHkN2XJEXiZLjCB-dHZGuBvlyFLWUBh8H6TNRYvPhKYE8upM2qF-YvQ2jZrVsDCvlp5cmwVGtYuHqqJejZdW7IyszhHn9egG93dVJ1d5rIP_GHpsj7NCxxq1OSQLPk_b6zBrSs8zu-oJNdPL0PVFkzqCHjXQrB7NsjN51SLc-b2Ll2inWvRJlf0YEjtQ7cWS1O7cFJNcqI5k7jO0e8H115i6cF0LCzf_ugHj5Xv&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCobgwe5gzYvbVEYK2ZPGVtPAGyZ7SsVyF_pf3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBO4BT9CEZO93g4eJ6gbs4-12BnhlNfLYyQfUue_RqEvSbo37BXK1SQ2V600cP_YMd8-9y5ND-C_PXc8M-OTEk71GwryjLL6Cbsu45lNN-BMskkbVG1B8_aSSudt4V2-AfTCDvQtQE-UOTQ7Nko9OuSLwZ9LDJ-xN697JYQ5jULaSsyblRyeMV8RN4VRfGDjEHO3Nmi8mBpA83pezEOFdsUQO54FYZDRODyCt-XC4u1rHTVG0YZyr9CN4ivDte_b8frmIA-iDNIUONNBzr0kNWKs4jhacuUok5PEeyzwPQvZlEoST52NQieE1czH8U3H0noAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0uiMg3xn3GRAMDHZFAVg0e76_qKw%26client%3Dca-pub-5720763271532377%26adurl%3D
Frame ID: 924ADB06ED6167208536918ED6DC0472
Requests: 23 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEffwCHkMJAA8DdPERq1dGt6bgudtwuQ&u=%7C53p4L%2Bu0rWN58YE5tUTS7ovOL2wpomK5zsMhbCPhDOI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy3JygHL7QPZbHQg5vtw827UZuL-K2XIlI_HIIoK5Yw9BJjaku2-EdFUqMZy9wvtdHma2jh0Mr4Om94qV24hCREvtjjSzBY9OMRlwBKGUyblphCb5GSrQYfustV3nP8gS9mMEW1mbwEqByUjteOu695KWM3vQwjcVB43GGzw6Xe2THuwTfPH6I3Fwzid42nRxiv9cS4HDSuk1nZWsFt6YlvSBcrbuEZgJDUmKhx_HbXdw2guMLKuDBJhJcYZTJf2bHMvCuGRZylDfM-xCCif69ZNQouFDS2qrHesz_K74b7u7PgLWQsU5DTN7chRHGiZkTccixZZ2Zq_v489QbL9pkkBCYKtxVPN2P9HPc1wn_4GKHoBK7gYc4Wlz7UWf0-8PLSKQsWbkQoCd&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfdcse5gzYvz7EYmG-cAP9Ia8-AHJntKxXM3hkvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQJ70boV0JiyPqgDAaoE7gFP0Ae1QU__BGkr6YCbuQl3UkfK1Yizj1k-sb_SKTHmLeKLO4a2xTkuN_iBOGNQpszVMkn3YeTaVVYPv6cE1T-QeVTq6lvVkyvyeRnW8-TJ18kA7Be2GQFgo2vP3xowTT89mbAgglFbHdpnUkwxd3MSdI4pCR6MkIOaxFVaUTFbhcGPgEhc7JCHk3yeUXQHIxJoabeepb07MH1jbsJd8FY1Vma2vjJMHx8820UufRplB-cVrHp87p_zMvjDNgkBuRL4n6P999I-KpmAM0WHzM_clbQs4ZQiMBpPfW2fR4cKXfUBjVzKMvt-0WKaqrHvgAaalI351ZKE078BoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_12lleO4KPSwB-GqkIMR_X3GsZUHg%26client%3Dca-pub-5720763271532377%26adurl%3D
Frame ID: 21FCCE2CE788C58C5CB97F1D85E0B7F5
Requests: 12 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAFXhQCHkItAAhrcCGKFIu_PvOdT-9SKQ&u=%7C53p4L%2Bu0rWPphGaIm%2FFdHttMPf%2BxfQjPlAmgqGmWYW0%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy3JygHL7QPZbHQg5vtw827VIdug1IH5QSs611gFA-0cRVozMc2BBFD8gBDxD-jInhsI4iS1mf-pRLoXmySWDexqH-9_IbotiGyX2mohiwxwROdUgmjxw5Pw97S2AzjYWaC1IJ39NLZixo4wat24Km1b2F66Yo_RBimiZmpfkKfw5MV7wzocfLAA5jRNTEtKqTrG2K4bu1nvax5l_1PQoCv2tf0pbTNL4ZkD2E4eYUJTI1m5DKKObgVyPXctdq31WCGrCWeCvFtmwToCVCzanomCeb5PFmIcyzD9A1EuhCpC8VIv5J35om6a8_U8-jgvR7lFzwoSQpnwsfidUXvzk7PZ26T86gxSOFqzb58KnaIJARXGf9rhzdbQ95c9xDJMatqZKfR7xNFBr&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCevyde5gzYpS8Fa2E-cAP8NahwAHJntKxXI3w4taTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakCe9G6FdCYsj6oAwGqBO4BT9Au4N9rNKlgPoPrun2FJw2X4b2xc_gRfAliicDTR3QVvl_CzV2VAFNje0sYOMARk5LpqzZjJZJb8VUXAs2Kf1R-dyIHGDBR6Zfxri8OzECL7GbLXkPZ7wn_UEK2Lz2f_bIwZGL_eiohLGTntH6ZORC_3kjoWS-SsR3PaR1WMLba9szZl9Zqqi6NxJ_ML-y_x_i4cVPvFdtdW7nO5e2AqopLJw-FBel_Qa-9Rf3cc779RbcjL8c73EPSQXuUR2z_THRrATPqRAGLuGbUIv0cCXtyOu3R9vaurqLaghxo9PT_40lQPNWBYHqI0EyVBIAGmpSN-dWShNO_AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3KvSr1BN8xW0sJ85gB8bUbjlt_dA%26client%3Dca-pub-5720763271532377%26adurl%3D
Frame ID: 2A9066EBA8B76794BB1F150DB994A687
Requests: 12 HTTP requests in this frame

Frame: https://pbs.twimg.com/card_img/1503869678833311745/j5FK-xqV?format=png&name=800x419
Frame ID: 6DB9654967447FBD0A14C0B849775420
Requests: 35 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=C05D40C1161189486266612269&cicmp=1337627&cijs=1&dast=V7WAoCFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHHUNYjUiDDWMxWyyGy9FwNlktFpPVbrMcLCZLmJjFYjEarlajsWaxWIwms9VwCgZb-Jzu7jZwoOl0-Fz3et3vdxcdLS-H6e20uyx3veXnlwMAAADAAwBRSzTEjm9DewQAAACABM_ItQJFQMW_hcAFAAAAAAYAgVi4BgAUR4K4TqfP6WEy_QMA4EEBBABAACMEoPnqUAQAAABgBAAAwIEEQCCxsATA4W7RBAAg4C9zsfTtBAAA4KBO5mmb5f___z8GIO-9SQaAIm3jxqAH4MEH4EEIAADgY2heLGyqWWVjlKiAtIgRAAAAQDbQ5cHRpE6oLKr-____rQCuAAAC_jIXSxuzbk6KWcMAAAAAxhboYfH7zQ67xu922f________-_2f8ZAJoQk154WpANrpQaz8i1wtovIAAA27sBALwJwMUcgB0AAADA3f___38eAABAxx4l22s1nj3Kep_BFj6nu7t-E7YYrSaTzXI4Wy4mg-FoOBrtTyCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZggRYsGk9VoNFlMhqvRZDVbLna7DVK0ajUbbQbD1Wwy2-1Ww8FwORrhhC1Gq8lksxzOlovJYDgajkZDPKg6l87n1fnIIIvdXDaaK1aLuW6VAAAAAAAAAACWMGXeBAAAAOA0iNlsstutuPFmzwSxVqtlDQAAAMCtGzk!&excid=22&tst=1&docw=0&cs=false
Frame ID: 9A03AD822C2FF5108345713720BC0DA9
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=A15619C53D93291906447012027&cicmp=1337627&cijs=1&dast=V72bcCFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHHMFYzRbLDWszYm4my8VysFosJ5PVYjVZLJcwMYvFYjRcrUZjzWKxGE1mq-EUDLbwOd3dbeBA0-nwue71ut_vLjpaXg7T22l3We56y88vBwAAAIAHAKKWaIgd34b2CAAAAAAJnpFrBYqAin8LgQsAAAAADAACsXANACiOBHGdTp_Tw2T6BwDAgwIIAIAARghA89WvCAAAAMAIAACAAwmAQGJhCYDD3aIJAEDAX-aiKfgJAADAQZ3M0zbL____fwxA3nuTDABF2saNQQ_Agw_AgxAAAMDH0JM5wL7OkFwjUcFhESMAAACAbKDLg6NJnVBZVP3___9bAVwBAAT8ZS6avmfdnBSzhgEAAACMLdDD4vebHXaN3-2y_________3-z_zMANCEmvfC0IBtcKTWekWuFtV9AAAC2dwMAeBOAizkAOwAAAIC7_____zwAAICQPUq212o8e5T1PoMtfE53d_0mbDFaTSab5XC2XEwGw9FwNNqfQC4HOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKFg0mq9FospgMV6PJarZc7HYbpGjVajbaDIar2WS2262Gg-FyNMIJW4xWk8lmOZwtF5PBcDQcjYZ4UHUunc-r85FBFru5bDRXrBZz3SoBAAAAAAAAACxhyrwJAAAAwGkQs9lkt1tx482eCWKtVssaAAAAgFs3cg!&excid=22&tst=1&docw=0&cs=false
Frame ID: 5474E599065BAABB874623815FA5CECF
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=6B9F81A2E19326812943420965&cicmp=1337627&cijs=1&dast=V7DHUCFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHHDZhzoiLBWXFWG4ms-FiMlwsdoPVYrVbDZYwMYvFYjRcrUZjzWKxGE1mq-EUDLbwOd3dbeBA0-nwue71ut_vLjpaXg7T22l3We56y88vBwAAAIAHAKKWaIgd34b2CAAAAAAJnpFrBYqAin8LgQsAAAAADAACsXANACiOBHGdTp_Tw2T6BwDAgwIIAIAARghA85WvCAAAAMAIAACAAwmAQGJhCYDD3aIJAEDAX-aiafQJAADAQZ3M0zbL____fwxA3nuTDABF2saNQQ_Agw_AgxAAAMDHkDteeesfJacPUQFiESMAAACAbKDLg6NJnVBZVP3___9bAVwBAAT8ZS6apmfdnBSzhgEAAACMLdDD4vebHXaN3-2y_________3-z_zMANCEmvfC0IBtcKTWekWuFtV9AAAC2dwMAeBOAizkAOwAAAIC7_____zwAAACWPUq212o8e5T1PoMtfE53d_0mbDFaTSab5XC2XEwGw9FwNNqfQC4HOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKFg0mq9FospgMV6PJarZc7HYbpGjVajbaDIar2WS2262Gg-FyNMIJW4xWk8lmOZwtF5PBcDQcjYZ4UHUunc-r85FBFru5bDRXrBZz3SoBAAAAAAAAACxhyrwJAAAAwGkQs9lkt1tx482eCWKtVssaAAAAgFs3cg!&excid=22&tst=1&docw=0&cs=false
Frame ID: A1C7E98D4F8CC47F052BB5F4CCC0290B
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: 2CD6787AAD4B0788DA821F3FD7464B95
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1
Frame ID: C97B2BB6CDF7FBCEDF9BD6B455CE97AF
Requests: 4 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAFgIcH_YEeAATCcMHQn25iYyh0iQhGYw&u=%7C53p4L%2Bu0rWMeOFko3IKmq40IyVhbf6Bgz7IwBEfQt1M%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUDrsKhjwerj6PpzHw1ip9ScxvToNTb5TffiYm79N6ISTdLjrmszPRpsKectrxegdlYTHfSF5qmViYGL13jQKExZFSD4G5IlLP80rOW81SozK2MLsSj5Nm7yWfPluJ7zrdsVeUWdVInvkEw9yI-IxyMPieNE_ibAQyAn2u6EAEsKZfa1Jw7RvqNN1GE4nycvJk2QVf8rJs-6H_-KdQm-14SPg_y08ZaCJXLT9xFXA4BVGgBYNKqqF7ZD9t6B6IejPjl3KDpnLi8XjrFm4DcWUjaoXcnRKsMKTOcyUXVy74Kbl7SFB8_f83M7WvHMY8r7CODvwT7iv3za66FHLNirg0gpPP2GhweXi1yHDr1oX1XjIxtjGOgqCxxnBVY0PkvB0Lw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9T0le5gzYoeBFp6C9u8P8IST0AfJntKxXM3hkvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQJMKtfWA5OyPqgDAaoE6QFP0AXpOC6nEJu7w8odyx0lvH4eaUMALdnp26QpT4qrtBcIdpJHlTjQVVWmu3eKnjEIFpjVqb4pKJLCBieMPkWm9UqskE_TTVJgsXGG53Wsu-N5U6g13BmYrGhd8RX-WToSV_U1eiptVKYrOMgQIScNEng_5Qbzj5FIBUGIlMzPU2qstI_IAxXnecFtYcrZK7eL5vlRT4KLjhWW9ch7IWxssglTyKeXTDNZ64mruwj5RQa3QRsooPkpx42_v9GyXr9MiZVImyIBMD7jqjXeLxiTSpf_aSTl_r7qve45WkFRiJZnjJsK8NTQHYAGmpSN-dWShNO_AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2At_9YsjcV7zWxFO88moZKeTQ6Tw%26client%3Dca-pub-5720763271532377%26adurl%3D
Frame ID: 9A3FC647B876E2257EA5EB523076A1F7
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Domain: ip.acc.sogou.com | ThreatMiner.orgsearchsearch

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • dataTables.*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

503
Requests

95 %
HTTPS

41 %
IPv6

49
Domains

80
Subdomains

54
IPs

6
Countries

8713 kB
Transfer

16735 kB
Size

56
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • https://i.creativecommons.org/l/by/4.0/80x15.png HTTP 301
  • https://licensebuttons.net/l/by/4.0/80x15.png
Request Chain 92
  • https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Request Chain 94
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDY1MjZFMUEtMkEwNS00NjdELUFFNEQtN0JFMTJCMUMwOERD&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3DD6526E1A-2A05-467D-AE4D-7BE12B1C08DC HTTP 302
  • https://router.infolinks.com/dyn/pbm-usync?uid=D6526E1A-2A05-467D-AE4D-7BE12B1C08DC HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3356&partner_device_id=D6526E1A-2A05-467D-AE4D-7BE12B1C08DC HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3356&partner_device_id=D6526E1A-2A05-467D-AE4D-7BE12B1C08DC
Request Chain 95
  • https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID HTTP 302
  • https://router.infolinks.com/dyn/apn-usync?user_id=6670387150791064016
Request Chain 97
  • https://ups.analytics.yahoo.com/ups/58422/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58422/occ?verify=true HTTP 302
  • https://router.infolinks.com/dyn/VR-usync?uid=y-hySLVRJE2uEYbL_0L1.ekD8EhUKMHj3GXXvKrzo-~A
Request Chain 98
  • https://sync.1rx.io/usersync2/infolinks HTTP 302
  • https://sync.1rx.io/usersync2/infolinks?zcc=1&cb=1647548539385 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=229067797 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=229067797 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/a378dff8-b7a6-4ce2-ae34-61798a73e832 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-4dacb8ab-8728-409c-9d1d-d87ac35c6778-003?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-4dacb8ab-8728-409c-9d1d-d87ac35c6778-003 HTTP 302
  • https://router.infolinks.com/dyn/r1-usync?uid=RX-4dacb8ab-8728-409c-9d1d-d87ac35c6778-003
Request Chain 99
  • https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__ HTTP 302
  • https://router.infolinks.com/dyn/zmn-usync?uid=
Request Chain 101
  • https://ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Fwww.threatminer.org%252Fdomain.php%253Fq%253Dip.acc.sogou.com&pid=12306&adnxs_uid=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252Fwww.threatminer.org%25252Fdomain.php%25253Fq%25253Dip.acc.sogou.com%26pid%3D12306%26adnxs_uid%3D%24UID HTTP 302
  • https://s.cpx.to/ca.png?ref=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&pid=12306&adnxs_uid=6670387150791064016
Request Chain 103
  • https://ad.360yield.com/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531 HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531 HTTP 302
  • https://router.infolinks.com/dyn/imd-usync?user_id=3c428a9d-5413-49a9-bf5c-63d877debea1&partner_id=1531
Request Chain 104
  • https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPf1ed09f4-a62f-11ec-a432-06bfa37d4102 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPf1ed09f4-a62f-11ec-a432-06bfa37d4102&verify=true HTTP 302
  • https://router.infolinks.com/dyn/outh-usync?uid=y-U6PqO9VE2uGoPQ3ZERWsMtTi8VUMNuW4~A~UPf1ed09f4-a62f-11ec-a432-06bfa37d4102
Request Chain 105
  • https://match.bnmla.com/usersync?sspid=1000361&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fenbd-usync%3Fuid%3D%5BUUID%5D HTTP 302
  • https://bh.contextweb.com/bh/rtset?pid=558752&ev=1&us_privacy=${us_privacy}&rurl=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D1%26uuid%3D%25%25VGUID%25%25 HTTP 302
  • https://match.bnmla.com/usersync?dspid=1&uuid=tMBCGMuFEACK&ev=1&us_privacy=${us_privacy}&pid=558752
Request Chain 107
  • https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODczNkREQzctNzUwQi00Njg5LThFN0ItNDQ4REEwQ0EyQzhC&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3DD6526E1A-2A05-467D-AE4D-7BE12B1C08DC HTTP 302
  • https://router.infolinks.com/dyn/pbm-usync?uid=D6526E1A-2A05-467D-AE4D-7BE12B1C08DC HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3356&partner_device_id=D6526E1A-2A05-467D-AE4D-7BE12B1C08DC HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3356&partner_device_id=D6526E1A-2A05-467D-AE4D-7BE12B1C08DC
Request Chain 108
  • https://p.rfihub.com/cm?pub=43153&in=1 HTTP 302
  • https://router.infolinks.com/dyn/zeta-usync?uid=5108559722787900809
Request Chain 150
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YjOYe9vPjP40KnObWOFA3gAABH4AAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YjOYe9vPjP40KnObWOFA3gAABH4AAAAB&dcc=t
Request Chain 151
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YjOYe9vPjP40KnObWOFA3gAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFIKqsyw-ViXLDdaRXZ550M&google_cver=1&gdpr=1
Request Chain 152
  • https://ums.acuityplatform.com/tum?umid=8 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=656686392351
Request Chain 153
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Request Chain 154
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8186704334279025973
Request Chain 155
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-1ab5bd1b-95ca-4b1b-813a-649282fb6ec1
Request Chain 171
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1647548539638&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1647548539638&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&c9=
Request Chain 172
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1647548539639&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1647548539639&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&c9=
Request Chain 480
  • https://syndication.twitter.com/i/jot HTTP 302
  • https://platform.twitter.com/jot.html

503 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request domain.php
www.threatminer.org/ 		27 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97514ae8b9755cc2ff6a49206c643dfcbab5ccbb94a22a192bedf2b884e1e417

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Thu, 17 Mar 2022 20:22:18 GMT
content-type
text/html; charset=UTF-8
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wZlbwRRuXh17DawjCN8Md3lIam9Ad5FMoVSZQyKetzMe0hc6m6IRhkReBYVHp5SNCKYc%2BO9CwYEB5v%2FaQ4coyIaYym%2BJnLHdfW75JHs14vtdyF4uxqOkj%2FTysry5cKdCdydmFU%2B8ZvV7lH1iaTHngNk%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6ed8709a4c255a13-MXP
content-encoding
br
bootstrap.min.css
www.threatminer.org/bower_components/bootstrap/dist/css/ 		115 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.threatminer.org/bower_components/bootstrap/dist/css/bootstrap.min.css
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 21 Apr 2015 05:02:54 GMT
server
cloudflare
age
345
etag
W/"1ca39-51434f58bfb80-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F5mYDpNd6E6XwvgstajGSoGIzH821yuKiOk1%2FLFAsumPiHkUnMZIb%2B1Q8pnyWchy04M53r1HG%2FS4TMOp0SwPCr6%2FrPA5ZXpdxkQ9qepgbvPl3XcIORCm31jtbMZu0WAWG8GpcgpDfsu9l3NhYE0n5wM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ed8709e1f565a13-MXP
metisMenu.min.css
www.threatminer.org/bower_components/metisMenu/dist/ 		781 B
659 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.threatminer.org/bower_components/metisMenu/dist/metisMenu.min.css
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0dc574fb2b266dba913861d60b0c69d1e41f0fd095a3341a45f26401cd8b6b3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 21 Apr 2015 05:02:54 GMT
server
cloudflare
age
345
etag
W/"30d-51434f58bfb80-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uU91gwSX%2FFjpryo8JEcWUbNot0%2ByAO1nF%2FFxLPuzPrg72%2B7Lye1%2FnPxs%2BEBQwa7vdSda5iUSz0%2FAKzE0C%2F8PdtS6NLydxkO91zZ5vWKkjjvgG840r0R174Ag7qqcPtKl8XWtj7cjtF0qkR5U9tlqzm8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ed8709e1f575a13-MXP
dataTables.bootstrap.css
www.threatminer.org/bower_components/datatables-plugins/integration/bootstrap/3/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.threatminer.org/bower_components/datatables-plugins/integration/bootstrap/3/dataTables.bootstrap.css
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fac55d188233bffb66023997fcdf69c38df2f62ee4654ad62c61a85b6e81d705

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:18 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
345
cf-polished
origSize=7616
last-modified
Tue, 21 Apr 2015 05:02:54 GMT
server
cloudflare
etag
W/"1dc0-51434f58bfb80-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=34PN8bV2Zp0U9HyvNZa92YRn%2F2RuMTrDM8KiX7fuVZilsGKNDKtM5YpRtPw8n8WnL7s%2BHqJ%2Foi0i%2B%2BNWK%2F7SS%2FIwlmxSWniE%2FGzUtrh9iBQex%2FOjECXaN%2FJLZMAnrPEZMAcndppM%2FobSytNp0TLThtI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
cf-ray
6ed8709e1f595a13-MXP
cf-bgj
minify
dataTables.responsive.css
www.threatminer.org/bower_components/datatables-responsive/css/ 		3 KB
916 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.threatminer.org/bower_components/datatables-responsive/css/dataTables.responsive.css
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c692f0d15d92d902c12d745947ba1f892a76bbf3f74c6f3a9f590afd0653ee04

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:18 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
345
cf-polished
origSize=3051
last-modified
Tue, 21 Apr 2015 05:02:54 GMT
server
cloudflare
etag
W/"beb-51434f58bfb80-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TRbau9tPrhVYO%2BPfOp%2FVnmFb%2BSMTrBnMB2V%2FugjY4W5tc6YYLr4FBud7MV0VSURsuBUZYB6VwKXwqNV7BfvBFYYKk9%2BmN59oZk7%2FmHNiqEJeaR%2FzRSDuhGgkFESYsVtonHimniU6AfCJ5aCOvQDQFos%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
cf-ray
6ed8709e1f5a5a13-MXP
cf-bgj
minify
buttons.dataTables.min.css
www.threatminer.org/bower_components/datatables-plugins/buttons/media/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.threatminer.org/bower_components/datatables-plugins/buttons/media/css/buttons.dataTables.min.css
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7d55fb721c0a1bb591d30b6e06f7781fbd13ab200a8aef0fa8df62e455bc0b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 01 May 2017 13:08:48 GMT
server
cloudflare
age
345
etag
W/"1f58-54e761fab9800-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=izoFlaZPDifcvlk7jidqL3RWWkK56sZNXJQrJGDMeUTx32rVd3RtUvjM0tWPB1zG7u%2Bu3NJtlYbKEjYc50r7R5apmlmu%2F0BSXYZ72UNSbapGoBK3T3UrN2VVx08toKstLNJBTIIwW%2F0WPeQFqK%2FJLpo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ed8709e1f5d5a13-MXP
buttons.bootstrap.min.css
www.threatminer.org/bower_components/datatables-plugins/buttons/media/css/ 		2 KB
775 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.threatminer.org/bower_components/datatables-plugins/buttons/media/css/buttons.bootstrap.min.css
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9926a0d226b45faff8db829a1c445f33efa6522e213fafed1000365d5abf73df

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 01 May 2017 13:02:52 GMT
server
cloudflare
age
345
etag
W/"626-54e760a737700-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hvgiy7%2FvkHdSA7tGFsFjemO1NMZRTGvhcyCVgxIZMKdrGalhuNsCvJStA5EPJrx5MEp9DAQWvCUh%2FZ65ppMcATHroFrAHsb%2FKW20m0Un%2FKJFI1VZlzE5ja07r8Wup7jzVsQRrjeWSLR8ySI9VefGAog%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ed8709e1f5f5a13-MXP
sb-admin-2.css
www.threatminer.org/dist/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.threatminer.org/dist/css/sb-admin-2.css
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50d6e541020cbfdddf888aa2c42ad1c8d2296f9045709983354441032e2eb55d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:18 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
345
cf-polished
origSize=5638
last-modified
Sat, 02 Jan 2021 17:59:17 GMT
server
cloudflare
etag
W/"1606-5b7ee9d93cc8e-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B12AVkycKbdUKkc4bblQ%2BAioYfJvSX15cR80x9Ht8TsKzyzz9ZWjQxz1w5CSvVG%2BH90wdd10jI5%2BC214tehqGeXk9Ihwmzs4rXfUIT3ZVsbNWltgM2kOVRgUuE%2B3cDUlFW3aWi62CO5LrfaX9dYsN2k%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
cf-ray
6ed8709e1f615a13-MXP
cf-bgj
minify
font-awesome.min.css
www.threatminer.org/bower_components/font-awesome/css/ 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.threatminer.org/bower_components/font-awesome/css/font-awesome.min.css
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 21 Apr 2015 05:02:54 GMT
server
cloudflare
age
345
etag
W/"55e0-51434f58bfb80-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KE%2FTNH%2BPAp%2F75f7AiZbAuwITSMJz8YOD6%2BqIVQ2%2Fp%2B19AlfniIrrxsYf5hHxpZXzCBCCcWN7IlWAVYhdA9ggcFbkjiilQS17dc6FHQvH9Vk9bDIvS5hXsTtq0%2F3uRv48OAjC7M%2BK6J0mFcHRotHc0Fs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ed8709e1f635a13-MXP
social-share-kit.css
www.threatminer.org/dist/css/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.threatminer.org/dist/css/social-share-kit.css
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60adb5d029ec8a5d4613d7d57ff8a799c43caae1d1d1c2e5c230d65850fd5273

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:18 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
345
cf-polished
origSize=12273
last-modified
Fri, 16 Dec 2016 10:13:34 GMT
server
cloudflare
etag
W/"2ff1-543c3d291af80-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YkPR%2BxPRAxKT8x1NbEeNVzOF%2FD48icSXQH8t4OOwcqbIjIMPkRu3yDJbqGol6GgPsAlg3%2BM%2B%2F63aU42puCz90YgX%2Fo9p7jLO4YZ60kbkoHYGd0%2FE6KTF2VWjatACCD%2B5b5%2BJSo26ULNkY5f04oSY0%2FE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
cf-ray
6ed8709e1f665a13-MXP
cf-bgj
minify
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		157 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
977b0f8ae798c42cd16e6753f86b00e39e77355b56ffffa535293e08bce4b246
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54865
x-xss-protection
0
server
cafe
etag
737058288663534964
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 17 Mar 2022 20:22:18 GMT
widgets.js
platform.twitter.com/ 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE8) /
Resource Hash
c9a35e6a04a65ef59009f7f48fda051d802dea8c7814533ba432b6477410c9b0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 20:22:18 GMT
Content-Encoding
gzip
Age
1243
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length
29178
x-tw-cdn
VZ
Last-Modified
Wed, 16 Feb 2022 18:46:17 GMT
Server
ECS (mil/6CE8)
Etag
"f7f936f48944db7f829585c4368f33ae+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
ajax-loader.gif
www.threatminer.org/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.threatminer.org/images/ajax-loader.gif
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
934abde684325043e16edeffd73752cd5f0ab00b5723d8e47a618ce3f16a3799

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
345
cf-polished
origSize=2608
content-length
2599
last-modified
Sat, 17 Oct 2015 00:26:24 GMT
server
cloudflare
etag
"a30-52241f64ccc00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=enIh8gi84zILER7sfpQGiyC3xXJLhQPb%2BSW5jlRTMVwgmR0ApW9ZK2cQOeSZm2oOs4v2ymyo8M0UPahJ%2B4ayxPKZ%2B%2B4AHKGHNsoQ%2By4jBdfQGB2oROiwUI1XP6SM1Qk9aoYqUdOcWLR8Vvjw9bSByPw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
6ed8709e88d75a13-MXP
cf-bgj
imgq:100,h2pri
thmirt.js
thmirt.robtex.com/ 		188 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thmirt.robtex.com/thmirt.js
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:672 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
890aa3057adef62a4db2c9a099ce0bc755abbf39c849d71d08701466bffb17a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:18 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
344
x-rt-time
0.005449365 0.005029469
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9NoBlpnjCC%2BQxH%2Fz2W25Du5AJo8rtARimPoS9%2FXQHLadC4RbPKDIE4WJ0UFoD6GG1TQDyMO1neGBLnOssyqnc8hM8sZ9cJ5ZOwIV9tqeJqDLN0vrkROKlud6PiUr5z36nrN2ZFUqazOk5SzoIUXS"}],"group":"cf-nel","max_age":604800}
x-lb
p=8008
server-timing
ttfblb;dur=18
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 17 Mar 2022 00:36:50 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-language
en-US
access-control-allow-origin
*
cache-control
max-age=300
cf-ray
6ed8709f4aa63752-MXP
expires
Thu, 17 Mar 2022 00:41:50 GMT
jquery-1.12.4.min.js
www.threatminer.org/bower_components/jquery/dist/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.threatminer.org/bower_components/jquery/dist/jquery-1.12.4.min.js
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 01 May 2017 12:15:38 GMT
server
cloudflare
age
6316
etag
W/"17b8b-54e7561880e80-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ooHlHBZdQupOco9y7IeMgLwuVfvPZ0NJjl7s0EoPpOhxrKQM84gxJ%2FiwK1xG%2F1HW5Y5tzuIW70c%2BsKBoEtOuworaLxVK5TInjFrolDqXGZLlumdQKekLcc1vRpTml2CaEX1IELzQmIVjf44MTxvAcww%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ed8709e889c5a13-MXP
bootstrap.min.js
www.threatminer.org/bower_components/bootstrap/dist/js/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.threatminer.org/bower_components/bootstrap/dist/js/bootstrap.min.js
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 21 Apr 2015 05:02:54 GMT
server
cloudflare
age
6316
etag
W/"8c6f-51434f58bfb80-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XG%2BuyXklHYLRN9xwyKahgyTRq6elJHlICiwSBTOv7z%2F23sN7Y2K%2FuJOTtmOKJWbAtBb%2B6mCkc30%2FTpduzUgPt4MP0zMQD5e7MeZtaE1t%2Bm20sErKoRABfgjoK%2BM6aljFabr%2Bn0zf6tdOOmyDf4Bfa%2Bk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ed8709e88a05a13-MXP
metisMenu.min.js
www.threatminer.org/bower_components/metisMenu/dist/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.threatminer.org/bower_components/metisMenu/dist/metisMenu.min.js
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ab0a74bbd399efdf7c9c9bffb689f0a755fc7131d5af04c8393d45f5163a69b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 21 Apr 2015 05:02:54 GMT
server
cloudflare
age
6316
etag
W/"757-51434f58bfb80-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2FgI%2FIhR10Y7EkEOdMSJmXbUhLpeIvEefhN%2BVkl%2FVC6y14Ry5qkAgb8sUkK%2B9GVG8uCb0ND64ulwEIDIqE0ndzbUfiSrC3qCO6138XzGbdMrnNdvI3c9AOLxtFDPEdwNc%2FEuSMBaVGRWfWMwKecaS1w%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ed8709e88b25a13-MXP
jquery.dataTables.min.js
www.threatminer.org/bower_components/datatables/media/js/ 		81 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.threatminer.org/bower_components/datatables/media/js/jquery.dataTables.min.js
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f4d3b47b47a8a31163dad5d7fb15e27a0056d07b0c34c6089fd9225664e847c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 01 May 2017 12:24:55 GMT
server
cloudflare
age
6315
etag
W/"14544-54e7582bb33c0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BGj3%2BW92%2FMML8o8teDztG23yQG2vROU%2FC56%2FwD6mQqVvbeIJqUFNl1map%2BON1VbyrEZXYNbjtQLuN%2BjkOdCf8gUw%2Bu%2Fy8KWHYRSiLGAWpY9O8HdXFUwOLGIT8MoTVW%2F5b0EE4EFnw0Bis3bvexeQvzM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ed8709e88b75a13-MXP
dataTables.bootstrap.min.js
www.threatminer.org/bower_components/datatables-plugins/integration/bootstrap/3/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.threatminer.org/bower_components/datatables-plugins/integration/bootstrap/3/dataTables.bootstrap.min.js
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a905062b971bfb70ba70dda1a454d9cb7f7389be7ff515f6eb9009c8e697a34b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 21 Apr 2015 05:02:54 GMT
server
cloudflare
age
6315
etag
W/"796-51434f58bfb80-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3uJkbQZCHHOma9XvTGvpAyaDzez8JTTeU8Nv%2FBTHV%2BnIbA%2F01c%2BKiU1vtcPvmBd7d9eqlgmIjxf%2BFpwuVirBsKFCmyQfNdFHsRQmZObhwE5Q4dzQWIbPJqJThXNzzcujmYupRU48opPfwgBGlz%2FBlAQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ed8709e88b95a13-MXP
dataTables.buttons.min.js
www.threatminer.org/bower_components/datatables-plugins/buttons/media/js/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.threatminer.org/bower_components/datatables-plugins/buttons/media/js/dataTables.buttons.min.js
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8aeaf60f6f34ced8ed9c83b249bdfc8544cc8f318294074898e6ced1d04e678c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 01 May 2017 12:34:43 GMT
server
cloudflare
age
6315
etag
W/"4088-54e75a5c75ec0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y99KvpLIGr15AS%2BmmBUVKZrGVkA67hvEl6x2oGqGWW9MYWvcX%2BQb9m%2BCuYOqa0KFsZW9zvcGs7q7OCAZBYOhU0vQJWHMxLLS7NjsdwBN8D38SGuIOHghPYmLwCb3QBEhAyovyB0KvZa3ExuvdKII5Ec%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ed8709e88bd5a13-MXP
pdfmake.min.js
www.threatminer.org/bower_components/datatables-plugins/pdfmake/media/js/ 		1 MB
391 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.threatminer.org/bower_components/datatables-plugins/pdfmake/media/js/pdfmake.min.js
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf919e6fbfbf62a4f8cfaab4cf5c5f80e7c10be2bc9f7e4c70142175c0b49b4f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 01 May 2017 11:37:06 GMT
server
cloudflare
age
6314
etag
W/"106721-54e74d7b9bc80-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VZ6oydhuBR8BVbwZFi1uhlZFjQ5uwfvQi%2FrlLWCq3oVvz%2BYmo7ThwnVhNzdQhMVZQT7DWc%2B%2BRRvx64MnAtg5x6qfjFFozDfpX6a8rS6NIqQeZW%2B7pqJAvJIFA2Ft0XYbn4stWoYnbhiZgWE5SQOCBKo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ed8709e88c25a13-MXP
jszip.min.js
www.threatminer.org/bower_components/datatables-plugins/jszip/media/js/ 		100 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.threatminer.org/bower_components/datatables-plugins/jszip/media/js/jszip.min.js
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45b3ffadbc785de6091fa798527891eb7264e4d115e3c1a37acb60e3d70d4966

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 01 May 2017 11:36:59 GMT
server
cloudflare
age
6313
etag
W/"18e33-54e74d74eecc0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pxTTKafEeICSQTPW6o1TK0RkDJfa8EdkXK%2BqBGtHEL8aBcWvLjrQy5iN3AXajciKzEuLPM1xBz%2BdxWgvWi3le4tqHqx7gm%2BZiSKwtahS59HijS%2BEIKLAXsa%2BIxHj5LucMwnALVw1fnYeWJKlfOIRwYM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ed8709e88c55a13-MXP
vfs_fonts.js
www.threatminer.org/bower_components/datatables-plugins/vfs_fonts/media/js/ 		933 KB
454 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.threatminer.org/bower_components/datatables-plugins/vfs_fonts/media/js/vfs_fonts.js
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecee1d502f45731162f99f4d6aa07c0315a26a8382c1b1bc3c9958ab3ff04000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:18 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6313
cf-polished
origSize=955603
last-modified
Mon, 01 May 2017 11:37:11 GMT
server
cloudflare
etag
W/"e94d3-54e74d80607c0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FcNvfwBKgdEvrlmmTPmg%2FoJRl%2B7yyBzaMt56dH0uNazJJ3zrswdn25DpVURDQ4VzGoEkAJkhQf3EvkwH4CfwJr01ymiMIDMFMYkLbub3NX6wBhAdRd0Lh%2BW7TnUrM1y4gXO%2FisY1wQ5NrB62zc2IOzM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
6ed8709e88c95a13-MXP
cf-bgj
minify
buttons.html5.min.js
www.threatminer.org/bower_components/datatables-plugins/buttons/media/js/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.threatminer.org/bower_components/datatables-plugins/buttons/media/js/buttons.html5.min.js
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07a081c6a38ab09a0163aecaaf77713ffae6e09d06ba1a112efef22e01857ddc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 01 May 2017 11:37:16 GMT
server
cloudflare
age
6312
etag
W/"5b7a-54e74d8525300-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2FGCgF3YsZl5R17r7t%2BKQrxZwPgZcGvniX9sezQAK%2FQt%2Ff79Al7zfeT8YPGWlyCpySEAMJ8j4qdslzZ%2BZOeImhLraIUXy11b46KyCycyDv%2BKH4P7zkSBHAQNhqsvJrnPvliRsROgoINYhSd6QHkDePw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ed8709e88cb5a13-MXP
sb-admin-2.js
www.threatminer.org/dist/js/ 		756 B
704 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.threatminer.org/dist/js/sb-admin-2.js
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed99491fe47b5733d1ad2fbf90f5d9066d049a530d1b92ebe47be5e0c527a32e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:18 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6310
cf-polished
origSize=1181
last-modified
Sat, 25 May 2019 17:16:01 GMT
server
cloudflare
etag
W/"49d-589b97821f640-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TKnSJgRLbinPXBunrH9bID8M9FleB7SFwAmnt9MjKyJF9w%2BIRq35OXjx7aTk5zyAFGP2CaAXbUm7nWTun6V8nfeRgqoeGYBObGxOT3v3JuLI01GlYWz%2F8uHuFMdyMNKAj8XRUcgNJgYLzbkE%2FLivPq4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
6ed8709e88cd5a13-MXP
cf-bgj
minify
tm_utility.js
www.threatminer.org/dist/js/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.threatminer.org/dist/js/tm_utility.js
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e725928ffb665a91ca8a3631e3002edba9b0f9ec66b40a59d53db0f44827e34e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:18 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6310
cf-polished
origSize=10497
last-modified
Mon, 22 Nov 2021 16:06:03 GMT
server
cloudflare
etag
W/"2901-5d162cd378793-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eBDC%2FAXErNTcETl4eHP%2BvBUAG32RRdfVfZI2I5nCxl1ha9H7j4ja%2B28OWGkVC%2FOrM1iMCYxFOkikt2yKBjHwU%2FmxlaQXAtwAVJFFtBm8U3309UP%2FwrfcK2mC%2FmpeEO8IxTZ04W3T0Zuh3FXPLTlBkfs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
6ed8709e88cf5a13-MXP
cf-bgj
minify
social-share-kit.min.js
www.threatminer.org/dist/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.threatminer.org/dist/js/social-share-kit.min.js
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac74cddb007ace18442f5111c4c23125de6031dca42bcead5ea5bfb12d2ca332

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 09 Mar 2019 16:07:52 GMT
server
cloudflare
age
6310
etag
W/"179c-583ab8aa0e600-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DFgIsdQL2KfbfbpopGuoqymTSBGVADN2FFurIhIjTKaMXsuVbSU7EvFO52cJ8J%2BlKZI5XeGncgj%2BwiqrHJqhag4R4SRK7%2FnEjn4K5ByFJ%2FpZGtfncsxXBmk53RACqxI3hYBmmQfChCq%2F6mKuB5AcFhE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ed8709e88d35a13-MXP
80x15.png
licensebuttons.net/l/by/4.0/
Redirect Chain
  • https://i.creativecommons.org/l/by/4.0/80x15.png
  • https://licensebuttons.net/l/by/4.0/80x15.png
430 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://licensebuttons.net/l/by/4.0/80x15.png
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Server
2606:4700:20::681a:5d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f43d4d35e7ac1e815dc0c8897806e30d928ee62e1aa6ac20f49c649f8b694004
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6708
cf-polished
origSize=640
vary
Accept-Encoding
content-length
430
x-xss-protection
1; mode=block
last-modified
Thu, 30 Apr 2020 21:59:13 GMT
server
cloudflare
x-frame-options
deny
etag
"5eab4a31-280"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zJVe9UWh%2FAs9BzP118tnLM7S8C1HnKCdNTqVLLmip5atyef9yTmu9vASt0rRLIQaKndWJKGt2gckfTgyxzL3exXuHc7J2nrO2d%2BkucdnXzydafuLKNj4uaKuT719YNbI3nDnst8dza0bYeoru5Ia3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=432000
accept-ranges
bytes
cf-ray
6ed870a0fb165a37-MXP
cf-bgj
imgq:100,h2pri

Redirect headers

date
Thu, 17 Mar 2022 20:22:18 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
server
cloudflare
age
1165
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
deny
content-type
text/html
location
https://licensebuttons.net/l/by/4.0/80x15.png
cache-control
max-age=432000
strict-transport-security
max-age=15768000
cf-ray
6ed8709f1e35cc5a-ZRH
vary
Accept-Encoding
x-xss-protection
1; mode=block
infolinks_main.js
resources.infolinks.com/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/infolinks_main.js
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14e473d33a4e7081a5acf2c02eb8b8d2800dd827f333b96ab40120a5816420bc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
6ed8709f09546937-FRA
date
Thu, 17 Mar 2022 20:22:18 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Wed, 16 Mar 2022 16:57:56 GMT
server
cloudflare
age
12242
etag
W/"db1-5da58d0aa2adb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
content-encoding
gzip
expires
Thu, 17 Mar 2022 17:58:16 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1052
date
Thu, 17 Mar 2022 20:04:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 17 Mar 2022 22:04:46 GMT
fontawesome-webfont.woff
www.threatminer.org/bower_components/font-awesome/fonts/ 		64 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.threatminer.org/bower_components/font-awesome/fonts/fontawesome-webfont.woff?v=4.2.0
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/bower_components/font-awesome/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Request headers

Referer
https://www.threatminer.org/bower_components/font-awesome/css/font-awesome.min.css
Origin
https://www.threatminer.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 21 Apr 2015 05:02:54 GMT
server
cloudflare
age
345
etag
W/"ffac-51434f58bfb80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7a5VCFORirmhb5vBeIW7ttjxoc4XMQ%2FCyrPaxgJpB%2BTYDZ2FsMQSiQoxoVrc7gRqneggvrV0MhaCRw3VW8BT2hmkFBNQMh3veWu2hIB6UJkcgj4z1GcmVapKGp3%2F7f84HZgqzk1lFlAUkr%2B6rJiJEc0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ed8709e88d95a13-MXP
social-share-kit.woff
www.threatminer.org/dist/fonts/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.threatminer.org/dist/fonts/social-share-kit.woff
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/dist/css/social-share-kit.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
697c41fffac431521f2db48c7426ac23b972b6eb7b1242f0bb47d6079884d3a4

Request headers

Referer
https://www.threatminer.org/dist/css/social-share-kit.css
Origin
https://www.threatminer.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 16 Dec 2016 10:13:34 GMT
server
cloudflare
age
345
etag
W/"1b08-543c3d291af80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wz80gftpDiGtSFakYPfjUtFcQrSofOhN1d7VFjgz%2BDfRkdPBNsfhKm02h7%2Bmt0fC9g2sNN1n8dG6IMHggr1Z71KRb5bhlKPWJEbadD%2FKGqeRFiQqIQiDbZTJXj5E1%2BfUPjC56%2BjpXaVCrTwHwG%2FIpsA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ed8709ea9245a13-MXP
embed.js
threatminer.disqus.com/ 		78 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://threatminer.disqus.com/embed.js
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
78658a51bd5cce032f3b2d69d371363442efc496766b88993f578b9e514da6f8
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 20:22:18 GMT
Content-Encoding
gzip
Server
openresty
Age
34
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Cache-Control
private, max-age=60
X-Service
router
Strict-Transport-Security
max-age=300; includeSubdomains
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
25437
Cross-Origin-Resource-Policy
cross-origin
collect
www.google-analytics.com/j/ 		2 B
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=243243041&t=pageview&_s=1&dl=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&ul=en-us&de=UTF-8&dt=Domain%3A%20ip.acc.sogou.com%20%7C%20ThreatMiner.org&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=257051505&gjid=1514407606&cid=738020247.1647548539&tid=UA-73787980-1&_gid=890291527.1647548539&_r=1&_slc=1&z=1995907104
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.threatminer.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 20:22:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.threatminer.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
getData.php
www.threatminer.org/ 		0
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.threatminer.org/getData.php?e=uri_container&q=ip.acc.sogou.com&t=0&rt=3&p=1
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/dist/js/tm_utility.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gvcHRgf8ZNQN6LlROTy7jAJ%2FL6oJ2TW90z77pM%2FB9crUzd8LE1l8DvhkmFntVntUd%2FzdyxM7zn7u3PgqqTrf6eVCu30Q4Qtrljb6lugR6N0Q0IUm6687RNNcKsm1ZWJdTHlEgzzCgnDuivwM16WYLn8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
6ed870a08e7a5a13-MXP
getData.php
www.threatminer.org/ 		704 B
580 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.threatminer.org/getData.php?e=pDNS_container&q=ip.acc.sogou.com&t=0&rt=1&p=1
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/dist/js/tm_utility.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2161e1f1a09607774b072e2dbaf494f1268d29cef775541542bf9d42b1e67919

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dzElEB2RzN9pGwFkHBrSA092rpnCJ7Cl0%2Bl1V71AFpvssgeGAGRN2IrQUNX68gWJ9ETFDrRlRP1MvgvrwRJyB0A73O3Z3%2BI5N%2BR%2Bk6%2BNoILLxqb3mB3CvFlMTp5hhI%2FxlnVTjXr957LKx9FQjLpSHl0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
6ed870a08e815a13-MXP
getData.php
www.threatminer.org/ 		359 B
544 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.threatminer.org/getData.php?e=samples_container&q=ip.acc.sogou.com&t=0&rt=2&p=1
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/dist/js/tm_utility.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4614779c5982b7cb716f9fc95aa3df60e2d14e5446ff73d29bf9c9ce20ba0e8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lcmRt4lv5OWoqbWzVYg%2FBjfpgb8jTZ0%2B6dVS6uT7wWVthlO9kFaECWKY7DIOhrSDPOA4OX1MJav%2B3sieLp0MEWKcrVJzcV2B8ENWLYXlBJZ75wa8MvWQYPGSGLeuSjryDCivD0tg0llodrxWfX1KEKE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
6ed870a08e845a13-MXP
getData.php
www.threatminer.org/ 		0
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.threatminer.org/getData.php?e=subdomains_container&q=ip.acc.sogou.com&t=0&rt=10&p=1
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/dist/js/tm_utility.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GMdk9Ry4yt6kqzMcAts%2F0QPY5nMGzOcUhnZuN2A2nGQrbihXYZ4s6tUiCriERfS%2FHpvBRW5Sa9Mai2rJZbwzjb%2FhasCVZTdbovAU7%2BAduhXofhbyWZrmLM%2FBf22BDzWCCWRl8jHb9iHu0h1rhMiJycU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
6ed870a08e885a13-MXP
getReport.php
www.threatminer.org/ 		0
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.threatminer.org/getReport.php?e=notes_container&t=2&q=ip.acc.sogou.com
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/dist/js/tm_utility.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=un5mcv3jIY1byEtPwt1zHPuCRg4wKJR11MgXn9yz%2Fj6pwfPsTZYmLGDU6KWAYteEzBCJfO0hn57X7IknNijrPguFWSXmweyuzP69WphdpeS1EMsEqMtdVEPfdFCAqk8MCGBRDTnSKoNSRLu41L2qae4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
6ed870a08e8b5a13-MXP
ice.js
resources.infolinks.com/js/1792.015-3.025/ 		178 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1792.015-3.025/ice.js
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9471e9177ce537f29c9c30140634c74d742c946227c4879715999bdb4062526

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
6ed870a07bf46937-FRA
date
Thu, 17 Mar 2022 20:22:18 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Wed, 09 Mar 2022 15:06:58 GMT
server
cloudflare
age
3749
etag
W/"2c658-5d9ca72e8df17"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
content-encoding
gzip
expires
Sat, 16 Apr 2022 19:19:49 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/ 		294 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5720763271532377&plah=www.threatminer.org
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86f243738c5f1c4f2bf207919ef1390de6c7a48cc0aa0808e25ba26e159d1cf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
108579
x-xss-protection
0
server
cafe
etag
4861168965344539476
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 17 Mar 2022 20:22:18 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220316/r20190131/ Frame 8C7A 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220316/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4502
x-xss-protection
0
date
Wed, 16 Mar 2022 21:08:05 GMT
expires
Wed, 30 Mar 2022 21:08:05 GMT
cache-control
public, max-age=1209600
etag
4044455266028820542
content-type
text/html; charset=UTF-8
age
83654
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cse.js
cse.google.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/cse.js?cx=009665096751685288782:o6_z_tmwsge
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:810::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
06a9d6e3450dcfb31f019e9f27dc4e9a84a51f65129a6cb79aabaa73f2964aaf
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

bfcache-opt-in
unload
date
Thu, 17 Mar 2022 20:22:19 GMT
content-encoding
br
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3491
x-xss-protection
0
server
gws
expires
Thu, 17 Mar 2022 20:22:19 GMT
lounge.7ab903feba7624935283ca4c7d8c7203.css
c.disquscdn.com/next/embed/styles/ 		0
26 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css
Requested by
Host: threatminer.disqus.com
URL: https://threatminer.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:d800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 07 Dec 2021 23:27:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8628912
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
26065
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Tue, 07 Dec 2021 22:32:35 GMT
server
nginx
etag
"61afe103-65d1"
content-type
text/css; charset=utf-8
via
1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
expires
Wed, 07 Dec 2022 23:27:07 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA50-C1
timing-allow-origin
*
x-amz-cf-id
Yo68TuIJd5ERL6g2lHsWMo1rt_gPDCG6yT-ndGsmoQ98qdm--Jyh9Q==
x-cache-hits
0
common.bundle.9450cde9dd2c9d366781a8fc5ff6e933.js
c.disquscdn.com/next/embed/ 		0
93 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/common.bundle.9450cde9dd2c9d366781a8fc5ff6e933.js
Requested by
Host: threatminer.disqus.com
URL: https://threatminer.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:d800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 09 Mar 2022 22:16:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
684329
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
94746
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Wed, 09 Mar 2022 21:55:40 GMT
server
nginx
etag
"6229225c-1721a"
content-type
application/javascript; charset=utf-8
via
1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
expires
Thu, 09 Mar 2023 22:16:50 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA50-C1
timing-allow-origin
*
x-amz-cf-id
mXQTaeEMFtojY8SwNXIg6dLz9uJphLpQ6Iq1PeiUpIgPsgDTP-vBUQ==
x-cache-hits
0
lounge.bundle.8a051c75736795faf464e93aee7362f6.js
c.disquscdn.com/next/embed/ 		0
121 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/lounge.bundle.8a051c75736795faf464e93aee7362f6.js
Requested by
Host: threatminer.disqus.com
URL: https://threatminer.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:d800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 10 Mar 2022 18:44:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
610663
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
123077
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Thu, 10 Mar 2022 18:35:58 GMT
server
nginx
etag
"622a450e-1e0c5"
content-type
application/javascript; charset=utf-8
via
1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
expires
Fri, 10 Mar 2023 18:44:36 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA50-C1
timing-allow-origin
*
x-amz-cf-id
CMtIydWugWbBF2tLBIOyP_4V_FDjZHLXVEK3Q23DPS7wFKYBEuYFJA==
x-cache-hits
0
config.js
disqus.com/next/ 		0
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://disqus.com/next/config.js
Requested by
Host: threatminer.disqus.com
URL: https://threatminer.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.64.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 20:22:19 GMT
X-Content-Type-Options
nosniff
Content-Type
application/javascript; charset=UTF-8
Server
nginx
Age
47
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin
*
Cache-Control
public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
14710
X-XSS-Protection
1; mode=block
h.04.com.sogou.acc.ip.js
thmirt.robtex.com/js/getf5r/z3/ 		277 B
845 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thmirt.robtex.com/js/getf5r/z3/h.04.com.sogou.acc.ip.js
Requested by
Host: thmirt.robtex.com
URL: https://thmirt.robtex.com/thmirt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:672 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d6eddcecb4bbafa0f7ab8725eec96c2ea10d00c5633077d997b013819a7c150
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-rt-time
0.144721144 0.144465696
content-type
application/javascript; charset=utf-8
x-lb
p=8010
server-timing
ttfblb;dur=154
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 17 Mar 2022 20:22:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tYJf6t0RQQhqGPr8lEdftMbzxjm6dh8qz1xduzrbR3H%2BlD9XiW9a24eqk%2BdY9LYNNnLvomxC7%2BQ0yKO2lYxE6R36wGHgLOTe3QQfkjIBvb9Ryg%2FAgQfNWUt4k58xEPLtN2qNiDC9pJY959AzQVuZ"}],"group":"cf-nel","max_age":604800}
content-language
en-US
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
6ed870a14fb55a43-MXP
expires
Thu, 24 Mar 2022 20:22:19 GMT
h.02.com.sogou.js
thmirt.robtex.com/js/getf5r/z3/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thmirt.robtex.com/js/getf5r/z3/h.02.com.sogou.js
Requested by
Host: thmirt.robtex.com
URL: https://thmirt.robtex.com/thmirt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:672 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6932c36e60e2d933e97f80d85fda7ad93734466fc4147936af9c7275c2ecb964
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-rt-time
0.380366019 0.380092185
content-type
application/javascript; charset=utf-8
x-lb
p=8012
server-timing
ttfblb;dur=389
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 17 Mar 2022 20:22:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lt51aHHnplzFce%2BEmQm%2BPpy5Y76uVxUQscKH3EXYk3zYdAUP53gWNhnkueGKbKxNbfR2Cq%2FRrWdqfOKKesi7vrARFqx9l317WjprHc7e8ioaPvC2bTqkRxtIBCjIdJoguN8tRrvH1JuIP8L8wKhS"}],"group":"cf-nel","max_age":604800}
content-language
en-US
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
6ed870a14fc55a43-MXP
expires
Thu, 24 Mar 2022 20:22:19 GMT
1231908023.js
thmirt.robtex.com/js/getr6/z3/u.03.com.sogou.acc/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thmirt.robtex.com/js/getr6/z3/u.03.com.sogou.acc/1231908023.js
Requested by
Host: thmirt.robtex.com
URL: https://thmirt.robtex.com/thmirt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:672 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c43a2158bf0871af3ef7eb75193622f7a7ca5094f7442492076efc932385ae93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-rt-time
0.28844499 0.288167113
content-type
application/javascript; charset=utf-8
x-lb
p=8005
server-timing
ttfblb;dur=298
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 17 Mar 2022 20:22:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YNXdPX0%2FwFm3vrgKPiOvv3bLbb2XvKZSvUnUHopc80NyUIf0mgLIIvxUb7hvs2dwKP6gpOPqZ8h7h4FgcVsogjcSo4kslM%2F%2FLX9vQGmccbUixf3x%2BMoKLgfSpFMYlU1ndp79StEVd9ww%2FrfBflD6"}],"group":"cf-nel","max_age":604800}
content-language
en-US
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
6ed870a14fad5a43-MXP
expires
Thu, 24 Mar 2022 20:22:19 GMT
1231908023.js
thmirt.robtex.com/js/getr6/z3/v.03.com.sogou.acc/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thmirt.robtex.com/js/getr6/z3/v.03.com.sogou.acc/1231908023.js
Requested by
Host: thmirt.robtex.com
URL: https://thmirt.robtex.com/thmirt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:672 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7972bb5fed2e53f0b4f856eff2caa7f838d4ae4ae45f5c0b05acb596106e62e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-rt-time
0.144413077 0.144201108
content-type
application/javascript; charset=utf-8
x-lb
p=8010
server-timing
ttfblb;dur=155
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 17 Mar 2022 20:22:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MmB1RTGHMNQ7VK%2BRvrYbpcYpUy%2BElMdWqGwjjMojb1Q64tnQoE592uClgmxNX2m3%2Bwnr6VQbPEM66RmkVZ8ZkVoJLK4Whl4TTTae6GziPuiYYmaLBwJLxdENi21vDnUcV52OLkrCgnNOrZVsA4ac"}],"group":"cf-nel","max_age":604800}
content-language
en-US
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
6ed870a14fb25a43-MXP
expires
Thu, 24 Mar 2022 20:22:19 GMT
1231908023.js
thmirt.robtex.com/js/getr6/z3/u.04.com.sogou.acc.ip/ 		170 B
814 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thmirt.robtex.com/js/getr6/z3/u.04.com.sogou.acc.ip/1231908023.js
Requested by
Host: thmirt.robtex.com
URL: https://thmirt.robtex.com/thmirt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:672 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4256129f0f6f5ce7591cdd0fba3d4bd50b4a22000e4241b91df545a3ca832de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-rt-time
0.219856794 0.219594254
content-type
application/javascript; charset=utf-8
x-lb
p=8012
server-timing
ttfblb;dur=247
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 17 Mar 2022 20:22:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sf86WAZ42CNevGqnaxMrEQmMj%2Fd2UGcbzsfA6AmXUWf9hcXFFgmEAEv37FFim3K2AJj69YJSO2IgK3IgVSZCxDYllE2wJH%2Fma9LpdLUku9Yb5bLQJy3ea%2Bo%2BytKirhHlNwpxBK0%2B7TpcY%2FPzyfkC"}],"group":"cf-nel","max_age":604800}
content-language
en-US
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
6ed870a14fb95a43-MXP
expires
Thu, 24 Mar 2022 20:22:19 GMT
1231908023.js
thmirt.robtex.com/js/getr6/z3/v.04.com.sogou.acc.ip/ 		170 B
816 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thmirt.robtex.com/js/getr6/z3/v.04.com.sogou.acc.ip/1231908023.js
Requested by
Host: thmirt.robtex.com
URL: https://thmirt.robtex.com/thmirt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:672 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70b472effea64db0364e2b35128780d85809cbc3db371da775b30ebf39f36942
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-rt-time
0.143289699 0.143026804
content-type
application/javascript; charset=utf-8
x-lb
p=8015
server-timing
ttfblb;dur=151
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 17 Mar 2022 20:22:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CHWo3LdkU1K0I2ByKnqcHKCbJCSmPbZfijvw4hB88Ez%2FpTVVhrgz9Ma6c6Ab%2BvFr6BkzwADLWSZPbr%2FKravpmY7pP9UFOJTAhsLjJhhk8eLJ%2BAMR6xVUaR1pcbgK94%2Fvj5zdwk%2FgqhEO199wd6Me"}],"group":"cf-nel","max_age":604800}
content-language
en-US
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
6ed870a14fc15a43-MXP
expires
Thu, 24 Mar 2022 20:22:19 GMT
1231908023.js
thmirt.robtex.com/js/getr6/z3/h.04.com.sogou.acc.ip/ 		170 B
849 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thmirt.robtex.com/js/getr6/z3/h.04.com.sogou.acc.ip/1231908023.js
Requested by
Host: thmirt.robtex.com
URL: https://thmirt.robtex.com/thmirt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:672 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98661a1702a0761f9029a99c5a4eb769ecf67b178194cf7ea53440b0a2f7d10f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-rt-time
0.14329994 0.143023982
content-type
application/javascript; charset=utf-8
x-lb
p=8008
server-timing
ttfblb;dur=152
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 17 Mar 2022 20:22:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EjgV%2FFCcmWr%2BfLqxt5hTsLMCCM22dDEWKJ%2BNJTfWs4WpXVRRRFryGhMKk1hQUVSzQRU%2FOGmhBXYhRIpnWth%2FQ233EbLGUG4q6eqwzCcOPbzjjfpPkbe7dfQwhvhHb9aOlPdls11GI7yxEVMkR6Fc"}],"group":"cf-nel","max_age":604800}
content-language
en-US
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
6ed870a14fbc5a43-MXP
expires
Thu, 24 Mar 2022 20:22:19 GMT
widget_iframe.a58e82e150afc25eb5372dd55a98b778.html
platform.twitter.com/widgets/ Frame 2330 		319 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Fwww.threatminer.org
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE2) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
164807
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Thu, 17 Mar 2022 20:22:19 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Wed, 16 Feb 2022 18:36:30 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (mil/6CE2)
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105433
cookie.js
partner.googleadservices.com/gampad/ 		219 B
646 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.threatminer.org&callback=_gfp_s_&client=ca-pub-5720763271532377
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5720763271532377&plah=www.threatminer.org
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
2a37c46bd603e9a0f81f59395f9e50c1318510b0b23c0ccee5f223bc45426f4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
202
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.threatminer.org
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5720763271532377&plah=www.threatminer.org
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Mar 2022 20:22:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.threatminer.org
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5720763271532377&plah=www.threatminer.org
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Mar 2022 20:22:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 855B 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=250&slotname=4491384285&adk=1382012186&adf=1527761000&pi=t.ma~as.4491384285&w=299&fwrn=4&fwrnh=100&lmt=1647548539&rafmt=3&psa=0&format=299x250&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538966&bpp=3&bdt=426&idt=137&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&correlator=4830888718068&frm=20&pv=2&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=229&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=aBaSKfZ2Hs&p=https%3A//www.threatminer.org&dtd=152
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5720763271532377&plah=www.threatminer.org
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
993c8a53d1040a237c948ec523eff3228e955b1b5b8cb9d681275db84e4ff9fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 17 Mar 2022 20:22:19 GMT
server
cafe
content-length
9629
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 17 Mar 2022 20:22:19 GMT
cache-control
private
manage
router.infolinks.com/usync/ Frame 233F 		10 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/usync/manage?pid=3241790&wsid=0&pdom=www.threatminer.org&purl=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1792.015-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36e85c0bdb3b49928c61a8f5293aa809265d6c434596cac469973f04c6ba6a47

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
content-type
text/html;charset=UTF-8
cache-control
no-store
p3p
CP="NON DSP NID OUR COR"
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6ed870a1de516937-FRA
content-encoding
gzip
lcmanage
router.infolinks.com/usync/ 		0
75 B 		Script
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/usync/lcmanage?pid=3241790&wsid=0&pdom=www.threatminer.org&purl=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1792.015-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control
no-store
cf-ray
6ed870a1de546937-FRA
content-length
0
gsd
router.infolinks.com/ 		317 B
514 B 		Script
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/gsd?evt=afterGSD&pid=3241790&wsid=0&pdom=www.threatminer.org&purl=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&jsv=1792.015-3.025&_cb=16475485391610
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1792.015-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
069d7a7c226fdef601e182e031dcfb8ab175516f08f4f57ca7994d2b5f832e17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 20:22:19 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
text/javascript;charset=UTF-8
content-encoding
gzip
cache-control
max-age=0
cf-ray
6ed870a1de566937-FRA
expires
Thu, 01 Jan 1970 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 5D21 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=600&slotname=6407101181&adk=2989800909&adf=2245449527&pi=t.ma~as.6407101181&w=299&fwrn=4&fwrnh=100&lmt=1647548539&rafmt=1&psa=0&format=299x600&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538969&bpp=1&bdt=428&idt=211&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&prev_fmts=299x250&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=507&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QIRl9h6rff&p=https%3A//www.threatminer.org&dtd=214
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5720763271532377&plah=www.threatminer.org
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4e76994cdf238bb46382a21798ab6ddc56d9b81036aeff185ec5abd05b022534
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 17 Mar 2022 20:22:19 GMT
server
cafe
content-length
9592
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 17 Mar 2022 20:22:19 GMT
cache-control
private
/
disqus.com/embed/comments/ Frame 2950 		0
0
/
tempest.services.disqus.com/ads-iframe/taboola/ 		28 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tempest.services.disqus.com/ads-iframe/taboola/?position=top&shortname=threatminer&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%23337ab7&colorScheme=light&sourceUrl=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&typeface=sans-serif&disqus_version=current
Requested by
Host: threatminer.disqus.com
URL: https://threatminer.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
409eb4ef2adc01fba3fdd832fb60ba61aa321afc458e87cb97d62aded47f59e2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 20:22:19 GMT
Content-Encoding
gzip
Server
openresty
Age
0
Vary
Accept-Encoding,
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=300
X-Service
router
Connection
keep-alive
Content-Length
9436
Cross-Origin-Resource-Policy
cross-origin
/
tempest.services.disqus.com/ads-iframe/taboola/ 		28 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tempest.services.disqus.com/ads-iframe/taboola/?position=bottom&shortname=threatminer&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%23337ab7&colorScheme=light&sourceUrl=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&typeface=sans-serif&disqus_version=current
Requested by
Host: threatminer.disqus.com
URL: https://threatminer.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
80d626edf52f23fc063b973fb3111d98580d855f37559188e2663313e9096eb6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 20:22:19 GMT
Content-Encoding
gzip
Server
openresty
Age
0
Vary
Accept-Encoding,
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=300
X-Service
router
Connection
keep-alive
Content-Length
9438
Cross-Origin-Resource-Policy
cross-origin
event.gif
referrer.disqus.com/juggler/ 		43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://referrer.disqus.com/juggler/event.gif?imp=6visu8p1nvuuth&experiment=network_default&variant=fallthrough&service=dynamic&area=top&product=embed&forum=threatminer&zone=thread&version=4c17dbce49f331e55ae0e3654575eb6a&page_url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&page_referrer=&object_type=provider&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&section=default&verb=call&adjective=1&forum_id=5993718
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 20:22:19 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Content-Type
image/gif
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
event.gif
referrer.disqus.com/juggler/ 		43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://referrer.disqus.com/juggler/event.gif?imp=6visu8p1nvuuth&experiment=network_default&variant=fallthrough&service=dynamic&area=bottom&product=embed&forum=threatminer&zone=thread&version=4c17dbce49f331e55ae0e3654575eb6a&page_url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&page_referrer=&object_type=provider&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&section=default&verb=call&adjective=1&forum_id=5993718
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 20:22:19 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Content-Type
image/gif
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
cse_element__en.js
www.google.com/cse/static/element/45f4e5efab1258be/ 		302 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/45f4e5efab1258be/cse_element__en.js?usqp=CAI%3D
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=009665096751685288782:o6_z_tmwsge
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9e6d43114b4187eb4c0f6550554d9b422eaad45083e345d1fa7b82dd6afcd24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 18:10:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
180690
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
102347
x-xss-protection
0
last-modified
Thu, 17 Feb 2022 21:05:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Wed, 15 Mar 2023 18:10:49 GMT
default+en.css
www.google.com/cse/static/element/45f4e5efab1258be/ 		41 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/45f4e5efab1258be/default+en.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=009665096751685288782:o6_z_tmwsge
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 18:10:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
180690
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9086
x-xss-protection
0
last-modified
Thu, 17 Feb 2022 21:05:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Wed, 15 Mar 2023 18:10:49 GMT
default.css
www.google.com/cse/static/style/look/v4/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/style/look/v4/default.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=009665096751685288782:o6_z_tmwsge
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 19:37:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2686
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1345
x-xss-protection
0
last-modified
Wed, 17 Jun 2020 00:00:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Thu, 17 Mar 2022 20:27:33 GMT
settings
syndication.twitter.com/ Frame 2330 		367 B
502 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=9470d706437c597c8db19fc2509672a701c49b3e
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Fwww.threatminer.org
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
1563b4b7778cd83abd36fe33c751c32d18533abb40905f99aca22f64a70df50c
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time
109
date
Thu, 17 Mar 2022 20:22:18 GMT
content-encoding
gzip
last-modified
Thu, 17 Mar 2022 20:22:19 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
311d6b0604196a2bd8b11a75531159ff7c1f7deb25d6995f90854104f78f5a75
content-length
221
ads
googleads.g.doubleclick.net/pagead/ Frame 68F5 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=1381165906&adk=2644663765&adf=151644923&pi=t.ma~as.1381165906&w=1182&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1182x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538970&bpp=1&bdt=430&idt=252&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&prev_fmts=299x250%2C299x600&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=359&ady=115&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=QlNNHv7nVl&p=https%3A//www.threatminer.org&dtd=258
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5720763271532377&plah=www.threatminer.org
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
83d9adcc73cef40732463f1c6ab33ce335c7beee66ce9bb5764780589855fa4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 17 Mar 2022 20:22:19 GMT
server
cafe
content-length
9615
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 17 Mar 2022 20:22:19 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame ADAE 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=6125219520&adk=3585176026&adf=1896753424&pi=t.ma~as.6125219520&w=1200&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538971&bpp=1&bdt=431&idt=261&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&prev_fmts=299x250%2C299x600%2C1182x200&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1119&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=dYfuRtYqdc&p=https%3A//www.threatminer.org&dtd=266
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5720763271532377&plah=www.threatminer.org
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f6940807517bf847d57693f5a8b6ded4ea1af361577ea7588fc3b4a16f642718
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 17 Mar 2022 20:22:19 GMT
server
cafe
content-length
9637
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 17 Mar 2022 20:22:19 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 003D 		23 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=6496738703&adk=1604286506&adf=3735847537&pi=t.ma~as.6496738703&w=1200&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538971&bpp=1&bdt=431&idt=270&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6082e33e6cecd8b1-22fb64ad5ecd0061%3AT%3D1647548539%3ART%3D1647548539%3AS%3DALNI_MZOJkIAopPNiCdrpGiFt7OQj6kt6g&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1518&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=dH5x45j7ik&p=https%3A//www.threatminer.org&dtd=274
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5720763271532377&plah=www.threatminer.org
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4dac0b828b21f4627c577dfca268046e050a2bb8bfc720184e1acbebca2b7359
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 17 Mar 2022 20:22:19 GMT
server
cafe
content-length
9736
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 17 Mar 2022 20:22:19 GMT
cache-control
private
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.threatminer.org
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5720763271532377&plah=www.threatminer.org
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Mar 2022 20:22:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.threatminer.org
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5720763271532377&plah=www.threatminer.org
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Mar 2022 20:22:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C393 		23 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=5742076145&adk=1588915182&adf=2105686797&pi=t.ma~as.5742076145&w=1200&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538972&bpp=1&bdt=432&idt=276&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6082e33e6cecd8b1-22fb64ad5ecd0061%3AT%3D1647548539%3ART%3D1647548539%3AS%3DALNI_MZOJkIAopPNiCdrpGiFt7OQj6kt6g&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200%2C1200x200&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=2125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=vo4CNxUBt4&p=https%3A//www.threatminer.org&dtd=280
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5720763271532377&plah=www.threatminer.org
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18f50752d3665f518947dbb033aeb83022d915c0625810db4d78c1e4cad76a77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 17 Mar 2022 20:22:19 GMT
server
cafe
content-length
9747
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 17 Mar 2022 20:22:19 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 899E 		23 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=9669696950&adk=163335597&adf=2825014424&pi=t.ma~as.9669696950&w=1200&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538972&bpp=1&bdt=432&idt=283&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6082e33e6cecd8b1-22fb64ad5ecd0061%3AT%3D1647548539%3ART%3D1647548539%3AS%3DALNI_MZOJkIAopPNiCdrpGiFt7OQj6kt6g&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200%2C1200x200%2C1200x200&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=2524&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=jGmW2bJRP8&p=https%3A//www.threatminer.org&dtd=285
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5720763271532377&plah=www.threatminer.org
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
416bc73dbcb17fc757737c91e3d8211b11078dc48293ef79bc71d2eab2641620
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 17 Mar 2022 20:22:19 GMT
server
cafe
content-length
9726
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 17 Mar 2022 20:22:19 GMT
cache-control
private
async-ads.js
cse.google.com/adsense/search/ 		136 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/adsense/search/async-ads.js
Requested by
Host: www.google.com
URL: https://www.google.com/cse/static/element/45f4e5efab1258be/cse_element__en.js?usqp=CAI%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:810::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8707f99ef38099b16c6a88670622fec80bc7cdc84e221589ccad804df715320b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
etag
"10075315803862351829"
vary
Accept-Encoding
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
accept-ranges
bytes
expires
Thu, 17 Mar 2022 20:22:19 GMT
clear.png
www.google.com/cse/static/css/v2/ 		1018 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/cse/static/css/v2/clear.png
Requested by
Host: www.google.com
URL: https://www.google.com/cse/static/element/45f4e5efab1258be/default+en.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/cse/static/element/45f4e5efab1258be/default+en.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 05:46:24 GMT
x-content-type-options
nosniff
age
138955
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1018
x-xss-protection
0
last-modified
Mon, 25 May 2020 08:30:00 GMT
server
sffe
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Thu, 16 Mar 2023 05:46:24 GMT
branding.png
www.google.com/cse/static/images/1x/en/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/cse/static/images/1x/en/branding.png
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 12 Mar 2022 12:42:20 GMT
x-content-type-options
nosniff
age
459599
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1372
x-xss-protection
0
last-modified
Mon, 25 May 2020 08:30:00 GMT
server
sffe
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Sun, 12 Mar 2023 12:42:20 GMT
v1
cse.google.com/cse/element/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/cse/element/v1?rsz=5&num=5&hl=en&source=gcsc&gss=.com&cselibv=45f4e5efab1258be&cx=009665096751685288782:o6_z_tmwsge&q=ip.acc.sogou.com&safe=off&cse_tok=AJvRUv1CkitDCWRQIp8u3UI4uHOH:1647548539049&filter=0&sort=&exp=csqr,cc&callback=google.search.cse.api18882
Requested by
Host: www.google.com
URL: https://www.google.com/cse/static/element/45f4e5efab1258be/cse_element__en.js?usqp=CAI%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:810::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ffe389096d941ff15747566b452237dac4e95277fea7273ba67d74f93c74e93d
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/QualityProseCsqrElementHttp/cspreport, script-src 'report-sample' 'nonce-WuTACovyJyrOPocn8KeniQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/QualityProseCsqrElementHttp/cspreport;worker-src 'self', script-src 'nonce-WuTACovyJyrOPocn8KeniQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/QualityProseCsqrElementHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 20:22:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
require-trusted-types-for 'script';report-uri /_/QualityProseCsqrElementHttp/cspreport, script-src 'report-sample' 'nonce-WuTACovyJyrOPocn8KeniQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/QualityProseCsqrElementHttp/cspreport;worker-src 'self', script-src 'nonce-WuTACovyJyrOPocn8KeniQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/QualityProseCsqrElementHttp/cspreport
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
generate_204
www.googleapis.com/ 		0
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googleapis.com/generate_204
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
clients1.google.com/ 		0
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://clients1.google.com/generate_204
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
ads
googleads.g.doubleclick.net/pagead/ Frame 43D8 		23 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=1384012828&adk=4073000275&adf=2966224417&pi=t.ma~as.1384012828&w=1200&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com%23gsc.tab%3D0%26gsc.q%3Dip.acc.sogou.com%26gsc.page%3D1&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538973&bpp=1&bdt=433&idt=316&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6082e33e6cecd8b1-22fb64ad5ecd0061%3AT%3D1647548539%3ART%3D1647548539%3AS%3DALNI_MZOJkIAopPNiCdrpGiFt7OQj6kt6g&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200%2C1200x200%2C1200x200%2C1200x200&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=2923&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=8XElJ5EE7k&p=https%3A//www.threatminer.org&dtd=318
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5720763271532377&plah=www.threatminer.org
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
164c27d4eda016f39091f2d7b7ec30062e06597f874bb7a2a702b71f01d1dae3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 17 Mar 2022 20:22:19 GMT
server
cafe
content-length
9748
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 17 Mar 2022 20:22:19 GMT
cache-control
private
doq.htm
rt3024.infolinks.com/action/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rt3024.infolinks.com/action/doq.htm?pcode=utf-8&r=16475485393091
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1792.015-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7ca0c97f439b00b185eb7d8ea5a9000e8b10d70d52c861737aca278c81cbb47

Request headers

Referer
https://www.threatminer.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
p3p
CP="NON DSP NID OUR COR"
content-type
text/html;charset=UTF-8
x-application-context
application:prod
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-language
de-DE
access-control-allow-origin
https://www.threatminer.org
cache-control
no-cache,no-store
access-control-allow-credentials
true
cf-ray
6ed870a2ec9a916b-FRA
expires
Thu, 01 Jan 1970 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.threatminer.org
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5720763271532377&plah=www.threatminer.org
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Mar 2022 20:22:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.threatminer.org
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5720763271532377&plah=www.threatminer.org
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Mar 2022 20:22:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2826 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=7757849485&adk=3516063199&adf=2426225322&pi=t.ma~as.7757849485&w=1200&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com%23gsc.tab%3D0%26gsc.q%3Dip.acc.sogou.com%26gsc.page%3D1&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538973&bpp=1&bdt=433&idt=336&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6082e33e6cecd8b1-22fb64ad5ecd0061%3AT%3D1647548539%3ART%3D1647548539%3AS%3DALNI_MZOJkIAopPNiCdrpGiFt7OQj6kt6g&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200%2C1200x200%2C1200x200%2C1200x200%2C1200x200&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=3380&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=owFqdgFJV3&p=https%3A//www.threatminer.org&dtd=340
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5720763271532377&plah=www.threatminer.org
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37b932f974f5a3531df146c536ff8fac7d8d76c2c4256f5877ce6c2a0d126186
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 17 Mar 2022 20:22:19 GMT
server
cafe
content-length
9658
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 17 Mar 2022 20:22:19 GMT
cache-control
private
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com%23gsc.tab%3D0%26gsc.q%3Dip.acc.sogou.com%26gsc.page%3D1&tn=DIV&id=privacy_notice&cls=alert%20alert-info%20alert-dismissable%20bottom_popup&ign=false&pw=1600&ph=1200&x=800&y=1130.4
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 20:22:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 0C13 		58 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&adk=1812271804&adf=3025194257&lmt=1647548539&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com%23gsc.tab%3D0%26gsc.q%3Dip.acc.sogou.com%26gsc.page%3D1&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538989&bpp=1&bdt=449&idt=333&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6082e33e6cecd8b1-22fb64ad5ecd0061%3AT%3D1647548539%3ART%3D1647548539%3AS%3DALNI_MZOJkIAopPNiCdrpGiFt7OQj6kt6g&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200%2C1200x200%2C1200x200%2C1200x200%2C1200x200%2C1200x200&nras=1&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=10&uci=a!a&fsb=1&dtd=340
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5720763271532377&plah=www.threatminer.org
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f919207358c1fe8c8de70517a8b312285a2dd3b1ef7132c0002f1a73a0ebd41a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 17 Mar 2022 20:22:19 GMT
server
cafe
content-length
16634
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 17 Mar 2022 20:22:19 GMT
cache-control
private
/
de.tynt.com/deb/ Frame 8819 		75 B
289 B 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3241790&wsid=0&pdom=www.threatminer.org&purl=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/

Response headers

cache-control
max-age=86400
expires
Fri, 18 Mar 2022 20:22:19 GMT
referrer-policy
unsafe-url
content-type
text/html
content-length
75
date
Thu, 17 Mar 2022 20:22:19 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
usermatch
ssum-sec.casalemedia.com/ Frame 148E
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3241790&wsid=0&pdom=www.threatminer.org&purl=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.90.181.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-181-210.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a1aca09ecba6cc08b977ccc20f2d105095aa5ce740479721bb2de04959607fe8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|230|241|45|10|17|4|195
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Thu, 17 Mar 2022 20:22:19 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Thu, 17 Mar 2022 20:22:19 GMT
Content-Length
1634
Connection
keep-alive

Redirect headers

Server
Apache
Content-Length
311
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Thu, 17 Mar 2022 20:22:19 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Thu, 17 Mar 2022 20:22:19 GMT
Connection
keep-alive
/
onetag-sys.com/usync/ Frame 7118 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3241790&wsid=0&pdom=www.threatminer.org&purl=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
check
pixel.tapad.com/idsync/ex/receive/ Frame 233F
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDY1MjZFMUEtMkEwNS00NjdELUFFNEQtN0JFMTJCMUMwOERD&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3DD6526E1A-2A05-467D-AE4D-7BE12B1C08DC
  • https://router.infolinks.com/dyn/pbm-usync?uid=D6526E1A-2A05-467D-AE4D-7BE12B1C08DC
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3356&partner_device_id=D6526E1A-2A05-467D-AE4D-7BE12B1C08DC
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3356&partner_device_id=D6526E1A-2A05-467D-AE4D-7BE12B1C08DC
95 B
414 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3356&partner_device_id=D6526E1A-2A05-467D-AE4D-7BE12B1C08DC
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3241790&wsid=0&pdom=www.threatminer.org&purl=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com
Protocol
H2
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:24 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3356&partner_device_id=D6526E1A-2A05-467D-AE4D-7BE12B1C08DC
date
Thu, 17 Mar 2022 20:22:24 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
apn-usync
router.infolinks.com/dyn/ Frame 233F
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID
  • https://router.infolinks.com/dyn/apn-usync?user_id=6670387150791064016
35 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/apn-usync?user_id=6670387150791064016
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3241790&wsid=0&pdom=www.threatminer.org&purl=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 20:22:19 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6ed870a3488b6937-FRA
content-length
35
expires
Wed, 17 Mar 2021 20:22:19 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 17 Mar 2022 20:22:19 GMT
X-Proxy-Origin
217.64.151.7; 217.64.151.7; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
1485ae7e-e80d-4ba7-8d70-240729489507
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://router.infolinks.com/dyn/apn-usync?user_id=6670387150791064016
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cm
u.openx.net/w/1.0/ Frame 233F 		43 B
305 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/cm?id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3241790&wsid=0&pdom=www.threatminer.org&purl=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 20:22:19 GMT
content-encoding
gzip
server
OXGW/17.2.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
VR-usync
router.infolinks.com/dyn/ Frame 233F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58422/occ
  • https://ups.analytics.yahoo.com/ups/58422/occ?verify=true
  • https://router.infolinks.com/dyn/VR-usync?uid=y-hySLVRJE2uEYbL_0L1.ekD8EhUKMHj3GXXvKrzo-~A
35 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/VR-usync?uid=y-hySLVRJE2uEYbL_0L1.ekD8EhUKMHj3GXXvKrzo-~A
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3241790&wsid=0&pdom=www.threatminer.org&purl=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 20:22:20 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6ed870a8d9a66937-FRA
content-length
35
expires
Wed, 17 Mar 2021 20:22:20 GMT

Redirect headers

location
https://router.infolinks.com/dyn/VR-usync?uid=y-hySLVRJE2uEYbL_0L1.ekD8EhUKMHj3GXXvKrzo-~A
date
Thu, 17 Mar 2022 20:22:20 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
r1-usync
router.infolinks.com/dyn/ Frame 233F
Redirect Chain
  • https://sync.1rx.io/usersync2/infolinks
  • https://sync.1rx.io/usersync2/infolinks?zcc=1&cb=1647548539385
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=229067797
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=229067797
  • https://sync.1rx.io/usersync/tradedesk/a378dff8-b7a6-4ce2-ae34-61798a73e832
  • https://sync.targeting.unrulymedia.com/csync/RX-4dacb8ab-8728-409c-9d1d-d87ac35c6778-003?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-4dacb8ab-8728-409c-9d1d-d87ac35c6778-003
  • https://router.infolinks.com/dyn/r1-usync?uid=RX-4dacb8ab-8728-409c-9d1d-d87ac35c6778-003
35 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/r1-usync?uid=RX-4dacb8ab-8728-409c-9d1d-d87ac35c6778-003
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3241790&wsid=0&pdom=www.threatminer.org&purl=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 20:22:20 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6ed870a6be1c6937-FRA
content-length
35
expires
Wed, 17 Mar 2021 20:22:20 GMT

Redirect headers

location
https://router.infolinks.com/dyn/r1-usync?uid=RX-4dacb8ab-8728-409c-9d1d-d87ac35c6778-003
date
Thu, 17 Mar 2022 20:22:19 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX4dacb8ab8728409c9d1dd87ac35c6778003
content-type
text/html
zmn-usync
router.infolinks.com/dyn/ Frame 233F
Redirect Chain
  • https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__
  • https://router.infolinks.com/dyn/zmn-usync?uid=
35 B
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/zmn-usync?uid=
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3241790&wsid=0&pdom=www.threatminer.org&purl=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store
cf-ray
6ed870a5cc9d6937-FRA
content-length
35

Redirect headers

Location
https://router.infolinks.com/dyn/zmn-usync?uid=
Pragma
no-cache
Date
Thu, 17 Mar 2022 20:22:19 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
70
Content-Type
text/html; charset=utf-8
us
sync.go.sonobi.com/ Frame 233F 		0
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsonobi-usync%3Fuid%3D%5BUID%5D
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3241790&wsid=0&pdom=www.threatminer.org&purl=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Mar 2022 20:22:19 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
ca.png
s.cpx.to/ Frame 233F
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Fwww.threatminer.org%252Fdomain.php%253Fq%253Dip.acc.sogou.com&pid=12306&adnxs_uid=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252Fwww.threatminer.org%25252Fdomain.php%25253Fq%25253Dip.acc.sogou.com%26pid%3D12306%26adnxs_u...
  • https://s.cpx.to/ca.png?ref=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&pid=12306&adnxs_uid=6670387150791064016
95 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/ca.png?ref=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&pid=12306&adnxs_uid=6670387150791064016
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3241790&wsid=0&pdom=www.threatminer.org&purl=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com
Protocol
HTTP/1.1
Server
34.250.1.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-1-173.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache, no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Thu, 17 Mar 2022 20:22:19 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0, no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Thu, 17 Mar 2022 20:22:19 UTC

Redirect headers

Pragma
no-cache
Date
Thu, 17 Mar 2022 20:22:19 GMT
X-Proxy-Origin
217.64.151.7; 217.64.151.7; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
e2c60837-244f-4f83-b91d-4df1a65529ad
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://s.cpx.to/ca.png?ref=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&pid=12306&adnxs_uid=6670387150791064016
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
dsp.adkernel.com/ Frame 233F 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp.adkernel.com/sync?exchange=202&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fearn-usync%3Fuid%3D%7BUID%7D
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3241790&wsid=0&pdom=www.threatminer.org&purl=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Mar 2022 20:22:19 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
imd-usync
router.infolinks.com/dyn/ Frame 233F
Redirect Chain
  • https://ad.360yield.com/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531
  • https://ad.360yield.com/ul_cb/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531
  • https://router.infolinks.com/dyn/imd-usync?user_id=3c428a9d-5413-49a9-bf5c-63d877debea1&partner_id=1531
35 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/imd-usync?user_id=3c428a9d-5413-49a9-bf5c-63d877debea1&partner_id=1531
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3241790&wsid=0&pdom=www.threatminer.org&purl=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 20:22:19 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6ed870a4cb166937-FRA
content-length
35
expires
Wed, 17 Mar 2021 20:22:19 GMT

Redirect headers

location
https://router.infolinks.com/dyn/imd-usync?user_id=3c428a9d-5413-49a9-bf5c-63d877debea1&partner_id=1531
date
Thu, 17 Mar 2022 20:22:19 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
outh-usync
router.infolinks.com/dyn/ Frame 233F
Redirect Chain
  • https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPf1ed09f4-a62f-11ec-a432-06bfa37d4102
  • https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPf1ed09f4-a62f-11ec-a432-06bfa37d4102&verify=true
  • https://router.infolinks.com/dyn/outh-usync?uid=y-U6PqO9VE2uGoPQ3ZERWsMtTi8VUMNuW4~A~UPf1ed09f4-a62f-11ec-a432-06bfa37d4102
35 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/outh-usync?uid=y-U6PqO9VE2uGoPQ3ZERWsMtTi8VUMNuW4~A~UPf1ed09f4-a62f-11ec-a432-06bfa37d4102
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3241790&wsid=0&pdom=www.threatminer.org&purl=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 20:22:20 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6ed870a8d9986937-FRA
content-length
35
expires
Wed, 17 Mar 2021 20:22:20 GMT

Redirect headers

location
https://router.infolinks.com/dyn/outh-usync?uid=y-U6PqO9VE2uGoPQ3ZERWsMtTi8VUMNuW4~A~UPf1ed09f4-a62f-11ec-a432-06bfa37d4102
date
Thu, 17 Mar 2022 20:22:20 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usersync
match.bnmla.com/ Frame 233F
Redirect Chain
  • https://match.bnmla.com/usersync?sspid=1000361&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fenbd-usync%3Fuid%3D%5BUUID%5D
  • https://bh.contextweb.com/bh/rtset?pid=558752&ev=1&us_privacy=${us_privacy}&rurl=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D1%26uuid%3D%25%25VGUID%25%25
  • https://match.bnmla.com/usersync?dspid=1&uuid=tMBCGMuFEACK&ev=1&us_privacy=${us_privacy}&pid=558752
0
137 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.bnmla.com/usersync?dspid=1&uuid=tMBCGMuFEACK&ev=1&us_privacy=${us_privacy}&pid=558752
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3241790&wsid=0&pdom=www.threatminer.org&purl=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com
Protocol
HTTP/1.1
Server
38.27.122.158 Chestertown, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 20:22:21 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
de-DE
location
https://match.bnmla.com/usersync?dspid=1&uuid=tMBCGMuFEACK&ev=1&us_privacy=${us_privacy}&pid=558752
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5799967b4-tx27z
expires
-1
pixel
ap.lijit.com/ Frame 233F 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3241790&wsid=0&pdom=www.threatminer.org&purl=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 17 Mar 2022 20:22:19 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
check
pixel.tapad.com/idsync/ex/receive/ Frame 233F
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolink...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolink...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODczNkREQzctNzUwQi00Njg5LThFN0ItNDQ4REEwQ0EyQzhC&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3DD6526E1A-2A05-467D-AE4D-7BE12B1C08DC
  • https://router.infolinks.com/dyn/pbm-usync?uid=D6526E1A-2A05-467D-AE4D-7BE12B1C08DC
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3356&partner_device_id=D6526E1A-2A05-467D-AE4D-7BE12B1C08DC
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3356&partner_device_id=D6526E1A-2A05-467D-AE4D-7BE12B1C08DC
95 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3356&partner_device_id=D6526E1A-2A05-467D-AE4D-7BE12B1C08DC
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3241790&wsid=0&pdom=www.threatminer.org&purl=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com
Protocol
H2
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:24 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3356&partner_device_id=D6526E1A-2A05-467D-AE4D-7BE12B1C08DC
date
Thu, 17 Mar 2022 20:22:24 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
zeta-usync
router.infolinks.com/dyn/ Frame 233F
Redirect Chain
  • https://p.rfihub.com/cm?pub=43153&in=1
  • https://router.infolinks.com/dyn/zeta-usync?uid=5108559722787900809
35 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/zeta-usync?uid=5108559722787900809
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3241790&wsid=0&pdom=www.threatminer.org&purl=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 20:22:19 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6ed870a5dcac6937-FRA
content-length
35
expires
Wed, 17 Mar 2021 20:22:19 GMT

Redirect headers

Location
https://router.infolinks.com/dyn/zeta-usync?uid=5108559722787900809
Date
Thu, 17 Mar 2022 20:22:19 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
oRTB
sync.inmobi.com/ Frame 233F 		0
0
/
ssc-cms.33across.com/ps/ Frame 233F 		0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssc-cms.33across.com/ps/?ri=0010b00002CpYhEAAV&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F33a-usync%3Fuid%3D33XUSERID33X
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3241790&wsid=0&pdom=www.threatminer.org&purl=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.24 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-105.static.steadfastdns.net
Software
33XP002 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-33x-status
2000208
date
Thu, 17 Mar 2022 20:22:21 GMT
server
33XP002
iq-usync
router.infolinks.com/dyn/ Frame 233F 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/iq-usync
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3241790&wsid=0&pdom=www.threatminer.org&purl=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/usync/manage?pid=3241790&wsid=0&pdom=www.threatminer.org&purl=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control
no-store
cf-ray
6ed870a67dc06937-FRA
content-length
0
ads
cse.google.com/cse_v2/ Frame 2CB8 		721 B
421 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/cse_v2/ads?adsafe=low&pcsa=true&cx=009665096751685288782%3Ao6_z_tmwsge&client=google-coop&q=ip.acc.sogou.com&r=m&hl=en&type=0&oe=UTF-8&ie=UTF-8&fexp=20606%2C17300842%2C17300948%2C17300950&format=p4&ad=p4&nocache=6691647548539343&num=0&output=uds_ads_only&source=gcsc&v=3&bsl=10&pac=0&u_his=2&u_tz=0&dt=1647548539344&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=4198&frm=0&uio=-&qup=1&jsid=csa&jsv=12411&rurl=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com%23gsc.tab%3D0%26gsc.q%3Dip.acc.sogou.com%26gsc.page%3D1
Requested by
Host: cse.google.com
URL: https://cse.google.com/adsense/search/async-ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:810::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
0ec2b0b4c13e431046ac9342f7b2b974e2b9fb23cc6828d557a8c0a7d4da20ba
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=UTF-8
content-encoding
br
date
Thu, 17 Mar 2022 20:22:19 GMT
server
gws
content-length
402
x-xss-protection
0
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 17 Mar 2022 20:22:19 GMT
taboola
reporting.services.disqus.com/_log/ Frame A1CC 		0
0
loader.js
cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/ Frame A1CC 		243 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a7dcd35efcb5bf6fb34c1bba60eb620b0512abf4adc40c32e1637b603c370ed1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
E2dtTNuZ7c.XAfi8.BD2zbCVT2JNIvkY
content-encoding
gzip
etag
"9afb18e4515c7d64ea8d193baf056dc8"
age
23
x-cache
HIT
content-length
39711
x-amz-id-2
B6a2GzJIyjPWdhslg8PD3f3k44jHULci3xY9rIYuMzINYUAYhaaX75hoWYntC4CxSi7gytqe0wE=
x-served-by
cache-hhn4081-HHN
last-modified
Thu, 17 Mar 2022 10:35:20 GMT
server
AmazonS3
x-timer
S1647548539.393381,VS0,VE1
date
Thu, 17 Mar 2022 20:22:19 GMT
vary
Accept-Encoding
x-amz-request-id
6Z0SFCQWMP2RCC64
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
62
x-cache-hits
1
taboola
reporting.services.disqus.com/_log/ Frame 7E0E 		0
0
loader.js
cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/ Frame 7E0E 		243 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a7dcd35efcb5bf6fb34c1bba60eb620b0512abf4adc40c32e1637b603c370ed1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
E2dtTNuZ7c.XAfi8.BD2zbCVT2JNIvkY
content-encoding
gzip
etag
"9afb18e4515c7d64ea8d193baf056dc8"
age
23
x-cache
HIT
content-length
39711
x-amz-id-2
B6a2GzJIyjPWdhslg8PD3f3k44jHULci3xY9rIYuMzINYUAYhaaX75hoWYntC4CxSi7gytqe0wE=
x-served-by
cache-hhn4081-HHN
last-modified
Thu, 17 Mar 2022 10:35:20 GMT
server
AmazonS3
x-timer
S1647548539.393442,VS0,VE1
date
Thu, 17 Mar 2022 20:22:19 GMT
vary
Accept-Encoding
x-amz-request-id
6Z0SFCQWMP2RCC64
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
62
x-cache-hits
2
n.04040404.js
thmirt.robtex.com/js/getf5r/z3/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thmirt.robtex.com/js/getf5r/z3/n.04040404.js
Requested by
Host: thmirt.robtex.com
URL: https://thmirt.robtex.com/thmirt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:672 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcfc71befcb3837ba46791d046bcede913a5df4fe1e9ae086eff502b1b1fdf73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-rt-time
0.568936642 0.568668271
content-type
application/javascript; charset=utf-8
x-lb
p=8004
server-timing
ttfblb;dur=577
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 17 Mar 2022 20:22:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vGtrEc3TOrW28KlNQIvCMQqXvEywdiDQbNDGv0GuTyjiEgGagzHxK%2FtNqDK6v82xKcbQQzfAAgpZd0Wc7RX3Fjs6A%2BA%2FcdWoho10C6bZrKvMaDQ67NGO%2BNI1F73oUpdaqglSjKNR3hxLDiwwfrzS"}],"group":"cf-nel","max_age":604800}
content-language
en-US
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
6ed870a31d035a43-MXP
expires
Thu, 24 Mar 2022 20:22:20 GMT
1231908023.js
thmirt.robtex.com/js/getr6/z3/n.04040404/ 		93 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thmirt.robtex.com/js/getr6/z3/n.04040404/1231908023.js
Requested by
Host: thmirt.robtex.com
URL: https://thmirt.robtex.com/thmirt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:672 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05f8a853b24b8f63be958490ca3df93c07e949cc017849d55aa70660d501eae3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-rt-time
0.93038008 0.930057735
content-type
application/javascript; charset=utf-8
x-lb
p=8012
server-timing
ttfblb;dur=958
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 17 Mar 2022 20:22:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BmBnUHqIdrEMriC5MIDHMCXUVylOD5PpBUdsjpQUeL%2FvzZZ47kOFlEAYynNr%2FAJe8fByFAqB2eT36L5LkLLIFkxp5%2B1I6YoZtVFyyslLtkLLw7oKErNb%2Bc%2FRg%2FtJwAT5%2BHRVI0f7bwk8yTYhZ88Y"}],"group":"cf-nel","max_age":604800}
content-language
en-US
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
6ed870a31d065a43-MXP
expires
Thu, 24 Mar 2022 20:22:20 GMT
n.04040404.js
thmirt.robtex.com/js/getipinfo/z4/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thmirt.robtex.com/js/getipinfo/z4/n.04040404.js
Requested by
Host: thmirt.robtex.com
URL: https://thmirt.robtex.com/thmirt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:672 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f12fb1782d155950b8d171ad1c7284fa17537a6e59874a1588208e1dd3578e24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-rt-time
0.286320172 0.286054122
content-type
application/javascript; charset=utf-8
x-lb
p=8008
server-timing
ttfblb;dur=295
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 17 Mar 2022 20:22:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4xLp69U%2B6kgFDe1GpwEBCVMrdLwxq8zd9ye%2BP6IVzuMj2tXME1Ma09GtZ3AVhx6NPlIV39go7Gy0Q%2Fhbo9j6wWKrrVfRR7lbgy2V30FHhlHTcKomb9Ie9CAHuOuDZv1QMxh5UTrdikjoDytpIiAU"}],"group":"cf-nel","max_age":604800}
content-language
en-US
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
6ed870a31d085a43-MXP
expires
Thu, 24 Mar 2022 20:22:19 GMT
moment~timeline.4391e0bf4053fbaa2a022e3fad2a1e1a.js
platform.twitter.com/js/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/moment~timeline.4391e0bf4053fbaa2a022e3fad2a1e1a.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE7) /
Resource Hash
48c9a4d4aa290a866126159687441006eb39adf48ae31e1910aa0f21e0b21376

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 20:22:19 GMT
Content-Encoding
gzip
Age
164808
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length
8012
x-tw-cdn
VZ
Last-Modified
Wed, 16 Feb 2022 18:36:23 GMT
Server
ECS (mil/6CE7)
Etag
"3123bdaf11a1d77bcf1836091c9b4631+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
timeline.34cf38a85ac899f1d6a0438a1659decc.js
platform.twitter.com/js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/timeline.34cf38a85ac899f1d6a0438a1659decc.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE8) /
Resource Hash
8875e0e5a0f6bfaf4d66fde0622a609e9fe7b599adaef3ad01d6d613574c69b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 20:22:19 GMT
Content-Encoding
gzip
Age
164802
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length
6444
x-tw-cdn
VZ
Last-Modified
Wed, 16 Feb 2022 18:36:23 GMT
Server
ECS (mil/6CE8)
Etag
"0a27acfd1028aaadad57ff8929bf7266+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 855B 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=250&slotname=4491384285&adk=1382012186&adf=1527761000&pi=t.ma~as.4491384285&w=299&fwrn=4&fwrnh=100&lmt=1647548539&rafmt=3&psa=0&format=299x250&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538966&bpp=3&bdt=426&idt=137&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&correlator=4830888718068&frm=20&pv=2&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=229&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=aBaSKfZ2Hs&p=https%3A//www.threatminer.org&dtd=152
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:21:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 31 Mar 2022 20:21:24 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 855B 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=250&slotname=4491384285&adk=1382012186&adf=1527761000&pi=t.ma~as.4491384285&w=299&fwrn=4&fwrnh=100&lmt=1647548539&rafmt=3&psa=0&format=299x250&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538966&bpp=3&bdt=426&idt=137&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&correlator=4830888718068&frm=20&pv=2&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=229&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=aBaSKfZ2Hs&p=https%3A//www.threatminer.org&dtd=152
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:810::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1647431472276194"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 17 Mar 2022 20:22:19 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 855B 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=250&slotname=4491384285&adk=1382012186&adf=1527761000&pi=t.ma~as.4491384285&w=299&fwrn=4&fwrnh=100&lmt=1647548539&rafmt=3&psa=0&format=299x250&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538966&bpp=3&bdt=426&idt=137&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&correlator=4830888718068&frm=20&pv=2&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=229&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=aBaSKfZ2Hs&p=https%3A//www.threatminer.org&dtd=152
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 19:59:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1340
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 31 Mar 2022 19:59:59 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 855B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C6atWe5gzYq_ACcew7_UP87K64ArJntKxXPXqoYaIAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakCe9G6FdCYsj6oAwGqBOUBT9DRNPF56QzUWZ4zcJPykuEZaESU8bqsx3CXMZb-hHkR7norcLcw_bI0m6NYUSBDqSEdkdcC5LBnqRZADpFRf_UFlGCvgCEhSRrFVLMaQthoW5UnmvPtUhAfiFmHflvMI9l6R-gErI0c387QCTvH1HcAl0JRuSCxoKcyftDD1qZyjvaEfZ8STWvgDXp9PFJSze1Nqrpj35uXB59DMzsNvQE0poqLoj9OsrxXm8W2k6tIar50Y0cVUSVBnyBWbB0RaBBSqILDt83NTbUSoGjvvXZEDshLQ_mrd4xBNSkdWzcq6QMCUIAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTcyMDc2MzI3MTUzMjM3NxgA&sigh=Dx59yiGV03o&uach_m=[UACH]&cid=CAQSGwCNIrLMGzqxr8FNjaNXXTQG9vwyZ2P9DYx8wRgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=250&slotname=4491384285&adk=1382012186&adf=1527761000&pi=t.ma~as.4491384285&w=299&fwrn=4&fwrnh=100&lmt=1647548539&rafmt=3&psa=0&format=299x250&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538966&bpp=3&bdt=426&idt=137&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&correlator=4830888718068&frm=20&pv=2&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=229&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=aBaSKfZ2Hs&p=https%3A//www.threatminer.org&dtd=152
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=250&slotname=4491384285&adk=1382012186&adf=1527761000&pi=t.ma~as.4491384285&w=299&fwrn=4&fwrnh=100&lmt=1647548539&rafmt=3&psa=0&format=299x250&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538966&bpp=3&bdt=426&idt=137&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&correlator=4830888718068&frm=20&pv=2&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=229&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=aBaSKfZ2Hs&p=https%3A//www.threatminer.org&dtd=152
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 17 Mar 2022 20:22:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 17 Mar 2022 20:22:19 GMT
notify
rtb.nl.eu.criteo.com/google/auction/ Frame 855B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=Uub8EMz6RKsC-gGdg2ICAgAAAGiZrHMtyRwA20PW8BB7mDNiJ6aOn-wWdma3qz8AEg&wp=YjOYewACYC8Iu9hHAA6Zc2IMEmV7pL4UA-nx0w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=250&slotname=4491384285&adk=1382012186&adf=1527761000&pi=t.ma~as.4491384285&w=299&fwrn=4&fwrnh=100&lmt=1647548539&rafmt=3&psa=0&format=299x250&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538966&bpp=3&bdt=426&idt=137&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&correlator=4830888718068&frm=20&pv=2&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=229&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=aBaSKfZ2Hs&p=https%3A//www.threatminer.org&dtd=152
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
server
Kestrel
server-processing-duration-in-ticks
261426
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame 8F5A 		161 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewACYC8Iu9hHAA6Zc2IMEmV7pL4UA-nx0w&u=%7C53p4L%2Bu0rWOLeLRoFW0xlvwbAwpN%2Fl7N8awjTUH7fMI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy__U_jolI7iL-L4oo_FnJwiubozSo-ehhClHR-RUc1pMORvr7HWGnt5CeKzYGx0_R3ZptaVSSnLpMm8-bs3vtYBCtohikjPe5sAD7gPCEzs1T3b7xX-L4_NFW2CtTa711-v7bWs9q-huGrUXm3LhIR7bXvVOJQK0aNg_IA--jTl4zzDy7VFQT7zrPL3Uux2KiaKXnHS9ChsP-Z-5hRlYb0RGKWYayAcK98t5b_9ThjMJdmi3Qawc1VHy5MJ-qibN0NKRP-x-GfXPWTJjF5eKQFPgpEx8oglQcP4IGkPzyE-n0zK8PEV8ee-uP-ReVkkdPxr32R5Ry_sq0ThlWXB_l_hd47Bfbsp-oulj3xHl7p-qmSWDyNVh802qC1Ykcs4ba0hQ7KQhJzbx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-uELe5gzYq_ACcew7_UP87K64ArJntKxXPXqoYaIAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakCe9G6FdCYsj6oAwGqBOgBT9DRNPF56QzUWZ4zcJPykuEZaESU8bqsx3CXMZb-hHkR7norcLcw_bI0m6NYUSBDqSEdkdcC5LBnqRZADpFRf_UFlGCvgCEhSRrFVLMaQthoW5UnmvPtUhAfiFmHflvMI9l6R-gErI0c387QCTvH1HcAl0JRuSCxoKcyftDD1qZyjvaEfZ8STWvgDXp9PFJSze1Nqrpj35uXB59DMzsNvQE0poqLoj9OsrxXm8W2k6tIar50Y0cVUSVBnyBWbB1TajHALw1fpHJRWRbCnc4XtGJOuMJlW3sfv7Hnx5YDdy-vQ4cR75GqrYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_10JrfhKJPOIpuJH7z7rbVC-2ND3w%26client%3Dca-pub-5720763271532377%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=250&slotname=4491384285&adk=1382012186&adf=1527761000&pi=t.ma~as.4491384285&w=299&fwrn=4&fwrnh=100&lmt=1647548539&rafmt=3&psa=0&format=299x250&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538966&bpp=3&bdt=426&idt=137&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&correlator=4830888718068&frm=20&pv=2&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=229&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=aBaSKfZ2Hs&p=https%3A//www.threatminer.org&dtd=152
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a57d41331f8198228de9a87cbd9f10ec69b093cd5e1a33c7e0b99a26bf53c71b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Thu, 17 Mar 2022 20:22:18 GMT
content-type
text/html
server
Kestrel
cache-control
private, max-age=0, no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cross-origin-resource-policy
cross-origin
p3p
CP='CUR ADM OUR NOR STA NID'
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=ObuEU38m309QXgpd341nvFJRlpkAZ0WQxR_jhhrjxrJB33RG4HlScd2cpL2B4G8uQPlsQmxXHjAZbthL7iBDtpegP0oidvSezChsAbiaSSQevJK-rON4nCAHJbu3LDGblkw6Ayk0q2xy47iIrX0ERxhZ2AubtVkITHqSY0uM7eotVcOd5052qXw4Ji1wVELedhkZy7W_SztOIbsHV2XNh4KBqNofi2b77fXN3pmN54xQyeg3PXjSsdsUD1TgeNvo3Rg5TQ"}], "max_age": 86400}
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks
143457715
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
impl.20220317-4-RELEASE.js
cdn.taboola.com/libtrc/ Frame A1CC 		621 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20220317-4-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
e6be931bf378ce9f5189085025e8fafa2af4b97d9a5a6302f38580eb3018237b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
PzdBuiKIcDpNOBMu3tVuMmAkQzAH0_fZ
content-encoding
br
etag
"884bbd8083b9c712dd4b7bca8879ef99"
age
8263
x-cache
HIT
content-length
131312
x-amz-id-2
T2NhF9fa04B1R2I/fEkpUUA+rGZfq2LjkUltUMx2qhZ0XZ4LySu41IfPEZB0W+Y67MlvpNh+XSo=
x-served-by
cache-hhn4081-HHN
last-modified
Thu, 17 Mar 2022 10:03:40 GMT
server
AmazonS3-br
x-timer
S1647548539.422954,VS0,VE0
date
Thu, 17 Mar 2022 20:22:19 GMT
vary
Accept-Encoding
x-amz-request-id
KHYAD8CEYB0RTCSJ
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
25
x-cache-hits
9930
beacon.js
sb.scorecardresearch.com/ Frame A1CC 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-23.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 08:28:15 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
42844
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
VVCg6EXF5G1H90KnxAj9apQdMpz-wRpbukRL-oTlZ9NExdwTb151_Q==
impl.20220317-4-RELEASE.js
cdn.taboola.com/libtrc/ Frame 7E0E 		621 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20220317-4-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
e6be931bf378ce9f5189085025e8fafa2af4b97d9a5a6302f38580eb3018237b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
PzdBuiKIcDpNOBMu3tVuMmAkQzAH0_fZ
content-encoding
br
etag
"884bbd8083b9c712dd4b7bca8879ef99"
age
8263
x-cache
HIT
content-length
131312
x-amz-id-2
T2NhF9fa04B1R2I/fEkpUUA+rGZfq2LjkUltUMx2qhZ0XZ4LySu41IfPEZB0W+Y67MlvpNh+XSo=
x-served-by
cache-hhn4081-HHN
last-modified
Thu, 17 Mar 2022 10:03:40 GMT
server
AmazonS3-br
x-timer
S1647548539.455928,VS0,VE0
date
Thu, 17 Mar 2022 20:22:19 GMT
vary
Accept-Encoding
x-amz-request-id
KHYAD8CEYB0RTCSJ
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
25
x-cache-hits
9931
beacon.js
sb.scorecardresearch.com/ Frame 7E0E 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-23.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 08:28:15 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
42844
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
1aoNTJsNyQnjNpa5XlhIP1tTMIv3TvjXCvwU09leogn3g8Ff7-4i-Q==
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 5D21 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=600&slotname=6407101181&adk=2989800909&adf=2245449527&pi=t.ma~as.6407101181&w=299&fwrn=4&fwrnh=100&lmt=1647548539&rafmt=1&psa=0&format=299x600&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538969&bpp=1&bdt=428&idt=211&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&prev_fmts=299x250&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=507&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QIRl9h6rff&p=https%3A//www.threatminer.org&dtd=214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:12:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
589
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 31 Mar 2022 20:12:30 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5D21 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=600&slotname=6407101181&adk=2989800909&adf=2245449527&pi=t.ma~as.6407101181&w=299&fwrn=4&fwrnh=100&lmt=1647548539&rafmt=1&psa=0&format=299x600&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538969&bpp=1&bdt=428&idt=211&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&prev_fmts=299x250&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=507&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QIRl9h6rff&p=https%3A//www.threatminer.org&dtd=214
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:810::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1647431472276194"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 17 Mar 2022 20:22:19 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 5D21 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=600&slotname=6407101181&adk=2989800909&adf=2245449527&pi=t.ma~as.6407101181&w=299&fwrn=4&fwrnh=100&lmt=1647548539&rafmt=1&psa=0&format=299x600&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538969&bpp=1&bdt=428&idt=211&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&prev_fmts=299x250&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=507&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QIRl9h6rff&p=https%3A//www.threatminer.org&dtd=214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 19:46:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2131
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 31 Mar 2022 19:46:48 GMT
async-ads.js
cse.google.com/adsense/search/ Frame 2CB8 		136 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/adsense/search/async-ads.js?pac=0
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse_v2/ads?adsafe=low&pcsa=true&cx=009665096751685288782%3Ao6_z_tmwsge&client=google-coop&q=ip.acc.sogou.com&r=m&hl=en&type=0&oe=UTF-8&ie=UTF-8&fexp=20606%2C17300842%2C17300948%2C17300950&format=p4&ad=p4&nocache=6691647548539343&num=0&output=uds_ads_only&source=gcsc&v=3&bsl=10&pac=0&u_his=2&u_tz=0&dt=1647548539344&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=4198&frm=0&uio=-&qup=1&jsid=csa&jsv=12411&rurl=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com%23gsc.tab%3D0%26gsc.q%3Dip.acc.sogou.com%26gsc.page%3D1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:810::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
26b455d05301acda19c24cf35fa5aec0945bf50244421d00678502a785d33393
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cse.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
etag
"12222482082425325471"
vary
Accept-Encoding
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
accept-ranges
bytes
expires
Thu, 17 Mar 2022 20:22:19 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame ADAE 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=6125219520&adk=3585176026&adf=1896753424&pi=t.ma~as.6125219520&w=1200&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538971&bpp=1&bdt=431&idt=261&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&prev_fmts=299x250%2C299x600%2C1182x200&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1119&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=dYfuRtYqdc&p=https%3A//www.threatminer.org&dtd=266
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:12:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
589
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 31 Mar 2022 20:12:30 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame ADAE 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=6125219520&adk=3585176026&adf=1896753424&pi=t.ma~as.6125219520&w=1200&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538971&bpp=1&bdt=431&idt=261&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&prev_fmts=299x250%2C299x600%2C1182x200&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1119&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=dYfuRtYqdc&p=https%3A//www.threatminer.org&dtd=266
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 19:46:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2131
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 31 Mar 2022 19:46:48 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame ADAE 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=6125219520&adk=3585176026&adf=1896753424&pi=t.ma~as.6125219520&w=1200&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538971&bpp=1&bdt=431&idt=261&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&prev_fmts=299x250%2C299x600%2C1182x200&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1119&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=dYfuRtYqdc&p=https%3A//www.threatminer.org&dtd=266
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:810::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1647431472276194"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 17 Mar 2022 20:22:19 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 5D21 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C37WQe5gzYvK6DeuY-cAPu6OFkA7JntKxXM3x4t2IAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBOQBT9DmDDtdxphOqGelRqfklzHYnrdlFYz7cDJHMcR1cVRXdq4Z5jzGumiiPkdj3GuvdHgAly6HDGZikrmNWY8KqPraawYy8jjc7PhC4QYIS3NF5FIcl4vPqHbFE-FixzfkVABpsjkwYZks549UYbAEZt4GNsV1okfOdh_4Rgx8MKu_WQrD1a-0sGRXRU30VtAG42IV0pY7v7pGvngvY4hbhesJow617OuAQavW2O1820POkluQmMoq4XP4jjrwu2P0hgVex0hsSaMWsFPmNH2NkXoW5TGLb5yfdtvN30ZAxYkfmqG1gAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01NzIwNzYzMjcxNTMyMzc3GAA&sigh=DhJVyj1qy0U&uach_m=[UACH]&cid=CAQSGwCNIrLM71Jo2xO0onBLS2i5K2hsX8B8AUeZZhgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=600&slotname=6407101181&adk=2989800909&adf=2245449527&pi=t.ma~as.6407101181&w=299&fwrn=4&fwrnh=100&lmt=1647548539&rafmt=1&psa=0&format=299x600&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538969&bpp=1&bdt=428&idt=211&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&prev_fmts=299x250&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=507&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QIRl9h6rff&p=https%3A//www.threatminer.org&dtd=214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=600&slotname=6407101181&adk=2989800909&adf=2245449527&pi=t.ma~as.6407101181&w=299&fwrn=4&fwrnh=100&lmt=1647548539&rafmt=1&psa=0&format=299x600&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538969&bpp=1&bdt=428&idt=211&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&prev_fmts=299x250&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=507&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QIRl9h6rff&p=https%3A//www.threatminer.org&dtd=214
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 17 Mar 2022 20:22:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
notify
rtb.nl.eu.criteo.com/google/auction/ Frame 5D21 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=Uub8EMz6RKsC2ASdg2ICAgAAABTIQWcsOCjf20PW8BB6mDNir0GU8WR6NFI_5ogAEg&wp=YjOYewADXXICHkxrAAFRu8OjsMStkraaigP-oQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=600&slotname=6407101181&adk=2989800909&adf=2245449527&pi=t.ma~as.6407101181&w=299&fwrn=4&fwrnh=100&lmt=1647548539&rafmt=1&psa=0&format=299x600&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538969&bpp=1&bdt=428&idt=211&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&prev_fmts=299x250&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=507&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QIRl9h6rff&p=https%3A//www.threatminer.org&dtd=214
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:18 GMT
server
Kestrel
server-processing-duration-in-ticks
287666
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame B6C6 		186 KB
57 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewADXXICHkxrAAFRu8OjsMStkraaigP-oQ&u=%7C53p4L%2Bu0rWNeNOTdpoEapHDst9Y9WVczfBlGGQUdgZ8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XQ0-yw8NmxFGL_UnDcLO3UySnFSdUVgWANakzpgPUeta3Dy4CP1u-c5o_1uKljUG0hjirO8NdI8MKYmcR_tFnZMBgXQ5J6xrYRc-Nh8OndtdIaAP3DROvFmevssvQpM-kxCADcFkDLubQ5lIDrHphA96olCiXTOsBq8li2-BfvmHn7XLC3Z90ohVsxlji-n3iStS96-ixn4EWVByjTy4UkJUXAtfk3GchJVdYU5YevWUB66KK1WI4MpFbfIPtPm-AnlcbXCgDkvcHJT0MPOFVoBmL1dNxnLk_pOoOp77MdIFr0H_1tt3QZQyA_gZrTAe7KxkjfGnO-iIHjvnuEzAqN1AJhoOTvcmxs4vQKO78q1sY0ks8v0H8hWqCdgS9wcon7rzwF4pjvhE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC52Aqe5gzYvK6DeuY-cAPu6OFkA7JntKxXM3x4t2IAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBOcBT9DmDDtdxphOqGelRqfklzHYnrdlFYz7cDJHMcR1cVRXdq4Z5jzGumiiPkdj3GuvdHgAly6HDGZikrmNWY8KqPraawYy8jjc7PhC4QYIS3NF5FIcl4vPqHbFE-FixzfkVABpsjkwYZks549UYbAEZt4GNsV1okfOdh_4Rgx8MKu_WQrD1a-0sGRXRU30VtAG42IV0pY7v7pGvngvY4hbhesJow617OuAQavW2O1820POkluQmMoq4XP4jjrwuyH2p5fZSNR_9j8CE4PbkoWEhXCg7x-T7ShXS30_YFhs3Qy1HrIKg9-LgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0ydKr-MGoAOCm_-VOZZ9EEyw7w4A%26client%3Dca-pub-5720763271532377%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=600&slotname=6407101181&adk=2989800909&adf=2245449527&pi=t.ma~as.6407101181&w=299&fwrn=4&fwrnh=100&lmt=1647548539&rafmt=1&psa=0&format=299x600&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538969&bpp=1&bdt=428&idt=211&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&prev_fmts=299x250&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=507&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QIRl9h6rff&p=https%3A//www.threatminer.org&dtd=214
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
43e0665e9c7adf39a3e9f9f74d045ce68b0df805abf892beae3c34f84e184b38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
content-type
text/html
server
Kestrel
cache-control
private, max-age=0, no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cross-origin-resource-policy
cross-origin
p3p
CP='CUR ADM OUR NOR STA NID'
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=zxYkBH8m309QXgpd0RRaYyae52bcYI7fovUwOgbiwloIx9nmthzS7p-tHXev5NHOPxPxaknuaH5ZQmnMvi509Bt3S83ACzcUf_UYwL-zhMd0J_J19UtjpJm6hZJXM_3wfE3LfP4ZlN0RNyzCdQyIKqa6FSkDC3Wbwr-PLs4yjwCK7StS6mSSJ5HCq3HPYUBW6NbzD_GUY6qe1yvJVCLec7bWSKbXXi2kJfte7buQPtdDqgdgYXGhZOPdmhbj7roi5YSfvg"}], "max_age": 86400}
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks
155955866
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
adview
googleads.g.doubleclick.net/pagead/ Frame ADAE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CpaQwe5gzYqnMEJCaZbKUtZgOyZ7SsVzFjIvgmgHAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTcyMDc2MzI3MTUzMjM3N6AB1bbS6gPIAQmpAu2N_Nuno7I-qAMBqgTsAU_QD05-yofHDk-7d6zWfLG2OkCnHbn3iblKBIERoA6sywWd2u0EyzIbSghwU8tck5pJlQjKvxMgrnlFYsj0smOe2IYdQHcZxLDVChWPbhtgVeJsWqkbF1b6YcYqozTdEMLjizmIkc2yP5-MglVcHQV0Y2n5QBVsF_jqmDJzK_vDTI9VctwvT7KKB5KmDMRAVgg6kN0Zjvx0m4uo3sBZUks11M35ZsyQjtjPSucrw3-ppeRqZK9AHD4gbWmTr45eD5G5pe8WMaMxNbBebAwoLsLkiGGk3bWpRxGhzreETVe5nSUqV8qVQ5eekCo6gAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01NzIwNzYzMjcxNTMyMzc3GAA&sigh=T9lzlnOJMdc&uach_m=[UACH]&cid=CAQSGwCNIrLMYNeVVKSHj-7xLSG2pBnYSNH5ivgXGhgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=6125219520&adk=3585176026&adf=1896753424&pi=t.ma~as.6125219520&w=1200&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538971&bpp=1&bdt=431&idt=261&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&prev_fmts=299x250%2C299x600%2C1182x200&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1119&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=dYfuRtYqdc&p=https%3A//www.threatminer.org&dtd=266
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=6125219520&adk=3585176026&adf=1896753424&pi=t.ma~as.6125219520&w=1200&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538971&bpp=1&bdt=431&idt=261&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&prev_fmts=299x250%2C299x600%2C1182x200&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1119&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=dYfuRtYqdc&p=https%3A//www.threatminer.org&dtd=266
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 17 Mar 2022 20:22:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
notify
rtb.nl.eu.criteo.com/google/auction/ Frame ADAE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=Uub8EMz6RLAJyAGdg2ICAgAAAGHaW4uhS-fz20PW8BB6mDNi0VZ1qX418QiFgu0AEg&wp=YjOYewAEJikKGU0QAA1KMgeVI_KPrKQZ1NQn4w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=6125219520&adk=3585176026&adf=1896753424&pi=t.ma~as.6125219520&w=1200&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538971&bpp=1&bdt=431&idt=261&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&prev_fmts=299x250%2C299x600%2C1182x200&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1119&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=dYfuRtYqdc&p=https%3A//www.threatminer.org&dtd=266
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:18 GMT
server
Kestrel
server-processing-duration-in-ticks
257831
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame 9189 		179 KB
55 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEJikKGU0QAA1KMgeVI_KPrKQZ1NQn4w&u=%7C53p4L%2Bu0rWOJoLpU%2BYTZ3OIFKjwUiOExSZYxUBAXJLU%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZ55jg2GioG1UNIFjG3inPavEoiWtYxQZz4Q9ofnHFKvp5tmIESiIMle3GPQat4DvzKiGgSbpZQzY_VRmW7eFbQbk6uNFEX7tavK404LuC1MEbFzzxWiIdyMYWgl4IJHj9qVfeN4ULFZsawAyyEjjer6PZIIlohMVDJIOomiLDjCOB2C29gV8xH0bdTeTBQ_SlzbhD4IPwoA8dCr7EAeCe0r5KkDw-5ylp0FoJMP06ZAhynKAMjcoTMVdC_TYLER7fvi17Xy-sj9Ak7jO2y3ci7d-gYL4mSezWZToHG7YLMGFnCW9m7dLdCGo_G-3VX9TRTXgWHprRvSIrWjM1KL9CcpX1uUAvMYI-MvGZ3uE_CRT6aU2Fj2eoy&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4dMze5gzYqnMEJCaZbKUtZgOyZ7SsVzFjIvgmgHAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTcyMDc2MzI3MTUzMjM3N6AB1bbS6gPIAQmpAu2N_Nuno7I-qAMBqgTvAU_QD05-yofHDk-7d6zWfLG2OkCnHbn3iblKBIERoA6sywWd2u0EyzIbSghwU8tck5pJlQjKvxMgrnlFYsj0smOe2IYdQHcZxLDVChWPbhtgVeJsWqkbF1b6YcYqozTdEMLjizmIkc2yP5-MglVcHQV0Y2n5QBVsF_jqmDJzK_vDTI9VctwvT7KKB5KmDMRAVgg6kN0Zjvx0m4uo3sBZUks11M35ZsyQjtjPSucrw3-ppeRqZK9AHD4gbWmTr45eD5G5pe8WMeEzFCLZ45A7kV7wK7GZe02gUxsXxJmcz-NxoIPY6NS5WxI0FDmFiKyXgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0dj-o0CYlVfpKDd88i_kIC78yxvQ%26client%3Dca-pub-5720763271532377%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=6125219520&adk=3585176026&adf=1896753424&pi=t.ma~as.6125219520&w=1200&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538971&bpp=1&bdt=431&idt=261&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&prev_fmts=299x250%2C299x600%2C1182x200&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1119&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=dYfuRtYqdc&p=https%3A//www.threatminer.org&dtd=266
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
7c6b011a23469d32abd42a2e44769f5ec9659aa09d6b3489ec35f2a8d6e8f452
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Thu, 17 Mar 2022 20:22:18 GMT
content-type
text/html
server
Kestrel
cache-control
private, max-age=0, no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cross-origin-resource-policy
cross-origin
p3p
CP='CUR ADM OUR NOR STA NID'
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=zcw2VX8m309QXgpdxHUVKBKNIX29yjnmn3ICS-ynHmDAk0eAcxQfE1C-8PkGGXe8SzWfFiKXlbRZXiw5cMYUmEkYmVhoBFa10m7ymhnulYB_Z2QhBsMQg1raMWo_wkXM29aIM3hAec7Kl-Mk3KOseUHIyzCL9Jh2X7VaiBf9oYUGtMIG3aGN7B7yHIhuWhoJ5d44qMywo3R9WFdqUY0oKu1QdZeWjeSsbmB0miHt0_rRnEtrNaER9otUQ_ASpTdCSLRrzw"}], "max_age": 86400}
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks
154878773
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 68F5 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=1381165906&adk=2644663765&adf=151644923&pi=t.ma~as.1381165906&w=1182&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1182x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538970&bpp=1&bdt=430&idt=252&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&prev_fmts=299x250%2C299x600&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=359&ady=115&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=QlNNHv7nVl&p=https%3A//www.threatminer.org&dtd=258
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:12:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
589
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 31 Mar 2022 20:12:30 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 68F5 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=1381165906&adk=2644663765&adf=151644923&pi=t.ma~as.1381165906&w=1182&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1182x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538970&bpp=1&bdt=430&idt=252&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&prev_fmts=299x250%2C299x600&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=359&ady=115&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=QlNNHv7nVl&p=https%3A//www.threatminer.org&dtd=258
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:810::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1647431472276194"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 17 Mar 2022 20:22:19 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 68F5 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=1381165906&adk=2644663765&adf=151644923&pi=t.ma~as.1381165906&w=1182&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1182x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538970&bpp=1&bdt=430&idt=252&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&prev_fmts=299x250%2C299x600&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=359&ady=115&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=QlNNHv7nVl&p=https%3A//www.threatminer.org&dtd=258
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 19:46:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2131
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 31 Mar 2022 19:46:48 GMT
casale
match.adsrvr.org/track/cmf/ Frame 148E 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 20:22:19 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 148E 		170 B
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YjOYe9vPjP40KnObWOFA3gAABH4AAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 20:22:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 148E
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YjOYe9vPjP40KnObWOFA3gAABH4AAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YjOYe9vPjP40KnObWOFA3gAABH4AAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YjOYe9vPjP40KnObWOFA3gAABH4AAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
HTTP/1.1
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Mar 2022 20:22:20 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
PHRCY4YA5XF7ZC50AM28
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 17 Mar 2022 20:22:19 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
H3JABEV5B06ZXSXJY59Z
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YjOYe9vPjP40KnObWOFA3gAABH4AAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 148E
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YjOYe9vPjP40KnObWOFA3gAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFIKqsyw-ViXLDdaRXZ550M&google_cver=1&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFIKqsyw-ViXLDdaRXZ550M&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
HTTP/1.1
Server
104.90.181.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-181-210.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Mar 2022 20:22:19 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 17 Mar 2022 20:22:19 GMT

Redirect headers

pragma
no-cache
date
Thu, 17 Mar 2022 20:22:19 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFIKqsyw-ViXLDdaRXZ550M&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 148E
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=8
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=656686392351
43 B
985 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=656686392351
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
HTTP/1.1
Server
104.90.181.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-181-210.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Mar 2022 20:22:19 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 17 Mar 2022 20:22:19 GMT

Redirect headers

access-control-allow-origin
*
content-length
0
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=656686392351
crum
dsum-sec.casalemedia.com/ Frame 148E
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
HTTP/1.1
Server
104.90.181.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-181-210.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Mar 2022 20:22:19 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Thu, 17 Mar 2022 20:22:19 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Pragma
no-cache
Date
Thu, 17 Mar 2022 20:22:19 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
106
Content-Type
text/html; charset=utf-8
rum
dsum-sec.casalemedia.com/ Frame 148E
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8186704334279025973
43 B
1004 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8186704334279025973
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
HTTP/1.1
Server
104.90.181.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-181-210.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Mar 2022 20:22:19 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 17 Mar 2022 20:22:19 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8186704334279025973
pragma
no-cache
date
Thu, 17 Mar 2022 20:22:19 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 148E
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-1ab5bd1b-95ca-4b1b-813a-649282fb6ec1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-1ab5bd1b-95ca-4b1b-813a-649282fb6ec1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
HTTP/1.1
Server
104.90.181.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-181-210.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Mar 2022 20:22:19 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 17 Mar 2022 20:22:19 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-1ab5bd1b-95ca-4b1b-813a-649282fb6ec1
date
Thu, 17 Mar 2022 20:22:19 GMT
server
Apache-Coyote/1.1
content-length
0
ix-usync
router.infolinks.com/dyn/ Frame 148E 		35 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/ix-usync?uid=YjOYe9vPjP40KnObWOFA3gAA%261150
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 20:22:19 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6ed870a46a726937-FRA
content-length
35
expires
Wed, 17 Mar 2021 20:22:19 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 68F5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cmk4be5gzYpiKEIu9iQbeiArJntKxXLWY49aTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBOYBT9D_DEO3-tH1QI137xX8ZJlO8jTLmr0MPUae-AwoZOhSE4cmZZXEVqs6ibt-ZUSHRkcu5rHwggLHSvVG5WRJWIG8mC-thCscu-YjBqQMPTTMpp5s8dhXqeK5T_MIa9zL2CSsaAldd2HmRNtHUn8cqBYC23g8g52qL7zashZhMSEz8xjDmHAA06Uwpw47sUK9EQK70QYPsvN-9f_ewcf35ahYD5usKTYKQhPjW8S0q0Ou9OtolXyL4LhYGA8-T5JwnXMIE07xbVzO60DKMN1Fezbz7dSZX93jluDcow1V8VMiulIywySABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTU3MjA3NjMyNzE1MzIzNzcYAA&sigh=C6Krp38zkFs&uach_m=[UACH]&cid=CAQSGwCNIrLMylUPGZbQANG7GzWIXMN8nxc2S_Op6BgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=1381165906&adk=2644663765&adf=151644923&pi=t.ma~as.1381165906&w=1182&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1182x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538970&bpp=1&bdt=430&idt=252&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&prev_fmts=299x250%2C299x600&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=359&ady=115&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=QlNNHv7nVl&p=https%3A//www.threatminer.org&dtd=258
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=1381165906&adk=2644663765&adf=151644923&pi=t.ma~as.1381165906&w=1182&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1182x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538970&bpp=1&bdt=430&idt=252&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&prev_fmts=299x250%2C299x600&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=359&ady=115&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=QlNNHv7nVl&p=https%3A//www.threatminer.org&dtd=258
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 17 Mar 2022 20:22:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
notify
rtb.nl.eu.criteo.com/google/auction/ Frame 68F5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=Uub8EMz6RJ4JyAGdg2ICAgAAABiz03FandQg20PW8BB6mDNizPRKk1OVn5LmMZcAEg&wp=YjOYewAEBRgKwl6LAAKEXv664g0NaSbCJWcKyQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=1381165906&adk=2644663765&adf=151644923&pi=t.ma~as.1381165906&w=1182&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1182x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538970&bpp=1&bdt=430&idt=252&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&prev_fmts=299x250%2C299x600&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=359&ady=115&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=QlNNHv7nVl&p=https%3A//www.threatminer.org&dtd=258
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:18 GMT
server
Kestrel
server-processing-duration-in-ticks
225644
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame C318 		179 KB
55 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEBRgKwl6LAAKEXv664g0NaSbCJWcKyQ&u=%7C53p4L%2Bu0rWOz40uVORlbv9jHVFGy189UnSy90Gbl0dA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKywk3aerMLAZFsyz9DD3N0k1--LnXBitkMdeKTnUxXH-3iNVHErUWUFog4Xp6U3xcnVV4X8sI9s0oqlRGvaA5qebco6zguNpaYxSy4dJ2s9eC5-5snf4ikswnEgqm0RJN-rrR8FsiTKpzgq9eBwp9LIsJ5v-7J1U8aaxKkImkoX8fMVAHxyJqP7FajKpkP5oadx7cG947pMjTADfpHgvygaGtbKwhBq5immos8cr0fMnA4WfcjzHeH-aoirTW7lBkXgriN7_cwZ3pSu7J2oUw1P62W7EC5eVpMjCWuB0ILhYqUG642NscMcRRVw8g0MnQcZUH2M1DSgC1mcXVcg15RKoOUbfRPv9PaNTMfufnOCc9El0XbQik1nkJ1PpHMBJm5LBPJ_nJv7K3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCluXNe5gzYpiKEIu9iQbeiArJntKxXLWY49aTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBOkBT9D_DEO3-tH1QI137xX8ZJlO8jTLmr0MPUae-AwoZOhSE4cmZZXEVqs6ibt-ZUSHRkcu5rHwggLHSvVG5WRJWIG8mC-thCscu-YjBqQMPTTMpp5s8dhXqeK5T_MIa9zL2CSsaAldd2HmRNtHUn8cqBYC23g8g52qL7zashZhMSEz8xjDmHAA06Uwpw47sUK9EQK70QYPsvN-9f_ewcf35ahYD5usKTYKQhPjW8S0q0Ou9OtolXyL4LhYGA8-T5Jw33Epgcl-8U9xd1Rp4ODjgz_n52KTccVhIijhBf_q7386P_i20JsmeBKABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_26XfUpxHuy4m_QhzKj6jNfTc9A7Q%26client%3Dca-pub-5720763271532377%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=1381165906&adk=2644663765&adf=151644923&pi=t.ma~as.1381165906&w=1182&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1182x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538970&bpp=1&bdt=430&idt=252&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&prev_fmts=299x250%2C299x600&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=359&ady=115&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=QlNNHv7nVl&p=https%3A//www.threatminer.org&dtd=258
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
0684503231b8f925a2059184197b1a447f90392494b96b2b02d6c07cc89f62a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Thu, 17 Mar 2022 20:22:18 GMT
content-type
text/html
server
Kestrel
cache-control
private, max-age=0, no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cross-origin-resource-policy
cross-origin
p3p
CP='CUR ADM OUR NOR STA NID'
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=MDOf038m309QXgpdyS3GAEgsl-WdJt36C2y0xnxDDG8GFwTQuIkcdB_qz1MYqpcnsJ-FgdAt7pIHGwJqYF1gjZZdJReZyyC-c4vJugZD818WLenON_MnqXJz9AV7RIKNSkFZ_aDNwIgvNcRy-zRzO9VBpx6xI3ub6vtINQdKvHIDuec8wUQxXctbZ1iGVqRDSSsF5bs-dU1P-WysIvVyAQhJoqV3Y9rXdHoG3DIvtiUbKe98vGHF6N7IC3g3DbGMALka_g"}], "max_age": 86400}
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks
159965327
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
json
trc.taboola.com/disqus-widget-safetylevel20longtail09/trc/3/ Frame A1CC 		17 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/disqus-widget-safetylevel20longtail09/trc/3/json?tim=20%3A22%3A19.559&lti=deflated&data=%7B%22id%22%3A552%2C%22ii%22%3A%22%2Fdomain.php%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1647513240613%2C%22vi%22%3A1647548539558%2C%22cv%22%3A%2220220317-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com%22%2C%22vpi%22%3A%22https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%22%2C%22e%22%3A%22https%3A%2F%2Fwww.threatminer.org%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1208%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A17%2C%22dw%22%3A1208%2C%22dh%22%3A27%2C%22qs%22%3A%22%3Fq%3Dip.acc.sogou.com%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A7%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22%7B%5C%22domain%5C%22%3A%20%5C%22https%3A%2F%2Fwww.threatminer.org%5C%22%2C%20%5C%22experiment%5C%22%3A%20%5C%22network_default%5C%22%2C%20%5C%22position%5C%22%3A%20%5C%22top%5C%22%2C%20%5C%22shortname%5C%22%3A%20%5C%22threatminer%5C%22%2C%20%5C%22variant%5C%22%3A%20%5C%22fallthrough%5C%22%7D%22%2C%22orig_uip%22%3A%22%7B%5C%22domain%5C%22%3A%20%5C%22https%3A%2F%2Fwww.threatminer.org%5C%22%2C%20%5C%22experiment%5C%22%3A%20%5C%22network_default%5C%22%2C%20%5C%22position%5C%22%3A%20%5C%22top%5C%22%2C%20%5C%22shortname%5C%22%3A%20%5C%22threatminer%5C%22%2C%20%5C%22variant%5C%22%3A%20%5C%22fallthrough%5C%22%7D%22%2C%22cd%22%3A27%2C%22mw%22%3A0%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220317-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
93117c9749f75b309c1f4614c4bc15a612480d393aaf2f5d6647ba5098ea79fd

Request headers

Referer
https://www.threatminer.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
422
date
Thu, 17 Mar 2022 20:22:19 GMT
content-encoding
gzip
server
nginx
x-timer
S1647548540.576900,VS0,VE422
x-served-by
cache-hhn4081-HHN
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.threatminer.org
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
in_search.js
resources.infolinks.com/js/1792.015-3.025/ 		123 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1792.015-3.025/in_search.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1792.015-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8882c05ade8d73602a50fccfc5e3d2ad0ff2427e6c7adafc2d8f13a1da7f1ec4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
6ed870a46a736937-FRA
date
Thu, 17 Mar 2022 20:22:19 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Wed, 09 Mar 2022 15:06:58 GMT
server
cloudflare
age
3185
etag
W/"1eb7c-5d9ca72e8df17"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
content-encoding
gzip
expires
Sat, 16 Apr 2022 19:29:13 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		371 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1792.015-3.025/ice.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:811::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
215667f9e3ec661991bab882d051bde245e642548a5b25b7a8500a67c28dcf50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126232
x-xss-protection
0
expires
Thu, 17 Mar 2022 20:22:19 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 43D8 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=1384012828&adk=4073000275&adf=2966224417&pi=t.ma~as.1384012828&w=1200&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com%23gsc.tab%3D0%26gsc.q%3Dip.acc.sogou.com%26gsc.page%3D1&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538973&bpp=1&bdt=433&idt=316&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6082e33e6cecd8b1-22fb64ad5ecd0061%3AT%3D1647548539%3ART%3D1647548539%3AS%3DALNI_MZOJkIAopPNiCdrpGiFt7OQj6kt6g&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200%2C1200x200%2C1200x200%2C1200x200&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=2923&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=8XElJ5EE7k&p=https%3A//www.threatminer.org&dtd=318
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:12:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
589
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 31 Mar 2022 20:12:30 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 43D8 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=1384012828&adk=4073000275&adf=2966224417&pi=t.ma~as.1384012828&w=1200&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com%23gsc.tab%3D0%26gsc.q%3Dip.acc.sogou.com%26gsc.page%3D1&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538973&bpp=1&bdt=433&idt=316&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6082e33e6cecd8b1-22fb64ad5ecd0061%3AT%3D1647548539%3ART%3D1647548539%3AS%3DALNI_MZOJkIAopPNiCdrpGiFt7OQj6kt6g&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200%2C1200x200%2C1200x200%2C1200x200&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=2923&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=8XElJ5EE7k&p=https%3A//www.threatminer.org&dtd=318
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:810::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1647431472276194"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 17 Mar 2022 20:22:19 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 43D8 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=1384012828&adk=4073000275&adf=2966224417&pi=t.ma~as.1384012828&w=1200&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com%23gsc.tab%3D0%26gsc.q%3Dip.acc.sogou.com%26gsc.page%3D1&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538973&bpp=1&bdt=433&idt=316&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6082e33e6cecd8b1-22fb64ad5ecd0061%3AT%3D1647548539%3ART%3D1647548539%3AS%3DALNI_MZOJkIAopPNiCdrpGiFt7OQj6kt6g&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200%2C1200x200%2C1200x200%2C1200x200&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=2923&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=8XElJ5EE7k&p=https%3A//www.threatminer.org&dtd=318
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 19:46:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2131
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 31 Mar 2022 19:46:48 GMT
l
www.google.com/ads/measurement/ Frame 43D8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRWN3gc657231wckvIzrHFpkx66cer18NrAMRTKhQ-MunG0QaacFenZ8efLhuFBASsz4fQU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=1384012828&adk=4073000275&adf=2966224417&pi=t.ma~as.1384012828&w=1200&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com%23gsc.tab%3D0%26gsc.q%3Dip.acc.sogou.com%26gsc.page%3D1&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538973&bpp=1&bdt=433&idt=316&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6082e33e6cecd8b1-22fb64ad5ecd0061%3AT%3D1647548539%3ART%3D1647548539%3AS%3DALNI_MZOJkIAopPNiCdrpGiFt7OQj6kt6g&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200%2C1200x200%2C1200x200%2C1200x200&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=2923&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=8XElJ5EE7k&p=https%3A//www.threatminer.org&dtd=318
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 003D 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=6496738703&adk=1604286506&adf=3735847537&pi=t.ma~as.6496738703&w=1200&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538971&bpp=1&bdt=431&idt=270&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6082e33e6cecd8b1-22fb64ad5ecd0061%3AT%3D1647548539%3ART%3D1647548539%3AS%3DALNI_MZOJkIAopPNiCdrpGiFt7OQj6kt6g&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1518&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=dH5x45j7ik&p=https%3A//www.threatminer.org&dtd=274
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:12:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
589
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 31 Mar 2022 20:12:30 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 003D 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=6496738703&adk=1604286506&adf=3735847537&pi=t.ma~as.6496738703&w=1200&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538971&bpp=1&bdt=431&idt=270&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6082e33e6cecd8b1-22fb64ad5ecd0061%3AT%3D1647548539%3ART%3D1647548539%3AS%3DALNI_MZOJkIAopPNiCdrpGiFt7OQj6kt6g&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1518&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=dH5x45j7ik&p=https%3A//www.threatminer.org&dtd=274
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:810::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1647431472276194"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 17 Mar 2022 20:22:19 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 003D 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=6496738703&adk=1604286506&adf=3735847537&pi=t.ma~as.6496738703&w=1200&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538971&bpp=1&bdt=431&idt=270&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6082e33e6cecd8b1-22fb64ad5ecd0061%3AT%3D1647548539%3ART%3D1647548539%3AS%3DALNI_MZOJkIAopPNiCdrpGiFt7OQj6kt6g&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1518&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=dH5x45j7ik&p=https%3A//www.threatminer.org&dtd=274
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 19:46:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2131
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 31 Mar 2022 19:46:48 GMT
l
www.google.com/ads/measurement/ Frame 003D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRous3vISOzsF2pWKL2HmSWV1RMGiIYoC4g0A2CfXM7UjslFkbd52Pc_6ed3-nb8ZYICCZj
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=6496738703&adk=1604286506&adf=3735847537&pi=t.ma~as.6496738703&w=1200&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538971&bpp=1&bdt=431&idt=270&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6082e33e6cecd8b1-22fb64ad5ecd0061%3AT%3D1647548539%3ART%3D1647548539%3AS%3DALNI_MZOJkIAopPNiCdrpGiFt7OQj6kt6g&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1518&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=dH5x45j7ik&p=https%3A//www.threatminer.org&dtd=274
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
b2
sb.scorecardresearch.com/ Frame A1CC
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1647548539638&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&c9=
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1647548539638&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&c9=
0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1647548539638&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&c9=
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Server
13.32.99.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-23.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
via
1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
GGio72PVyQjeRpidgfNbvh93gaOj2TOh7FQRPYljKLFz-_zS-1T-oA==
x-cache
Miss from cloudfront

Redirect headers

date
Thu, 17 Mar 2022 20:22:19 GMT
via
1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1647548539638&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&c9=
content-length
206
x-amz-cf-id
AiH7cc56Bp4isD1bR5KC1-3l-y2mYsb39g3vRQTeMEbXXkMRfo0X_A==
b2
sb.scorecardresearch.com/ Frame 7E0E
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1647548539639&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&c9=
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1647548539639&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&c9=
0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1647548539639&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&c9=
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Server
13.32.99.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-23.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
via
1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
bT5ACg1KBy7j_scY5wMZHNQ5VE4HjYIGgaB6xZJR4YtTW3vTZqzi9A==
x-cache
Miss from cloudfront

Redirect headers

date
Thu, 17 Mar 2022 20:22:19 GMT
via
1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1647548539639&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&c9=
content-length
206
x-amz-cf-id
y5QwtahHiEaqasFO0bKaY9N76-rm-22EEs5zmUP_497d1t81sQwsQA==
adview
googleads.g.doubleclick.net/pagead/ Frame 43D8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cq6Aie5gzYtSJFK-piQaL9KvwCcme0rFc9eqhhogBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQLtjfzbp6OyPqgDAaoE6wFP0MH0kXzSeUKXy-CPaWSWqNaTZOrMvVp0HkGLqX1aLbiO4XbXzH5CHKAg9a2pL_pMaoj1H7UtLRvOy3oEu5r4vwIPkmxCfrnREYX6Mj9WqcxF1r3EcdClZMfvDOWxMYjjMV2fiOOIeIySqPJGHxCa7CrAtoWauYWmDo-O3-K89l_zN-7YbQKfOQJs19Q9O-0hhtGBu5ihjv8cAT2vkIKu78DD16lEk8QiD60r8jc10z0DVbY1DjczXmGzndE4YPM6EAYnVKykgzKFxkKbW87gEXB16_7SVx28lwQUpc0uvrxLBEaCuN1zzKn3gAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggHCIjhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01NzIwNzYzMjcxNTMyMzc3GAA&sigh=2iJkp-g8jSs&uach_m=[UACH]&cid=CAQSLQCNIrLMDUssNIcp4nwkCxyPIhkQ-ogge_bGES7P2dPWAucPJv728dp0WjJG8BgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=1384012828&adk=4073000275&adf=2966224417&pi=t.ma~as.1384012828&w=1200&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com%23gsc.tab%3D0%26gsc.q%3Dip.acc.sogou.com%26gsc.page%3D1&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538973&bpp=1&bdt=433&idt=316&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6082e33e6cecd8b1-22fb64ad5ecd0061%3AT%3D1647548539%3ART%3D1647548539%3AS%3DALNI_MZOJkIAopPNiCdrpGiFt7OQj6kt6g&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200%2C1200x200%2C1200x200%2C1200x200&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=2923&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=8XElJ5EE7k&p=https%3A//www.threatminer.org&dtd=318
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=1384012828&adk=4073000275&adf=2966224417&pi=t.ma~as.1384012828&w=1200&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com%23gsc.tab%3D0%26gsc.q%3Dip.acc.sogou.com%26gsc.page%3D1&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538973&bpp=1&bdt=433&idt=316&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6082e33e6cecd8b1-22fb64ad5ecd0061%3AT%3D1647548539%3ART%3D1647548539%3AS%3DALNI_MZOJkIAopPNiCdrpGiFt7OQj6kt6g&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200%2C1200x200%2C1200x200%2C1200x200&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=2923&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=8XElJ5EE7k&p=https%3A//www.threatminer.org&dtd=318
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 17 Mar 2022 20:22:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
notify
rtb.nl.eu.criteo.com/google/auction/ Frame 43D8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=Uub8EMz6RLAJyAGdg2ICAgAAACKVzDyJ5ugL20PW8BB7mDNiSzLlep5ZIft0824AEg&wp=YjOYewAFBNQKwlSvAAr6C7Wf3l8tKt5G_N6MsQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=1384012828&adk=4073000275&adf=2966224417&pi=t.ma~as.1384012828&w=1200&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com%23gsc.tab%3D0%26gsc.q%3Dip.acc.sogou.com%26gsc.page%3D1&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538973&bpp=1&bdt=433&idt=316&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6082e33e6cecd8b1-22fb64ad5ecd0061%3AT%3D1647548539%3ART%3D1647548539%3AS%3DALNI_MZOJkIAopPNiCdrpGiFt7OQj6kt6g&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200%2C1200x200%2C1200x200%2C1200x200&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=2923&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=8XElJ5EE7k&p=https%3A//www.threatminer.org&dtd=318
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:18 GMT
server
Kestrel
server-processing-duration-in-ticks
284147
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame AD4C 		181 KB
55 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAFBNQKwlSvAAr6C7Wf3l8tKt5G_N6MsQ&u=%7C53p4L%2Bu0rWNn4i3xCBKCIxYnCP%2FzJOWrZ%2B6D8H6ABdM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZaAgZ6Zq4A97VoyRtB5juWrbcTCGS5dG8n78RyvSsyonrnv6k0TN2Vw2r_H89DYzUrXZOjNvuLW31lxHy6-FkZboMzx3ZVxAMhxjPqpWNpcMHv0AuLjMFSxCiZzWxFxHo3-7SBq9y29En88DR45xIjItPZxf6LJOQBZh0fZIWdqUa2ll9xha5ZMkdSmEoAbOcQVwxKCzyGcmGvWwEadvbWDVpbAvwoxve1z8TZExayxcdXAviKINBd_XN5lupepBtibwGKOxQmQAM170gTU5KN3O4Ep684qGxIBDLK6IPL7uyvocqjQ7YrtvixP3_Nvke4R-EM55wfKDJGSs31b28EzobkZAVNQZI0T6iiposyj_b1AnKW3vRK1T3bvSu2wDA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbmdre5gzYtSJFK-piQaL9KvwCcme0rFc9eqhhogBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQLtjfzbp6OyPqgDAaoE7gFP0MH0kXzSeUKXy-CPaWSWqNaTZOrMvVp0HkGLqX1aLbiO4XbXzH5CHKAg9a2pL_pMaoj1H7UtLRvOy3oEu5r4vwIPkmxCfrnREYX6Mj9WqcxF1r3EcdClZMfvDOWxMYjjMV2fiOOIeIySqPJGHxCa7CrAtoWauYWmDo-O3-K89l_zN-7YbQKfOQJs19Q9O-0hhtGBu5ihjv8cAT2vkIKu78DD16lEk8QiD60r8jc10z0DVbY1DjczXmGzndE4YPM6EAYnVO6moqACSd6I5FL0sqBITQbbQxcKnSoMJ3nmgxq5u1iuoFjZSLpIvUHdgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_04DDEXhZq359YFxJbqUUK6sxcNjg%26client%3Dca-pub-5720763271532377%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=1384012828&adk=4073000275&adf=2966224417&pi=t.ma~as.1384012828&w=1200&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com%23gsc.tab%3D0%26gsc.q%3Dip.acc.sogou.com%26gsc.page%3D1&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538973&bpp=1&bdt=433&idt=316&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6082e33e6cecd8b1-22fb64ad5ecd0061%3AT%3D1647548539%3ART%3D1647548539%3AS%3DALNI_MZOJkIAopPNiCdrpGiFt7OQj6kt6g&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200%2C1200x200%2C1200x200%2C1200x200&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=2923&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=8XElJ5EE7k&p=https%3A//www.threatminer.org&dtd=318
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
517565667bad60c17e3ba0452d6107d29e52e762cbf079171b8e92fde7ae5ed3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Thu, 17 Mar 2022 20:22:18 GMT
content-type
text/html
server
Kestrel
cache-control
private, max-age=0, no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cross-origin-resource-policy
cross-origin
p3p
CP='CUR ADM OUR NOR STA NID'
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=ZTyM_n8m309QXgpddEDXZKTgYTVxGHGCFo58u56IZbrv1cMTdDWtVwv5TEH_7x_OHPBzv0uMkQ7v5koF8NSlcgkZKgVBIB76vrS00E_GVsLwlJWfXsYhKctAM1g1NnJwvMn41ESC5uzvIAm__xCk5Uywm-I_HDUtLBOLjo1VOWt07QaTEGVWgjpR9l-fW8hLlHrFvEK_yuj5PQuZH79MmhtKqVAEdvEyyh9eUI4ArN-NpX9Swjad23DajRPPkrYETun3Rw"}], "max_age": 86400}
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks
118947368
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
adview
googleads.g.doubleclick.net/pagead/ Frame 003D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CA7nTe5gzYs-qEY-N-cAPi76ymALJntKxXPXalvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQLtjfzbp6OyPqgDAaoE6wFP0G06ASU2uAT6jyKaLDBf3wKKz9gfNsbNvu4YSslJ4YhVMHE1AdtR78-YQsfhFFnMLcPLIYC8Hdm4ds1aR-OEUmPWaD7ENAD4uibJ3nXH33UvJkqlmjaOCHuS-iAylKPq295eVF2lfQP-m5twGXQzVSWPUIgKgULHblqNu8unWL5Uki6YA6NU8VqO41iLCI4kQV5PfJEhxnRVZEqxT1tAGm3q-IuzIwd8RlQJT8ulpCGpzzC_uEva2NhqlFa78TLb98o13PuBqFoJHEfbP0wbxh3KB7PpGhw5CcGcTNtE4nOIxB_VV47OUXvqgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggHCIjhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01NzIwNzYzMjcxNTMyMzc3GAA&sigh=ZO4EDeobwa0&uach_m=[UACH]&cid=CAQSLQCNIrLMvN8n3Yk93BzVRC9HByYH-daFMFQ89cx5CkSeN9t8g5Fh6vReHOh8zxgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=6496738703&adk=1604286506&adf=3735847537&pi=t.ma~as.6496738703&w=1200&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538971&bpp=1&bdt=431&idt=270&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6082e33e6cecd8b1-22fb64ad5ecd0061%3AT%3D1647548539%3ART%3D1647548539%3AS%3DALNI_MZOJkIAopPNiCdrpGiFt7OQj6kt6g&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1518&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=dH5x45j7ik&p=https%3A//www.threatminer.org&dtd=274
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=6496738703&adk=1604286506&adf=3735847537&pi=t.ma~as.6496738703&w=1200&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538971&bpp=1&bdt=431&idt=270&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6082e33e6cecd8b1-22fb64ad5ecd0061%3AT%3D1647548539%3ART%3D1647548539%3AS%3DALNI_MZOJkIAopPNiCdrpGiFt7OQj6kt6g&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1518&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=dH5x45j7ik&p=https%3A//www.threatminer.org&dtd=274
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 17 Mar 2022 20:22:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
notify
rtb.nl.eu.criteo.com/google/auction/ Frame 003D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=Uub8EMz6RLAJyAGdg2ICAgAAAEfG3VuV4m3_20PW8BB6mDNiBlZu-vQGJyUaL9oAEg&wp=YjOYewAEVU8CHkaPAAyfC9FjAq2If5WfIw0mCw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=6496738703&adk=1604286506&adf=3735847537&pi=t.ma~as.6496738703&w=1200&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538971&bpp=1&bdt=431&idt=270&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6082e33e6cecd8b1-22fb64ad5ecd0061%3AT%3D1647548539%3ART%3D1647548539%3AS%3DALNI_MZOJkIAopPNiCdrpGiFt7OQj6kt6g&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1518&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=dH5x45j7ik&p=https%3A//www.threatminer.org&dtd=274
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
server
Kestrel
server-processing-duration-in-ticks
231288
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame 6051 		173 KB
54 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEVU8CHkaPAAyfC9FjAq2If5WfIw0mCw&u=%7C53p4L%2Bu0rWM%2BTsyFqirdRWCTyUNie9PYtftzCAkF%2FHg%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZ70Q6dia6bMfzyoS-aYT9Fx4ee-Awz8y4_TTAPGhvJRXzrsiDKrq10REObWzELP_66DRq458QX0gR7eWxdPlXaZT8SKOEAclUUMGNM4GccGo52zFKHTXtnRSBR_VaLD5HZz1rspDQQOPIas2FB3_qR3ucekWhQ3wBlBlpmLLI6lY8kJpG-2SSo8ym0EuloqJ8YqIHZWStKAUx7MstTKUveKWp3ebuPatzWy2OpKSii5Wq9iecsK1HbsxygoON7JxHchBWTeYTKiYqpijra0ZYqEVqla3op5K2v3ViApRk-kwLXOpxzE-5O-Prm8PDlPT3x98ccdxl4OkQiEwFLZOIyucCPg0RpEm_R4-QgIw7G0V87g5abZfPR&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-apqe5gzYs-qEY-N-cAPi76ymALJntKxXPXalvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQLtjfzbp6OyPqgDAaoE7gFP0G06ASU2uAT6jyKaLDBf3wKKz9gfNsbNvu4YSslJ4YhVMHE1AdtR78-YQsfhFFnMLcPLIYC8Hdm4ds1aR-OEUmPWaD7ENAD4uibJ3nXH33UvJkqlmjaOCHuS-iAylKPq295eVF2lfQP-m5twGXQzVSWPUIgKgULHblqNu8unWL5Uki6YA6NU8VqO41iLCI4kQV5PfJEhxnRVZEqxT1tAGm3q-IuzIwd8RlQJT8ulpCGpzzC_uEva2NhqlFa78TLb98o13LmDiciOk9vIgNAPZc33oUvgDhaPA--Ezm-M39V6ewH5Twtk1WhVTZUpgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0boZxqM0isbECGkIQIvkt8Dlw7Cg%26client%3Dca-pub-5720763271532377%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=6496738703&adk=1604286506&adf=3735847537&pi=t.ma~as.6496738703&w=1200&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538971&bpp=1&bdt=431&idt=270&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6082e33e6cecd8b1-22fb64ad5ecd0061%3AT%3D1647548539%3ART%3D1647548539%3AS%3DALNI_MZOJkIAopPNiCdrpGiFt7OQj6kt6g&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1518&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=dH5x45j7ik&p=https%3A//www.threatminer.org&dtd=274
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
2530adbc58d971474448b98ddb000140482318b1e9b0a9e477bcf8945b774b49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
content-type
text/html
server
Kestrel
cache-control
private, max-age=0, no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cross-origin-resource-policy
cross-origin
p3p
CP='CUR ADM OUR NOR STA NID'
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=N6fIxX8m309QXgpdVjm3Rsyllzf2QZNL5WT8kWomWYT2mwi6CEHo3VrMjRRYOVgL6LQA4_a9eYDOAGQCrlpJO8tTqTGOyTKf0A9wOPiiujCwZKYfk0zauZOTO9C_k_ZtNwGzVYnr3KpPFEkXPE1iljoxETq6nxeQ73g1Y5IiDc8GIWVnillAaPgJh-WsfDNCwcKKDqMEAjp0dOnNNV_jSUjwM0bVGPz4lBEohH_Fm7m9cQHT26Lo_n7RnXF9YyfTAPOU3A"}], "max_age": 86400}
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks
129150707
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
json
trc.taboola.com/disqus-widget-safetylevel20longtail09/trc/3/ Frame 7E0E 		14 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/disqus-widget-safetylevel20longtail09/trc/3/json?tim=20%3A22%3A19.683&lti=deflated&data=%7B%22id%22%3A603%2C%22ii%22%3A%22%2Fdomain.php%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1647513240613%2C%22vi%22%3A1647548539558%2C%22cv%22%3A%2220220317-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com%22%2C%22vpi%22%3A%22https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%22%2C%22e%22%3A%22https%3A%2F%2Fwww.threatminer.org%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1208%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A17%2C%22dw%22%3A1208%2C%22dh%22%3A27%2C%22qs%22%3A%22%3Fq%3Dip.acc.sogou.com%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-b%3Aabp%3D0%22%2C%22uip%22%3A%22%7B%5C%22domain%5C%22%3A%20%5C%22https%3A%2F%2Fwww.threatminer.org%5C%22%2C%20%5C%22experiment%5C%22%3A%20%5C%22network_default%5C%22%2C%20%5C%22position%5C%22%3A%20%5C%22bottom%5C%22%2C%20%5C%22shortname%5C%22%3A%20%5C%22threatminer%5C%22%2C%20%5C%22variant%5C%22%3A%20%5C%22fallthrough%5C%22%7D%22%2C%22orig_uip%22%3A%22%7B%5C%22domain%5C%22%3A%20%5C%22https%3A%2F%2Fwww.threatminer.org%5C%22%2C%20%5C%22experiment%5C%22%3A%20%5C%22network_default%5C%22%2C%20%5C%22position%5C%22%3A%20%5C%22bottom%5C%22%2C%20%5C%22shortname%5C%22%3A%20%5C%22threatminer%5C%22%2C%20%5C%22variant%5C%22%3A%20%5C%22fallthrough%5C%22%7D%22%2C%22cd%22%3A27%2C%22mw%22%3A0%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220317-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c17a7e8fe6d4f33b2b7fa71591f53652bdf8b4050c8690b6bd9d6cfccc1615c1

Request headers

Referer
https://www.threatminer.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
399
date
Thu, 17 Mar 2022 20:22:20 GMT
content-encoding
gzip
server
nginx
x-timer
S1647548540.687520,VS0,VE399
x-served-by
cache-hhn4081-HHN
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.threatminer.org
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
profile
cdn.syndication.twimg.com/timeline/ 		170 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_ThreatMiner_old&dnt=true&domain=www.threatminer.org&lang=en&screen_name=ThreatMiner&suppress_response_codes=true&t=1830609&tz=GMT%2B0000&with_replies=false
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/63FA) /
Resource Hash
68431248a86c06eb2ba054640f82dc9ce6ce49dc51e69b93953e6e495d2eac75
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11
x-cache
HIT
content-disposition
attachment; filename=jsonp.jsonp
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=24
vary
Accept-Encoding
content-length
15470
x-xss-protection
0
x-response-time
305
last-modified
Thu, 17 Mar 2022 20:22:08 GMT
server
ECS (lhb/63FA)
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
application/javascript;charset=utf-8
expires
Thu, 17 Mar 2022 20:27:19 GMT
cache-control
must-revalidate, max-age=300
x-connection-hash
7a8123bb04f8d21f7c5cb4b344e6736b44aa80e22214899d4dd2e1a898f09b9f
accept-ranges
bytes
timing-allow-origin
*
x-transaction
053d67e915899d35
access-contol-allow-origin
platform.twitter.com
truncated
/ Frame 855B 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
14ad8a76fbc518f57f46d4f8d37c962ebc8776428773f9d613ee527fab472c17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 5D21 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4aa2af89ff604c533bf7fa3cbf966d13fcafb1a91504aa8fb15b6c3eba16ae2c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame ADAE 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
512bb60b9981033c3ec382f732587c32daed1f292a67405c3d1f3ccf13312d2e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
getads.htm
rt3024.infolinks.com/action/ 		124 B
240 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rt3024.infolinks.com/action/getads.htm?hks=%5B%7B%22lid%22%3A%22d_IL_INSEARCH%22%2C%22bdc%22%3A1%2C%22prod_t%22%3A%22d%22%2C%22garc%22%3A0%2C%22sdata%22%3A%22license%22%2C%22scs%22%3A%22R8YO2OcK9l%22%7D%5D&rid=66100d6c-c4ad-41da-90a6-de92edbc6bb2&jsv=1792.015-3.025&sr=1600X1200&rts=1647548539756&cfv=-1&cb=getAdsResponse&os=Windows&ov=10&br=Chrome&bv=99.0.4844.51&dv=p&ce=t&purl=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&tzo=-0000&c=c&strg=true&rsd=38IlLYQTGJgLHRzopYzFwp4_qSr2o5JrkS4rT7K1Oo7AUbonBp4wRvo5MrH7NBB2EMu_FPSdtYSdoi4JjLHf87c_aCraDGrGjej2XeRUXhbHx8Y6_15D5hWSlLJOO-PhIZvS8LAo-YzJGD_0Tzv6neoPtp2e_B2T&rsk=62&rcs=sDnrczz1nXjOcq4IjTo-Tg&hbnr=false
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1792.015-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86c2468dff7ca5fad3ea942f4e1cfc98fb7a59bec121133725944bef4e81662e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 20:22:20 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-language
de-DE
content-type
text/html;charset=UTF-8
cache-control
no-cache,no-store
cf-ray
6ed870a57c356937-FRA
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
truncated
/ Frame 68F5 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
023532e7417dded0bfb0b9ad813c48bff31bd42373525e0eb24396d5e84c311f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/ 		151 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/reactive_library_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5720763271532377&plah=www.threatminer.org
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4213007144c37c15898f6529d459f5ad73a6f9c8edb5cb2ad92a8323e722fc9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54936
x-xss-protection
0
server
cafe
etag
3295694844936372420
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 17 Mar 2022 20:22:21 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame C393 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=5742076145&adk=1588915182&adf=2105686797&pi=t.ma~as.5742076145&w=1200&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538972&bpp=1&bdt=432&idt=276&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6082e33e6cecd8b1-22fb64ad5ecd0061%3AT%3D1647548539%3ART%3D1647548539%3AS%3DALNI_MZOJkIAopPNiCdrpGiFt7OQj6kt6g&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200%2C1200x200&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=2125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=vo4CNxUBt4&p=https%3A//www.threatminer.org&dtd=280
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:12:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
589
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 31 Mar 2022 20:12:30 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C393 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=5742076145&adk=1588915182&adf=2105686797&pi=t.ma~as.5742076145&w=1200&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538972&bpp=1&bdt=432&idt=276&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6082e33e6cecd8b1-22fb64ad5ecd0061%3AT%3D1647548539%3ART%3D1647548539%3AS%3DALNI_MZOJkIAopPNiCdrpGiFt7OQj6kt6g&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200%2C1200x200&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=2125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=vo4CNxUBt4&p=https%3A//www.threatminer.org&dtd=280
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:810::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1647431472276194"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 17 Mar 2022 20:22:19 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame C393 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=5742076145&adk=1588915182&adf=2105686797&pi=t.ma~as.5742076145&w=1200&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538972&bpp=1&bdt=432&idt=276&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6082e33e6cecd8b1-22fb64ad5ecd0061%3AT%3D1647548539%3ART%3D1647548539%3AS%3DALNI_MZOJkIAopPNiCdrpGiFt7OQj6kt6g&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200%2C1200x200&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=2125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=vo4CNxUBt4&p=https%3A//www.threatminer.org&dtd=280
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 19:46:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2131
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 31 Mar 2022 19:46:48 GMT
l
www.google.com/ads/measurement/ Frame C393 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR22fzddzJiaWbTUdTDxYAHswXavCIkfREwD-Mps1cQYHw2sLxBf6GSSkibZ7PADMV7kQEA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=5742076145&adk=1588915182&adf=2105686797&pi=t.ma~as.5742076145&w=1200&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538972&bpp=1&bdt=432&idt=276&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6082e33e6cecd8b1-22fb64ad5ecd0061%3AT%3D1647548539%3ART%3D1647548539%3AS%3DALNI_MZOJkIAopPNiCdrpGiFt7OQj6kt6g&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200%2C1200x200&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=2125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=vo4CNxUBt4&p=https%3A//www.threatminer.org&dtd=280
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 899E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=9669696950&adk=163335597&adf=2825014424&pi=t.ma~as.9669696950&w=1200&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538972&bpp=1&bdt=432&idt=283&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6082e33e6cecd8b1-22fb64ad5ecd0061%3AT%3D1647548539%3ART%3D1647548539%3AS%3DALNI_MZOJkIAopPNiCdrpGiFt7OQj6kt6g&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200%2C1200x200%2C1200x200&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=2524&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=jGmW2bJRP8&p=https%3A//www.threatminer.org&dtd=285
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:12:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
589
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 31 Mar 2022 20:12:30 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 899E 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=9669696950&adk=163335597&adf=2825014424&pi=t.ma~as.9669696950&w=1200&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538972&bpp=1&bdt=432&idt=283&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6082e33e6cecd8b1-22fb64ad5ecd0061%3AT%3D1647548539%3ART%3D1647548539%3AS%3DALNI_MZOJkIAopPNiCdrpGiFt7OQj6kt6g&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200%2C1200x200%2C1200x200&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=2524&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=jGmW2bJRP8&p=https%3A//www.threatminer.org&dtd=285
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:810::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1647431472276194"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 17 Mar 2022 20:22:19 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 899E 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=9669696950&adk=163335597&adf=2825014424&pi=t.ma~as.9669696950&w=1200&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538972&bpp=1&bdt=432&idt=283&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6082e33e6cecd8b1-22fb64ad5ecd0061%3AT%3D1647548539%3ART%3D1647548539%3AS%3DALNI_MZOJkIAopPNiCdrpGiFt7OQj6kt6g&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200%2C1200x200%2C1200x200&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=2524&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=jGmW2bJRP8&p=https%3A//www.threatminer.org&dtd=285
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 19:46:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2131
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 31 Mar 2022 19:46:48 GMT
l
www.google.com/ads/measurement/ Frame 899E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSH0YNl5seEa_ccinPqJ0XokNS47JNEslYLXg9HPLg29il7CzHe9PXlGBPno2sIpezn9sL9
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=9669696950&adk=163335597&adf=2825014424&pi=t.ma~as.9669696950&w=1200&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538972&bpp=1&bdt=432&idt=283&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6082e33e6cecd8b1-22fb64ad5ecd0061%3AT%3D1647548539%3ART%3D1647548539%3AS%3DALNI_MZOJkIAopPNiCdrpGiFt7OQj6kt6g&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200%2C1200x200%2C1200x200&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=2524&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=jGmW2bJRP8&p=https%3A//www.threatminer.org&dtd=285
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
truncated
/ Frame 003D 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
35698eef2eae473ffa56ca2cdc91bd7715c0e1d3ddeabebeb6a261b626a82312

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 2826 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=7757849485&adk=3516063199&adf=2426225322&pi=t.ma~as.7757849485&w=1200&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com%23gsc.tab%3D0%26gsc.q%3Dip.acc.sogou.com%26gsc.page%3D1&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538973&bpp=1&bdt=433&idt=336&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6082e33e6cecd8b1-22fb64ad5ecd0061%3AT%3D1647548539%3ART%3D1647548539%3AS%3DALNI_MZOJkIAopPNiCdrpGiFt7OQj6kt6g&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200%2C1200x200%2C1200x200%2C1200x200%2C1200x200&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=3380&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=owFqdgFJV3&p=https%3A//www.threatminer.org&dtd=340
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:12:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
589
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 31 Mar 2022 20:12:30 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2826 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=7757849485&adk=3516063199&adf=2426225322&pi=t.ma~as.7757849485&w=1200&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com%23gsc.tab%3D0%26gsc.q%3Dip.acc.sogou.com%26gsc.page%3D1&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538973&bpp=1&bdt=433&idt=336&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6082e33e6cecd8b1-22fb64ad5ecd0061%3AT%3D1647548539%3ART%3D1647548539%3AS%3DALNI_MZOJkIAopPNiCdrpGiFt7OQj6kt6g&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200%2C1200x200%2C1200x200%2C1200x200%2C1200x200&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=3380&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=owFqdgFJV3&p=https%3A//www.threatminer.org&dtd=340
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:810::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1647431472276194"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 17 Mar 2022 20:22:19 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 2826 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=7757849485&adk=3516063199&adf=2426225322&pi=t.ma~as.7757849485&w=1200&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com%23gsc.tab%3D0%26gsc.q%3Dip.acc.sogou.com%26gsc.page%3D1&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538973&bpp=1&bdt=433&idt=336&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6082e33e6cecd8b1-22fb64ad5ecd0061%3AT%3D1647548539%3ART%3D1647548539%3AS%3DALNI_MZOJkIAopPNiCdrpGiFt7OQj6kt6g&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200%2C1200x200%2C1200x200%2C1200x200%2C1200x200&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=3380&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=owFqdgFJV3&p=https%3A//www.threatminer.org&dtd=340
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 19:46:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2131
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 31 Mar 2022 19:46:48 GMT
vidice.js
resources.infolinks.com/js/vidice/2.0/ 		333 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/vidice/2.0/vidice.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1792.015-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2bdac211f43fbee9eeb4d50f8755206599f76296cd15316a97c9d2cb2050d2f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
6ed870a67dc76937-FRA
date
Thu, 17 Mar 2022 20:22:19 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Tue, 25 Jan 2022 09:20:02 GMT
server
cloudflare
age
1657
etag
W/"5344d-5d6649709d511"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
content-encoding
gzip
expires
Sat, 16 Apr 2022 19:54:42 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 8F5A 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewACYC8Iu9hHAA6Zc2IMEmV7pL4UA-nx0w&u=%7C53p4L%2Bu0rWOLeLRoFW0xlvwbAwpN%2Fl7N8awjTUH7fMI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy__U_jolI7iL-L4oo_FnJwiubozSo-ehhClHR-RUc1pMORvr7HWGnt5CeKzYGx0_R3ZptaVSSnLpMm8-bs3vtYBCtohikjPe5sAD7gPCEzs1T3b7xX-L4_NFW2CtTa711-v7bWs9q-huGrUXm3LhIR7bXvVOJQK0aNg_IA--jTl4zzDy7VFQT7zrPL3Uux2KiaKXnHS9ChsP-Z-5hRlYb0RGKWYayAcK98t5b_9ThjMJdmi3Qawc1VHy5MJ-qibN0NKRP-x-GfXPWTJjF5eKQFPgpEx8oglQcP4IGkPzyE-n0zK8PEV8ee-uP-ReVkkdPxr32R5Ry_sq0ThlWXB_l_hd47Bfbsp-oulj3xHl7p-qmSWDyNVh802qC1Ykcs4ba0hQ7KQhJzbx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-uELe5gzYq_ACcew7_UP87K64ArJntKxXPXqoYaIAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakCe9G6FdCYsj6oAwGqBOgBT9DRNPF56QzUWZ4zcJPykuEZaESU8bqsx3CXMZb-hHkR7norcLcw_bI0m6NYUSBDqSEdkdcC5LBnqRZADpFRf_UFlGCvgCEhSRrFVLMaQthoW5UnmvPtUhAfiFmHflvMI9l6R-gErI0c387QCTvH1HcAl0JRuSCxoKcyftDD1qZyjvaEfZ8STWvgDXp9PFJSze1Nqrpj35uXB59DMzsNvQE0poqLoj9OsrxXm8W2k6tIar50Y0cVUSVBnyBWbB1TajHALw1fpHJRWRbCnc4XtGJOuMJlW3sfv7Hnx5YDdy-vQ4cR75GqrYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_10JrfhKJPOIpuJH7z7rbVC-2ND3w%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Mar 2023 20:22:20 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 8F5A 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewACYC8Iu9hHAA6Zc2IMEmV7pL4UA-nx0w&u=%7C53p4L%2Bu0rWOLeLRoFW0xlvwbAwpN%2Fl7N8awjTUH7fMI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy__U_jolI7iL-L4oo_FnJwiubozSo-ehhClHR-RUc1pMORvr7HWGnt5CeKzYGx0_R3ZptaVSSnLpMm8-bs3vtYBCtohikjPe5sAD7gPCEzs1T3b7xX-L4_NFW2CtTa711-v7bWs9q-huGrUXm3LhIR7bXvVOJQK0aNg_IA--jTl4zzDy7VFQT7zrPL3Uux2KiaKXnHS9ChsP-Z-5hRlYb0RGKWYayAcK98t5b_9ThjMJdmi3Qawc1VHy5MJ-qibN0NKRP-x-GfXPWTJjF5eKQFPgpEx8oglQcP4IGkPzyE-n0zK8PEV8ee-uP-ReVkkdPxr32R5Ry_sq0ThlWXB_l_hd47Bfbsp-oulj3xHl7p-qmSWDyNVh802qC1Ykcs4ba0hQ7KQhJzbx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-uELe5gzYq_ACcew7_UP87K64ArJntKxXPXqoYaIAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakCe9G6FdCYsj6oAwGqBOgBT9DRNPF56QzUWZ4zcJPykuEZaESU8bqsx3CXMZb-hHkR7norcLcw_bI0m6NYUSBDqSEdkdcC5LBnqRZADpFRf_UFlGCvgCEhSRrFVLMaQthoW5UnmvPtUhAfiFmHflvMI9l6R-gErI0c387QCTvH1HcAl0JRuSCxoKcyftDD1qZyjvaEfZ8STWvgDXp9PFJSze1Nqrpj35uXB59DMzsNvQE0poqLoj9OsrxXm8W2k6tIar50Y0cVUSVBnyBWbB1TajHALw1fpHJRWRbCnc4XtGJOuMJlW3sfv7Hnx5YDdy-vQ4cR75GqrYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_10JrfhKJPOIpuJH7z7rbVC-2ND3w%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Mar 2023 20:22:20 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 8F5A 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewACYC8Iu9hHAA6Zc2IMEmV7pL4UA-nx0w&u=%7C53p4L%2Bu0rWOLeLRoFW0xlvwbAwpN%2Fl7N8awjTUH7fMI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy__U_jolI7iL-L4oo_FnJwiubozSo-ehhClHR-RUc1pMORvr7HWGnt5CeKzYGx0_R3ZptaVSSnLpMm8-bs3vtYBCtohikjPe5sAD7gPCEzs1T3b7xX-L4_NFW2CtTa711-v7bWs9q-huGrUXm3LhIR7bXvVOJQK0aNg_IA--jTl4zzDy7VFQT7zrPL3Uux2KiaKXnHS9ChsP-Z-5hRlYb0RGKWYayAcK98t5b_9ThjMJdmi3Qawc1VHy5MJ-qibN0NKRP-x-GfXPWTJjF5eKQFPgpEx8oglQcP4IGkPzyE-n0zK8PEV8ee-uP-ReVkkdPxr32R5Ry_sq0ThlWXB_l_hd47Bfbsp-oulj3xHl7p-qmSWDyNVh802qC1Ykcs4ba0hQ7KQhJzbx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-uELe5gzYq_ACcew7_UP87K64ArJntKxXPXqoYaIAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakCe9G6FdCYsj6oAwGqBOgBT9DRNPF56QzUWZ4zcJPykuEZaESU8bqsx3CXMZb-hHkR7norcLcw_bI0m6NYUSBDqSEdkdcC5LBnqRZADpFRf_UFlGCvgCEhSRrFVLMaQthoW5UnmvPtUhAfiFmHflvMI9l6R-gErI0c387QCTvH1HcAl0JRuSCxoKcyftDD1qZyjvaEfZ8STWvgDXp9PFJSze1Nqrpj35uXB59DMzsNvQE0poqLoj9OsrxXm8W2k6tIar50Y0cVUSVBnyBWbB1TajHALw1fpHJRWRbCnc4XtGJOuMJlW3sfv7Hnx5YDdy-vQ4cR75GqrYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_10JrfhKJPOIpuJH7z7rbVC-2ND3w%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 12 Mar 2023 20:22:20 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame 8F5A 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewACYC8Iu9hHAA6Zc2IMEmV7pL4UA-nx0w&u=%7C53p4L%2Bu0rWOLeLRoFW0xlvwbAwpN%2Fl7N8awjTUH7fMI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy__U_jolI7iL-L4oo_FnJwiubozSo-ehhClHR-RUc1pMORvr7HWGnt5CeKzYGx0_R3ZptaVSSnLpMm8-bs3vtYBCtohikjPe5sAD7gPCEzs1T3b7xX-L4_NFW2CtTa711-v7bWs9q-huGrUXm3LhIR7bXvVOJQK0aNg_IA--jTl4zzDy7VFQT7zrPL3Uux2KiaKXnHS9ChsP-Z-5hRlYb0RGKWYayAcK98t5b_9ThjMJdmi3Qawc1VHy5MJ-qibN0NKRP-x-GfXPWTJjF5eKQFPgpEx8oglQcP4IGkPzyE-n0zK8PEV8ee-uP-ReVkkdPxr32R5Ry_sq0ThlWXB_l_hd47Bfbsp-oulj3xHl7p-qmSWDyNVh802qC1Ykcs4ba0hQ7KQhJzbx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-uELe5gzYq_ACcew7_UP87K64ArJntKxXPXqoYaIAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakCe9G6FdCYsj6oAwGqBOgBT9DRNPF56QzUWZ4zcJPykuEZaESU8bqsx3CXMZb-hHkR7norcLcw_bI0m6NYUSBDqSEdkdcC5LBnqRZADpFRf_UFlGCvgCEhSRrFVLMaQthoW5UnmvPtUhAfiFmHflvMI9l6R-gErI0c387QCTvH1HcAl0JRuSCxoKcyftDD1qZyjvaEfZ8STWvgDXp9PFJSze1Nqrpj35uXB59DMzsNvQE0poqLoj9OsrxXm8W2k6tIar50Y0cVUSVBnyBWbB1TajHALw1fpHJRWRbCnc4XtGJOuMJlW3sfv7Hnx5YDdy-vQ4cR75GqrYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_10JrfhKJPOIpuJH7z7rbVC-2ND3w%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Sun, 12 Mar 2023 20:22:20 GMT
m
secure-gl.imrworldwide.com/cgi-bin/ Frame 8F5A 		0
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1647548539
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewACYC8Iu9hHAA6Zc2IMEmV7pL4UA-nx0w&u=%7C53p4L%2Bu0rWOLeLRoFW0xlvwbAwpN%2Fl7N8awjTUH7fMI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy__U_jolI7iL-L4oo_FnJwiubozSo-ehhClHR-RUc1pMORvr7HWGnt5CeKzYGx0_R3ZptaVSSnLpMm8-bs3vtYBCtohikjPe5sAD7gPCEzs1T3b7xX-L4_NFW2CtTa711-v7bWs9q-huGrUXm3LhIR7bXvVOJQK0aNg_IA--jTl4zzDy7VFQT7zrPL3Uux2KiaKXnHS9ChsP-Z-5hRlYb0RGKWYayAcK98t5b_9ThjMJdmi3Qawc1VHy5MJ-qibN0NKRP-x-GfXPWTJjF5eKQFPgpEx8oglQcP4IGkPzyE-n0zK8PEV8ee-uP-ReVkkdPxr32R5Ry_sq0ThlWXB_l_hd47Bfbsp-oulj3xHl7p-qmSWDyNVh802qC1Ykcs4ba0hQ7KQhJzbx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-uELe5gzYq_ACcew7_UP87K64ArJntKxXPXqoYaIAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakCe9G6FdCYsj6oAwGqBOgBT9DRNPF56QzUWZ4zcJPykuEZaESU8bqsx3CXMZb-hHkR7norcLcw_bI0m6NYUSBDqSEdkdcC5LBnqRZADpFRf_UFlGCvgCEhSRrFVLMaQthoW5UnmvPtUhAfiFmHflvMI9l6R-gErI0c387QCTvH1HcAl0JRuSCxoKcyftDD1qZyjvaEfZ8STWvgDXp9PFJSze1Nqrpj35uXB59DMzsNvQE0poqLoj9OsrxXm8W2k6tIar50Y0cVUSVBnyBWbB1TajHALw1fpHJRWRbCnc4XtGJOuMJlW3sfv7Hnx5YDdy-vQ4cR75GqrYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_10JrfhKJPOIpuJH7z7rbVC-2ND3w%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225a:7400:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 20:22:20 GMT
via
1.1 88c4efc7a0d40cb6034579fa005452bc.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
TXL50-P1
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
x-cache
Miss from cloudfront
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length
0
x-amz-cf-id
6XS8P4TjK_ccgzOLDI3o7FXsZgqjDxRhX-p4KisYEdHuPchl496pPQ==
expires
Thu, 01 Dec 1994 16:00:00 GMT
lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame 8F5A 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=N8YHq6Igar3PdS5R9BM-mVDRxQV1_VymJyXxmZ9OjK9Obg2How5jHpjm3Hse_SZJC9fFbuJGx8rRxgJ8orvZkIx_0u_EMyCUJirX7D-0meS2NgXhWtTPxOYN9x-4F_ldh6zIh1bUBb1pEHld2NQPGChcJT9Rl_uWM-XeXj723n1yjbrxdWDbzRk8W8yZe9aw8OPfIToX69gXwx7X2Oqu-qSoIjSdlLm5S0mJj6sVjhEd1Zb5BpB9WIeRnC4nJ07fr2L97SkuoRIKOasUwbfw96SublcPqGycbtZBGB3XeP3UeUgZod1vMQa0ViRrUbPQtuhj6ug6pAjLrQZhTv5missr6V18oXOlLLN4vuoQS4BLEnkkUZbfRJkLOfT13MWCL4x9ylIyMclv7iN911DNdam-oJq00KLWksWW7yn3W_2kL-TMHDGInqaUtWzn6GqEp_kcTA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewACYC8Iu9hHAA6Zc2IMEmV7pL4UA-nx0w&u=%7C53p4L%2Bu0rWOLeLRoFW0xlvwbAwpN%2Fl7N8awjTUH7fMI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy__U_jolI7iL-L4oo_FnJwiubozSo-ehhClHR-RUc1pMORvr7HWGnt5CeKzYGx0_R3ZptaVSSnLpMm8-bs3vtYBCtohikjPe5sAD7gPCEzs1T3b7xX-L4_NFW2CtTa711-v7bWs9q-huGrUXm3LhIR7bXvVOJQK0aNg_IA--jTl4zzDy7VFQT7zrPL3Uux2KiaKXnHS9ChsP-Z-5hRlYb0RGKWYayAcK98t5b_9ThjMJdmi3Qawc1VHy5MJ-qibN0NKRP-x-GfXPWTJjF5eKQFPgpEx8oglQcP4IGkPzyE-n0zK8PEV8ee-uP-ReVkkdPxr32R5Ry_sq0ThlWXB_l_hd47Bfbsp-oulj3xHl7p-qmSWDyNVh802qC1Ykcs4ba0hQ7KQhJzbx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-uELe5gzYq_ACcew7_UP87K64ArJntKxXPXqoYaIAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakCe9G6FdCYsj6oAwGqBOgBT9DRNPF56QzUWZ4zcJPykuEZaESU8bqsx3CXMZb-hHkR7norcLcw_bI0m6NYUSBDqSEdkdcC5LBnqRZADpFRf_UFlGCvgCEhSRrFVLMaQthoW5UnmvPtUhAfiFmHflvMI9l6R-gErI0c387QCTvH1HcAl0JRuSCxoKcyftDD1qZyjvaEfZ8STWvgDXp9PFJSze1Nqrpj35uXB59DMzsNvQE0poqLoj9OsrxXm8W2k6tIar50Y0cVUSVBnyBWbB1TajHALw1fpHJRWRbCnc4XtGJOuMJlW3sfv7Hnx5YDdy-vQ4cR75GqrYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_10JrfhKJPOIpuJH7z7rbVC-2ND3w%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 20:22:20 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3733291
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 9189 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEJikKGU0QAA1KMgeVI_KPrKQZ1NQn4w&u=%7C53p4L%2Bu0rWOJoLpU%2BYTZ3OIFKjwUiOExSZYxUBAXJLU%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZ55jg2GioG1UNIFjG3inPavEoiWtYxQZz4Q9ofnHFKvp5tmIESiIMle3GPQat4DvzKiGgSbpZQzY_VRmW7eFbQbk6uNFEX7tavK404LuC1MEbFzzxWiIdyMYWgl4IJHj9qVfeN4ULFZsawAyyEjjer6PZIIlohMVDJIOomiLDjCOB2C29gV8xH0bdTeTBQ_SlzbhD4IPwoA8dCr7EAeCe0r5KkDw-5ylp0FoJMP06ZAhynKAMjcoTMVdC_TYLER7fvi17Xy-sj9Ak7jO2y3ci7d-gYL4mSezWZToHG7YLMGFnCW9m7dLdCGo_G-3VX9TRTXgWHprRvSIrWjM1KL9CcpX1uUAvMYI-MvGZ3uE_CRT6aU2Fj2eoy&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4dMze5gzYqnMEJCaZbKUtZgOyZ7SsVzFjIvgmgHAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTcyMDc2MzI3MTUzMjM3N6AB1bbS6gPIAQmpAu2N_Nuno7I-qAMBqgTvAU_QD05-yofHDk-7d6zWfLG2OkCnHbn3iblKBIERoA6sywWd2u0EyzIbSghwU8tck5pJlQjKvxMgrnlFYsj0smOe2IYdQHcZxLDVChWPbhtgVeJsWqkbF1b6YcYqozTdEMLjizmIkc2yP5-MglVcHQV0Y2n5QBVsF_jqmDJzK_vDTI9VctwvT7KKB5KmDMRAVgg6kN0Zjvx0m4uo3sBZUks11M35ZsyQjtjPSucrw3-ppeRqZK9AHD4gbWmTr45eD5G5pe8WMeEzFCLZ45A7kV7wK7GZe02gUxsXxJmcz-NxoIPY6NS5WxI0FDmFiKyXgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0dj-o0CYlVfpKDd88i_kIC78yxvQ%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Mar 2023 20:22:20 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 9189 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEJikKGU0QAA1KMgeVI_KPrKQZ1NQn4w&u=%7C53p4L%2Bu0rWOJoLpU%2BYTZ3OIFKjwUiOExSZYxUBAXJLU%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZ55jg2GioG1UNIFjG3inPavEoiWtYxQZz4Q9ofnHFKvp5tmIESiIMle3GPQat4DvzKiGgSbpZQzY_VRmW7eFbQbk6uNFEX7tavK404LuC1MEbFzzxWiIdyMYWgl4IJHj9qVfeN4ULFZsawAyyEjjer6PZIIlohMVDJIOomiLDjCOB2C29gV8xH0bdTeTBQ_SlzbhD4IPwoA8dCr7EAeCe0r5KkDw-5ylp0FoJMP06ZAhynKAMjcoTMVdC_TYLER7fvi17Xy-sj9Ak7jO2y3ci7d-gYL4mSezWZToHG7YLMGFnCW9m7dLdCGo_G-3VX9TRTXgWHprRvSIrWjM1KL9CcpX1uUAvMYI-MvGZ3uE_CRT6aU2Fj2eoy&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4dMze5gzYqnMEJCaZbKUtZgOyZ7SsVzFjIvgmgHAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTcyMDc2MzI3MTUzMjM3N6AB1bbS6gPIAQmpAu2N_Nuno7I-qAMBqgTvAU_QD05-yofHDk-7d6zWfLG2OkCnHbn3iblKBIERoA6sywWd2u0EyzIbSghwU8tck5pJlQjKvxMgrnlFYsj0smOe2IYdQHcZxLDVChWPbhtgVeJsWqkbF1b6YcYqozTdEMLjizmIkc2yP5-MglVcHQV0Y2n5QBVsF_jqmDJzK_vDTI9VctwvT7KKB5KmDMRAVgg6kN0Zjvx0m4uo3sBZUks11M35ZsyQjtjPSucrw3-ppeRqZK9AHD4gbWmTr45eD5G5pe8WMeEzFCLZ45A7kV7wK7GZe02gUxsXxJmcz-NxoIPY6NS5WxI0FDmFiKyXgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0dj-o0CYlVfpKDd88i_kIC78yxvQ%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Mar 2023 20:22:20 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 9189 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEJikKGU0QAA1KMgeVI_KPrKQZ1NQn4w&u=%7C53p4L%2Bu0rWOJoLpU%2BYTZ3OIFKjwUiOExSZYxUBAXJLU%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZ55jg2GioG1UNIFjG3inPavEoiWtYxQZz4Q9ofnHFKvp5tmIESiIMle3GPQat4DvzKiGgSbpZQzY_VRmW7eFbQbk6uNFEX7tavK404LuC1MEbFzzxWiIdyMYWgl4IJHj9qVfeN4ULFZsawAyyEjjer6PZIIlohMVDJIOomiLDjCOB2C29gV8xH0bdTeTBQ_SlzbhD4IPwoA8dCr7EAeCe0r5KkDw-5ylp0FoJMP06ZAhynKAMjcoTMVdC_TYLER7fvi17Xy-sj9Ak7jO2y3ci7d-gYL4mSezWZToHG7YLMGFnCW9m7dLdCGo_G-3VX9TRTXgWHprRvSIrWjM1KL9CcpX1uUAvMYI-MvGZ3uE_CRT6aU2Fj2eoy&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4dMze5gzYqnMEJCaZbKUtZgOyZ7SsVzFjIvgmgHAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTcyMDc2MzI3MTUzMjM3N6AB1bbS6gPIAQmpAu2N_Nuno7I-qAMBqgTvAU_QD05-yofHDk-7d6zWfLG2OkCnHbn3iblKBIERoA6sywWd2u0EyzIbSghwU8tck5pJlQjKvxMgrnlFYsj0smOe2IYdQHcZxLDVChWPbhtgVeJsWqkbF1b6YcYqozTdEMLjizmIkc2yP5-MglVcHQV0Y2n5QBVsF_jqmDJzK_vDTI9VctwvT7KKB5KmDMRAVgg6kN0Zjvx0m4uo3sBZUks11M35ZsyQjtjPSucrw3-ppeRqZK9AHD4gbWmTr45eD5G5pe8WMeEzFCLZ45A7kV7wK7GZe02gUxsXxJmcz-NxoIPY6NS5WxI0FDmFiKyXgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0dj-o0CYlVfpKDd88i_kIC78yxvQ%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 12 Mar 2023 20:22:20 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame 9189 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEJikKGU0QAA1KMgeVI_KPrKQZ1NQn4w&u=%7C53p4L%2Bu0rWOJoLpU%2BYTZ3OIFKjwUiOExSZYxUBAXJLU%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZ55jg2GioG1UNIFjG3inPavEoiWtYxQZz4Q9ofnHFKvp5tmIESiIMle3GPQat4DvzKiGgSbpZQzY_VRmW7eFbQbk6uNFEX7tavK404LuC1MEbFzzxWiIdyMYWgl4IJHj9qVfeN4ULFZsawAyyEjjer6PZIIlohMVDJIOomiLDjCOB2C29gV8xH0bdTeTBQ_SlzbhD4IPwoA8dCr7EAeCe0r5KkDw-5ylp0FoJMP06ZAhynKAMjcoTMVdC_TYLER7fvi17Xy-sj9Ak7jO2y3ci7d-gYL4mSezWZToHG7YLMGFnCW9m7dLdCGo_G-3VX9TRTXgWHprRvSIrWjM1KL9CcpX1uUAvMYI-MvGZ3uE_CRT6aU2Fj2eoy&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4dMze5gzYqnMEJCaZbKUtZgOyZ7SsVzFjIvgmgHAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTcyMDc2MzI3MTUzMjM3N6AB1bbS6gPIAQmpAu2N_Nuno7I-qAMBqgTvAU_QD05-yofHDk-7d6zWfLG2OkCnHbn3iblKBIERoA6sywWd2u0EyzIbSghwU8tck5pJlQjKvxMgrnlFYsj0smOe2IYdQHcZxLDVChWPbhtgVeJsWqkbF1b6YcYqozTdEMLjizmIkc2yP5-MglVcHQV0Y2n5QBVsF_jqmDJzK_vDTI9VctwvT7KKB5KmDMRAVgg6kN0Zjvx0m4uo3sBZUks11M35ZsyQjtjPSucrw3-ppeRqZK9AHD4gbWmTr45eD5G5pe8WMeEzFCLZ45A7kV7wK7GZe02gUxsXxJmcz-NxoIPY6NS5WxI0FDmFiKyXgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0dj-o0CYlVfpKDd88i_kIC78yxvQ%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Sun, 12 Mar 2023 20:22:20 GMT
m
secure-gl.imrworldwide.com/cgi-bin/ Frame 9189 		0
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1647548539
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEJikKGU0QAA1KMgeVI_KPrKQZ1NQn4w&u=%7C53p4L%2Bu0rWOJoLpU%2BYTZ3OIFKjwUiOExSZYxUBAXJLU%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZ55jg2GioG1UNIFjG3inPavEoiWtYxQZz4Q9ofnHFKvp5tmIESiIMle3GPQat4DvzKiGgSbpZQzY_VRmW7eFbQbk6uNFEX7tavK404LuC1MEbFzzxWiIdyMYWgl4IJHj9qVfeN4ULFZsawAyyEjjer6PZIIlohMVDJIOomiLDjCOB2C29gV8xH0bdTeTBQ_SlzbhD4IPwoA8dCr7EAeCe0r5KkDw-5ylp0FoJMP06ZAhynKAMjcoTMVdC_TYLER7fvi17Xy-sj9Ak7jO2y3ci7d-gYL4mSezWZToHG7YLMGFnCW9m7dLdCGo_G-3VX9TRTXgWHprRvSIrWjM1KL9CcpX1uUAvMYI-MvGZ3uE_CRT6aU2Fj2eoy&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4dMze5gzYqnMEJCaZbKUtZgOyZ7SsVzFjIvgmgHAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTcyMDc2MzI3MTUzMjM3N6AB1bbS6gPIAQmpAu2N_Nuno7I-qAMBqgTvAU_QD05-yofHDk-7d6zWfLG2OkCnHbn3iblKBIERoA6sywWd2u0EyzIbSghwU8tck5pJlQjKvxMgrnlFYsj0smOe2IYdQHcZxLDVChWPbhtgVeJsWqkbF1b6YcYqozTdEMLjizmIkc2yP5-MglVcHQV0Y2n5QBVsF_jqmDJzK_vDTI9VctwvT7KKB5KmDMRAVgg6kN0Zjvx0m4uo3sBZUks11M35ZsyQjtjPSucrw3-ppeRqZK9AHD4gbWmTr45eD5G5pe8WMeEzFCLZ45A7kV7wK7GZe02gUxsXxJmcz-NxoIPY6NS5WxI0FDmFiKyXgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0dj-o0CYlVfpKDd88i_kIC78yxvQ%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225a:7400:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 20:22:20 GMT
via
1.1 88c4efc7a0d40cb6034579fa005452bc.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
TXL50-P1
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
x-cache
Miss from cloudfront
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length
0
x-amz-cf-id
ipcRGWZd67ACzrKgqVb56dvoImFsp66bWgMxZmmmsxEjauv4uLMKSQ==
expires
Thu, 01 Dec 1994 16:00:00 GMT
lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame 9189 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=u3OY16Igar3PdS5R9BM-mVDRxQVKp6zTKNaIpjhbPItmSI_1KlbMQY92myxxSCvRaCB7-wJbGQNwaaVskmiO2SPj7QTkSqzN3oi9EnHdf0PK8okS7Xnk9MhwJKGWQBixznvY4BBINIrgPB7t0BfWJnRK2Nzz1TxJ3FvE9Gcyx8tfPN9PFJlvqJT_-CeetW24tu3wb7Kx1-kRC-dYnJLpBJLwMcXfkK3bwdWDwLu64DnBWTFcAnsMiEoZdyxRU-oUcZGQRDx8uW5vimwTjn3t9c-j5GoU0vH9YQvsowxHXK3024-EG4G2340QrWZU1RJOJ-J5p6G7ThI4EquAkpRS6D6BsqHwr3wlAm1AJuFzxQTiZWy9ncDwgP44O5QLyv-oy2DY6yca6z80veF8IqODf5C5SHfg8Pp8HqYRc91nG6lGSs7ckq9zQsagWlb54CavKKJhwQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEJikKGU0QAA1KMgeVI_KPrKQZ1NQn4w&u=%7C53p4L%2Bu0rWOJoLpU%2BYTZ3OIFKjwUiOExSZYxUBAXJLU%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZ55jg2GioG1UNIFjG3inPavEoiWtYxQZz4Q9ofnHFKvp5tmIESiIMle3GPQat4DvzKiGgSbpZQzY_VRmW7eFbQbk6uNFEX7tavK404LuC1MEbFzzxWiIdyMYWgl4IJHj9qVfeN4ULFZsawAyyEjjer6PZIIlohMVDJIOomiLDjCOB2C29gV8xH0bdTeTBQ_SlzbhD4IPwoA8dCr7EAeCe0r5KkDw-5ylp0FoJMP06ZAhynKAMjcoTMVdC_TYLER7fvi17Xy-sj9Ak7jO2y3ci7d-gYL4mSezWZToHG7YLMGFnCW9m7dLdCGo_G-3VX9TRTXgWHprRvSIrWjM1KL9CcpX1uUAvMYI-MvGZ3uE_CRT6aU2Fj2eoy&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4dMze5gzYqnMEJCaZbKUtZgOyZ7SsVzFjIvgmgHAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTcyMDc2MzI3MTUzMjM3N6AB1bbS6gPIAQmpAu2N_Nuno7I-qAMBqgTvAU_QD05-yofHDk-7d6zWfLG2OkCnHbn3iblKBIERoA6sywWd2u0EyzIbSghwU8tck5pJlQjKvxMgrnlFYsj0smOe2IYdQHcZxLDVChWPbhtgVeJsWqkbF1b6YcYqozTdEMLjizmIkc2yP5-MglVcHQV0Y2n5QBVsF_jqmDJzK_vDTI9VctwvT7KKB5KmDMRAVgg6kN0Zjvx0m4uo3sBZUks11M35ZsyQjtjPSucrw3-ppeRqZK9AHD4gbWmTr45eD5G5pe8WMeEzFCLZ45A7kV7wK7GZe02gUxsXxJmcz-NxoIPY6NS5WxI0FDmFiKyXgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0dj-o0CYlVfpKDd88i_kIC78yxvQ%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 20:22:19 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3215109
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame B6C6 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewADXXICHkxrAAFRu8OjsMStkraaigP-oQ&u=%7C53p4L%2Bu0rWNeNOTdpoEapHDst9Y9WVczfBlGGQUdgZ8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XQ0-yw8NmxFGL_UnDcLO3UySnFSdUVgWANakzpgPUeta3Dy4CP1u-c5o_1uKljUG0hjirO8NdI8MKYmcR_tFnZMBgXQ5J6xrYRc-Nh8OndtdIaAP3DROvFmevssvQpM-kxCADcFkDLubQ5lIDrHphA96olCiXTOsBq8li2-BfvmHn7XLC3Z90ohVsxlji-n3iStS96-ixn4EWVByjTy4UkJUXAtfk3GchJVdYU5YevWUB66KK1WI4MpFbfIPtPm-AnlcbXCgDkvcHJT0MPOFVoBmL1dNxnLk_pOoOp77MdIFr0H_1tt3QZQyA_gZrTAe7KxkjfGnO-iIHjvnuEzAqN1AJhoOTvcmxs4vQKO78q1sY0ks8v0H8hWqCdgS9wcon7rzwF4pjvhE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC52Aqe5gzYvK6DeuY-cAPu6OFkA7JntKxXM3x4t2IAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBOcBT9DmDDtdxphOqGelRqfklzHYnrdlFYz7cDJHMcR1cVRXdq4Z5jzGumiiPkdj3GuvdHgAly6HDGZikrmNWY8KqPraawYy8jjc7PhC4QYIS3NF5FIcl4vPqHbFE-FixzfkVABpsjkwYZks549UYbAEZt4GNsV1okfOdh_4Rgx8MKu_WQrD1a-0sGRXRU30VtAG42IV0pY7v7pGvngvY4hbhesJow617OuAQavW2O1820POkluQmMoq4XP4jjrwuyH2p5fZSNR_9j8CE4PbkoWEhXCg7x-T7ShXS30_YFhs3Qy1HrIKg9-LgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0ydKr-MGoAOCm_-VOZZ9EEyw7w4A%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Mar 2023 20:22:20 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame B6C6 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewADXXICHkxrAAFRu8OjsMStkraaigP-oQ&u=%7C53p4L%2Bu0rWNeNOTdpoEapHDst9Y9WVczfBlGGQUdgZ8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XQ0-yw8NmxFGL_UnDcLO3UySnFSdUVgWANakzpgPUeta3Dy4CP1u-c5o_1uKljUG0hjirO8NdI8MKYmcR_tFnZMBgXQ5J6xrYRc-Nh8OndtdIaAP3DROvFmevssvQpM-kxCADcFkDLubQ5lIDrHphA96olCiXTOsBq8li2-BfvmHn7XLC3Z90ohVsxlji-n3iStS96-ixn4EWVByjTy4UkJUXAtfk3GchJVdYU5YevWUB66KK1WI4MpFbfIPtPm-AnlcbXCgDkvcHJT0MPOFVoBmL1dNxnLk_pOoOp77MdIFr0H_1tt3QZQyA_gZrTAe7KxkjfGnO-iIHjvnuEzAqN1AJhoOTvcmxs4vQKO78q1sY0ks8v0H8hWqCdgS9wcon7rzwF4pjvhE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC52Aqe5gzYvK6DeuY-cAPu6OFkA7JntKxXM3x4t2IAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBOcBT9DmDDtdxphOqGelRqfklzHYnrdlFYz7cDJHMcR1cVRXdq4Z5jzGumiiPkdj3GuvdHgAly6HDGZikrmNWY8KqPraawYy8jjc7PhC4QYIS3NF5FIcl4vPqHbFE-FixzfkVABpsjkwYZks549UYbAEZt4GNsV1okfOdh_4Rgx8MKu_WQrD1a-0sGRXRU30VtAG42IV0pY7v7pGvngvY4hbhesJow617OuAQavW2O1820POkluQmMoq4XP4jjrwuyH2p5fZSNR_9j8CE4PbkoWEhXCg7x-T7ShXS30_YFhs3Qy1HrIKg9-LgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0ydKr-MGoAOCm_-VOZZ9EEyw7w4A%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Mar 2023 20:22:20 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame B6C6 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewADXXICHkxrAAFRu8OjsMStkraaigP-oQ&u=%7C53p4L%2Bu0rWNeNOTdpoEapHDst9Y9WVczfBlGGQUdgZ8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XQ0-yw8NmxFGL_UnDcLO3UySnFSdUVgWANakzpgPUeta3Dy4CP1u-c5o_1uKljUG0hjirO8NdI8MKYmcR_tFnZMBgXQ5J6xrYRc-Nh8OndtdIaAP3DROvFmevssvQpM-kxCADcFkDLubQ5lIDrHphA96olCiXTOsBq8li2-BfvmHn7XLC3Z90ohVsxlji-n3iStS96-ixn4EWVByjTy4UkJUXAtfk3GchJVdYU5YevWUB66KK1WI4MpFbfIPtPm-AnlcbXCgDkvcHJT0MPOFVoBmL1dNxnLk_pOoOp77MdIFr0H_1tt3QZQyA_gZrTAe7KxkjfGnO-iIHjvnuEzAqN1AJhoOTvcmxs4vQKO78q1sY0ks8v0H8hWqCdgS9wcon7rzwF4pjvhE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC52Aqe5gzYvK6DeuY-cAPu6OFkA7JntKxXM3x4t2IAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBOcBT9DmDDtdxphOqGelRqfklzHYnrdlFYz7cDJHMcR1cVRXdq4Z5jzGumiiPkdj3GuvdHgAly6HDGZikrmNWY8KqPraawYy8jjc7PhC4QYIS3NF5FIcl4vPqHbFE-FixzfkVABpsjkwYZks549UYbAEZt4GNsV1okfOdh_4Rgx8MKu_WQrD1a-0sGRXRU30VtAG42IV0pY7v7pGvngvY4hbhesJow617OuAQavW2O1820POkluQmMoq4XP4jjrwuyH2p5fZSNR_9j8CE4PbkoWEhXCg7x-T7ShXS30_YFhs3Qy1HrIKg9-LgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0ydKr-MGoAOCm_-VOZZ9EEyw7w4A%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 12 Mar 2023 20:22:20 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame B6C6 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewADXXICHkxrAAFRu8OjsMStkraaigP-oQ&u=%7C53p4L%2Bu0rWNeNOTdpoEapHDst9Y9WVczfBlGGQUdgZ8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XQ0-yw8NmxFGL_UnDcLO3UySnFSdUVgWANakzpgPUeta3Dy4CP1u-c5o_1uKljUG0hjirO8NdI8MKYmcR_tFnZMBgXQ5J6xrYRc-Nh8OndtdIaAP3DROvFmevssvQpM-kxCADcFkDLubQ5lIDrHphA96olCiXTOsBq8li2-BfvmHn7XLC3Z90ohVsxlji-n3iStS96-ixn4EWVByjTy4UkJUXAtfk3GchJVdYU5YevWUB66KK1WI4MpFbfIPtPm-AnlcbXCgDkvcHJT0MPOFVoBmL1dNxnLk_pOoOp77MdIFr0H_1tt3QZQyA_gZrTAe7KxkjfGnO-iIHjvnuEzAqN1AJhoOTvcmxs4vQKO78q1sY0ks8v0H8hWqCdgS9wcon7rzwF4pjvhE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC52Aqe5gzYvK6DeuY-cAPu6OFkA7JntKxXM3x4t2IAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBOcBT9DmDDtdxphOqGelRqfklzHYnrdlFYz7cDJHMcR1cVRXdq4Z5jzGumiiPkdj3GuvdHgAly6HDGZikrmNWY8KqPraawYy8jjc7PhC4QYIS3NF5FIcl4vPqHbFE-FixzfkVABpsjkwYZks549UYbAEZt4GNsV1okfOdh_4Rgx8MKu_WQrD1a-0sGRXRU30VtAG42IV0pY7v7pGvngvY4hbhesJow617OuAQavW2O1820POkluQmMoq4XP4jjrwuyH2p5fZSNR_9j8CE4PbkoWEhXCg7x-T7ShXS30_YFhs3Qy1HrIKg9-LgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0ydKr-MGoAOCm_-VOZZ9EEyw7w4A%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Sun, 12 Mar 2023 20:22:20 GMT
m
secure-gl.imrworldwide.com/cgi-bin/ Frame B6C6 		0
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1647548538
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewADXXICHkxrAAFRu8OjsMStkraaigP-oQ&u=%7C53p4L%2Bu0rWNeNOTdpoEapHDst9Y9WVczfBlGGQUdgZ8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XQ0-yw8NmxFGL_UnDcLO3UySnFSdUVgWANakzpgPUeta3Dy4CP1u-c5o_1uKljUG0hjirO8NdI8MKYmcR_tFnZMBgXQ5J6xrYRc-Nh8OndtdIaAP3DROvFmevssvQpM-kxCADcFkDLubQ5lIDrHphA96olCiXTOsBq8li2-BfvmHn7XLC3Z90ohVsxlji-n3iStS96-ixn4EWVByjTy4UkJUXAtfk3GchJVdYU5YevWUB66KK1WI4MpFbfIPtPm-AnlcbXCgDkvcHJT0MPOFVoBmL1dNxnLk_pOoOp77MdIFr0H_1tt3QZQyA_gZrTAe7KxkjfGnO-iIHjvnuEzAqN1AJhoOTvcmxs4vQKO78q1sY0ks8v0H8hWqCdgS9wcon7rzwF4pjvhE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC52Aqe5gzYvK6DeuY-cAPu6OFkA7JntKxXM3x4t2IAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBOcBT9DmDDtdxphOqGelRqfklzHYnrdlFYz7cDJHMcR1cVRXdq4Z5jzGumiiPkdj3GuvdHgAly6HDGZikrmNWY8KqPraawYy8jjc7PhC4QYIS3NF5FIcl4vPqHbFE-FixzfkVABpsjkwYZks549UYbAEZt4GNsV1okfOdh_4Rgx8MKu_WQrD1a-0sGRXRU30VtAG42IV0pY7v7pGvngvY4hbhesJow617OuAQavW2O1820POkluQmMoq4XP4jjrwuyH2p5fZSNR_9j8CE4PbkoWEhXCg7x-T7ShXS30_YFhs3Qy1HrIKg9-LgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0ydKr-MGoAOCm_-VOZZ9EEyw7w4A%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225a:7400:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 20:22:20 GMT
via
1.1 88c4efc7a0d40cb6034579fa005452bc.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
TXL50-P1
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
x-cache
Miss from cloudfront
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length
0
x-amz-cf-id
m2ZbzRRQNYQ4vxwVOwWnqvRKiU0mpk3xp71RZ5nwTVyIV9JUPekeVA==
expires
Thu, 01 Dec 1994 16:00:00 GMT
lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame B6C6 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=jKQRDKIgar3PdS5R9BM-mVDRxQVd8sczkv7IJDSggY1X4g7jr8KbdwBAI-yRGB7z0vmvaunfGSJyZVa1ApVs2_oVeb9T-TgCtz3iePhD4BgJnRHRJyyFAbg_SOUO5QOtPzOZmwj-hQT3nIImlcrYyE9BmB5igewcu1aOg4HRyWew8PMfcABUELLYw-0E1_XHH3Fz0qI9XCFZjvhsMFIOwNdIJXL9zpyS3b3uVVFDx0xEnc3ZmDXm27_NUNHMOQSzN67IhZcHLdYSxtRVMH1JWx095LZCyFZMd9JiDywDeFeqJRmNndh1wpkeE433iVxzSE2nqyKULKtrjRmJCcivlUMyDJOdB1GC-tUIukRfhkyLfXKYlcTUoIQMDLPqVmhEkJl32N0-6ufN7a6CP3xlqJrOkkpMP4TD7w1jnEoZvvYc0BPnuhlcDH2G_ngIb_M1LpyfKA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewADXXICHkxrAAFRu8OjsMStkraaigP-oQ&u=%7C53p4L%2Bu0rWNeNOTdpoEapHDst9Y9WVczfBlGGQUdgZ8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XQ0-yw8NmxFGL_UnDcLO3UySnFSdUVgWANakzpgPUeta3Dy4CP1u-c5o_1uKljUG0hjirO8NdI8MKYmcR_tFnZMBgXQ5J6xrYRc-Nh8OndtdIaAP3DROvFmevssvQpM-kxCADcFkDLubQ5lIDrHphA96olCiXTOsBq8li2-BfvmHn7XLC3Z90ohVsxlji-n3iStS96-ixn4EWVByjTy4UkJUXAtfk3GchJVdYU5YevWUB66KK1WI4MpFbfIPtPm-AnlcbXCgDkvcHJT0MPOFVoBmL1dNxnLk_pOoOp77MdIFr0H_1tt3QZQyA_gZrTAe7KxkjfGnO-iIHjvnuEzAqN1AJhoOTvcmxs4vQKO78q1sY0ks8v0H8hWqCdgS9wcon7rzwF4pjvhE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC52Aqe5gzYvK6DeuY-cAPu6OFkA7JntKxXM3x4t2IAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBOcBT9DmDDtdxphOqGelRqfklzHYnrdlFYz7cDJHMcR1cVRXdq4Z5jzGumiiPkdj3GuvdHgAly6HDGZikrmNWY8KqPraawYy8jjc7PhC4QYIS3NF5FIcl4vPqHbFE-FixzfkVABpsjkwYZks549UYbAEZt4GNsV1okfOdh_4Rgx8MKu_WQrD1a-0sGRXRU30VtAG42IV0pY7v7pGvngvY4hbhesJow617OuAQavW2O1820POkluQmMoq4XP4jjrwuyH2p5fZSNR_9j8CE4PbkoWEhXCg7x-T7ShXS30_YFhs3Qy1HrIKg9-LgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0ydKr-MGoAOCm_-VOZZ9EEyw7w4A%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 20:22:20 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1741560
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame C393 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C6839e5gzYvbVEYK2ZPGVtPAGyZ7SsVyF_pf3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBOsBT9CEZO93g4eJ6gbs4-12BnhlNfLYyQfUue_RqEvSbo37BXK1SQ2V600cP_YMd8-9y5ND-C_PXc8M-OTEk71GwryjLL6Cbsu45lNN-BMskkbVG1B8_aSSudt4V2-AfTCDvQtQE-UOTQ7Nko9OuSLwZ9LDJ-xN697JYQ5jULaSsyblRyeMV8RN4VRfGDjEHO3Nmi8mBpA83pezEOFdsUQO54FYZDRODyCt-XC4u1rHTVG0YZyr9CN4ivDte_b8frmIA-iDNIVMNvHhKMaRSxSkmrVMhOzc7eUUfTYhWnTR2rk1FdxOpfmw2bXv7IAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTcyMDc2MzI3MTUzMjM3NxgA&sigh=c0_KJp_pQWo&uach_m=[UACH]&cid=CAQSLQCNIrLMJ5ZwYIMmMSIzRJ0z33xM3-547BXkQIUu5WLJ8fmjfQjyGOdwOeplZRgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=5742076145&adk=1588915182&adf=2105686797&pi=t.ma~as.5742076145&w=1200&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538972&bpp=1&bdt=432&idt=276&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6082e33e6cecd8b1-22fb64ad5ecd0061%3AT%3D1647548539%3ART%3D1647548539%3AS%3DALNI_MZOJkIAopPNiCdrpGiFt7OQj6kt6g&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200%2C1200x200&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=2125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=vo4CNxUBt4&p=https%3A//www.threatminer.org&dtd=280
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=5742076145&adk=1588915182&adf=2105686797&pi=t.ma~as.5742076145&w=1200&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538972&bpp=1&bdt=432&idt=276&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6082e33e6cecd8b1-22fb64ad5ecd0061%3AT%3D1647548539%3ART%3D1647548539%3AS%3DALNI_MZOJkIAopPNiCdrpGiFt7OQj6kt6g&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200%2C1200x200&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=2125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=vo4CNxUBt4&p=https%3A//www.threatminer.org&dtd=280
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 17 Mar 2022 20:22:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
notify
rtb.nl.eu.criteo.com/google/auction/ Frame C393 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=Uub8EMz6RLAJyAGdg2ICAgAAAHyMDvRoz7H920PW8BB7mDNifxpdBeN9SUYK2vsAEg&wp=YjOYewAEavYKGRsCAA0K8fBPL5xdFtQ0QUk4Yw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=5742076145&adk=1588915182&adf=2105686797&pi=t.ma~as.5742076145&w=1200&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538972&bpp=1&bdt=432&idt=276&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6082e33e6cecd8b1-22fb64ad5ecd0061%3AT%3D1647548539%3ART%3D1647548539%3AS%3DALNI_MZOJkIAopPNiCdrpGiFt7OQj6kt6g&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200%2C1200x200&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=2125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=vo4CNxUBt4&p=https%3A//www.threatminer.org&dtd=280
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
server
Kestrel
server-processing-duration-in-ticks
287839
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame 924A 		178 KB
55 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEavYKGRsCAA0K8fBPL5xdFtQ0QUk4Yw&u=%7C53p4L%2Bu0rWOy%2F1rxsRFMKk8g3%2FwCUHl5uNb%2FH5tIBVw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfbhC2m1A6WTTEufLo8HoGRYa45YGGUAqy4AywvQ9yT2o3NG4NRf_zk2AHO8p_D4_vw6pd7lHRffu6TqJCil9_8wBCVgY4uxrNspSo4_0e9Fz2qaio3WlqPiJDlw2CDCbzwuVhocKugljEil8NHkN2XJEXiZLjCB-dHZGuBvlyFLWUBh8H6TNRYvPhKYE8upM2qF-YvQ2jZrVsDCvlp5cmwVGtYuHqqJejZdW7IyszhHn9egG93dVJ1d5rIP_GHpsj7NCxxq1OSQLPk_b6zBrSs8zu-oJNdPL0PVFkzqCHjXQrB7NsjN51SLc-b2Ll2inWvRJlf0YEjtQ7cWS1O7cFJNcqI5k7jO0e8H115i6cF0LCzf_ugHj5Xv&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCobgwe5gzYvbVEYK2ZPGVtPAGyZ7SsVyF_pf3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBO4BT9CEZO93g4eJ6gbs4-12BnhlNfLYyQfUue_RqEvSbo37BXK1SQ2V600cP_YMd8-9y5ND-C_PXc8M-OTEk71GwryjLL6Cbsu45lNN-BMskkbVG1B8_aSSudt4V2-AfTCDvQtQE-UOTQ7Nko9OuSLwZ9LDJ-xN697JYQ5jULaSsyblRyeMV8RN4VRfGDjEHO3Nmi8mBpA83pezEOFdsUQO54FYZDRODyCt-XC4u1rHTVG0YZyr9CN4ivDte_b8frmIA-iDNIUONNBzr0kNWKs4jhacuUok5PEeyzwPQvZlEoST52NQieE1czH8U3H0noAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0uiMg3xn3GRAMDHZFAVg0e76_qKw%26client%3Dca-pub-5720763271532377%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=5742076145&adk=1588915182&adf=2105686797&pi=t.ma~as.5742076145&w=1200&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538972&bpp=1&bdt=432&idt=276&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6082e33e6cecd8b1-22fb64ad5ecd0061%3AT%3D1647548539%3ART%3D1647548539%3AS%3DALNI_MZOJkIAopPNiCdrpGiFt7OQj6kt6g&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200%2C1200x200&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=2125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=vo4CNxUBt4&p=https%3A//www.threatminer.org&dtd=280
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
3be77b5d96e69629ec17a791decb1408cd9638d7f07b635b67d1bd009c4d4991
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
content-type
text/html
server
Kestrel
cache-control
private, max-age=0, no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cross-origin-resource-policy
cross-origin
p3p
CP='CUR ADM OUR NOR STA NID'
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=OTiQ6H8m309QXgpdpyzOVnOk8NhOsiFvbs2RqcKHAURWBLgOK-NV0UCtuTBtawl0X8oVI10Wn7Q_MtoZ3bTQaCZ4Y_yezWrvOWBSSv8uWMI2cbG-KouEh_qYcSbHRLhQNBRQSXxO7mJc3T5L3diFybIXiUU4DJaZGe1hWYdkPXTxYU4vkj1A82FVuFeHTrlOTbGDLIPhBWpQc7Tv9LoQV6Dz9tF6RpbhgYbJRvZfngNlbEJuHMn6cacso5JgH9caNJ0iig"}], "max_age": 86400}
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks
137858634
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
adview
googleads.g.doubleclick.net/pagead/ Frame 899E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CVWXve5gzYvz7EYmG-cAP9Ia8-AHJntKxXM3hkvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQJ70boV0JiyPqgDAaoE6wFP0Ae1QU__BGkr6YCbuQl3UkfK1Yizj1k-sb_SKTHmLeKLO4a2xTkuN_iBOGNQpszVMkn3YeTaVVYPv6cE1T-QeVTq6lvVkyvyeRnW8-TJ18kA7Be2GQFgo2vP3xowTT89mbAgglFbHdpnUkwxd3MSdI4pCR6MkIOaxFVaUTFbhcGPgEhc7JCHk3yeUXQHIxJoabeepb07MH1jbsJd8FY1Vma2vjJMHx8820UufRplB-cVrHp87p_zMvjDNgkBuRL4n6P995A8CwsHvNmUc1PINmQRR2wrJBD5d0OHxTPCYFPzMkLmKn7UVXElgAaalI351ZKE078BoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTcyMDc2MzI3MTUzMjM3NxgA&sigh=5-sQiPSsyLM&uach_m=[UACH]&cid=CAQSLQCNIrLMKmNMJ_LTUiaCVit5TfjS2lEknd5DUx30K3E3pOjoKljdKtsVi_nbfRgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=9669696950&adk=163335597&adf=2825014424&pi=t.ma~as.9669696950&w=1200&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538972&bpp=1&bdt=432&idt=283&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6082e33e6cecd8b1-22fb64ad5ecd0061%3AT%3D1647548539%3ART%3D1647548539%3AS%3DALNI_MZOJkIAopPNiCdrpGiFt7OQj6kt6g&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200%2C1200x200%2C1200x200&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=2524&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=jGmW2bJRP8&p=https%3A//www.threatminer.org&dtd=285
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=9669696950&adk=163335597&adf=2825014424&pi=t.ma~as.9669696950&w=1200&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538972&bpp=1&bdt=432&idt=283&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6082e33e6cecd8b1-22fb64ad5ecd0061%3AT%3D1647548539%3ART%3D1647548539%3AS%3DALNI_MZOJkIAopPNiCdrpGiFt7OQj6kt6g&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200%2C1200x200%2C1200x200&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=2524&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=jGmW2bJRP8&p=https%3A//www.threatminer.org&dtd=285
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 17 Mar 2022 20:22:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
notify
rtb.fr.eu.criteo.com/google/auction/ Frame 899E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=UqzDEsz6RLAJyAGdg2ICAgAAALwC7ql6cQU620PW8BB6mDNiIdZJZ_4hkNfgLSsAEg&wp=YjOYewAEffwCHkMJAA8DdPERq1dGt6bgudtwuQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=9669696950&adk=163335597&adf=2825014424&pi=t.ma~as.9669696950&w=1200&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538972&bpp=1&bdt=432&idt=283&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6082e33e6cecd8b1-22fb64ad5ecd0061%3AT%3D1647548539%3ART%3D1647548539%3AS%3DALNI_MZOJkIAopPNiCdrpGiFt7OQj6kt6g&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200%2C1200x200%2C1200x200&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=2524&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=jGmW2bJRP8&p=https%3A//www.threatminer.org&dtd=285
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
server
Kestrel
server-processing-duration-in-ticks
237308
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame 21FC 		117 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEffwCHkMJAA8DdPERq1dGt6bgudtwuQ&u=%7C53p4L%2Bu0rWN58YE5tUTS7ovOL2wpomK5zsMhbCPhDOI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy3JygHL7QPZbHQg5vtw827UZuL-K2XIlI_HIIoK5Yw9BJjaku2-EdFUqMZy9wvtdHma2jh0Mr4Om94qV24hCREvtjjSzBY9OMRlwBKGUyblphCb5GSrQYfustV3nP8gS9mMEW1mbwEqByUjteOu695KWM3vQwjcVB43GGzw6Xe2THuwTfPH6I3Fwzid42nRxiv9cS4HDSuk1nZWsFt6YlvSBcrbuEZgJDUmKhx_HbXdw2guMLKuDBJhJcYZTJf2bHMvCuGRZylDfM-xCCif69ZNQouFDS2qrHesz_K74b7u7PgLWQsU5DTN7chRHGiZkTccixZZ2Zq_v489QbL9pkkBCYKtxVPN2P9HPc1wn_4GKHoBK7gYc4Wlz7UWf0-8PLSKQsWbkQoCd&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfdcse5gzYvz7EYmG-cAP9Ia8-AHJntKxXM3hkvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQJ70boV0JiyPqgDAaoE7gFP0Ae1QU__BGkr6YCbuQl3UkfK1Yizj1k-sb_SKTHmLeKLO4a2xTkuN_iBOGNQpszVMkn3YeTaVVYPv6cE1T-QeVTq6lvVkyvyeRnW8-TJ18kA7Be2GQFgo2vP3xowTT89mbAgglFbHdpnUkwxd3MSdI4pCR6MkIOaxFVaUTFbhcGPgEhc7JCHk3yeUXQHIxJoabeepb07MH1jbsJd8FY1Vma2vjJMHx8820UufRplB-cVrHp87p_zMvjDNgkBuRL4n6P999I-KpmAM0WHzM_clbQs4ZQiMBpPfW2fR4cKXfUBjVzKMvt-0WKaqrHvgAaalI351ZKE078BoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_12lleO4KPSwB-GqkIMR_X3GsZUHg%26client%3Dca-pub-5720763271532377%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=9669696950&adk=163335597&adf=2825014424&pi=t.ma~as.9669696950&w=1200&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538972&bpp=1&bdt=432&idt=283&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6082e33e6cecd8b1-22fb64ad5ecd0061%3AT%3D1647548539%3ART%3D1647548539%3AS%3DALNI_MZOJkIAopPNiCdrpGiFt7OQj6kt6g&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200%2C1200x200%2C1200x200&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=2524&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=jGmW2bJRP8&p=https%3A//www.threatminer.org&dtd=285
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e99d0a2e069744b51b3e8736ffe353b0fea9beb788db283272a8fae5a5eb6f06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
content-type
text/html
server
Kestrel
cache-control
private, max-age=0, no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cross-origin-resource-policy
cross-origin
p3p
CP='CUR ADM OUR NOR STA NID'
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=10_9Y38m309QXgpd_OroTo6RUdxtpoPbj_33lyIWM4-gkSipwdWGRJIzWGWcapbBDK0GOeVEl922A2YMbMWGjpF-YFdBcEvzPYZvUSMmOWmGGb6xUZ4CCYUVrnRhQ_G9Xxe7HtfEWTFCVYIDKjdYy61nA0ULnGMvdCEL2FKpSC5d7MKsiDtrgxYT1Xe7j4OrvC3sHcz9IQb7sOG6mliXwzHDxtv-9fsk6Et4jpp5KVwT5PRlATsPkYC4wK69cYJ0MvT4Sg"}], "max_age": 86400}
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks
27983116
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
privacy_small.svg
static.criteo.net/flash/icon/ Frame C318 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEBRgKwl6LAAKEXv664g0NaSbCJWcKyQ&u=%7C53p4L%2Bu0rWOz40uVORlbv9jHVFGy189UnSy90Gbl0dA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKywk3aerMLAZFsyz9DD3N0k1--LnXBitkMdeKTnUxXH-3iNVHErUWUFog4Xp6U3xcnVV4X8sI9s0oqlRGvaA5qebco6zguNpaYxSy4dJ2s9eC5-5snf4ikswnEgqm0RJN-rrR8FsiTKpzgq9eBwp9LIsJ5v-7J1U8aaxKkImkoX8fMVAHxyJqP7FajKpkP5oadx7cG947pMjTADfpHgvygaGtbKwhBq5immos8cr0fMnA4WfcjzHeH-aoirTW7lBkXgriN7_cwZ3pSu7J2oUw1P62W7EC5eVpMjCWuB0ILhYqUG642NscMcRRVw8g0MnQcZUH2M1DSgC1mcXVcg15RKoOUbfRPv9PaNTMfufnOCc9El0XbQik1nkJ1PpHMBJm5LBPJ_nJv7K3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCluXNe5gzYpiKEIu9iQbeiArJntKxXLWY49aTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBOkBT9D_DEO3-tH1QI137xX8ZJlO8jTLmr0MPUae-AwoZOhSE4cmZZXEVqs6ibt-ZUSHRkcu5rHwggLHSvVG5WRJWIG8mC-thCscu-YjBqQMPTTMpp5s8dhXqeK5T_MIa9zL2CSsaAldd2HmRNtHUn8cqBYC23g8g52qL7zashZhMSEz8xjDmHAA06Uwpw47sUK9EQK70QYPsvN-9f_ewcf35ahYD5usKTYKQhPjW8S0q0Ou9OtolXyL4LhYGA8-T5Jw33Epgcl-8U9xd1Rp4ODjgz_n52KTccVhIijhBf_q7386P_i20JsmeBKABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_26XfUpxHuy4m_QhzKj6jNfTc9A7Q%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Mar 2023 20:22:20 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame C318 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEBRgKwl6LAAKEXv664g0NaSbCJWcKyQ&u=%7C53p4L%2Bu0rWOz40uVORlbv9jHVFGy189UnSy90Gbl0dA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKywk3aerMLAZFsyz9DD3N0k1--LnXBitkMdeKTnUxXH-3iNVHErUWUFog4Xp6U3xcnVV4X8sI9s0oqlRGvaA5qebco6zguNpaYxSy4dJ2s9eC5-5snf4ikswnEgqm0RJN-rrR8FsiTKpzgq9eBwp9LIsJ5v-7J1U8aaxKkImkoX8fMVAHxyJqP7FajKpkP5oadx7cG947pMjTADfpHgvygaGtbKwhBq5immos8cr0fMnA4WfcjzHeH-aoirTW7lBkXgriN7_cwZ3pSu7J2oUw1P62W7EC5eVpMjCWuB0ILhYqUG642NscMcRRVw8g0MnQcZUH2M1DSgC1mcXVcg15RKoOUbfRPv9PaNTMfufnOCc9El0XbQik1nkJ1PpHMBJm5LBPJ_nJv7K3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCluXNe5gzYpiKEIu9iQbeiArJntKxXLWY49aTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBOkBT9D_DEO3-tH1QI137xX8ZJlO8jTLmr0MPUae-AwoZOhSE4cmZZXEVqs6ibt-ZUSHRkcu5rHwggLHSvVG5WRJWIG8mC-thCscu-YjBqQMPTTMpp5s8dhXqeK5T_MIa9zL2CSsaAldd2HmRNtHUn8cqBYC23g8g52qL7zashZhMSEz8xjDmHAA06Uwpw47sUK9EQK70QYPsvN-9f_ewcf35ahYD5usKTYKQhPjW8S0q0Ou9OtolXyL4LhYGA8-T5Jw33Epgcl-8U9xd1Rp4ODjgz_n52KTccVhIijhBf_q7386P_i20JsmeBKABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_26XfUpxHuy4m_QhzKj6jNfTc9A7Q%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Mar 2023 20:22:20 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame C318 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEBRgKwl6LAAKEXv664g0NaSbCJWcKyQ&u=%7C53p4L%2Bu0rWOz40uVORlbv9jHVFGy189UnSy90Gbl0dA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKywk3aerMLAZFsyz9DD3N0k1--LnXBitkMdeKTnUxXH-3iNVHErUWUFog4Xp6U3xcnVV4X8sI9s0oqlRGvaA5qebco6zguNpaYxSy4dJ2s9eC5-5snf4ikswnEgqm0RJN-rrR8FsiTKpzgq9eBwp9LIsJ5v-7J1U8aaxKkImkoX8fMVAHxyJqP7FajKpkP5oadx7cG947pMjTADfpHgvygaGtbKwhBq5immos8cr0fMnA4WfcjzHeH-aoirTW7lBkXgriN7_cwZ3pSu7J2oUw1P62W7EC5eVpMjCWuB0ILhYqUG642NscMcRRVw8g0MnQcZUH2M1DSgC1mcXVcg15RKoOUbfRPv9PaNTMfufnOCc9El0XbQik1nkJ1PpHMBJm5LBPJ_nJv7K3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCluXNe5gzYpiKEIu9iQbeiArJntKxXLWY49aTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBOkBT9D_DEO3-tH1QI137xX8ZJlO8jTLmr0MPUae-AwoZOhSE4cmZZXEVqs6ibt-ZUSHRkcu5rHwggLHSvVG5WRJWIG8mC-thCscu-YjBqQMPTTMpp5s8dhXqeK5T_MIa9zL2CSsaAldd2HmRNtHUn8cqBYC23g8g52qL7zashZhMSEz8xjDmHAA06Uwpw47sUK9EQK70QYPsvN-9f_ewcf35ahYD5usKTYKQhPjW8S0q0Ou9OtolXyL4LhYGA8-T5Jw33Epgcl-8U9xd1Rp4ODjgz_n52KTccVhIijhBf_q7386P_i20JsmeBKABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_26XfUpxHuy4m_QhzKj6jNfTc9A7Q%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 12 Mar 2023 20:22:20 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame C318 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEBRgKwl6LAAKEXv664g0NaSbCJWcKyQ&u=%7C53p4L%2Bu0rWOz40uVORlbv9jHVFGy189UnSy90Gbl0dA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKywk3aerMLAZFsyz9DD3N0k1--LnXBitkMdeKTnUxXH-3iNVHErUWUFog4Xp6U3xcnVV4X8sI9s0oqlRGvaA5qebco6zguNpaYxSy4dJ2s9eC5-5snf4ikswnEgqm0RJN-rrR8FsiTKpzgq9eBwp9LIsJ5v-7J1U8aaxKkImkoX8fMVAHxyJqP7FajKpkP5oadx7cG947pMjTADfpHgvygaGtbKwhBq5immos8cr0fMnA4WfcjzHeH-aoirTW7lBkXgriN7_cwZ3pSu7J2oUw1P62W7EC5eVpMjCWuB0ILhYqUG642NscMcRRVw8g0MnQcZUH2M1DSgC1mcXVcg15RKoOUbfRPv9PaNTMfufnOCc9El0XbQik1nkJ1PpHMBJm5LBPJ_nJv7K3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCluXNe5gzYpiKEIu9iQbeiArJntKxXLWY49aTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBOkBT9D_DEO3-tH1QI137xX8ZJlO8jTLmr0MPUae-AwoZOhSE4cmZZXEVqs6ibt-ZUSHRkcu5rHwggLHSvVG5WRJWIG8mC-thCscu-YjBqQMPTTMpp5s8dhXqeK5T_MIa9zL2CSsaAldd2HmRNtHUn8cqBYC23g8g52qL7zashZhMSEz8xjDmHAA06Uwpw47sUK9EQK70QYPsvN-9f_ewcf35ahYD5usKTYKQhPjW8S0q0Ou9OtolXyL4LhYGA8-T5Jw33Epgcl-8U9xd1Rp4ODjgz_n52KTccVhIijhBf_q7386P_i20JsmeBKABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_26XfUpxHuy4m_QhzKj6jNfTc9A7Q%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Sun, 12 Mar 2023 20:22:20 GMT
m
secure-gl.imrworldwide.com/cgi-bin/ Frame C318 		0
688 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1647548539
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEBRgKwl6LAAKEXv664g0NaSbCJWcKyQ&u=%7C53p4L%2Bu0rWOz40uVORlbv9jHVFGy189UnSy90Gbl0dA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKywk3aerMLAZFsyz9DD3N0k1--LnXBitkMdeKTnUxXH-3iNVHErUWUFog4Xp6U3xcnVV4X8sI9s0oqlRGvaA5qebco6zguNpaYxSy4dJ2s9eC5-5snf4ikswnEgqm0RJN-rrR8FsiTKpzgq9eBwp9LIsJ5v-7J1U8aaxKkImkoX8fMVAHxyJqP7FajKpkP5oadx7cG947pMjTADfpHgvygaGtbKwhBq5immos8cr0fMnA4WfcjzHeH-aoirTW7lBkXgriN7_cwZ3pSu7J2oUw1P62W7EC5eVpMjCWuB0ILhYqUG642NscMcRRVw8g0MnQcZUH2M1DSgC1mcXVcg15RKoOUbfRPv9PaNTMfufnOCc9El0XbQik1nkJ1PpHMBJm5LBPJ_nJv7K3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCluXNe5gzYpiKEIu9iQbeiArJntKxXLWY49aTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBOkBT9D_DEO3-tH1QI137xX8ZJlO8jTLmr0MPUae-AwoZOhSE4cmZZXEVqs6ibt-ZUSHRkcu5rHwggLHSvVG5WRJWIG8mC-thCscu-YjBqQMPTTMpp5s8dhXqeK5T_MIa9zL2CSsaAldd2HmRNtHUn8cqBYC23g8g52qL7zashZhMSEz8xjDmHAA06Uwpw47sUK9EQK70QYPsvN-9f_ewcf35ahYD5usKTYKQhPjW8S0q0Ou9OtolXyL4LhYGA8-T5Jw33Epgcl-8U9xd1Rp4ODjgz_n52KTccVhIijhBf_q7386P_i20JsmeBKABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_26XfUpxHuy4m_QhzKj6jNfTc9A7Q%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225a:7400:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 20:22:20 GMT
via
1.1 88c4efc7a0d40cb6034579fa005452bc.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
TXL50-P1
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
x-cache
Miss from cloudfront
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length
0
x-amz-cf-id
BnPI34Or575bx5XRPNEnZ3Ka-bEL1ybW0_7f0Eb13m1e0k1bljQ2Fw==
expires
Thu, 01 Dec 1994 16:00:00 GMT
lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame C318 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=OtTVY6Igar3PdS5R9BM-mVDRxQUrCb1k9KORil2je5eaEYkb7j83Pz2YgL2jgVApTeIUQ5I8B8xXINCGe3f_26PKiBrqB-gRF3LBrlDaGeFmGnp5sX2t9RV5p9E9O8YVeN5DnUwgCDxNuTBhcjtAGvCodvlf0IvH_w0DOerUnFzIInk1a4s0iNatMeqGUrjTR5XKG9fL8eVz3E4VqSNWqc2Hv3f4Fu8c1Gy40JtTmP4aLkisDbyb3x2n7537L9chKBtM2WOonex2BAE2E5kjqytAbx_Fpou5h9aqHghTL1MslzgzG5h76KQx8G6nHvf64cPDKcONUvHAQ7A5GaeUF9vs0D2pxG5eH5Yn5rp7VLRWjIJGXzoI1iNtW_CG6hquxCdct60YjT64eQ0_IqmrK9uT9C6xF2gDstb2ySQS1WSdDpEUEdeyqpG03Hfk7xBOUKrcuA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEBRgKwl6LAAKEXv664g0NaSbCJWcKyQ&u=%7C53p4L%2Bu0rWOz40uVORlbv9jHVFGy189UnSy90Gbl0dA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKywk3aerMLAZFsyz9DD3N0k1--LnXBitkMdeKTnUxXH-3iNVHErUWUFog4Xp6U3xcnVV4X8sI9s0oqlRGvaA5qebco6zguNpaYxSy4dJ2s9eC5-5snf4ikswnEgqm0RJN-rrR8FsiTKpzgq9eBwp9LIsJ5v-7J1U8aaxKkImkoX8fMVAHxyJqP7FajKpkP5oadx7cG947pMjTADfpHgvygaGtbKwhBq5immos8cr0fMnA4WfcjzHeH-aoirTW7lBkXgriN7_cwZ3pSu7J2oUw1P62W7EC5eVpMjCWuB0ILhYqUG642NscMcRRVw8g0MnQcZUH2M1DSgC1mcXVcg15RKoOUbfRPv9PaNTMfufnOCc9El0XbQik1nkJ1PpHMBJm5LBPJ_nJv7K3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCluXNe5gzYpiKEIu9iQbeiArJntKxXLWY49aTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBOkBT9D_DEO3-tH1QI137xX8ZJlO8jTLmr0MPUae-AwoZOhSE4cmZZXEVqs6ibt-ZUSHRkcu5rHwggLHSvVG5WRJWIG8mC-thCscu-YjBqQMPTTMpp5s8dhXqeK5T_MIa9zL2CSsaAldd2HmRNtHUn8cqBYC23g8g52qL7zashZhMSEz8xjDmHAA06Uwpw47sUK9EQK70QYPsvN-9f_ewcf35ahYD5usKTYKQhPjW8S0q0Ou9OtolXyL4LhYGA8-T5Jw33Epgcl-8U9xd1Rp4ODjgz_n52KTccVhIijhBf_q7386P_i20JsmeBKABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_26XfUpxHuy4m_QhzKj6jNfTc9A7Q%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 20:22:19 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3061907
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame AD4C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAFBNQKwlSvAAr6C7Wf3l8tKt5G_N6MsQ&u=%7C53p4L%2Bu0rWNn4i3xCBKCIxYnCP%2FzJOWrZ%2B6D8H6ABdM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZaAgZ6Zq4A97VoyRtB5juWrbcTCGS5dG8n78RyvSsyonrnv6k0TN2Vw2r_H89DYzUrXZOjNvuLW31lxHy6-FkZboMzx3ZVxAMhxjPqpWNpcMHv0AuLjMFSxCiZzWxFxHo3-7SBq9y29En88DR45xIjItPZxf6LJOQBZh0fZIWdqUa2ll9xha5ZMkdSmEoAbOcQVwxKCzyGcmGvWwEadvbWDVpbAvwoxve1z8TZExayxcdXAviKINBd_XN5lupepBtibwGKOxQmQAM170gTU5KN3O4Ep684qGxIBDLK6IPL7uyvocqjQ7YrtvixP3_Nvke4R-EM55wfKDJGSs31b28EzobkZAVNQZI0T6iiposyj_b1AnKW3vRK1T3bvSu2wDA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbmdre5gzYtSJFK-piQaL9KvwCcme0rFc9eqhhogBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQLtjfzbp6OyPqgDAaoE7gFP0MH0kXzSeUKXy-CPaWSWqNaTZOrMvVp0HkGLqX1aLbiO4XbXzH5CHKAg9a2pL_pMaoj1H7UtLRvOy3oEu5r4vwIPkmxCfrnREYX6Mj9WqcxF1r3EcdClZMfvDOWxMYjjMV2fiOOIeIySqPJGHxCa7CrAtoWauYWmDo-O3-K89l_zN-7YbQKfOQJs19Q9O-0hhtGBu5ihjv8cAT2vkIKu78DD16lEk8QiD60r8jc10z0DVbY1DjczXmGzndE4YPM6EAYnVO6moqACSd6I5FL0sqBITQbbQxcKnSoMJ3nmgxq5u1iuoFjZSLpIvUHdgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_04DDEXhZq359YFxJbqUUK6sxcNjg%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Mar 2023 20:22:20 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame AD4C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAFBNQKwlSvAAr6C7Wf3l8tKt5G_N6MsQ&u=%7C53p4L%2Bu0rWNn4i3xCBKCIxYnCP%2FzJOWrZ%2B6D8H6ABdM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZaAgZ6Zq4A97VoyRtB5juWrbcTCGS5dG8n78RyvSsyonrnv6k0TN2Vw2r_H89DYzUrXZOjNvuLW31lxHy6-FkZboMzx3ZVxAMhxjPqpWNpcMHv0AuLjMFSxCiZzWxFxHo3-7SBq9y29En88DR45xIjItPZxf6LJOQBZh0fZIWdqUa2ll9xha5ZMkdSmEoAbOcQVwxKCzyGcmGvWwEadvbWDVpbAvwoxve1z8TZExayxcdXAviKINBd_XN5lupepBtibwGKOxQmQAM170gTU5KN3O4Ep684qGxIBDLK6IPL7uyvocqjQ7YrtvixP3_Nvke4R-EM55wfKDJGSs31b28EzobkZAVNQZI0T6iiposyj_b1AnKW3vRK1T3bvSu2wDA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbmdre5gzYtSJFK-piQaL9KvwCcme0rFc9eqhhogBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQLtjfzbp6OyPqgDAaoE7gFP0MH0kXzSeUKXy-CPaWSWqNaTZOrMvVp0HkGLqX1aLbiO4XbXzH5CHKAg9a2pL_pMaoj1H7UtLRvOy3oEu5r4vwIPkmxCfrnREYX6Mj9WqcxF1r3EcdClZMfvDOWxMYjjMV2fiOOIeIySqPJGHxCa7CrAtoWauYWmDo-O3-K89l_zN-7YbQKfOQJs19Q9O-0hhtGBu5ihjv8cAT2vkIKu78DD16lEk8QiD60r8jc10z0DVbY1DjczXmGzndE4YPM6EAYnVO6moqACSd6I5FL0sqBITQbbQxcKnSoMJ3nmgxq5u1iuoFjZSLpIvUHdgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_04DDEXhZq359YFxJbqUUK6sxcNjg%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Mar 2023 20:22:20 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame AD4C 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAFBNQKwlSvAAr6C7Wf3l8tKt5G_N6MsQ&u=%7C53p4L%2Bu0rWNn4i3xCBKCIxYnCP%2FzJOWrZ%2B6D8H6ABdM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZaAgZ6Zq4A97VoyRtB5juWrbcTCGS5dG8n78RyvSsyonrnv6k0TN2Vw2r_H89DYzUrXZOjNvuLW31lxHy6-FkZboMzx3ZVxAMhxjPqpWNpcMHv0AuLjMFSxCiZzWxFxHo3-7SBq9y29En88DR45xIjItPZxf6LJOQBZh0fZIWdqUa2ll9xha5ZMkdSmEoAbOcQVwxKCzyGcmGvWwEadvbWDVpbAvwoxve1z8TZExayxcdXAviKINBd_XN5lupepBtibwGKOxQmQAM170gTU5KN3O4Ep684qGxIBDLK6IPL7uyvocqjQ7YrtvixP3_Nvke4R-EM55wfKDJGSs31b28EzobkZAVNQZI0T6iiposyj_b1AnKW3vRK1T3bvSu2wDA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbmdre5gzYtSJFK-piQaL9KvwCcme0rFc9eqhhogBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQLtjfzbp6OyPqgDAaoE7gFP0MH0kXzSeUKXy-CPaWSWqNaTZOrMvVp0HkGLqX1aLbiO4XbXzH5CHKAg9a2pL_pMaoj1H7UtLRvOy3oEu5r4vwIPkmxCfrnREYX6Mj9WqcxF1r3EcdClZMfvDOWxMYjjMV2fiOOIeIySqPJGHxCa7CrAtoWauYWmDo-O3-K89l_zN-7YbQKfOQJs19Q9O-0hhtGBu5ihjv8cAT2vkIKu78DD16lEk8QiD60r8jc10z0DVbY1DjczXmGzndE4YPM6EAYnVO6moqACSd6I5FL0sqBITQbbQxcKnSoMJ3nmgxq5u1iuoFjZSLpIvUHdgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_04DDEXhZq359YFxJbqUUK6sxcNjg%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 12 Mar 2023 20:22:20 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame AD4C 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAFBNQKwlSvAAr6C7Wf3l8tKt5G_N6MsQ&u=%7C53p4L%2Bu0rWNn4i3xCBKCIxYnCP%2FzJOWrZ%2B6D8H6ABdM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZaAgZ6Zq4A97VoyRtB5juWrbcTCGS5dG8n78RyvSsyonrnv6k0TN2Vw2r_H89DYzUrXZOjNvuLW31lxHy6-FkZboMzx3ZVxAMhxjPqpWNpcMHv0AuLjMFSxCiZzWxFxHo3-7SBq9y29En88DR45xIjItPZxf6LJOQBZh0fZIWdqUa2ll9xha5ZMkdSmEoAbOcQVwxKCzyGcmGvWwEadvbWDVpbAvwoxve1z8TZExayxcdXAviKINBd_XN5lupepBtibwGKOxQmQAM170gTU5KN3O4Ep684qGxIBDLK6IPL7uyvocqjQ7YrtvixP3_Nvke4R-EM55wfKDJGSs31b28EzobkZAVNQZI0T6iiposyj_b1AnKW3vRK1T3bvSu2wDA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbmdre5gzYtSJFK-piQaL9KvwCcme0rFc9eqhhogBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQLtjfzbp6OyPqgDAaoE7gFP0MH0kXzSeUKXy-CPaWSWqNaTZOrMvVp0HkGLqX1aLbiO4XbXzH5CHKAg9a2pL_pMaoj1H7UtLRvOy3oEu5r4vwIPkmxCfrnREYX6Mj9WqcxF1r3EcdClZMfvDOWxMYjjMV2fiOOIeIySqPJGHxCa7CrAtoWauYWmDo-O3-K89l_zN-7YbQKfOQJs19Q9O-0hhtGBu5ihjv8cAT2vkIKu78DD16lEk8QiD60r8jc10z0DVbY1DjczXmGzndE4YPM6EAYnVO6moqACSd6I5FL0sqBITQbbQxcKnSoMJ3nmgxq5u1iuoFjZSLpIvUHdgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_04DDEXhZq359YFxJbqUUK6sxcNjg%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Sun, 12 Mar 2023 20:22:20 GMT
m
secure-gl.imrworldwide.com/cgi-bin/ Frame AD4C 		0
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1647548539
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAFBNQKwlSvAAr6C7Wf3l8tKt5G_N6MsQ&u=%7C53p4L%2Bu0rWNn4i3xCBKCIxYnCP%2FzJOWrZ%2B6D8H6ABdM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZaAgZ6Zq4A97VoyRtB5juWrbcTCGS5dG8n78RyvSsyonrnv6k0TN2Vw2r_H89DYzUrXZOjNvuLW31lxHy6-FkZboMzx3ZVxAMhxjPqpWNpcMHv0AuLjMFSxCiZzWxFxHo3-7SBq9y29En88DR45xIjItPZxf6LJOQBZh0fZIWdqUa2ll9xha5ZMkdSmEoAbOcQVwxKCzyGcmGvWwEadvbWDVpbAvwoxve1z8TZExayxcdXAviKINBd_XN5lupepBtibwGKOxQmQAM170gTU5KN3O4Ep684qGxIBDLK6IPL7uyvocqjQ7YrtvixP3_Nvke4R-EM55wfKDJGSs31b28EzobkZAVNQZI0T6iiposyj_b1AnKW3vRK1T3bvSu2wDA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbmdre5gzYtSJFK-piQaL9KvwCcme0rFc9eqhhogBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQLtjfzbp6OyPqgDAaoE7gFP0MH0kXzSeUKXy-CPaWSWqNaTZOrMvVp0HkGLqX1aLbiO4XbXzH5CHKAg9a2pL_pMaoj1H7UtLRvOy3oEu5r4vwIPkmxCfrnREYX6Mj9WqcxF1r3EcdClZMfvDOWxMYjjMV2fiOOIeIySqPJGHxCa7CrAtoWauYWmDo-O3-K89l_zN-7YbQKfOQJs19Q9O-0hhtGBu5ihjv8cAT2vkIKu78DD16lEk8QiD60r8jc10z0DVbY1DjczXmGzndE4YPM6EAYnVO6moqACSd6I5FL0sqBITQbbQxcKnSoMJ3nmgxq5u1iuoFjZSLpIvUHdgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_04DDEXhZq359YFxJbqUUK6sxcNjg%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225a:7400:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 20:22:20 GMT
via
1.1 88c4efc7a0d40cb6034579fa005452bc.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
TXL50-P1
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
x-cache
Miss from cloudfront
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length
0
x-amz-cf-id
9Z022VXd9GwbGRTBNwr8wm3N-cyfTsTLwxW6jfuXhiL6qMvP7Jnasg==
expires
Thu, 01 Dec 1994 16:00:00 GMT
lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame AD4C 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=WCBBD6Igar3PdS5R9BM-mVDRxQV4TByITBKzyPg72sQmJBNtOoSJ1m1lOpP4MBXZoH4EC6GBM6VDxJqMosVCIewJZ-CHEGfu6cY9yA8Mz9hB6l8rLpsXGD02pG9hN1oUoBe4_WLPd2I1FxOioUB8U5bEEwQU3Z-YXArYuiKhLnhcVDsHL-kJcJ4G7fobVviqga19z7aRaxwqc0tN5jAKN_tK0frSSlZ7ASCnK3jd2G9-ebfLRTjPmEbs-Ja1HDNg6jMqJUkDf7QhMo4vclE6Sah9IgV8QuJFAMvPGwC_m4mBogfcrAOozB8hbNPSDD3NstrbOtOYPG-FFgMBf8GFR_hbGj3tlLSmQuclqvSFQnYkWeKYhSEXNTF5_7Zda8jU3WHxNULTIY90eDsSAeHPPjnrirZISjzuhhnCjgeeMx6nwsIcrBEKI0lWTVAvk8c9MhK68Q
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAFBNQKwlSvAAr6C7Wf3l8tKt5G_N6MsQ&u=%7C53p4L%2Bu0rWNn4i3xCBKCIxYnCP%2FzJOWrZ%2B6D8H6ABdM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZaAgZ6Zq4A97VoyRtB5juWrbcTCGS5dG8n78RyvSsyonrnv6k0TN2Vw2r_H89DYzUrXZOjNvuLW31lxHy6-FkZboMzx3ZVxAMhxjPqpWNpcMHv0AuLjMFSxCiZzWxFxHo3-7SBq9y29En88DR45xIjItPZxf6LJOQBZh0fZIWdqUa2ll9xha5ZMkdSmEoAbOcQVwxKCzyGcmGvWwEadvbWDVpbAvwoxve1z8TZExayxcdXAviKINBd_XN5lupepBtibwGKOxQmQAM170gTU5KN3O4Ep684qGxIBDLK6IPL7uyvocqjQ7YrtvixP3_Nvke4R-EM55wfKDJGSs31b28EzobkZAVNQZI0T6iiposyj_b1AnKW3vRK1T3bvSu2wDA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbmdre5gzYtSJFK-piQaL9KvwCcme0rFc9eqhhogBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQLtjfzbp6OyPqgDAaoE7gFP0MH0kXzSeUKXy-CPaWSWqNaTZOrMvVp0HkGLqX1aLbiO4XbXzH5CHKAg9a2pL_pMaoj1H7UtLRvOy3oEu5r4vwIPkmxCfrnREYX6Mj9WqcxF1r3EcdClZMfvDOWxMYjjMV2fiOOIeIySqPJGHxCa7CrAtoWauYWmDo-O3-K89l_zN-7YbQKfOQJs19Q9O-0hhtGBu5ihjv8cAT2vkIKu78DD16lEk8QiD60r8jc10z0DVbY1DjczXmGzndE4YPM6EAYnVO6moqACSd6I5FL0sqBITQbbQxcKnSoMJ3nmgxq5u1iuoFjZSLpIvUHdgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_04DDEXhZq359YFxJbqUUK6sxcNjg%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 20:22:19 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3198137
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 2826 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CUaz5e5gzYpS8Fa2E-cAP8NahwAHJntKxXI3w4taTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakCe9G6FdCYsj6oAwGqBOsBT9Au4N9rNKlgPoPrun2FJw2X4b2xc_gRfAliicDTR3QVvl_CzV2VAFNje0sYOMARk5LpqzZjJZJb8VUXAs2Kf1R-dyIHGDBR6Zfxri8OzECL7GbLXkPZ7wn_UEK2Lz2f_bIwZGL_eiohLGTntH6ZORC_3kjoWS-SsR3PaR1WMLba9szZl9Zqqi6NxJ_ML-y_x_i4cVPvFdtdW7nO5e2AqopLJw-FBel_Qa-9Rf3cc779RbcjL8c73EPSQXuUR2z_THRrATOoRiAZP-lIMUKAHdiiB0sp_-KkGKj0mp7cPMlZEfZOEM0Eyv6bb4AGmpSN-dWShNO_AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCAcIiOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTU3MjA3NjMyNzE1MzIzNzcYAA&sigh=IysIr932t2w&uach_m=[UACH]&cid=CAQSLQCNIrLMUrZ9HIyqN1GUJ6ijQcqIKFgg3VVp4PDZW8i2Y6o70hTAiGbEljh8OxgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=7757849485&adk=3516063199&adf=2426225322&pi=t.ma~as.7757849485&w=1200&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com%23gsc.tab%3D0%26gsc.q%3Dip.acc.sogou.com%26gsc.page%3D1&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538973&bpp=1&bdt=433&idt=336&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6082e33e6cecd8b1-22fb64ad5ecd0061%3AT%3D1647548539%3ART%3D1647548539%3AS%3DALNI_MZOJkIAopPNiCdrpGiFt7OQj6kt6g&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200%2C1200x200%2C1200x200%2C1200x200%2C1200x200&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=3380&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=owFqdgFJV3&p=https%3A//www.threatminer.org&dtd=340
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=7757849485&adk=3516063199&adf=2426225322&pi=t.ma~as.7757849485&w=1200&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com%23gsc.tab%3D0%26gsc.q%3Dip.acc.sogou.com%26gsc.page%3D1&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538973&bpp=1&bdt=433&idt=336&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6082e33e6cecd8b1-22fb64ad5ecd0061%3AT%3D1647548539%3ART%3D1647548539%3AS%3DALNI_MZOJkIAopPNiCdrpGiFt7OQj6kt6g&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200%2C1200x200%2C1200x200%2C1200x200%2C1200x200&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=3380&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=owFqdgFJV3&p=https%3A//www.threatminer.org&dtd=340
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 17 Mar 2022 20:22:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
notify
rtb.fr.eu.criteo.com/google/auction/ Frame 2826 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=UqzDEsz6RLAJyAGdg2ICAgAAAOBwO_pwLLww20PW8BB7mDNieIOA0PNMk4RWkU0AEg&wp=YjOYewAFXhQCHkItAAhrcCGKFIu_PvOdT-9SKQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=7757849485&adk=3516063199&adf=2426225322&pi=t.ma~as.7757849485&w=1200&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com%23gsc.tab%3D0%26gsc.q%3Dip.acc.sogou.com%26gsc.page%3D1&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538973&bpp=1&bdt=433&idt=336&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6082e33e6cecd8b1-22fb64ad5ecd0061%3AT%3D1647548539%3ART%3D1647548539%3AS%3DALNI_MZOJkIAopPNiCdrpGiFt7OQj6kt6g&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200%2C1200x200%2C1200x200%2C1200x200%2C1200x200&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=3380&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=owFqdgFJV3&p=https%3A//www.threatminer.org&dtd=340
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
server
Kestrel
server-processing-duration-in-ticks
211643
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame 2A90 		120 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAFXhQCHkItAAhrcCGKFIu_PvOdT-9SKQ&u=%7C53p4L%2Bu0rWPphGaIm%2FFdHttMPf%2BxfQjPlAmgqGmWYW0%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy3JygHL7QPZbHQg5vtw827VIdug1IH5QSs611gFA-0cRVozMc2BBFD8gBDxD-jInhsI4iS1mf-pRLoXmySWDexqH-9_IbotiGyX2mohiwxwROdUgmjxw5Pw97S2AzjYWaC1IJ39NLZixo4wat24Km1b2F66Yo_RBimiZmpfkKfw5MV7wzocfLAA5jRNTEtKqTrG2K4bu1nvax5l_1PQoCv2tf0pbTNL4ZkD2E4eYUJTI1m5DKKObgVyPXctdq31WCGrCWeCvFtmwToCVCzanomCeb5PFmIcyzD9A1EuhCpC8VIv5J35om6a8_U8-jgvR7lFzwoSQpnwsfidUXvzk7PZ26T86gxSOFqzb58KnaIJARXGf9rhzdbQ95c9xDJMatqZKfR7xNFBr&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCevyde5gzYpS8Fa2E-cAP8NahwAHJntKxXI3w4taTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakCe9G6FdCYsj6oAwGqBO4BT9Au4N9rNKlgPoPrun2FJw2X4b2xc_gRfAliicDTR3QVvl_CzV2VAFNje0sYOMARk5LpqzZjJZJb8VUXAs2Kf1R-dyIHGDBR6Zfxri8OzECL7GbLXkPZ7wn_UEK2Lz2f_bIwZGL_eiohLGTntH6ZORC_3kjoWS-SsR3PaR1WMLba9szZl9Zqqi6NxJ_ML-y_x_i4cVPvFdtdW7nO5e2AqopLJw-FBel_Qa-9Rf3cc779RbcjL8c73EPSQXuUR2z_THRrATPqRAGLuGbUIv0cCXtyOu3R9vaurqLaghxo9PT_40lQPNWBYHqI0EyVBIAGmpSN-dWShNO_AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3KvSr1BN8xW0sJ85gB8bUbjlt_dA%26client%3Dca-pub-5720763271532377%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=7757849485&adk=3516063199&adf=2426225322&pi=t.ma~as.7757849485&w=1200&fwrn=4&lmt=1647548539&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com%23gsc.tab%3D0%26gsc.q%3Dip.acc.sogou.com%26gsc.page%3D1&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647548538973&bpp=1&bdt=433&idt=336&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6082e33e6cecd8b1-22fb64ad5ecd0061%3AT%3D1647548539%3ART%3D1647548539%3AS%3DALNI_MZOJkIAopPNiCdrpGiFt7OQj6kt6g&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200%2C1200x200%2C1200x200%2C1200x200%2C1200x200&correlator=4830888718068&frm=20&pv=1&ga_vid=738020247.1647548539&ga_sid=1647548539&ga_hid=243243041&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=3380&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C21065724&oid=2&pvsid=2256862133455979&pem=633&tmod=1936325152&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=owFqdgFJV3&p=https%3A//www.threatminer.org&dtd=340
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
829c250d2c4ed10fb79edd2d5f5012599c530f96b0f3a930b458e78b6723f413
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
content-type
text/html
server
Kestrel
cache-control
private, max-age=0, no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cross-origin-resource-policy
cross-origin
p3p
CP='CUR ADM OUR NOR STA NID'
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=lMIrt38m309QXgpdeM-hf3jPm-XQUZIk0KgzgCgpgJ3I26OG9zDqx5arnf59A-tjz3XF6_1-hcfcFWOGqtjwPDvm5xTFlc-q3YJfxs5J1GIBNdrkRygFa4NkVMHTTG7BOg0rA1eexulmm3h2V41XwsKIdzv4bvSX7gqJ1GMVoim2Fhau-CaSwgtk8T_28nARaJDpFJgvjYQlFu9MYRNP9f6ZaSYLL8wMb1PZdoOp17ZZzEIYtxI1Nxx2vFSKgYsEVJea9g"}], "max_age": 86400}
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks
22248907
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
truncated
/ Frame 43D8 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67acfffbed97ad10202f3984f746a848e97dea4989eb820845a98028797c052f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame 6051 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEVU8CHkaPAAyfC9FjAq2If5WfIw0mCw&u=%7C53p4L%2Bu0rWM%2BTsyFqirdRWCTyUNie9PYtftzCAkF%2FHg%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZ70Q6dia6bMfzyoS-aYT9Fx4ee-Awz8y4_TTAPGhvJRXzrsiDKrq10REObWzELP_66DRq458QX0gR7eWxdPlXaZT8SKOEAclUUMGNM4GccGo52zFKHTXtnRSBR_VaLD5HZz1rspDQQOPIas2FB3_qR3ucekWhQ3wBlBlpmLLI6lY8kJpG-2SSo8ym0EuloqJ8YqIHZWStKAUx7MstTKUveKWp3ebuPatzWy2OpKSii5Wq9iecsK1HbsxygoON7JxHchBWTeYTKiYqpijra0ZYqEVqla3op5K2v3ViApRk-kwLXOpxzE-5O-Prm8PDlPT3x98ccdxl4OkQiEwFLZOIyucCPg0RpEm_R4-QgIw7G0V87g5abZfPR&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-apqe5gzYs-qEY-N-cAPi76ymALJntKxXPXalvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQLtjfzbp6OyPqgDAaoE7gFP0G06ASU2uAT6jyKaLDBf3wKKz9gfNsbNvu4YSslJ4YhVMHE1AdtR78-YQsfhFFnMLcPLIYC8Hdm4ds1aR-OEUmPWaD7ENAD4uibJ3nXH33UvJkqlmjaOCHuS-iAylKPq295eVF2lfQP-m5twGXQzVSWPUIgKgULHblqNu8unWL5Uki6YA6NU8VqO41iLCI4kQV5PfJEhxnRVZEqxT1tAGm3q-IuzIwd8RlQJT8ulpCGpzzC_uEva2NhqlFa78TLb98o13LmDiciOk9vIgNAPZc33oUvgDhaPA--Ezm-M39V6ewH5Twtk1WhVTZUpgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0boZxqM0isbECGkIQIvkt8Dlw7Cg%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Mar 2023 20:22:20 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 6051 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEVU8CHkaPAAyfC9FjAq2If5WfIw0mCw&u=%7C53p4L%2Bu0rWM%2BTsyFqirdRWCTyUNie9PYtftzCAkF%2FHg%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZ70Q6dia6bMfzyoS-aYT9Fx4ee-Awz8y4_TTAPGhvJRXzrsiDKrq10REObWzELP_66DRq458QX0gR7eWxdPlXaZT8SKOEAclUUMGNM4GccGo52zFKHTXtnRSBR_VaLD5HZz1rspDQQOPIas2FB3_qR3ucekWhQ3wBlBlpmLLI6lY8kJpG-2SSo8ym0EuloqJ8YqIHZWStKAUx7MstTKUveKWp3ebuPatzWy2OpKSii5Wq9iecsK1HbsxygoON7JxHchBWTeYTKiYqpijra0ZYqEVqla3op5K2v3ViApRk-kwLXOpxzE-5O-Prm8PDlPT3x98ccdxl4OkQiEwFLZOIyucCPg0RpEm_R4-QgIw7G0V87g5abZfPR&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-apqe5gzYs-qEY-N-cAPi76ymALJntKxXPXalvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQLtjfzbp6OyPqgDAaoE7gFP0G06ASU2uAT6jyKaLDBf3wKKz9gfNsbNvu4YSslJ4YhVMHE1AdtR78-YQsfhFFnMLcPLIYC8Hdm4ds1aR-OEUmPWaD7ENAD4uibJ3nXH33UvJkqlmjaOCHuS-iAylKPq295eVF2lfQP-m5twGXQzVSWPUIgKgULHblqNu8unWL5Uki6YA6NU8VqO41iLCI4kQV5PfJEhxnRVZEqxT1tAGm3q-IuzIwd8RlQJT8ulpCGpzzC_uEva2NhqlFa78TLb98o13LmDiciOk9vIgNAPZc33oUvgDhaPA--Ezm-M39V6ewH5Twtk1WhVTZUpgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0boZxqM0isbECGkIQIvkt8Dlw7Cg%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Mar 2023 20:22:20 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 6051 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEVU8CHkaPAAyfC9FjAq2If5WfIw0mCw&u=%7C53p4L%2Bu0rWM%2BTsyFqirdRWCTyUNie9PYtftzCAkF%2FHg%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZ70Q6dia6bMfzyoS-aYT9Fx4ee-Awz8y4_TTAPGhvJRXzrsiDKrq10REObWzELP_66DRq458QX0gR7eWxdPlXaZT8SKOEAclUUMGNM4GccGo52zFKHTXtnRSBR_VaLD5HZz1rspDQQOPIas2FB3_qR3ucekWhQ3wBlBlpmLLI6lY8kJpG-2SSo8ym0EuloqJ8YqIHZWStKAUx7MstTKUveKWp3ebuPatzWy2OpKSii5Wq9iecsK1HbsxygoON7JxHchBWTeYTKiYqpijra0ZYqEVqla3op5K2v3ViApRk-kwLXOpxzE-5O-Prm8PDlPT3x98ccdxl4OkQiEwFLZOIyucCPg0RpEm_R4-QgIw7G0V87g5abZfPR&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-apqe5gzYs-qEY-N-cAPi76ymALJntKxXPXalvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQLtjfzbp6OyPqgDAaoE7gFP0G06ASU2uAT6jyKaLDBf3wKKz9gfNsbNvu4YSslJ4YhVMHE1AdtR78-YQsfhFFnMLcPLIYC8Hdm4ds1aR-OEUmPWaD7ENAD4uibJ3nXH33UvJkqlmjaOCHuS-iAylKPq295eVF2lfQP-m5twGXQzVSWPUIgKgULHblqNu8unWL5Uki6YA6NU8VqO41iLCI4kQV5PfJEhxnRVZEqxT1tAGm3q-IuzIwd8RlQJT8ulpCGpzzC_uEva2NhqlFa78TLb98o13LmDiciOk9vIgNAPZc33oUvgDhaPA--Ezm-M39V6ewH5Twtk1WhVTZUpgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0boZxqM0isbECGkIQIvkt8Dlw7Cg%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 12 Mar 2023 20:22:20 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame 6051 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEVU8CHkaPAAyfC9FjAq2If5WfIw0mCw&u=%7C53p4L%2Bu0rWM%2BTsyFqirdRWCTyUNie9PYtftzCAkF%2FHg%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZ70Q6dia6bMfzyoS-aYT9Fx4ee-Awz8y4_TTAPGhvJRXzrsiDKrq10REObWzELP_66DRq458QX0gR7eWxdPlXaZT8SKOEAclUUMGNM4GccGo52zFKHTXtnRSBR_VaLD5HZz1rspDQQOPIas2FB3_qR3ucekWhQ3wBlBlpmLLI6lY8kJpG-2SSo8ym0EuloqJ8YqIHZWStKAUx7MstTKUveKWp3ebuPatzWy2OpKSii5Wq9iecsK1HbsxygoON7JxHchBWTeYTKiYqpijra0ZYqEVqla3op5K2v3ViApRk-kwLXOpxzE-5O-Prm8PDlPT3x98ccdxl4OkQiEwFLZOIyucCPg0RpEm_R4-QgIw7G0V87g5abZfPR&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-apqe5gzYs-qEY-N-cAPi76ymALJntKxXPXalvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQLtjfzbp6OyPqgDAaoE7gFP0G06ASU2uAT6jyKaLDBf3wKKz9gfNsbNvu4YSslJ4YhVMHE1AdtR78-YQsfhFFnMLcPLIYC8Hdm4ds1aR-OEUmPWaD7ENAD4uibJ3nXH33UvJkqlmjaOCHuS-iAylKPq295eVF2lfQP-m5twGXQzVSWPUIgKgULHblqNu8unWL5Uki6YA6NU8VqO41iLCI4kQV5PfJEhxnRVZEqxT1tAGm3q-IuzIwd8RlQJT8ulpCGpzzC_uEva2NhqlFa78TLb98o13LmDiciOk9vIgNAPZc33oUvgDhaPA--Ezm-M39V6ewH5Twtk1WhVTZUpgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0boZxqM0isbECGkIQIvkt8Dlw7Cg%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Sun, 12 Mar 2023 20:22:20 GMT
m
secure-gl.imrworldwide.com/cgi-bin/ Frame 6051 		0
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1647548539
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEVU8CHkaPAAyfC9FjAq2If5WfIw0mCw&u=%7C53p4L%2Bu0rWM%2BTsyFqirdRWCTyUNie9PYtftzCAkF%2FHg%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZ70Q6dia6bMfzyoS-aYT9Fx4ee-Awz8y4_TTAPGhvJRXzrsiDKrq10REObWzELP_66DRq458QX0gR7eWxdPlXaZT8SKOEAclUUMGNM4GccGo52zFKHTXtnRSBR_VaLD5HZz1rspDQQOPIas2FB3_qR3ucekWhQ3wBlBlpmLLI6lY8kJpG-2SSo8ym0EuloqJ8YqIHZWStKAUx7MstTKUveKWp3ebuPatzWy2OpKSii5Wq9iecsK1HbsxygoON7JxHchBWTeYTKiYqpijra0ZYqEVqla3op5K2v3ViApRk-kwLXOpxzE-5O-Prm8PDlPT3x98ccdxl4OkQiEwFLZOIyucCPg0RpEm_R4-QgIw7G0V87g5abZfPR&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-apqe5gzYs-qEY-N-cAPi76ymALJntKxXPXalvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQLtjfzbp6OyPqgDAaoE7gFP0G06ASU2uAT6jyKaLDBf3wKKz9gfNsbNvu4YSslJ4YhVMHE1AdtR78-YQsfhFFnMLcPLIYC8Hdm4ds1aR-OEUmPWaD7ENAD4uibJ3nXH33UvJkqlmjaOCHuS-iAylKPq295eVF2lfQP-m5twGXQzVSWPUIgKgULHblqNu8unWL5Uki6YA6NU8VqO41iLCI4kQV5PfJEhxnRVZEqxT1tAGm3q-IuzIwd8RlQJT8ulpCGpzzC_uEva2NhqlFa78TLb98o13LmDiciOk9vIgNAPZc33oUvgDhaPA--Ezm-M39V6ewH5Twtk1WhVTZUpgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0boZxqM0isbECGkIQIvkt8Dlw7Cg%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225a:7400:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 20:22:20 GMT
via
1.1 88c4efc7a0d40cb6034579fa005452bc.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
TXL50-P1
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
x-cache
Miss from cloudfront
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length
0
x-amz-cf-id
fNrCCRVqXU1Hp5kFrbV9gZcXm_peoimx1qlCVzn0vgH37XBcnAisqw==
expires
Thu, 01 Dec 1994 16:00:00 GMT
lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame 6051 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=TM5amaIgar3PdS5R9BM-mVDRxQUykTvebAJNlXxSGvE1vS010ccsvSI1kNTkVbdsHJddG-Uga2RUgX7oMgVX5uZH6sL1j32vdlapE_eSOmEmZgNewwYVNPJLgPtwcb0SGvyZotBDhzwY3-E8b0kOy1vivrfZK-g2srKFPcie-hcZxqhEdwQTGBICYm7Q45VBwDqzzTwhqp6tKGJK8mTizBsboQ8X4Os-KSYPD5g0TPRqMwgXSSiXwQiEl7RICLZfbbIzwpObdROlLqLESnKMP3CyTd23W7E8CVxGuAOZonW_kc9VMXbwElIaxEzbqlpBoj55pEdyZcuEqJIlmu2ABfUpEZekKmw4D5ux9BlFqr7FFKRhy6MtVdcCOWgDazY6zh_ifokEW5XOa-f15XAB5_jKokA3ekJ4kilTdtZadbvENvrBoo4HHC1Ax3VzOOyHlfetJQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEVU8CHkaPAAyfC9FjAq2If5WfIw0mCw&u=%7C53p4L%2Bu0rWM%2BTsyFqirdRWCTyUNie9PYtftzCAkF%2FHg%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZ70Q6dia6bMfzyoS-aYT9Fx4ee-Awz8y4_TTAPGhvJRXzrsiDKrq10REObWzELP_66DRq458QX0gR7eWxdPlXaZT8SKOEAclUUMGNM4GccGo52zFKHTXtnRSBR_VaLD5HZz1rspDQQOPIas2FB3_qR3ucekWhQ3wBlBlpmLLI6lY8kJpG-2SSo8ym0EuloqJ8YqIHZWStKAUx7MstTKUveKWp3ebuPatzWy2OpKSii5Wq9iecsK1HbsxygoON7JxHchBWTeYTKiYqpijra0ZYqEVqla3op5K2v3ViApRk-kwLXOpxzE-5O-Prm8PDlPT3x98ccdxl4OkQiEwFLZOIyucCPg0RpEm_R4-QgIw7G0V87g5abZfPR&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-apqe5gzYs-qEY-N-cAPi76ymALJntKxXPXalvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQLtjfzbp6OyPqgDAaoE7gFP0G06ASU2uAT6jyKaLDBf3wKKz9gfNsbNvu4YSslJ4YhVMHE1AdtR78-YQsfhFFnMLcPLIYC8Hdm4ds1aR-OEUmPWaD7ENAD4uibJ3nXH33UvJkqlmjaOCHuS-iAylKPq295eVF2lfQP-m5twGXQzVSWPUIgKgULHblqNu8unWL5Uki6YA6NU8VqO41iLCI4kQV5PfJEhxnRVZEqxT1tAGm3q-IuzIwd8RlQJT8ulpCGpzzC_uEva2NhqlFa78TLb98o13LmDiciOk9vIgNAPZc33oUvgDhaPA--Ezm-M39V6ewH5Twtk1WhVTZUpgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0boZxqM0isbECGkIQIvkt8Dlw7Cg%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 20:22:19 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3011166
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
tb
15.taboola.com/ Frame A1CC 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://15.taboola.com/tb?oid=15&pubnm=disqus-widget-safetylevel20longtail09&unitType=226&tbloc=&pageType=text&pstn=%7B%22domain%22%3A%20%22https%3A%2F%2Fwww.threatminer.org%22%2C%20%22experiment%22%3A%20%22network_default%22%2C%20%22position%22%3A%20%22top%22%2C%20%22shortname%22%3A%20%22threatminer%22%2C%20%22variant%22%3A%20%22fallthrough%22%7D&uuip=&cisrf=https%3A%2F%2Fwww.threatminer.org%2F&cirf=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&encoded=1&uid=91430338-dd96-4fff-91eb-ac4a94df2317-tuct92d1dfb&variant=-100|478542&callback=TRC.videoTagCallbacks.videoCallback1&cb=1647548540112&tagid=&cntry=DE&platform=1&sesid=afcba10d0059f03f021824d78393d6e8&itemid=/domain.php&viewid=1647548539558&geolat=&geoing=&deviceifa=&appid=&sd=v2_afcba10d0059f03f021824d78393d6e8_91430338-dd96-4fff-91eb-ac4a94df2317-tuct92d1dfb_1647548539_1647548539_CIi3jgYQktQ_GKbFrsz5LyABKAEwODib4wlAjooQSPat2QNQqOwQWABgAGjb_5X0ga2ul6YBcAA&ri=18f4cd16504e99f5de8a8c91632758ae&appname=&cdb=&gdprApplies=true&rid=&sii=-1507660391031960164&oee=true&tpubid=1042962&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=TH&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1003147&prcnt=&layer=&normp=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220317-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b2c1fd2de38fb5018ebbfa1f6c786934eb02163a880aa99175757dfb43a23400

Request headers

Referer
https://www.threatminer.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
content-encoding
gzip
access-control-allow-origin
https://www.threatminer.org
machineid
1451
x-cache
MISS
xvid-debug
mrmr - :
x-served-by
cache-hhn4081-HHN
pragma
no-cache
server
nginx
x-timer
S1647548540.116765,VS0,VE11
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://am-wf.taboola.com>; rel=preconnect
x-cache-hits
0
userx.20220317-4-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame A1CC 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20220317-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
abd88df9325b4176f0f9a715dc327522eec4b7f6d10b586fb95c08f3a36aa514

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
2nFTDPZhObhyoS8gUTiEs.nsWD74hgzD
content-encoding
gzip
etag
"62374a778a3dd9f06782c90aa01a57dc"
age
49
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5398
x-amz-id-2
Lbgx/2eVCyLjfusIiezkk1v+zWw45Xt/u6GacgR/CBSxb1LaG+7gRtAVIYmoOWZ853iHAmBT1rA=
x-served-by
cache-hhn4081-HHN
last-modified
Thu, 17 Mar 2022 11:47:24 GMT
server
AmazonS3
x-timer
S1647548540.116841,VS0,VE0
date
Thu, 17 Mar 2022 20:22:20 GMT
vary
Accept-Encoding
x-amz-request-id
TQ7QXXWJ2M6QH0AW
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
25
x-cache-hits
26403
animejs.js
static.criteo.net/animejs/ Frame 8F5A 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewACYC8Iu9hHAA6Zc2IMEmV7pL4UA-nx0w&u=%7C53p4L%2Bu0rWOLeLRoFW0xlvwbAwpN%2Fl7N8awjTUH7fMI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy__U_jolI7iL-L4oo_FnJwiubozSo-ehhClHR-RUc1pMORvr7HWGnt5CeKzYGx0_R3ZptaVSSnLpMm8-bs3vtYBCtohikjPe5sAD7gPCEzs1T3b7xX-L4_NFW2CtTa711-v7bWs9q-huGrUXm3LhIR7bXvVOJQK0aNg_IA--jTl4zzDy7VFQT7zrPL3Uux2KiaKXnHS9ChsP-Z-5hRlYb0RGKWYayAcK98t5b_9ThjMJdmi3Qawc1VHy5MJ-qibN0NKRP-x-GfXPWTJjF5eKQFPgpEx8oglQcP4IGkPzyE-n0zK8PEV8ee-uP-ReVkkdPxr32R5Ry_sq0ThlWXB_l_hd47Bfbsp-oulj3xHl7p-qmSWDyNVh802qC1Ykcs4ba0hQ7KQhJzbx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-uELe5gzYq_ACcew7_UP87K64ArJntKxXPXqoYaIAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakCe9G6FdCYsj6oAwGqBOgBT9DRNPF56QzUWZ4zcJPykuEZaESU8bqsx3CXMZb-hHkR7norcLcw_bI0m6NYUSBDqSEdkdcC5LBnqRZADpFRf_UFlGCvgCEhSRrFVLMaQthoW5UnmvPtUhAfiFmHflvMI9l6R-gErI0c387QCTvH1HcAl0JRuSCxoKcyftDD1qZyjvaEfZ8STWvgDXp9PFJSze1Nqrpj35uXB59DMzsNvQE0poqLoj9OsrxXm8W2k6tIar50Y0cVUSVBnyBWbB1TajHALw1fpHJRWRbCnc4XtGJOuMJlW3sfv7Hnx5YDdy-vQ4cR75GqrYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_10JrfhKJPOIpuJH7z7rbVC-2ND3w%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Mar 2023 20:22:20 GMT
img
pix.eu.criteo.net/img/ Frame 8F5A 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=116&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F79f2c646e3f74b54931cff1f39d769d0_blue.png&v=3&w=594&s=x3NeXAkvXYD2FSNYDOZETeAu
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewACYC8Iu9hHAA6Zc2IMEmV7pL4UA-nx0w&u=%7C53p4L%2Bu0rWOLeLRoFW0xlvwbAwpN%2Fl7N8awjTUH7fMI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy__U_jolI7iL-L4oo_FnJwiubozSo-ehhClHR-RUc1pMORvr7HWGnt5CeKzYGx0_R3ZptaVSSnLpMm8-bs3vtYBCtohikjPe5sAD7gPCEzs1T3b7xX-L4_NFW2CtTa711-v7bWs9q-huGrUXm3LhIR7bXvVOJQK0aNg_IA--jTl4zzDy7VFQT7zrPL3Uux2KiaKXnHS9ChsP-Z-5hRlYb0RGKWYayAcK98t5b_9ThjMJdmi3Qawc1VHy5MJ-qibN0NKRP-x-GfXPWTJjF5eKQFPgpEx8oglQcP4IGkPzyE-n0zK8PEV8ee-uP-ReVkkdPxr32R5Ry_sq0ThlWXB_l_hd47Bfbsp-oulj3xHl7p-qmSWDyNVh802qC1Ykcs4ba0hQ7KQhJzbx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-uELe5gzYq_ACcew7_UP87K64ArJntKxXPXqoYaIAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakCe9G6FdCYsj6oAwGqBOgBT9DRNPF56QzUWZ4zcJPykuEZaESU8bqsx3CXMZb-hHkR7norcLcw_bI0m6NYUSBDqSEdkdcC5LBnqRZADpFRf_UFlGCvgCEhSRrFVLMaQthoW5UnmvPtUhAfiFmHflvMI9l6R-gErI0c387QCTvH1HcAl0JRuSCxoKcyftDD1qZyjvaEfZ8STWvgDXp9PFJSze1Nqrpj35uXB59DMzsNvQE0poqLoj9OsrxXm8W2k6tIar50Y0cVUSVBnyBWbB1TajHALw1fpHJRWRbCnc4XtGJOuMJlW3sfv7Hnx5YDdy-vQ4cR75GqrYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_10JrfhKJPOIpuJH7z7rbVC-2ND3w%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
0b13f84a6dde5e31b8a9e05852d609f5aa9d41b1b86c26d2d4f773b7dca0a675
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29522911
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
25396
expires
Wed, 22 Feb 2023 13:10:51 GMT
img
pix.eu.criteo.net/img/ Frame 8F5A 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F2%2FlogoCoroplast-Fritz-Muller-GmbH-Co-KG-30584DE-2007220954.gif%3Feb%3D1&v=3&w=400&s=dDSl07gOS-0dwERLeszgubI9&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewACYC8Iu9hHAA6Zc2IMEmV7pL4UA-nx0w&u=%7C53p4L%2Bu0rWOLeLRoFW0xlvwbAwpN%2Fl7N8awjTUH7fMI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy__U_jolI7iL-L4oo_FnJwiubozSo-ehhClHR-RUc1pMORvr7HWGnt5CeKzYGx0_R3ZptaVSSnLpMm8-bs3vtYBCtohikjPe5sAD7gPCEzs1T3b7xX-L4_NFW2CtTa711-v7bWs9q-huGrUXm3LhIR7bXvVOJQK0aNg_IA--jTl4zzDy7VFQT7zrPL3Uux2KiaKXnHS9ChsP-Z-5hRlYb0RGKWYayAcK98t5b_9ThjMJdmi3Qawc1VHy5MJ-qibN0NKRP-x-GfXPWTJjF5eKQFPgpEx8oglQcP4IGkPzyE-n0zK8PEV8ee-uP-ReVkkdPxr32R5Ry_sq0ThlWXB_l_hd47Bfbsp-oulj3xHl7p-qmSWDyNVh802qC1Ykcs4ba0hQ7KQhJzbx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-uELe5gzYq_ACcew7_UP87K64ArJntKxXPXqoYaIAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakCe9G6FdCYsj6oAwGqBOgBT9DRNPF56QzUWZ4zcJPykuEZaESU8bqsx3CXMZb-hHkR7norcLcw_bI0m6NYUSBDqSEdkdcC5LBnqRZADpFRf_UFlGCvgCEhSRrFVLMaQthoW5UnmvPtUhAfiFmHflvMI9l6R-gErI0c387QCTvH1HcAl0JRuSCxoKcyftDD1qZyjvaEfZ8STWvgDXp9PFJSze1Nqrpj35uXB59DMzsNvQE0poqLoj9OsrxXm8W2k6tIar50Y0cVUSVBnyBWbB1TajHALw1fpHJRWRbCnc4XtGJOuMJlW3sfv7Hnx5YDdy-vQ4cR75GqrYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_10JrfhKJPOIpuJH7z7rbVC-2ND3w%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
38fae82219b536c5750f7d9df69c2fe43bcc231b0d2ae3444704e095108f0c46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1001819
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
6352
expires
Tue, 29 Mar 2022 10:39:19 GMT
img
pix.eu.criteo.net/img/ Frame 8F5A 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FZ%2FlogoZEISS-3427DE.gif%3Feb%3D1&v=3&w=400&s=57jpJpXqQqO6aPmte_wy5ihf&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewACYC8Iu9hHAA6Zc2IMEmV7pL4UA-nx0w&u=%7C53p4L%2Bu0rWOLeLRoFW0xlvwbAwpN%2Fl7N8awjTUH7fMI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy__U_jolI7iL-L4oo_FnJwiubozSo-ehhClHR-RUc1pMORvr7HWGnt5CeKzYGx0_R3ZptaVSSnLpMm8-bs3vtYBCtohikjPe5sAD7gPCEzs1T3b7xX-L4_NFW2CtTa711-v7bWs9q-huGrUXm3LhIR7bXvVOJQK0aNg_IA--jTl4zzDy7VFQT7zrPL3Uux2KiaKXnHS9ChsP-Z-5hRlYb0RGKWYayAcK98t5b_9ThjMJdmi3Qawc1VHy5MJ-qibN0NKRP-x-GfXPWTJjF5eKQFPgpEx8oglQcP4IGkPzyE-n0zK8PEV8ee-uP-ReVkkdPxr32R5Ry_sq0ThlWXB_l_hd47Bfbsp-oulj3xHl7p-qmSWDyNVh802qC1Ykcs4ba0hQ7KQhJzbx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-uELe5gzYq_ACcew7_UP87K64ArJntKxXPXqoYaIAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakCe9G6FdCYsj6oAwGqBOgBT9DRNPF56QzUWZ4zcJPykuEZaESU8bqsx3CXMZb-hHkR7norcLcw_bI0m6NYUSBDqSEdkdcC5LBnqRZADpFRf_UFlGCvgCEhSRrFVLMaQthoW5UnmvPtUhAfiFmHflvMI9l6R-gErI0c387QCTvH1HcAl0JRuSCxoKcyftDD1qZyjvaEfZ8STWvgDXp9PFJSze1Nqrpj35uXB59DMzsNvQE0poqLoj9OsrxXm8W2k6tIar50Y0cVUSVBnyBWbB1TajHALw1fpHJRWRbCnc4XtGJOuMJlW3sfv7Hnx5YDdy-vQ4cR75GqrYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_10JrfhKJPOIpuJH7z7rbVC-2ND3w%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
a6c11502463f3445d37d3184cef1016bb3c77dbc12b88636788632bfe5e87b98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2561902
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1244
expires
Sat, 16 Apr 2022 12:00:42 GMT
img
pix.eu.criteo.net/img/ Frame 8F5A 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoDr._Oetker_Tiefk%25C3%25BChlprodukte_KG_Wittlich_69120DE.gif%3Feb%3D1&v=3&w=400&s=OMxEI_EPnsWhT0o5hg80Ua7h&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewACYC8Iu9hHAA6Zc2IMEmV7pL4UA-nx0w&u=%7C53p4L%2Bu0rWOLeLRoFW0xlvwbAwpN%2Fl7N8awjTUH7fMI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy__U_jolI7iL-L4oo_FnJwiubozSo-ehhClHR-RUc1pMORvr7HWGnt5CeKzYGx0_R3ZptaVSSnLpMm8-bs3vtYBCtohikjPe5sAD7gPCEzs1T3b7xX-L4_NFW2CtTa711-v7bWs9q-huGrUXm3LhIR7bXvVOJQK0aNg_IA--jTl4zzDy7VFQT7zrPL3Uux2KiaKXnHS9ChsP-Z-5hRlYb0RGKWYayAcK98t5b_9ThjMJdmi3Qawc1VHy5MJ-qibN0NKRP-x-GfXPWTJjF5eKQFPgpEx8oglQcP4IGkPzyE-n0zK8PEV8ee-uP-ReVkkdPxr32R5Ry_sq0ThlWXB_l_hd47Bfbsp-oulj3xHl7p-qmSWDyNVh802qC1Ykcs4ba0hQ7KQhJzbx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-uELe5gzYq_ACcew7_UP87K64ArJntKxXPXqoYaIAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakCe9G6FdCYsj6oAwGqBOgBT9DRNPF56QzUWZ4zcJPykuEZaESU8bqsx3CXMZb-hHkR7norcLcw_bI0m6NYUSBDqSEdkdcC5LBnqRZADpFRf_UFlGCvgCEhSRrFVLMaQthoW5UnmvPtUhAfiFmHflvMI9l6R-gErI0c387QCTvH1HcAl0JRuSCxoKcyftDD1qZyjvaEfZ8STWvgDXp9PFJSze1Nqrpj35uXB59DMzsNvQE0poqLoj9OsrxXm8W2k6tIar50Y0cVUSVBnyBWbB1TajHALw1fpHJRWRbCnc4XtGJOuMJlW3sfv7Hnx5YDdy-vQ4cR75GqrYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_10JrfhKJPOIpuJH7z7rbVC-2ND3w%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
edde818ca482b250fccc4de7d39fdcb1ef84160168fbb746861b18510b7d06a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
2324
expires
Sun, 12 Mar 2023 20:22:20 GMT
img
pix.eu.criteo.net/img/ Frame 8F5A 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FR%2FlogoRohde-Schwarz-Cybersecurity-GmbH-171555DE.gif%3Feb%3D1&v=3&w=400&s=qv2CTmtIW0KgtnhgJOFkv3GY&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewACYC8Iu9hHAA6Zc2IMEmV7pL4UA-nx0w&u=%7C53p4L%2Bu0rWOLeLRoFW0xlvwbAwpN%2Fl7N8awjTUH7fMI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy__U_jolI7iL-L4oo_FnJwiubozSo-ehhClHR-RUc1pMORvr7HWGnt5CeKzYGx0_R3ZptaVSSnLpMm8-bs3vtYBCtohikjPe5sAD7gPCEzs1T3b7xX-L4_NFW2CtTa711-v7bWs9q-huGrUXm3LhIR7bXvVOJQK0aNg_IA--jTl4zzDy7VFQT7zrPL3Uux2KiaKXnHS9ChsP-Z-5hRlYb0RGKWYayAcK98t5b_9ThjMJdmi3Qawc1VHy5MJ-qibN0NKRP-x-GfXPWTJjF5eKQFPgpEx8oglQcP4IGkPzyE-n0zK8PEV8ee-uP-ReVkkdPxr32R5Ry_sq0ThlWXB_l_hd47Bfbsp-oulj3xHl7p-qmSWDyNVh802qC1Ykcs4ba0hQ7KQhJzbx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-uELe5gzYq_ACcew7_UP87K64ArJntKxXPXqoYaIAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakCe9G6FdCYsj6oAwGqBOgBT9DRNPF56QzUWZ4zcJPykuEZaESU8bqsx3CXMZb-hHkR7norcLcw_bI0m6NYUSBDqSEdkdcC5LBnqRZADpFRf_UFlGCvgCEhSRrFVLMaQthoW5UnmvPtUhAfiFmHflvMI9l6R-gErI0c387QCTvH1HcAl0JRuSCxoKcyftDD1qZyjvaEfZ8STWvgDXp9PFJSze1Nqrpj35uXB59DMzsNvQE0poqLoj9OsrxXm8W2k6tIar50Y0cVUSVBnyBWbB1TajHALw1fpHJRWRbCnc4XtGJOuMJlW3sfv7Hnx5YDdy-vQ4cR75GqrYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_10JrfhKJPOIpuJH7z7rbVC-2ND3w%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
31844a6a9bdbed5ea86ca5f91a6837fdf9fad712f9f163a98d2f053b6727efcc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2135229
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1066
expires
Mon, 11 Apr 2022 13:29:29 GMT
img
pix.eu.criteo.net/img/ Frame 8F5A 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F2%2FlogoMALA-Verschluss-Systeme-GmbH-252400DE-2010220922.gif%3Feb%3D1&v=3&w=400&s=deZW_ToD1aI2MXYWPh1eOmpg&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewACYC8Iu9hHAA6Zc2IMEmV7pL4UA-nx0w&u=%7C53p4L%2Bu0rWOLeLRoFW0xlvwbAwpN%2Fl7N8awjTUH7fMI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy__U_jolI7iL-L4oo_FnJwiubozSo-ehhClHR-RUc1pMORvr7HWGnt5CeKzYGx0_R3ZptaVSSnLpMm8-bs3vtYBCtohikjPe5sAD7gPCEzs1T3b7xX-L4_NFW2CtTa711-v7bWs9q-huGrUXm3LhIR7bXvVOJQK0aNg_IA--jTl4zzDy7VFQT7zrPL3Uux2KiaKXnHS9ChsP-Z-5hRlYb0RGKWYayAcK98t5b_9ThjMJdmi3Qawc1VHy5MJ-qibN0NKRP-x-GfXPWTJjF5eKQFPgpEx8oglQcP4IGkPzyE-n0zK8PEV8ee-uP-ReVkkdPxr32R5Ry_sq0ThlWXB_l_hd47Bfbsp-oulj3xHl7p-qmSWDyNVh802qC1Ykcs4ba0hQ7KQhJzbx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-uELe5gzYq_ACcew7_UP87K64ArJntKxXPXqoYaIAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakCe9G6FdCYsj6oAwGqBOgBT9DRNPF56QzUWZ4zcJPykuEZaESU8bqsx3CXMZb-hHkR7norcLcw_bI0m6NYUSBDqSEdkdcC5LBnqRZADpFRf_UFlGCvgCEhSRrFVLMaQthoW5UnmvPtUhAfiFmHflvMI9l6R-gErI0c387QCTvH1HcAl0JRuSCxoKcyftDD1qZyjvaEfZ8STWvgDXp9PFJSze1Nqrpj35uXB59DMzsNvQE0poqLoj9OsrxXm8W2k6tIar50Y0cVUSVBnyBWbB1TajHALw1fpHJRWRbCnc4XtGJOuMJlW3sfv7Hnx5YDdy-vQ4cR75GqrYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_10JrfhKJPOIpuJH7z7rbVC-2ND3w%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
5d7db98c88c66d2c68c789724917b40abb8abd726eadc43fdc2ecb484b4c3d21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1155095
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
3340
expires
Thu, 31 Mar 2022 05:13:55 GMT
img
pix.eu.criteo.net/img/ Frame 8F5A 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F9%2FlogoB-S-GmbH-Logistik-und-Dienstleistungen-102868DE-2005221026.gif%3Feb%3D1&v=3&w=400&s=x8LJwOgK24se6SXZtiiubrAc&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewACYC8Iu9hHAA6Zc2IMEmV7pL4UA-nx0w&u=%7C53p4L%2Bu0rWOLeLRoFW0xlvwbAwpN%2Fl7N8awjTUH7fMI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy__U_jolI7iL-L4oo_FnJwiubozSo-ehhClHR-RUc1pMORvr7HWGnt5CeKzYGx0_R3ZptaVSSnLpMm8-bs3vtYBCtohikjPe5sAD7gPCEzs1T3b7xX-L4_NFW2CtTa711-v7bWs9q-huGrUXm3LhIR7bXvVOJQK0aNg_IA--jTl4zzDy7VFQT7zrPL3Uux2KiaKXnHS9ChsP-Z-5hRlYb0RGKWYayAcK98t5b_9ThjMJdmi3Qawc1VHy5MJ-qibN0NKRP-x-GfXPWTJjF5eKQFPgpEx8oglQcP4IGkPzyE-n0zK8PEV8ee-uP-ReVkkdPxr32R5Ry_sq0ThlWXB_l_hd47Bfbsp-oulj3xHl7p-qmSWDyNVh802qC1Ykcs4ba0hQ7KQhJzbx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-uELe5gzYq_ACcew7_UP87K64ArJntKxXPXqoYaIAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakCe9G6FdCYsj6oAwGqBOgBT9DRNPF56QzUWZ4zcJPykuEZaESU8bqsx3CXMZb-hHkR7norcLcw_bI0m6NYUSBDqSEdkdcC5LBnqRZADpFRf_UFlGCvgCEhSRrFVLMaQthoW5UnmvPtUhAfiFmHflvMI9l6R-gErI0c387QCTvH1HcAl0JRuSCxoKcyftDD1qZyjvaEfZ8STWvgDXp9PFJSze1Nqrpj35uXB59DMzsNvQE0poqLoj9OsrxXm8W2k6tIar50Y0cVUSVBnyBWbB1TajHALw1fpHJRWRbCnc4XtGJOuMJlW3sfv7Hnx5YDdy-vQ4cR75GqrYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_10JrfhKJPOIpuJH7z7rbVC-2ND3w%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
6e0a3942f9b558837e55277eb4079684a5a275fd7a24a48ba5efcae25a33f48c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2208260
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
7262
expires
Tue, 12 Apr 2022 09:46:40 GMT
img
pix.eu.criteo.net/img/ Frame 8F5A 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FV%2FlogoVattenfall-112537DE.gif%3Feb%3D1&v=3&w=400&s=F0KDiUniEotPewQ9Pbzf_Wr7&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewACYC8Iu9hHAA6Zc2IMEmV7pL4UA-nx0w&u=%7C53p4L%2Bu0rWOLeLRoFW0xlvwbAwpN%2Fl7N8awjTUH7fMI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy__U_jolI7iL-L4oo_FnJwiubozSo-ehhClHR-RUc1pMORvr7HWGnt5CeKzYGx0_R3ZptaVSSnLpMm8-bs3vtYBCtohikjPe5sAD7gPCEzs1T3b7xX-L4_NFW2CtTa711-v7bWs9q-huGrUXm3LhIR7bXvVOJQK0aNg_IA--jTl4zzDy7VFQT7zrPL3Uux2KiaKXnHS9ChsP-Z-5hRlYb0RGKWYayAcK98t5b_9ThjMJdmi3Qawc1VHy5MJ-qibN0NKRP-x-GfXPWTJjF5eKQFPgpEx8oglQcP4IGkPzyE-n0zK8PEV8ee-uP-ReVkkdPxr32R5Ry_sq0ThlWXB_l_hd47Bfbsp-oulj3xHl7p-qmSWDyNVh802qC1Ykcs4ba0hQ7KQhJzbx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-uELe5gzYq_ACcew7_UP87K64ArJntKxXPXqoYaIAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakCe9G6FdCYsj6oAwGqBOgBT9DRNPF56QzUWZ4zcJPykuEZaESU8bqsx3CXMZb-hHkR7norcLcw_bI0m6NYUSBDqSEdkdcC5LBnqRZADpFRf_UFlGCvgCEhSRrFVLMaQthoW5UnmvPtUhAfiFmHflvMI9l6R-gErI0c387QCTvH1HcAl0JRuSCxoKcyftDD1qZyjvaEfZ8STWvgDXp9PFJSze1Nqrpj35uXB59DMzsNvQE0poqLoj9OsrxXm8W2k6tIar50Y0cVUSVBnyBWbB1TajHALw1fpHJRWRbCnc4XtGJOuMJlW3sfv7Hnx5YDdy-vQ4cR75GqrYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_10JrfhKJPOIpuJH7z7rbVC-2ND3w%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
fd5a9373ac8af62cd4e0cf06713c0f002c074f5c92c1f5198262e710b3cf051c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2566156
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1108
expires
Sat, 16 Apr 2022 13:11:37 GMT
img
pix.eu.criteo.net/img/ Frame 8F5A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F5%2FlogoRhenus-High-Tech-GmbH-235305DE-1910011802.gif%3Feb%3D1&v=3&w=400&s=evpZoeOJR2oEv325ByhAP2ea&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewACYC8Iu9hHAA6Zc2IMEmV7pL4UA-nx0w&u=%7C53p4L%2Bu0rWOLeLRoFW0xlvwbAwpN%2Fl7N8awjTUH7fMI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy__U_jolI7iL-L4oo_FnJwiubozSo-ehhClHR-RUc1pMORvr7HWGnt5CeKzYGx0_R3ZptaVSSnLpMm8-bs3vtYBCtohikjPe5sAD7gPCEzs1T3b7xX-L4_NFW2CtTa711-v7bWs9q-huGrUXm3LhIR7bXvVOJQK0aNg_IA--jTl4zzDy7VFQT7zrPL3Uux2KiaKXnHS9ChsP-Z-5hRlYb0RGKWYayAcK98t5b_9ThjMJdmi3Qawc1VHy5MJ-qibN0NKRP-x-GfXPWTJjF5eKQFPgpEx8oglQcP4IGkPzyE-n0zK8PEV8ee-uP-ReVkkdPxr32R5Ry_sq0ThlWXB_l_hd47Bfbsp-oulj3xHl7p-qmSWDyNVh802qC1Ykcs4ba0hQ7KQhJzbx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-uELe5gzYq_ACcew7_UP87K64ArJntKxXPXqoYaIAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakCe9G6FdCYsj6oAwGqBOgBT9DRNPF56QzUWZ4zcJPykuEZaESU8bqsx3CXMZb-hHkR7norcLcw_bI0m6NYUSBDqSEdkdcC5LBnqRZADpFRf_UFlGCvgCEhSRrFVLMaQthoW5UnmvPtUhAfiFmHflvMI9l6R-gErI0c387QCTvH1HcAl0JRuSCxoKcyftDD1qZyjvaEfZ8STWvgDXp9PFJSze1Nqrpj35uXB59DMzsNvQE0poqLoj9OsrxXm8W2k6tIar50Y0cVUSVBnyBWbB1TajHALw1fpHJRWRbCnc4XtGJOuMJlW3sfv7Hnx5YDdy-vQ4cR75GqrYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_10JrfhKJPOIpuJH7z7rbVC-2ND3w%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
c7a3356bbfa6bcd2ce4d0d21542f2cc2a7ff5a7fb2624ed8fd9982479d9db1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=2174615
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
2192
expires
Tue, 12 Apr 2022 00:25:55 GMT
img
pix.eu.criteo.net/img/ Frame 8F5A 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FM%2FlogoMentz-GmbH-5081DE.gif%3Feb%3D1&v=3&w=400&s=fyhRrpwKVWPakqLBQR0HYTwT&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewACYC8Iu9hHAA6Zc2IMEmV7pL4UA-nx0w&u=%7C53p4L%2Bu0rWOLeLRoFW0xlvwbAwpN%2Fl7N8awjTUH7fMI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy__U_jolI7iL-L4oo_FnJwiubozSo-ehhClHR-RUc1pMORvr7HWGnt5CeKzYGx0_R3ZptaVSSnLpMm8-bs3vtYBCtohikjPe5sAD7gPCEzs1T3b7xX-L4_NFW2CtTa711-v7bWs9q-huGrUXm3LhIR7bXvVOJQK0aNg_IA--jTl4zzDy7VFQT7zrPL3Uux2KiaKXnHS9ChsP-Z-5hRlYb0RGKWYayAcK98t5b_9ThjMJdmi3Qawc1VHy5MJ-qibN0NKRP-x-GfXPWTJjF5eKQFPgpEx8oglQcP4IGkPzyE-n0zK8PEV8ee-uP-ReVkkdPxr32R5Ry_sq0ThlWXB_l_hd47Bfbsp-oulj3xHl7p-qmSWDyNVh802qC1Ykcs4ba0hQ7KQhJzbx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-uELe5gzYq_ACcew7_UP87K64ArJntKxXPXqoYaIAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakCe9G6FdCYsj6oAwGqBOgBT9DRNPF56QzUWZ4zcJPykuEZaESU8bqsx3CXMZb-hHkR7norcLcw_bI0m6NYUSBDqSEdkdcC5LBnqRZADpFRf_UFlGCvgCEhSRrFVLMaQthoW5UnmvPtUhAfiFmHflvMI9l6R-gErI0c387QCTvH1HcAl0JRuSCxoKcyftDD1qZyjvaEfZ8STWvgDXp9PFJSze1Nqrpj35uXB59DMzsNvQE0poqLoj9OsrxXm8W2k6tIar50Y0cVUSVBnyBWbB1TajHALw1fpHJRWRbCnc4XtGJOuMJlW3sfv7Hnx5YDdy-vQ4cR75GqrYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_10JrfhKJPOIpuJH7z7rbVC-2ND3w%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
5e5f0023ff8c856e2b49c920083d43fc49ed56de5501a4bc5a2b86afbd1cde55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=662091
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1404
expires
Fri, 25 Mar 2022 12:17:12 GMT
all
csm.eu.criteo.net/ Frame 8F5A 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=ObuEU38m309QXgpd341nvFJRlpkAZ0WQxR_jhhrjxrJB33RG4HlScd2cpL2B4G8uQPlsQmxXHjAZbthL7iBDtpegP0oidvSezChsAbiaSSQevJK-rON4nCAHJbu3LDGblkw6Ayk0q2xy47iIrX0ERxhZ2AubtVkITHqSY0uM7eotVcOd5052qXw4Ji1wVELedhkZy7W_SztOIbsHV2XNh4KBqNofi2b77fXN3pmN54xQyeg3PXjSsdsUD1TgeNvo3Rg5TQ&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewACYC8Iu9hHAA6Zc2IMEmV7pL4UA-nx0w&u=%7C53p4L%2Bu0rWOLeLRoFW0xlvwbAwpN%2Fl7N8awjTUH7fMI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy__U_jolI7iL-L4oo_FnJwiubozSo-ehhClHR-RUc1pMORvr7HWGnt5CeKzYGx0_R3ZptaVSSnLpMm8-bs3vtYBCtohikjPe5sAD7gPCEzs1T3b7xX-L4_NFW2CtTa711-v7bWs9q-huGrUXm3LhIR7bXvVOJQK0aNg_IA--jTl4zzDy7VFQT7zrPL3Uux2KiaKXnHS9ChsP-Z-5hRlYb0RGKWYayAcK98t5b_9ThjMJdmi3Qawc1VHy5MJ-qibN0NKRP-x-GfXPWTJjF5eKQFPgpEx8oglQcP4IGkPzyE-n0zK8PEV8ee-uP-ReVkkdPxr32R5Ry_sq0ThlWXB_l_hd47Bfbsp-oulj3xHl7p-qmSWDyNVh802qC1Ykcs4ba0hQ7KQhJzbx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-uELe5gzYq_ACcew7_UP87K64ArJntKxXPXqoYaIAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakCe9G6FdCYsj6oAwGqBOgBT9DRNPF56QzUWZ4zcJPykuEZaESU8bqsx3CXMZb-hHkR7norcLcw_bI0m6NYUSBDqSEdkdcC5LBnqRZADpFRf_UFlGCvgCEhSRrFVLMaQthoW5UnmvPtUhAfiFmHflvMI9l6R-gErI0c387QCTvH1HcAl0JRuSCxoKcyftDD1qZyjvaEfZ8STWvgDXp9PFJSze1Nqrpj35uXB59DMzsNvQE0poqLoj9OsrxXm8W2k6tIar50Y0cVUSVBnyBWbB1TajHALw1fpHJRWRbCnc4XtGJOuMJlW3sfv7Hnx5YDdy-vQ4cR75GqrYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_10JrfhKJPOIpuJH7z7rbVC-2ND3w%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 17 Mar 2022 20:22:19 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 8F5A 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewACYC8Iu9hHAA6Zc2IMEmV7pL4UA-nx0w&u=%7C53p4L%2Bu0rWOLeLRoFW0xlvwbAwpN%2Fl7N8awjTUH7fMI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy__U_jolI7iL-L4oo_FnJwiubozSo-ehhClHR-RUc1pMORvr7HWGnt5CeKzYGx0_R3ZptaVSSnLpMm8-bs3vtYBCtohikjPe5sAD7gPCEzs1T3b7xX-L4_NFW2CtTa711-v7bWs9q-huGrUXm3LhIR7bXvVOJQK0aNg_IA--jTl4zzDy7VFQT7zrPL3Uux2KiaKXnHS9ChsP-Z-5hRlYb0RGKWYayAcK98t5b_9ThjMJdmi3Qawc1VHy5MJ-qibN0NKRP-x-GfXPWTJjF5eKQFPgpEx8oglQcP4IGkPzyE-n0zK8PEV8ee-uP-ReVkkdPxr32R5Ry_sq0ThlWXB_l_hd47Bfbsp-oulj3xHl7p-qmSWDyNVh802qC1Ykcs4ba0hQ7KQhJzbx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-uELe5gzYq_ACcew7_UP87K64ArJntKxXPXqoYaIAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakCe9G6FdCYsj6oAwGqBOgBT9DRNPF56QzUWZ4zcJPykuEZaESU8bqsx3CXMZb-hHkR7norcLcw_bI0m6NYUSBDqSEdkdcC5LBnqRZADpFRf_UFlGCvgCEhSRrFVLMaQthoW5UnmvPtUhAfiFmHflvMI9l6R-gErI0c387QCTvH1HcAl0JRuSCxoKcyftDD1qZyjvaEfZ8STWvgDXp9PFJSze1Nqrpj35uXB59DMzsNvQE0poqLoj9OsrxXm8W2k6tIar50Y0cVUSVBnyBWbB1TajHALw1fpHJRWRbCnc4XtGJOuMJlW3sfv7Hnx5YDdy-vQ4cR75GqrYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_10JrfhKJPOIpuJH7z7rbVC-2ND3w%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Mar 2023 20:22:20 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 8F5A 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewACYC8Iu9hHAA6Zc2IMEmV7pL4UA-nx0w&u=%7C53p4L%2Bu0rWOLeLRoFW0xlvwbAwpN%2Fl7N8awjTUH7fMI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy__U_jolI7iL-L4oo_FnJwiubozSo-ehhClHR-RUc1pMORvr7HWGnt5CeKzYGx0_R3ZptaVSSnLpMm8-bs3vtYBCtohikjPe5sAD7gPCEzs1T3b7xX-L4_NFW2CtTa711-v7bWs9q-huGrUXm3LhIR7bXvVOJQK0aNg_IA--jTl4zzDy7VFQT7zrPL3Uux2KiaKXnHS9ChsP-Z-5hRlYb0RGKWYayAcK98t5b_9ThjMJdmi3Qawc1VHy5MJ-qibN0NKRP-x-GfXPWTJjF5eKQFPgpEx8oglQcP4IGkPzyE-n0zK8PEV8ee-uP-ReVkkdPxr32R5Ry_sq0ThlWXB_l_hd47Bfbsp-oulj3xHl7p-qmSWDyNVh802qC1Ykcs4ba0hQ7KQhJzbx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-uELe5gzYq_ACcew7_UP87K64ArJntKxXPXqoYaIAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakCe9G6FdCYsj6oAwGqBOgBT9DRNPF56QzUWZ4zcJPykuEZaESU8bqsx3CXMZb-hHkR7norcLcw_bI0m6NYUSBDqSEdkdcC5LBnqRZADpFRf_UFlGCvgCEhSRrFVLMaQthoW5UnmvPtUhAfiFmHflvMI9l6R-gErI0c387QCTvH1HcAl0JRuSCxoKcyftDD1qZyjvaEfZ8STWvgDXp9PFJSze1Nqrpj35uXB59DMzsNvQE0poqLoj9OsrxXm8W2k6tIar50Y0cVUSVBnyBWbB1TajHALw1fpHJRWRbCnc4XtGJOuMJlW3sfv7Hnx5YDdy-vQ4cR75GqrYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_10JrfhKJPOIpuJH7z7rbVC-2ND3w%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Mar 2023 20:22:20 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 21FC 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEffwCHkMJAA8DdPERq1dGt6bgudtwuQ&u=%7C53p4L%2Bu0rWN58YE5tUTS7ovOL2wpomK5zsMhbCPhDOI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy3JygHL7QPZbHQg5vtw827UZuL-K2XIlI_HIIoK5Yw9BJjaku2-EdFUqMZy9wvtdHma2jh0Mr4Om94qV24hCREvtjjSzBY9OMRlwBKGUyblphCb5GSrQYfustV3nP8gS9mMEW1mbwEqByUjteOu695KWM3vQwjcVB43GGzw6Xe2THuwTfPH6I3Fwzid42nRxiv9cS4HDSuk1nZWsFt6YlvSBcrbuEZgJDUmKhx_HbXdw2guMLKuDBJhJcYZTJf2bHMvCuGRZylDfM-xCCif69ZNQouFDS2qrHesz_K74b7u7PgLWQsU5DTN7chRHGiZkTccixZZ2Zq_v489QbL9pkkBCYKtxVPN2P9HPc1wn_4GKHoBK7gYc4Wlz7UWf0-8PLSKQsWbkQoCd&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfdcse5gzYvz7EYmG-cAP9Ia8-AHJntKxXM3hkvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQJ70boV0JiyPqgDAaoE7gFP0Ae1QU__BGkr6YCbuQl3UkfK1Yizj1k-sb_SKTHmLeKLO4a2xTkuN_iBOGNQpszVMkn3YeTaVVYPv6cE1T-QeVTq6lvVkyvyeRnW8-TJ18kA7Be2GQFgo2vP3xowTT89mbAgglFbHdpnUkwxd3MSdI4pCR6MkIOaxFVaUTFbhcGPgEhc7JCHk3yeUXQHIxJoabeepb07MH1jbsJd8FY1Vma2vjJMHx8820UufRplB-cVrHp87p_zMvjDNgkBuRL4n6P999I-KpmAM0WHzM_clbQs4ZQiMBpPfW2fR4cKXfUBjVzKMvt-0WKaqrHvgAaalI351ZKE078BoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_12lleO4KPSwB-GqkIMR_X3GsZUHg%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Mar 2023 20:22:20 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 21FC 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEffwCHkMJAA8DdPERq1dGt6bgudtwuQ&u=%7C53p4L%2Bu0rWN58YE5tUTS7ovOL2wpomK5zsMhbCPhDOI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy3JygHL7QPZbHQg5vtw827UZuL-K2XIlI_HIIoK5Yw9BJjaku2-EdFUqMZy9wvtdHma2jh0Mr4Om94qV24hCREvtjjSzBY9OMRlwBKGUyblphCb5GSrQYfustV3nP8gS9mMEW1mbwEqByUjteOu695KWM3vQwjcVB43GGzw6Xe2THuwTfPH6I3Fwzid42nRxiv9cS4HDSuk1nZWsFt6YlvSBcrbuEZgJDUmKhx_HbXdw2guMLKuDBJhJcYZTJf2bHMvCuGRZylDfM-xCCif69ZNQouFDS2qrHesz_K74b7u7PgLWQsU5DTN7chRHGiZkTccixZZ2Zq_v489QbL9pkkBCYKtxVPN2P9HPc1wn_4GKHoBK7gYc4Wlz7UWf0-8PLSKQsWbkQoCd&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfdcse5gzYvz7EYmG-cAP9Ia8-AHJntKxXM3hkvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQJ70boV0JiyPqgDAaoE7gFP0Ae1QU__BGkr6YCbuQl3UkfK1Yizj1k-sb_SKTHmLeKLO4a2xTkuN_iBOGNQpszVMkn3YeTaVVYPv6cE1T-QeVTq6lvVkyvyeRnW8-TJ18kA7Be2GQFgo2vP3xowTT89mbAgglFbHdpnUkwxd3MSdI4pCR6MkIOaxFVaUTFbhcGPgEhc7JCHk3yeUXQHIxJoabeepb07MH1jbsJd8FY1Vma2vjJMHx8820UufRplB-cVrHp87p_zMvjDNgkBuRL4n6P999I-KpmAM0WHzM_clbQs4ZQiMBpPfW2fR4cKXfUBjVzKMvt-0WKaqrHvgAaalI351ZKE078BoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_12lleO4KPSwB-GqkIMR_X3GsZUHg%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Mar 2023 20:22:20 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 21FC 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEffwCHkMJAA8DdPERq1dGt6bgudtwuQ&u=%7C53p4L%2Bu0rWN58YE5tUTS7ovOL2wpomK5zsMhbCPhDOI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy3JygHL7QPZbHQg5vtw827UZuL-K2XIlI_HIIoK5Yw9BJjaku2-EdFUqMZy9wvtdHma2jh0Mr4Om94qV24hCREvtjjSzBY9OMRlwBKGUyblphCb5GSrQYfustV3nP8gS9mMEW1mbwEqByUjteOu695KWM3vQwjcVB43GGzw6Xe2THuwTfPH6I3Fwzid42nRxiv9cS4HDSuk1nZWsFt6YlvSBcrbuEZgJDUmKhx_HbXdw2guMLKuDBJhJcYZTJf2bHMvCuGRZylDfM-xCCif69ZNQouFDS2qrHesz_K74b7u7PgLWQsU5DTN7chRHGiZkTccixZZ2Zq_v489QbL9pkkBCYKtxVPN2P9HPc1wn_4GKHoBK7gYc4Wlz7UWf0-8PLSKQsWbkQoCd&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfdcse5gzYvz7EYmG-cAP9Ia8-AHJntKxXM3hkvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQJ70boV0JiyPqgDAaoE7gFP0Ae1QU__BGkr6YCbuQl3UkfK1Yizj1k-sb_SKTHmLeKLO4a2xTkuN_iBOGNQpszVMkn3YeTaVVYPv6cE1T-QeVTq6lvVkyvyeRnW8-TJ18kA7Be2GQFgo2vP3xowTT89mbAgglFbHdpnUkwxd3MSdI4pCR6MkIOaxFVaUTFbhcGPgEhc7JCHk3yeUXQHIxJoabeepb07MH1jbsJd8FY1Vma2vjJMHx8820UufRplB-cVrHp87p_zMvjDNgkBuRL4n6P999I-KpmAM0WHzM_clbQs4ZQiMBpPfW2fR4cKXfUBjVzKMvt-0WKaqrHvgAaalI351ZKE078BoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_12lleO4KPSwB-GqkIMR_X3GsZUHg%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 12 Mar 2023 20:22:20 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame 21FC 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEffwCHkMJAA8DdPERq1dGt6bgudtwuQ&u=%7C53p4L%2Bu0rWN58YE5tUTS7ovOL2wpomK5zsMhbCPhDOI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy3JygHL7QPZbHQg5vtw827UZuL-K2XIlI_HIIoK5Yw9BJjaku2-EdFUqMZy9wvtdHma2jh0Mr4Om94qV24hCREvtjjSzBY9OMRlwBKGUyblphCb5GSrQYfustV3nP8gS9mMEW1mbwEqByUjteOu695KWM3vQwjcVB43GGzw6Xe2THuwTfPH6I3Fwzid42nRxiv9cS4HDSuk1nZWsFt6YlvSBcrbuEZgJDUmKhx_HbXdw2guMLKuDBJhJcYZTJf2bHMvCuGRZylDfM-xCCif69ZNQouFDS2qrHesz_K74b7u7PgLWQsU5DTN7chRHGiZkTccixZZ2Zq_v489QbL9pkkBCYKtxVPN2P9HPc1wn_4GKHoBK7gYc4Wlz7UWf0-8PLSKQsWbkQoCd&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfdcse5gzYvz7EYmG-cAP9Ia8-AHJntKxXM3hkvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQJ70boV0JiyPqgDAaoE7gFP0Ae1QU__BGkr6YCbuQl3UkfK1Yizj1k-sb_SKTHmLeKLO4a2xTkuN_iBOGNQpszVMkn3YeTaVVYPv6cE1T-QeVTq6lvVkyvyeRnW8-TJ18kA7Be2GQFgo2vP3xowTT89mbAgglFbHdpnUkwxd3MSdI4pCR6MkIOaxFVaUTFbhcGPgEhc7JCHk3yeUXQHIxJoabeepb07MH1jbsJd8FY1Vma2vjJMHx8820UufRplB-cVrHp87p_zMvjDNgkBuRL4n6P999I-KpmAM0WHzM_clbQs4ZQiMBpPfW2fR4cKXfUBjVzKMvt-0WKaqrHvgAaalI351ZKE078BoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_12lleO4KPSwB-GqkIMR_X3GsZUHg%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Sun, 12 Mar 2023 20:22:20 GMT
lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame 21FC 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=0qpN09_jarZdncOBluTGW7awbY2K4YVZQsxjQyMsdsOi8vGROPun8po7WeJhznr_vGh_80ctlDpUMeV_ZTaZjtwqTuqmG8zy6XY8d5kw0TLODaZrWPnteU-m9UFJmXk-cYT6Z2fAY-J1crTzguwXrTJLKPsJDLabKAa0M7JdxwKfjYK1THpGKcrHW2ARdBor_1udzJtloV0RJTnywlPohgtrY92jHG9kcXxZpI3sAwJXQOksStB2diet3F-2wb3oexk4JPRufiajr6XYkOifmynj7W4azvw0ztBI_aQmnN-f23bUpDsOEQaFxnBdlYU2KLeDJtkZqwUVY41nbyn_YuY96elLGLRh549QExTbpXCLzxdmXuRYaKxRAk32tcZCPYI8kqLlXNaWuWD4R7XTYkOtKS0UC1XJgptXpGKMqkeqICrCuvkJOZi6Iak0RQ11C1zpPg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEffwCHkMJAA8DdPERq1dGt6bgudtwuQ&u=%7C53p4L%2Bu0rWN58YE5tUTS7ovOL2wpomK5zsMhbCPhDOI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy3JygHL7QPZbHQg5vtw827UZuL-K2XIlI_HIIoK5Yw9BJjaku2-EdFUqMZy9wvtdHma2jh0Mr4Om94qV24hCREvtjjSzBY9OMRlwBKGUyblphCb5GSrQYfustV3nP8gS9mMEW1mbwEqByUjteOu695KWM3vQwjcVB43GGzw6Xe2THuwTfPH6I3Fwzid42nRxiv9cS4HDSuk1nZWsFt6YlvSBcrbuEZgJDUmKhx_HbXdw2guMLKuDBJhJcYZTJf2bHMvCuGRZylDfM-xCCif69ZNQouFDS2qrHesz_K74b7u7PgLWQsU5DTN7chRHGiZkTccixZZ2Zq_v489QbL9pkkBCYKtxVPN2P9HPc1wn_4GKHoBK7gYc4Wlz7UWf0-8PLSKQsWbkQoCd&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfdcse5gzYvz7EYmG-cAP9Ia8-AHJntKxXM3hkvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQJ70boV0JiyPqgDAaoE7gFP0Ae1QU__BGkr6YCbuQl3UkfK1Yizj1k-sb_SKTHmLeKLO4a2xTkuN_iBOGNQpszVMkn3YeTaVVYPv6cE1T-QeVTq6lvVkyvyeRnW8-TJ18kA7Be2GQFgo2vP3xowTT89mbAgglFbHdpnUkwxd3MSdI4pCR6MkIOaxFVaUTFbhcGPgEhc7JCHk3yeUXQHIxJoabeepb07MH1jbsJd8FY1Vma2vjJMHx8820UufRplB-cVrHp87p_zMvjDNgkBuRL4n6P999I-KpmAM0WHzM_clbQs4ZQiMBpPfW2fR4cKXfUBjVzKMvt-0WKaqrHvgAaalI351ZKE078BoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_12lleO4KPSwB-GqkIMR_X3GsZUHg%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 20:22:20 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1811687
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 2A90 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAFXhQCHkItAAhrcCGKFIu_PvOdT-9SKQ&u=%7C53p4L%2Bu0rWPphGaIm%2FFdHttMPf%2BxfQjPlAmgqGmWYW0%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy3JygHL7QPZbHQg5vtw827VIdug1IH5QSs611gFA-0cRVozMc2BBFD8gBDxD-jInhsI4iS1mf-pRLoXmySWDexqH-9_IbotiGyX2mohiwxwROdUgmjxw5Pw97S2AzjYWaC1IJ39NLZixo4wat24Km1b2F66Yo_RBimiZmpfkKfw5MV7wzocfLAA5jRNTEtKqTrG2K4bu1nvax5l_1PQoCv2tf0pbTNL4ZkD2E4eYUJTI1m5DKKObgVyPXctdq31WCGrCWeCvFtmwToCVCzanomCeb5PFmIcyzD9A1EuhCpC8VIv5J35om6a8_U8-jgvR7lFzwoSQpnwsfidUXvzk7PZ26T86gxSOFqzb58KnaIJARXGf9rhzdbQ95c9xDJMatqZKfR7xNFBr&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCevyde5gzYpS8Fa2E-cAP8NahwAHJntKxXI3w4taTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakCe9G6FdCYsj6oAwGqBO4BT9Au4N9rNKlgPoPrun2FJw2X4b2xc_gRfAliicDTR3QVvl_CzV2VAFNje0sYOMARk5LpqzZjJZJb8VUXAs2Kf1R-dyIHGDBR6Zfxri8OzECL7GbLXkPZ7wn_UEK2Lz2f_bIwZGL_eiohLGTntH6ZORC_3kjoWS-SsR3PaR1WMLba9szZl9Zqqi6NxJ_ML-y_x_i4cVPvFdtdW7nO5e2AqopLJw-FBel_Qa-9Rf3cc779RbcjL8c73EPSQXuUR2z_THRrATPqRAGLuGbUIv0cCXtyOu3R9vaurqLaghxo9PT_40lQPNWBYHqI0EyVBIAGmpSN-dWShNO_AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3KvSr1BN8xW0sJ85gB8bUbjlt_dA%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Mar 2023 20:22:20 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 2A90 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAFXhQCHkItAAhrcCGKFIu_PvOdT-9SKQ&u=%7C53p4L%2Bu0rWPphGaIm%2FFdHttMPf%2BxfQjPlAmgqGmWYW0%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy3JygHL7QPZbHQg5vtw827VIdug1IH5QSs611gFA-0cRVozMc2BBFD8gBDxD-jInhsI4iS1mf-pRLoXmySWDexqH-9_IbotiGyX2mohiwxwROdUgmjxw5Pw97S2AzjYWaC1IJ39NLZixo4wat24Km1b2F66Yo_RBimiZmpfkKfw5MV7wzocfLAA5jRNTEtKqTrG2K4bu1nvax5l_1PQoCv2tf0pbTNL4ZkD2E4eYUJTI1m5DKKObgVyPXctdq31WCGrCWeCvFtmwToCVCzanomCeb5PFmIcyzD9A1EuhCpC8VIv5J35om6a8_U8-jgvR7lFzwoSQpnwsfidUXvzk7PZ26T86gxSOFqzb58KnaIJARXGf9rhzdbQ95c9xDJMatqZKfR7xNFBr&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCevyde5gzYpS8Fa2E-cAP8NahwAHJntKxXI3w4taTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakCe9G6FdCYsj6oAwGqBO4BT9Au4N9rNKlgPoPrun2FJw2X4b2xc_gRfAliicDTR3QVvl_CzV2VAFNje0sYOMARk5LpqzZjJZJb8VUXAs2Kf1R-dyIHGDBR6Zfxri8OzECL7GbLXkPZ7wn_UEK2Lz2f_bIwZGL_eiohLGTntH6ZORC_3kjoWS-SsR3PaR1WMLba9szZl9Zqqi6NxJ_ML-y_x_i4cVPvFdtdW7nO5e2AqopLJw-FBel_Qa-9Rf3cc779RbcjL8c73EPSQXuUR2z_THRrATPqRAGLuGbUIv0cCXtyOu3R9vaurqLaghxo9PT_40lQPNWBYHqI0EyVBIAGmpSN-dWShNO_AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3KvSr1BN8xW0sJ85gB8bUbjlt_dA%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Mar 2023 20:22:20 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 2A90 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAFXhQCHkItAAhrcCGKFIu_PvOdT-9SKQ&u=%7C53p4L%2Bu0rWPphGaIm%2FFdHttMPf%2BxfQjPlAmgqGmWYW0%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy3JygHL7QPZbHQg5vtw827VIdug1IH5QSs611gFA-0cRVozMc2BBFD8gBDxD-jInhsI4iS1mf-pRLoXmySWDexqH-9_IbotiGyX2mohiwxwROdUgmjxw5Pw97S2AzjYWaC1IJ39NLZixo4wat24Km1b2F66Yo_RBimiZmpfkKfw5MV7wzocfLAA5jRNTEtKqTrG2K4bu1nvax5l_1PQoCv2tf0pbTNL4ZkD2E4eYUJTI1m5DKKObgVyPXctdq31WCGrCWeCvFtmwToCVCzanomCeb5PFmIcyzD9A1EuhCpC8VIv5J35om6a8_U8-jgvR7lFzwoSQpnwsfidUXvzk7PZ26T86gxSOFqzb58KnaIJARXGf9rhzdbQ95c9xDJMatqZKfR7xNFBr&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCevyde5gzYpS8Fa2E-cAP8NahwAHJntKxXI3w4taTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakCe9G6FdCYsj6oAwGqBO4BT9Au4N9rNKlgPoPrun2FJw2X4b2xc_gRfAliicDTR3QVvl_CzV2VAFNje0sYOMARk5LpqzZjJZJb8VUXAs2Kf1R-dyIHGDBR6Zfxri8OzECL7GbLXkPZ7wn_UEK2Lz2f_bIwZGL_eiohLGTntH6ZORC_3kjoWS-SsR3PaR1WMLba9szZl9Zqqi6NxJ_ML-y_x_i4cVPvFdtdW7nO5e2AqopLJw-FBel_Qa-9Rf3cc779RbcjL8c73EPSQXuUR2z_THRrATPqRAGLuGbUIv0cCXtyOu3R9vaurqLaghxo9PT_40lQPNWBYHqI0EyVBIAGmpSN-dWShNO_AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3KvSr1BN8xW0sJ85gB8bUbjlt_dA%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 12 Mar 2023 20:22:20 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame 2A90 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAFXhQCHkItAAhrcCGKFIu_PvOdT-9SKQ&u=%7C53p4L%2Bu0rWPphGaIm%2FFdHttMPf%2BxfQjPlAmgqGmWYW0%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy3JygHL7QPZbHQg5vtw827VIdug1IH5QSs611gFA-0cRVozMc2BBFD8gBDxD-jInhsI4iS1mf-pRLoXmySWDexqH-9_IbotiGyX2mohiwxwROdUgmjxw5Pw97S2AzjYWaC1IJ39NLZixo4wat24Km1b2F66Yo_RBimiZmpfkKfw5MV7wzocfLAA5jRNTEtKqTrG2K4bu1nvax5l_1PQoCv2tf0pbTNL4ZkD2E4eYUJTI1m5DKKObgVyPXctdq31WCGrCWeCvFtmwToCVCzanomCeb5PFmIcyzD9A1EuhCpC8VIv5J35om6a8_U8-jgvR7lFzwoSQpnwsfidUXvzk7PZ26T86gxSOFqzb58KnaIJARXGf9rhzdbQ95c9xDJMatqZKfR7xNFBr&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCevyde5gzYpS8Fa2E-cAP8NahwAHJntKxXI3w4taTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakCe9G6FdCYsj6oAwGqBO4BT9Au4N9rNKlgPoPrun2FJw2X4b2xc_gRfAliicDTR3QVvl_CzV2VAFNje0sYOMARk5LpqzZjJZJb8VUXAs2Kf1R-dyIHGDBR6Zfxri8OzECL7GbLXkPZ7wn_UEK2Lz2f_bIwZGL_eiohLGTntH6ZORC_3kjoWS-SsR3PaR1WMLba9szZl9Zqqi6NxJ_ML-y_x_i4cVPvFdtdW7nO5e2AqopLJw-FBel_Qa-9Rf3cc779RbcjL8c73EPSQXuUR2z_THRrATPqRAGLuGbUIv0cCXtyOu3R9vaurqLaghxo9PT_40lQPNWBYHqI0EyVBIAGmpSN-dWShNO_AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3KvSr1BN8xW0sJ85gB8bUbjlt_dA%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Sun, 12 Mar 2023 20:22:20 GMT
lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame 2A90 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=oF4Xjt_jarZdncOBluTGW7awbY2_XQU5fNuXd12gfnxcF1VJ91w9DiwbOqtyNYdolbaMgYFbbKc23T7riYBavKEDtaGzqseINOddcUrOBSeIGkvZ3vAUYcz1DpqWelfzT8x0KQUMs9hoyDnBOV37QusyJuq4mYd0C2lx3dBNiJvLJM_3yD5WPwz8L0WmFx2Xb0xO6swLZ6-KsjjQYc8khmPSKreQQ2YDDZ1tWF-nXsyVemUAGPkl2ez5MDZ-QTmhNYg7_wi8ZUciCQIJapidQA_cKY20RnXa1UDGn3S5PY2DpTcE2GbGBG9tJUofv35hVxl1U-mYjJK904Hw4fjchijGcUY1PaCyM5dDOrtMO6u9P51DDND9ErjvtxZjmMJooN0SQ6P1hBGbyw_jvjXB4ormWS9U_Ri15CqzTP3xNuhTrWVCMafnGeDrn38Yv8d2AcOkFw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAFXhQCHkItAAhrcCGKFIu_PvOdT-9SKQ&u=%7C53p4L%2Bu0rWPphGaIm%2FFdHttMPf%2BxfQjPlAmgqGmWYW0%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy3JygHL7QPZbHQg5vtw827VIdug1IH5QSs611gFA-0cRVozMc2BBFD8gBDxD-jInhsI4iS1mf-pRLoXmySWDexqH-9_IbotiGyX2mohiwxwROdUgmjxw5Pw97S2AzjYWaC1IJ39NLZixo4wat24Km1b2F66Yo_RBimiZmpfkKfw5MV7wzocfLAA5jRNTEtKqTrG2K4bu1nvax5l_1PQoCv2tf0pbTNL4ZkD2E4eYUJTI1m5DKKObgVyPXctdq31WCGrCWeCvFtmwToCVCzanomCeb5PFmIcyzD9A1EuhCpC8VIv5J35om6a8_U8-jgvR7lFzwoSQpnwsfidUXvzk7PZ26T86gxSOFqzb58KnaIJARXGf9rhzdbQ95c9xDJMatqZKfR7xNFBr&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCevyde5gzYpS8Fa2E-cAP8NahwAHJntKxXI3w4taTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakCe9G6FdCYsj6oAwGqBO4BT9Au4N9rNKlgPoPrun2FJw2X4b2xc_gRfAliicDTR3QVvl_CzV2VAFNje0sYOMARk5LpqzZjJZJb8VUXAs2Kf1R-dyIHGDBR6Zfxri8OzECL7GbLXkPZ7wn_UEK2Lz2f_bIwZGL_eiohLGTntH6ZORC_3kjoWS-SsR3PaR1WMLba9szZl9Zqqi6NxJ_ML-y_x_i4cVPvFdtdW7nO5e2AqopLJw-FBel_Qa-9Rf3cc779RbcjL8c73EPSQXuUR2z_THRrATPqRAGLuGbUIv0cCXtyOu3R9vaurqLaghxo9PT_40lQPNWBYHqI0EyVBIAGmpSN-dWShNO_AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3KvSr1BN8xW0sJ85gB8bUbjlt_dA%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 20:22:20 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3029616
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
truncated
/ Frame C393 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2c41ab562019affd9695b46d5d578f89084f57a52d49b1dc615eaee4c712334d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 899E 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2ebd9aa9494786b937d613ea1275db6a3037711ffd26df6ce7bc4d310d2e5cf5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
cta-component.20220317-4-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 7E0E 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/cta-component.20220317-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d4162059d6cd7b0466a9ce82a9291edf80f6b6f917b3c16d609189642d0f577

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
_IsTW05_QuAleY9UoFKna1KZEGRPyPgn
content-encoding
gzip
etag
"47d73a153babedf60d5af4950c70e3b8"
age
117
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4969
x-amz-id-2
34zA6O11J59Vxy9w/yL3O1XVUJfgsfNp+QjKITy/U0ls2F5w4uTZ5JKwpYIEn6SGOn5lf0ZBDmY=
x-served-by
cache-hhn4081-HHN
last-modified
Thu, 17 Mar 2022 11:48:16 GMT
server
AmazonS3
x-timer
S1647548540.275768,VS0,VE0
date
Thu, 17 Mar 2022 20:22:20 GMT
vary
Accept-Encoding
x-amz-request-id
SR67B5JJCJJDV1PR
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
25
x-cache-hits
65
tb
15.taboola.com/ Frame 7E0E 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://15.taboola.com/tb?oid=15&pubnm=disqus-widget-safetylevel20longtail09&unitType=226&tbloc=&pageType=text&pstn=%7B%22domain%22%3A%20%22https%3A%2F%2Fwww.threatminer.org%22%2C%20%22experiment%22%3A%20%22network_default%22%2C%20%22position%22%3A%20%22bottom%22%2C%20%22shortname%22%3A%20%22threatminer%22%2C%20%22variant%22%3A%20%22fallthrough%22%7D&uuip=&cisrf=https%3A%2F%2Fwww.threatminer.org%2F&cirf=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&encoded=1&uid=905492e9-08ab-4b54-b02c-7e3aed2ede47-tuct92d1dfb&variant=-100|478542&callback=TRC.videoTagCallbacks.videoCallback1&cb=1647548540275&tagid=&cntry=DE&platform=1&sesid=ed560b05dd286eef1b7a377ea5f88a7e&itemid=/domain.php&viewid=1647548539558&geolat=&geoing=&deviceifa=&appid=&sd=v2_ed560b05dd286eef1b7a377ea5f88a7e_905492e9-08ab-4b54-b02c-7e3aed2ede47-tuct92d1dfb_1647548539_1647548539_CIi3jgYQktQ_GKbFrsz5LyABKAEwODib4wlAjooQSPat2QNQqOwQWABgAGjb_5X0ga2ul6YBcAA&ri=4dc5924e6a7fedbfb8476e42d8e59a01&appname=&cdb=&gdprApplies=true&rid=&sii=-1507660391031960164&oee=true&tpubid=1042962&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=TH&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1003147&prcnt=&layer=&normp=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220317-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b2b59df9ea81774e47b6c3a10cda87bdd6a84236056dc674a68149f6bcb945c4

Request headers

Referer
https://www.threatminer.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
content-encoding
gzip
access-control-allow-origin
https://www.threatminer.org
machineid
1414
x-cache
MISS
xvid-debug
mrmr - :
x-served-by
cache-hhn4081-HHN
pragma
no-cache
server
nginx
x-timer
S1647548540.279497,VS0,VE12
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://am-wf.taboola.com>; rel=preconnect
x-cache-hits
0
userx.20220317-4-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 7E0E 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20220317-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
abd88df9325b4176f0f9a715dc327522eec4b7f6d10b586fb95c08f3a36aa514

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
2nFTDPZhObhyoS8gUTiEs.nsWD74hgzD
content-encoding
gzip
etag
"62374a778a3dd9f06782c90aa01a57dc"
age
49
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5398
x-amz-id-2
Lbgx/2eVCyLjfusIiezkk1v+zWw45Xt/u6GacgR/CBSxb1LaG+7gRtAVIYmoOWZ853iHAmBT1rA=
x-served-by
cache-hhn4081-HHN
last-modified
Thu, 17 Mar 2022 11:47:24 GMT
server
AmazonS3
x-timer
S1647548540.279533,VS0,VE0
date
Thu, 17 Mar 2022 20:22:20 GMT
vary
Accept-Encoding
x-amz-request-id
TQ7QXXWJ2M6QH0AW
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
25
x-cache-hits
26404
fix-user-id
trc.taboola.com/disqus-widget-safetylevel20longtail09/log/3/ Frame 7E0E 		0
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/disqus-widget-safetylevel20longtail09/log/3/fix-user-id?lti=deflated&ri=4dc5924e6a7fedbfb8476e42d8e59a01&sd=v2_ed560b05dd286eef1b7a377ea5f88a7e_905492e9-08ab-4b54-b02c-7e3aed2ede47-tuct92d1dfb_1647548539_1647548539_CIi3jgYQktQ_GKbFrsz5LyABKAEwODib4wlAjooQSPat2QNQqOwQWABgAGjb_5X0ga2ul6YBcAA&ui=905492e9-08ab-4b54-b02c-7e3aed2ede47-tuct92d1dfb&pi=/domain.php&wi=-1507660391031960164&pt=text&vi=1647548539558&time=1647548540266&fromUser=91430338-dd96-4fff-91eb-ac4a94df2317-tuct92d1dfb&toUser=905492e9-08ab-4b54-b02c-7e3aed2ede47-tuct92d1dfb&fromSD=v2_afcba10d0059f03f021824d78393d6e8_91430338-dd96-4fff-91eb-ac4a94df2317-tuct92d1dfb_1647548539_1647548539_CIi3jgYQktQ_GKbFrsz5LyABKAEwODib4wlAjooQSPat2QNQqOwQWABgAGjb_5X0ga2ul6YBcAA&toSD=v2_ed560b05dd286eef1b7a377ea5f88a7e_905492e9-08ab-4b54-b02c-7e3aed2ede47-tuct92d1dfb_1647548539_1647548539_CIi3jgYQktQ_GKbFrsz5LyABKAEwODib4wlAjooQSPat2QNQqOwQWABgAGjb_5X0ga2ul6YBcAA&tim=20%3A22%3A20.266&id=853&llvl=2&cv=20220317-4-RELEASE&
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Thu, 17 Mar 2022 20:22:20 GMT
via
1.1 varnish
server
nginx
x-timer
S1647548540.279933,VS0,VE9
x-served-by
cache-hhn4081-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
415b2ac65c7d1b6df1383922a2275fda.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame A1CC 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/415b2ac65c7d1b6df1383922a2275fda.jpg
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8e68f00a9da4c1a595c5a1ae865ef53156d34239deabf20ec018734bcbbc637e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 17 Mar 2022 20:22:20 GMT
via
1.1 varnish, 1.1 varnish
age
4414038
edge-cache-tag
335680939579248661493744367728157286530,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag
335680939579248661493744367728157286530,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
85
expiration
expiry-date="Sun, 30 Jan 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/415b2ac65c7d1b6df1383922a2275fda.jpg
content-length
5998
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified
Thu, 30 Dec 2021 16:45:01 GMT
server
nginx
x-timer
S1647548540.285641,VS0,VE0
etag
"9057779dd8dc0e59d29037801b8562e9"
x-served-by
cache-bwi5027-BWI, cache-iad-kjyo7100152-IAD, cache-hhn4081-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
5f1d5ba45d16d21b3027a8ac607144eb.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame A1CC 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5f1d5ba45d16d21b3027a8ac607144eb.jpeg
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
22841fbfbd90b3664e6a10924d684e69f3abc6567acac5fac9d83e89b1ff65ab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 17 Mar 2022 20:22:20 GMT
via
1.1 varnish, 1.1 varnish
age
2460769
edge-cache-tag
385489854243790316348739416577429000953,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag
385489854243790316348739416577429000953,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
36
expiration
expiry-date="Fri, 18 Mar 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5f1d5ba45d16d21b3027a8ac607144eb.jpeg
content-length
8254
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Tue, 15 Feb 2022 11:09:32 GMT
server
nginx
x-timer
S1647548540.285537,VS0,VE0
etag
"d4120c9e94bd67839f3ecf49b68a61f5"
x-served-by
cache-bwi5071-BWI, cache-iad-kcgs7200028-IAD, cache-hhn4081-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 8607
357ddf017e7a016913d2a99816a96520.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame A1CC 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/357ddf017e7a016913d2a99816a96520.png
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bb35c990687adce309473f322847f1ed00df5d747b878d1c1fb17ed08bb4c6d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 17 Mar 2022 20:22:20 GMT
via
1.1 varnish, 1.1 varnish
age
1425440
edge-cache-tag
331637262338431415085098021364481681079,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag
331637262338431415085098021364481681079,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
98
x-envoy-upstream-service-time
36
expiration
expiry-date="Thu, 03 Mar 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/357ddf017e7a016913d2a99816a96520.png
content-length
9512
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Mon, 31 Jan 2022 10:51:26 GMT
server
nginx
x-timer
S1647548540.287617,VS0,VE0
etag
"87446e6c385ef4aea9b830a03e955e15"
x-served-by
cache-wdc5565-WDC, cache-iad-kjyo7100074-IAD, cache-hhn4081-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
edf611c43d4542531888c3d1a31ba942.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame A1CC 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/edf611c43d4542531888c3d1a31ba942.png
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c1cb0391a7350246e78b832768ac97c5c45b7375a8d6d03f9f72c90ce3e6b45c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 17 Mar 2022 20:22:20 GMT
via
1.1 varnish, 1.1 varnish
age
2488710
edge-cache-tag
567986803542660119462745307891726157490,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag
567986803542660119462745307891726157490,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
87
expiration
expiry-date="Thu, 17 Feb 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/edf611c43d4542531888c3d1a31ba942.png
content-length
6034
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified
Mon, 17 Jan 2022 15:46:45 GMT
server
nginx
x-timer
S1647548540.287696,VS0,VE0
etag
"ed89d241173a4a1d86b4291b6c538a0d"
x-served-by
cache-bwi5071-BWI, cache-iad-kiad7000140-IAD, cache-hhn4081-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
943de76840269fb52eeedcfbda616580.jfif
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame A1CC 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/943de76840269fb52eeedcfbda616580.jfif
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
219bae97d4f16ea48ffb78a363182c5ea2a3937488b03fb74a89b60d0e80aa50

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 17 Mar 2022 20:22:20 GMT
via
1.1 varnish, 1.1 varnish
age
1476723
edge-cache-tag
444910687945873722450631421443045237597,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag
444910687945873722450631421443045237597,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
33
expiration
expiry-date="Thu, 31 Mar 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/943de76840269fb52eeedcfbda616580.jfif
content-length
7644
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Mon, 28 Feb 2022 13:54:45 GMT
server
nginx
x-timer
S1647548540.287843,VS0,VE0
etag
"09f58cd643a292308391d9f63dd89239"
x-served-by
cache-bwi5079-BWI, cache-iad-kjyo7100169-IAD, cache-hhn4081-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
tbp
15.taboola.com/ Frame A1CC 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://15.taboola.com/tbp?oid=15&pubid=166277&tagid=948107&pstn=[pstn]&cb=[cb]&callback=TRC.pVideoCallbacks.videoCallback1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220317-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
546e1c2bff422ccefe6c8fb39cedd6a279dd8790a0a01343492e93ece15c695e

Request headers

Referer
https://www.threatminer.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
content-encoding
gzip
access-control-allow-origin
https://www.threatminer.org
machineid
1444
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn4081-HHN
pragma
no-cache
server
nginx
x-timer
S1647548540.288472,VS0,VE19
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
5caf2e65bec1862417560f766e3017ed.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame A1CC 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5caf2e65bec1862417560f766e3017ed.jpg
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
69d3945a8d076a254a46eacaee06ae6cf7db0306c8727fd7c451f23c3a2b26ce

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 17 Mar 2022 20:22:20 GMT
via
1.1 varnish, 1.1 varnish
age
3164341
edge-cache-tag
473510749030488951307065470310466400699,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag
473510749030488951307065470310466400699,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
112
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5caf2e65bec1862417560f766e3017ed.jpg
content-length
29726
x-request-id
959079ffd786581231ed20a2ea40f354
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified
Sat, 22 Jan 2022 00:27:45 GMT
server
nginx
x-timer
S1647548540.288824,VS0,VE1
etag
"0a4c867f6f6dfd844a117a9a44931b11"
x-served-by
cache-wdc5570-WDC, cache-iad-kcgs7200035-IAD, cache-hhn4081-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
195cb737df8de9f19504199374e47f60.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame A1CC 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/195cb737df8de9f19504199374e47f60.jpg
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d98cbae27516de590fffa26b6d3c6a4cda56092313c4e00848b34759ed5a9a8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 17 Mar 2022 20:22:20 GMT
via
1.1 varnish, 1.1 varnish
age
1591728
edge-cache-tag
420576888841939107814244004741557393202,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag
420576888841939107814244004741557393202,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
648
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/195cb737df8de9f19504199374e47f60.jpg
content-length
7962
x-request-id
c1a86cbaea092c3eb177a73aaf6ca88f
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified
Sun, 20 Feb 2022 09:22:38 GMT
server
nginx
x-timer
S1647548540.305880,VS0,VE0
etag
"2f5ba94376aef424c891a505b2c06be1"
x-served-by
cache-wdc5525-WDC, cache-iad-kiad7000048-IAD, cache-hhn4081-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
truncated
/ Frame 2826 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
27078706c3d7dce41daba975d93a3956ebe09ce8035eed3c3ea0c3d83844b91d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
UnitWidgetItemDesktop.min.js
vidstat.taboola.com/lite-unit/1.4.0/ Frame A1CC 		79 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/1.4.0/UnitWidgetItemDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220317-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e92552bc193c8bae835c7b6db6eea8a39593fa14fb75a227f738c415330cc84e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
via
1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront), 1.1 varnish
age
73323
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
23743
x-served-by
cache-hhn4081-HHN
last-modified
Tue, 31 Mar 2020 13:14:35 GMT
server
AmazonS3
x-timer
S1647548540.303469,VS0,VE0
etag
"b683c290896a82c974838a04b4ea4aff"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
WiS0fh_cXILKTu8bUdrsdhq5IsQD6YXsCWXO_RK6jQQzsgdiU8eYFQ==
x-cache-hits
9
animejs.js
static.criteo.net/animejs/ Frame 9189 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEJikKGU0QAA1KMgeVI_KPrKQZ1NQn4w&u=%7C53p4L%2Bu0rWOJoLpU%2BYTZ3OIFKjwUiOExSZYxUBAXJLU%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZ55jg2GioG1UNIFjG3inPavEoiWtYxQZz4Q9ofnHFKvp5tmIESiIMle3GPQat4DvzKiGgSbpZQzY_VRmW7eFbQbk6uNFEX7tavK404LuC1MEbFzzxWiIdyMYWgl4IJHj9qVfeN4ULFZsawAyyEjjer6PZIIlohMVDJIOomiLDjCOB2C29gV8xH0bdTeTBQ_SlzbhD4IPwoA8dCr7EAeCe0r5KkDw-5ylp0FoJMP06ZAhynKAMjcoTMVdC_TYLER7fvi17Xy-sj9Ak7jO2y3ci7d-gYL4mSezWZToHG7YLMGFnCW9m7dLdCGo_G-3VX9TRTXgWHprRvSIrWjM1KL9CcpX1uUAvMYI-MvGZ3uE_CRT6aU2Fj2eoy&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4dMze5gzYqnMEJCaZbKUtZgOyZ7SsVzFjIvgmgHAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTcyMDc2MzI3MTUzMjM3N6AB1bbS6gPIAQmpAu2N_Nuno7I-qAMBqgTvAU_QD05-yofHDk-7d6zWfLG2OkCnHbn3iblKBIERoA6sywWd2u0EyzIbSghwU8tck5pJlQjKvxMgrnlFYsj0smOe2IYdQHcZxLDVChWPbhtgVeJsWqkbF1b6YcYqozTdEMLjizmIkc2yP5-MglVcHQV0Y2n5QBVsF_jqmDJzK_vDTI9VctwvT7KKB5KmDMRAVgg6kN0Zjvx0m4uo3sBZUks11M35ZsyQjtjPSucrw3-ppeRqZK9AHD4gbWmTr45eD5G5pe8WMeEzFCLZ45A7kV7wK7GZe02gUxsXxJmcz-NxoIPY6NS5WxI0FDmFiKyXgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0dj-o0CYlVfpKDd88i_kIC78yxvQ%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Mar 2023 20:22:20 GMT
img
pix.eu.criteo.net/img/ Frame 9189 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F2%2FlogoCoroplast-Fritz-Muller-GmbH-Co-KG-30584DE-2007220954.gif%3Feb%3D1&v=3&w=400&s=dDSl07gOS-0dwERLeszgubI9&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEJikKGU0QAA1KMgeVI_KPrKQZ1NQn4w&u=%7C53p4L%2Bu0rWOJoLpU%2BYTZ3OIFKjwUiOExSZYxUBAXJLU%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZ55jg2GioG1UNIFjG3inPavEoiWtYxQZz4Q9ofnHFKvp5tmIESiIMle3GPQat4DvzKiGgSbpZQzY_VRmW7eFbQbk6uNFEX7tavK404LuC1MEbFzzxWiIdyMYWgl4IJHj9qVfeN4ULFZsawAyyEjjer6PZIIlohMVDJIOomiLDjCOB2C29gV8xH0bdTeTBQ_SlzbhD4IPwoA8dCr7EAeCe0r5KkDw-5ylp0FoJMP06ZAhynKAMjcoTMVdC_TYLER7fvi17Xy-sj9Ak7jO2y3ci7d-gYL4mSezWZToHG7YLMGFnCW9m7dLdCGo_G-3VX9TRTXgWHprRvSIrWjM1KL9CcpX1uUAvMYI-MvGZ3uE_CRT6aU2Fj2eoy&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4dMze5gzYqnMEJCaZbKUtZgOyZ7SsVzFjIvgmgHAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTcyMDc2MzI3MTUzMjM3N6AB1bbS6gPIAQmpAu2N_Nuno7I-qAMBqgTvAU_QD05-yofHDk-7d6zWfLG2OkCnHbn3iblKBIERoA6sywWd2u0EyzIbSghwU8tck5pJlQjKvxMgrnlFYsj0smOe2IYdQHcZxLDVChWPbhtgVeJsWqkbF1b6YcYqozTdEMLjizmIkc2yP5-MglVcHQV0Y2n5QBVsF_jqmDJzK_vDTI9VctwvT7KKB5KmDMRAVgg6kN0Zjvx0m4uo3sBZUks11M35ZsyQjtjPSucrw3-ppeRqZK9AHD4gbWmTr45eD5G5pe8WMeEzFCLZ45A7kV7wK7GZe02gUxsXxJmcz-NxoIPY6NS5WxI0FDmFiKyXgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0dj-o0CYlVfpKDd88i_kIC78yxvQ%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
38fae82219b536c5750f7d9df69c2fe43bcc231b0d2ae3444704e095108f0c46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1001819
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
6352
expires
Tue, 29 Mar 2022 10:39:19 GMT
img
pix.eu.criteo.net/img/ Frame 9189 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FR%2FlogoRohde-Schwarz-Cybersecurity-GmbH-171555DE.gif%3Feb%3D1&v=3&w=400&s=qv2CTmtIW0KgtnhgJOFkv3GY&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEJikKGU0QAA1KMgeVI_KPrKQZ1NQn4w&u=%7C53p4L%2Bu0rWOJoLpU%2BYTZ3OIFKjwUiOExSZYxUBAXJLU%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZ55jg2GioG1UNIFjG3inPavEoiWtYxQZz4Q9ofnHFKvp5tmIESiIMle3GPQat4DvzKiGgSbpZQzY_VRmW7eFbQbk6uNFEX7tavK404LuC1MEbFzzxWiIdyMYWgl4IJHj9qVfeN4ULFZsawAyyEjjer6PZIIlohMVDJIOomiLDjCOB2C29gV8xH0bdTeTBQ_SlzbhD4IPwoA8dCr7EAeCe0r5KkDw-5ylp0FoJMP06ZAhynKAMjcoTMVdC_TYLER7fvi17Xy-sj9Ak7jO2y3ci7d-gYL4mSezWZToHG7YLMGFnCW9m7dLdCGo_G-3VX9TRTXgWHprRvSIrWjM1KL9CcpX1uUAvMYI-MvGZ3uE_CRT6aU2Fj2eoy&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4dMze5gzYqnMEJCaZbKUtZgOyZ7SsVzFjIvgmgHAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTcyMDc2MzI3MTUzMjM3N6AB1bbS6gPIAQmpAu2N_Nuno7I-qAMBqgTvAU_QD05-yofHDk-7d6zWfLG2OkCnHbn3iblKBIERoA6sywWd2u0EyzIbSghwU8tck5pJlQjKvxMgrnlFYsj0smOe2IYdQHcZxLDVChWPbhtgVeJsWqkbF1b6YcYqozTdEMLjizmIkc2yP5-MglVcHQV0Y2n5QBVsF_jqmDJzK_vDTI9VctwvT7KKB5KmDMRAVgg6kN0Zjvx0m4uo3sBZUks11M35ZsyQjtjPSucrw3-ppeRqZK9AHD4gbWmTr45eD5G5pe8WMeEzFCLZ45A7kV7wK7GZe02gUxsXxJmcz-NxoIPY6NS5WxI0FDmFiKyXgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0dj-o0CYlVfpKDd88i_kIC78yxvQ%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
31844a6a9bdbed5ea86ca5f91a6837fdf9fad712f9f163a98d2f053b6727efcc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2135229
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1066
expires
Mon, 11 Apr 2022 13:29:29 GMT
img
pix.eu.criteo.net/img/ Frame 9189 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FZ%2FlogoZEISS-3427DE.gif%3Feb%3D1&v=3&w=400&s=57jpJpXqQqO6aPmte_wy5ihf&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEJikKGU0QAA1KMgeVI_KPrKQZ1NQn4w&u=%7C53p4L%2Bu0rWOJoLpU%2BYTZ3OIFKjwUiOExSZYxUBAXJLU%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZ55jg2GioG1UNIFjG3inPavEoiWtYxQZz4Q9ofnHFKvp5tmIESiIMle3GPQat4DvzKiGgSbpZQzY_VRmW7eFbQbk6uNFEX7tavK404LuC1MEbFzzxWiIdyMYWgl4IJHj9qVfeN4ULFZsawAyyEjjer6PZIIlohMVDJIOomiLDjCOB2C29gV8xH0bdTeTBQ_SlzbhD4IPwoA8dCr7EAeCe0r5KkDw-5ylp0FoJMP06ZAhynKAMjcoTMVdC_TYLER7fvi17Xy-sj9Ak7jO2y3ci7d-gYL4mSezWZToHG7YLMGFnCW9m7dLdCGo_G-3VX9TRTXgWHprRvSIrWjM1KL9CcpX1uUAvMYI-MvGZ3uE_CRT6aU2Fj2eoy&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4dMze5gzYqnMEJCaZbKUtZgOyZ7SsVzFjIvgmgHAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTcyMDc2MzI3MTUzMjM3N6AB1bbS6gPIAQmpAu2N_Nuno7I-qAMBqgTvAU_QD05-yofHDk-7d6zWfLG2OkCnHbn3iblKBIERoA6sywWd2u0EyzIbSghwU8tck5pJlQjKvxMgrnlFYsj0smOe2IYdQHcZxLDVChWPbhtgVeJsWqkbF1b6YcYqozTdEMLjizmIkc2yP5-MglVcHQV0Y2n5QBVsF_jqmDJzK_vDTI9VctwvT7KKB5KmDMRAVgg6kN0Zjvx0m4uo3sBZUks11M35ZsyQjtjPSucrw3-ppeRqZK9AHD4gbWmTr45eD5G5pe8WMeEzFCLZ45A7kV7wK7GZe02gUxsXxJmcz-NxoIPY6NS5WxI0FDmFiKyXgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0dj-o0CYlVfpKDd88i_kIC78yxvQ%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
a6c11502463f3445d37d3184cef1016bb3c77dbc12b88636788632bfe5e87b98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2561902
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1244
expires
Sat, 16 Apr 2022 12:00:42 GMT
img
pix.eu.criteo.net/img/ Frame 9189 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F9%2FlogoB-S-GmbH-Logistik-und-Dienstleistungen-102868DE-2005221026.gif%3Feb%3D1&v=3&w=400&s=x8LJwOgK24se6SXZtiiubrAc&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEJikKGU0QAA1KMgeVI_KPrKQZ1NQn4w&u=%7C53p4L%2Bu0rWOJoLpU%2BYTZ3OIFKjwUiOExSZYxUBAXJLU%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZ55jg2GioG1UNIFjG3inPavEoiWtYxQZz4Q9ofnHFKvp5tmIESiIMle3GPQat4DvzKiGgSbpZQzY_VRmW7eFbQbk6uNFEX7tavK404LuC1MEbFzzxWiIdyMYWgl4IJHj9qVfeN4ULFZsawAyyEjjer6PZIIlohMVDJIOomiLDjCOB2C29gV8xH0bdTeTBQ_SlzbhD4IPwoA8dCr7EAeCe0r5KkDw-5ylp0FoJMP06ZAhynKAMjcoTMVdC_TYLER7fvi17Xy-sj9Ak7jO2y3ci7d-gYL4mSezWZToHG7YLMGFnCW9m7dLdCGo_G-3VX9TRTXgWHprRvSIrWjM1KL9CcpX1uUAvMYI-MvGZ3uE_CRT6aU2Fj2eoy&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4dMze5gzYqnMEJCaZbKUtZgOyZ7SsVzFjIvgmgHAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTcyMDc2MzI3MTUzMjM3N6AB1bbS6gPIAQmpAu2N_Nuno7I-qAMBqgTvAU_QD05-yofHDk-7d6zWfLG2OkCnHbn3iblKBIERoA6sywWd2u0EyzIbSghwU8tck5pJlQjKvxMgrnlFYsj0smOe2IYdQHcZxLDVChWPbhtgVeJsWqkbF1b6YcYqozTdEMLjizmIkc2yP5-MglVcHQV0Y2n5QBVsF_jqmDJzK_vDTI9VctwvT7KKB5KmDMRAVgg6kN0Zjvx0m4uo3sBZUks11M35ZsyQjtjPSucrw3-ppeRqZK9AHD4gbWmTr45eD5G5pe8WMeEzFCLZ45A7kV7wK7GZe02gUxsXxJmcz-NxoIPY6NS5WxI0FDmFiKyXgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0dj-o0CYlVfpKDd88i_kIC78yxvQ%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
6e0a3942f9b558837e55277eb4079684a5a275fd7a24a48ba5efcae25a33f48c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2208260
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
7262
expires
Tue, 12 Apr 2022 09:46:40 GMT
img
pix.eu.criteo.net/img/ Frame 9189 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=396&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F79f2c646e3f74b54931cff1f39d769d0_blue.png&v=3&w=196&s=VeFegqT8bXFJP1TUO2R8q-fm
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEJikKGU0QAA1KMgeVI_KPrKQZ1NQn4w&u=%7C53p4L%2Bu0rWOJoLpU%2BYTZ3OIFKjwUiOExSZYxUBAXJLU%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZ55jg2GioG1UNIFjG3inPavEoiWtYxQZz4Q9ofnHFKvp5tmIESiIMle3GPQat4DvzKiGgSbpZQzY_VRmW7eFbQbk6uNFEX7tavK404LuC1MEbFzzxWiIdyMYWgl4IJHj9qVfeN4ULFZsawAyyEjjer6PZIIlohMVDJIOomiLDjCOB2C29gV8xH0bdTeTBQ_SlzbhD4IPwoA8dCr7EAeCe0r5KkDw-5ylp0FoJMP06ZAhynKAMjcoTMVdC_TYLER7fvi17Xy-sj9Ak7jO2y3ci7d-gYL4mSezWZToHG7YLMGFnCW9m7dLdCGo_G-3VX9TRTXgWHprRvSIrWjM1KL9CcpX1uUAvMYI-MvGZ3uE_CRT6aU2Fj2eoy&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4dMze5gzYqnMEJCaZbKUtZgOyZ7SsVzFjIvgmgHAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTcyMDc2MzI3MTUzMjM3N6AB1bbS6gPIAQmpAu2N_Nuno7I-qAMBqgTvAU_QD05-yofHDk-7d6zWfLG2OkCnHbn3iblKBIERoA6sywWd2u0EyzIbSghwU8tck5pJlQjKvxMgrnlFYsj0smOe2IYdQHcZxLDVChWPbhtgVeJsWqkbF1b6YcYqozTdEMLjizmIkc2yP5-MglVcHQV0Y2n5QBVsF_jqmDJzK_vDTI9VctwvT7KKB5KmDMRAVgg6kN0Zjvx0m4uo3sBZUks11M35ZsyQjtjPSucrw3-ppeRqZK9AHD4gbWmTr45eD5G5pe8WMeEzFCLZ45A7kV7wK7GZe02gUxsXxJmcz-NxoIPY6NS5WxI0FDmFiKyXgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0dj-o0CYlVfpKDd88i_kIC78yxvQ%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
bfcd7a262745ac2a8520d46dbe261c5db424c001970e9ebe83c440bfb48454f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29522911
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
6722
expires
Wed, 22 Feb 2023 13:10:51 GMT
img
pix.eu.criteo.net/img/ Frame 9189 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FE%2FlogoFALKENSERVICE-SECURITY-e-K-290081DE-2202081350.gif%3Feb%3D1&v=3&w=400&s=zChjUjeY6x2C7EIMaxgtIWnA&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEJikKGU0QAA1KMgeVI_KPrKQZ1NQn4w&u=%7C53p4L%2Bu0rWOJoLpU%2BYTZ3OIFKjwUiOExSZYxUBAXJLU%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZ55jg2GioG1UNIFjG3inPavEoiWtYxQZz4Q9ofnHFKvp5tmIESiIMle3GPQat4DvzKiGgSbpZQzY_VRmW7eFbQbk6uNFEX7tavK404LuC1MEbFzzxWiIdyMYWgl4IJHj9qVfeN4ULFZsawAyyEjjer6PZIIlohMVDJIOomiLDjCOB2C29gV8xH0bdTeTBQ_SlzbhD4IPwoA8dCr7EAeCe0r5KkDw-5ylp0FoJMP06ZAhynKAMjcoTMVdC_TYLER7fvi17Xy-sj9Ak7jO2y3ci7d-gYL4mSezWZToHG7YLMGFnCW9m7dLdCGo_G-3VX9TRTXgWHprRvSIrWjM1KL9CcpX1uUAvMYI-MvGZ3uE_CRT6aU2Fj2eoy&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4dMze5gzYqnMEJCaZbKUtZgOyZ7SsVzFjIvgmgHAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTcyMDc2MzI3MTUzMjM3N6AB1bbS6gPIAQmpAu2N_Nuno7I-qAMBqgTvAU_QD05-yofHDk-7d6zWfLG2OkCnHbn3iblKBIERoA6sywWd2u0EyzIbSghwU8tck5pJlQjKvxMgrnlFYsj0smOe2IYdQHcZxLDVChWPbhtgVeJsWqkbF1b6YcYqozTdEMLjizmIkc2yP5-MglVcHQV0Y2n5QBVsF_jqmDJzK_vDTI9VctwvT7KKB5KmDMRAVgg6kN0Zjvx0m4uo3sBZUks11M35ZsyQjtjPSucrw3-ppeRqZK9AHD4gbWmTr45eD5G5pe8WMeEzFCLZ45A7kV7wK7GZe02gUxsXxJmcz-NxoIPY6NS5WxI0FDmFiKyXgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0dj-o0CYlVfpKDd88i_kIC78yxvQ%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
6ebf6e3119f960929b7dfc03c768bc514a80964aaaec1f73fee86c64eb1b6c71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2071633
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
5186
expires
Sun, 10 Apr 2022 19:49:33 GMT
img
pix.eu.criteo.net/img/ Frame 9189 		400 B
662 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoDB_Mobility_Logistics_AG_60544DE.gif%3Feb%3D1&v=3&w=400&s=qejL_9Irgvb-0KwTC4SpoEgt&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEJikKGU0QAA1KMgeVI_KPrKQZ1NQn4w&u=%7C53p4L%2Bu0rWOJoLpU%2BYTZ3OIFKjwUiOExSZYxUBAXJLU%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZ55jg2GioG1UNIFjG3inPavEoiWtYxQZz4Q9ofnHFKvp5tmIESiIMle3GPQat4DvzKiGgSbpZQzY_VRmW7eFbQbk6uNFEX7tavK404LuC1MEbFzzxWiIdyMYWgl4IJHj9qVfeN4ULFZsawAyyEjjer6PZIIlohMVDJIOomiLDjCOB2C29gV8xH0bdTeTBQ_SlzbhD4IPwoA8dCr7EAeCe0r5KkDw-5ylp0FoJMP06ZAhynKAMjcoTMVdC_TYLER7fvi17Xy-sj9Ak7jO2y3ci7d-gYL4mSezWZToHG7YLMGFnCW9m7dLdCGo_G-3VX9TRTXgWHprRvSIrWjM1KL9CcpX1uUAvMYI-MvGZ3uE_CRT6aU2Fj2eoy&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4dMze5gzYqnMEJCaZbKUtZgOyZ7SsVzFjIvgmgHAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTcyMDc2MzI3MTUzMjM3N6AB1bbS6gPIAQmpAu2N_Nuno7I-qAMBqgTvAU_QD05-yofHDk-7d6zWfLG2OkCnHbn3iblKBIERoA6sywWd2u0EyzIbSghwU8tck5pJlQjKvxMgrnlFYsj0smOe2IYdQHcZxLDVChWPbhtgVeJsWqkbF1b6YcYqozTdEMLjizmIkc2yP5-MglVcHQV0Y2n5QBVsF_jqmDJzK_vDTI9VctwvT7KKB5KmDMRAVgg6kN0Zjvx0m4uo3sBZUks11M35ZsyQjtjPSucrw3-ppeRqZK9AHD4gbWmTr45eD5G5pe8WMeEzFCLZ45A7kV7wK7GZe02gUxsXxJmcz-NxoIPY6NS5WxI0FDmFiKyXgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0dj-o0CYlVfpKDd88i_kIC78yxvQ%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
42c9e4f9d8c14ea0ecac49e147f029a6bb58b69e544bd63667e5b0e64169f631
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=148194
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
400
expires
Sat, 19 Mar 2022 13:32:14 GMT
img
pix.eu.criteo.net/img/ Frame 9189 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FT%2Flogotesa-SE-73709DE.gif%3Feb%3D1&v=3&w=400&s=x_XrGTJUeLDq-9DOX_IUad__&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEJikKGU0QAA1KMgeVI_KPrKQZ1NQn4w&u=%7C53p4L%2Bu0rWOJoLpU%2BYTZ3OIFKjwUiOExSZYxUBAXJLU%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZ55jg2GioG1UNIFjG3inPavEoiWtYxQZz4Q9ofnHFKvp5tmIESiIMle3GPQat4DvzKiGgSbpZQzY_VRmW7eFbQbk6uNFEX7tavK404LuC1MEbFzzxWiIdyMYWgl4IJHj9qVfeN4ULFZsawAyyEjjer6PZIIlohMVDJIOomiLDjCOB2C29gV8xH0bdTeTBQ_SlzbhD4IPwoA8dCr7EAeCe0r5KkDw-5ylp0FoJMP06ZAhynKAMjcoTMVdC_TYLER7fvi17Xy-sj9Ak7jO2y3ci7d-gYL4mSezWZToHG7YLMGFnCW9m7dLdCGo_G-3VX9TRTXgWHprRvSIrWjM1KL9CcpX1uUAvMYI-MvGZ3uE_CRT6aU2Fj2eoy&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4dMze5gzYqnMEJCaZbKUtZgOyZ7SsVzFjIvgmgHAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTcyMDc2MzI3MTUzMjM3N6AB1bbS6gPIAQmpAu2N_Nuno7I-qAMBqgTvAU_QD05-yofHDk-7d6zWfLG2OkCnHbn3iblKBIERoA6sywWd2u0EyzIbSghwU8tck5pJlQjKvxMgrnlFYsj0smOe2IYdQHcZxLDVChWPbhtgVeJsWqkbF1b6YcYqozTdEMLjizmIkc2yP5-MglVcHQV0Y2n5QBVsF_jqmDJzK_vDTI9VctwvT7KKB5KmDMRAVgg6kN0Zjvx0m4uo3sBZUks11M35ZsyQjtjPSucrw3-ppeRqZK9AHD4gbWmTr45eD5G5pe8WMeEzFCLZ45A7kV7wK7GZe02gUxsXxJmcz-NxoIPY6NS5WxI0FDmFiKyXgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0dj-o0CYlVfpKDd88i_kIC78yxvQ%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
1c4fe0cc424c39e9c4797b25e8a4fda45cf96ca81c0c5d799144e21fba76a477
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1982
expires
Sun, 12 Mar 2023 20:22:20 GMT
img
pix.eu.criteo.net/img/ Frame 9189 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FF%2FlogoSiegfried-Dorr-Handelsagentur-GmbH-253805DE-2203101538.gif%3Feb%3D1&v=3&w=400&s=ALBu3i2RM10dyO1UlAhhkTwt&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEJikKGU0QAA1KMgeVI_KPrKQZ1NQn4w&u=%7C53p4L%2Bu0rWOJoLpU%2BYTZ3OIFKjwUiOExSZYxUBAXJLU%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZ55jg2GioG1UNIFjG3inPavEoiWtYxQZz4Q9ofnHFKvp5tmIESiIMle3GPQat4DvzKiGgSbpZQzY_VRmW7eFbQbk6uNFEX7tavK404LuC1MEbFzzxWiIdyMYWgl4IJHj9qVfeN4ULFZsawAyyEjjer6PZIIlohMVDJIOomiLDjCOB2C29gV8xH0bdTeTBQ_SlzbhD4IPwoA8dCr7EAeCe0r5KkDw-5ylp0FoJMP06ZAhynKAMjcoTMVdC_TYLER7fvi17Xy-sj9Ak7jO2y3ci7d-gYL4mSezWZToHG7YLMGFnCW9m7dLdCGo_G-3VX9TRTXgWHprRvSIrWjM1KL9CcpX1uUAvMYI-MvGZ3uE_CRT6aU2Fj2eoy&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4dMze5gzYqnMEJCaZbKUtZgOyZ7SsVzFjIvgmgHAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTcyMDc2MzI3MTUzMjM3N6AB1bbS6gPIAQmpAu2N_Nuno7I-qAMBqgTvAU_QD05-yofHDk-7d6zWfLG2OkCnHbn3iblKBIERoA6sywWd2u0EyzIbSghwU8tck5pJlQjKvxMgrnlFYsj0smOe2IYdQHcZxLDVChWPbhtgVeJsWqkbF1b6YcYqozTdEMLjizmIkc2yP5-MglVcHQV0Y2n5QBVsF_jqmDJzK_vDTI9VctwvT7KKB5KmDMRAVgg6kN0Zjvx0m4uo3sBZUks11M35ZsyQjtjPSucrw3-ppeRqZK9AHD4gbWmTr45eD5G5pe8WMeEzFCLZ45A7kV7wK7GZe02gUxsXxJmcz-NxoIPY6NS5WxI0FDmFiKyXgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0dj-o0CYlVfpKDd88i_kIC78yxvQ%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
f9adb85568e820d965276429e8f778f6ba223fd160884be9ffd19929f112fee9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2027867
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
4754
expires
Sun, 10 Apr 2022 07:40:08 GMT
img
pix.eu.criteo.net/img/ Frame 9189 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F8%2FlogoCapgemini-Invent-22500DE-2108181202.gif%3Feb%3D1&v=3&w=400&s=PFekcj3JZYAeSQ7huNKuc3SC&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEJikKGU0QAA1KMgeVI_KPrKQZ1NQn4w&u=%7C53p4L%2Bu0rWOJoLpU%2BYTZ3OIFKjwUiOExSZYxUBAXJLU%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZ55jg2GioG1UNIFjG3inPavEoiWtYxQZz4Q9ofnHFKvp5tmIESiIMle3GPQat4DvzKiGgSbpZQzY_VRmW7eFbQbk6uNFEX7tavK404LuC1MEbFzzxWiIdyMYWgl4IJHj9qVfeN4ULFZsawAyyEjjer6PZIIlohMVDJIOomiLDjCOB2C29gV8xH0bdTeTBQ_SlzbhD4IPwoA8dCr7EAeCe0r5KkDw-5ylp0FoJMP06ZAhynKAMjcoTMVdC_TYLER7fvi17Xy-sj9Ak7jO2y3ci7d-gYL4mSezWZToHG7YLMGFnCW9m7dLdCGo_G-3VX9TRTXgWHprRvSIrWjM1KL9CcpX1uUAvMYI-MvGZ3uE_CRT6aU2Fj2eoy&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4dMze5gzYqnMEJCaZbKUtZgOyZ7SsVzFjIvgmgHAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTcyMDc2MzI3MTUzMjM3N6AB1bbS6gPIAQmpAu2N_Nuno7I-qAMBqgTvAU_QD05-yofHDk-7d6zWfLG2OkCnHbn3iblKBIERoA6sywWd2u0EyzIbSghwU8tck5pJlQjKvxMgrnlFYsj0smOe2IYdQHcZxLDVChWPbhtgVeJsWqkbF1b6YcYqozTdEMLjizmIkc2yP5-MglVcHQV0Y2n5QBVsF_jqmDJzK_vDTI9VctwvT7KKB5KmDMRAVgg6kN0Zjvx0m4uo3sBZUks11M35ZsyQjtjPSucrw3-ppeRqZK9AHD4gbWmTr45eD5G5pe8WMeEzFCLZ45A7kV7wK7GZe02gUxsXxJmcz-NxoIPY6NS5WxI0FDmFiKyXgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0dj-o0CYlVfpKDd88i_kIC78yxvQ%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
28dd16c670efe7d607a46f8232d78b0c8470d2b9395042a6cd18254f6fcc4199
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2195473
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1482
expires
Tue, 12 Apr 2022 06:13:33 GMT
img
pix.eu.criteo.net/img/ Frame 9189 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FE%2FlogoEnergiequelle-GmbH-68961DE.gif%3Feb%3D1&v=3&w=400&s=De3iQUblG-UpuaDmzQhrdtLw&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEJikKGU0QAA1KMgeVI_KPrKQZ1NQn4w&u=%7C53p4L%2Bu0rWOJoLpU%2BYTZ3OIFKjwUiOExSZYxUBAXJLU%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZ55jg2GioG1UNIFjG3inPavEoiWtYxQZz4Q9ofnHFKvp5tmIESiIMle3GPQat4DvzKiGgSbpZQzY_VRmW7eFbQbk6uNFEX7tavK404LuC1MEbFzzxWiIdyMYWgl4IJHj9qVfeN4ULFZsawAyyEjjer6PZIIlohMVDJIOomiLDjCOB2C29gV8xH0bdTeTBQ_SlzbhD4IPwoA8dCr7EAeCe0r5KkDw-5ylp0FoJMP06ZAhynKAMjcoTMVdC_TYLER7fvi17Xy-sj9Ak7jO2y3ci7d-gYL4mSezWZToHG7YLMGFnCW9m7dLdCGo_G-3VX9TRTXgWHprRvSIrWjM1KL9CcpX1uUAvMYI-MvGZ3uE_CRT6aU2Fj2eoy&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4dMze5gzYqnMEJCaZbKUtZgOyZ7SsVzFjIvgmgHAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTcyMDc2MzI3MTUzMjM3N6AB1bbS6gPIAQmpAu2N_Nuno7I-qAMBqgTvAU_QD05-yofHDk-7d6zWfLG2OkCnHbn3iblKBIERoA6sywWd2u0EyzIbSghwU8tck5pJlQjKvxMgrnlFYsj0smOe2IYdQHcZxLDVChWPbhtgVeJsWqkbF1b6YcYqozTdEMLjizmIkc2yP5-MglVcHQV0Y2n5QBVsF_jqmDJzK_vDTI9VctwvT7KKB5KmDMRAVgg6kN0Zjvx0m4uo3sBZUks11M35ZsyQjtjPSucrw3-ppeRqZK9AHD4gbWmTr45eD5G5pe8WMeEzFCLZ45A7kV7wK7GZe02gUxsXxJmcz-NxoIPY6NS5WxI0FDmFiKyXgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0dj-o0CYlVfpKDd88i_kIC78yxvQ%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e8674372b3d629c4eb40e69746fad5cf5c7f60b258ba101b7bc29c1a95f8bdc7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2374241
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1086
expires
Thu, 14 Apr 2022 07:53:02 GMT
img
pix.eu.criteo.net/img/ Frame 9189 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F6%2FlogoBosch-Gruppe-2804DE-1909091413.gif%3Feb%3D1&v=3&w=400&s=mpSaavc37cTAcDERDSmhZdBJ&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEJikKGU0QAA1KMgeVI_KPrKQZ1NQn4w&u=%7C53p4L%2Bu0rWOJoLpU%2BYTZ3OIFKjwUiOExSZYxUBAXJLU%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZ55jg2GioG1UNIFjG3inPavEoiWtYxQZz4Q9ofnHFKvp5tmIESiIMle3GPQat4DvzKiGgSbpZQzY_VRmW7eFbQbk6uNFEX7tavK404LuC1MEbFzzxWiIdyMYWgl4IJHj9qVfeN4ULFZsawAyyEjjer6PZIIlohMVDJIOomiLDjCOB2C29gV8xH0bdTeTBQ_SlzbhD4IPwoA8dCr7EAeCe0r5KkDw-5ylp0FoJMP06ZAhynKAMjcoTMVdC_TYLER7fvi17Xy-sj9Ak7jO2y3ci7d-gYL4mSezWZToHG7YLMGFnCW9m7dLdCGo_G-3VX9TRTXgWHprRvSIrWjM1KL9CcpX1uUAvMYI-MvGZ3uE_CRT6aU2Fj2eoy&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4dMze5gzYqnMEJCaZbKUtZgOyZ7SsVzFjIvgmgHAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTcyMDc2MzI3MTUzMjM3N6AB1bbS6gPIAQmpAu2N_Nuno7I-qAMBqgTvAU_QD05-yofHDk-7d6zWfLG2OkCnHbn3iblKBIERoA6sywWd2u0EyzIbSghwU8tck5pJlQjKvxMgrnlFYsj0smOe2IYdQHcZxLDVChWPbhtgVeJsWqkbF1b6YcYqozTdEMLjizmIkc2yP5-MglVcHQV0Y2n5QBVsF_jqmDJzK_vDTI9VctwvT7KKB5KmDMRAVgg6kN0Zjvx0m4uo3sBZUks11M35ZsyQjtjPSucrw3-ppeRqZK9AHD4gbWmTr45eD5G5pe8WMeEzFCLZ45A7kV7wK7GZe02gUxsXxJmcz-NxoIPY6NS5WxI0FDmFiKyXgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0dj-o0CYlVfpKDd88i_kIC78yxvQ%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
490319aff00a55cfc00d9e24f71f39fc0801858055c62c07bec8fabf2f6e24ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=959
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1584
expires
Thu, 17 Mar 2022 20:38:19 GMT
img
pix.eu.criteo.net/img/ Frame 9189 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FJ%2FlogoJS_Deutschland_GmbH_24984DE.gif%3Feb%3D1&v=3&w=400&s=t5TW_8UYa2eFuuuPo_Q7nmQe&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEJikKGU0QAA1KMgeVI_KPrKQZ1NQn4w&u=%7C53p4L%2Bu0rWOJoLpU%2BYTZ3OIFKjwUiOExSZYxUBAXJLU%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZ55jg2GioG1UNIFjG3inPavEoiWtYxQZz4Q9ofnHFKvp5tmIESiIMle3GPQat4DvzKiGgSbpZQzY_VRmW7eFbQbk6uNFEX7tavK404LuC1MEbFzzxWiIdyMYWgl4IJHj9qVfeN4ULFZsawAyyEjjer6PZIIlohMVDJIOomiLDjCOB2C29gV8xH0bdTeTBQ_SlzbhD4IPwoA8dCr7EAeCe0r5KkDw-5ylp0FoJMP06ZAhynKAMjcoTMVdC_TYLER7fvi17Xy-sj9Ak7jO2y3ci7d-gYL4mSezWZToHG7YLMGFnCW9m7dLdCGo_G-3VX9TRTXgWHprRvSIrWjM1KL9CcpX1uUAvMYI-MvGZ3uE_CRT6aU2Fj2eoy&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4dMze5gzYqnMEJCaZbKUtZgOyZ7SsVzFjIvgmgHAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTcyMDc2MzI3MTUzMjM3N6AB1bbS6gPIAQmpAu2N_Nuno7I-qAMBqgTvAU_QD05-yofHDk-7d6zWfLG2OkCnHbn3iblKBIERoA6sywWd2u0EyzIbSghwU8tck5pJlQjKvxMgrnlFYsj0smOe2IYdQHcZxLDVChWPbhtgVeJsWqkbF1b6YcYqozTdEMLjizmIkc2yP5-MglVcHQV0Y2n5QBVsF_jqmDJzK_vDTI9VctwvT7KKB5KmDMRAVgg6kN0Zjvx0m4uo3sBZUks11M35ZsyQjtjPSucrw3-ppeRqZK9AHD4gbWmTr45eD5G5pe8WMeEzFCLZ45A7kV7wK7GZe02gUxsXxJmcz-NxoIPY6NS5WxI0FDmFiKyXgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0dj-o0CYlVfpKDd88i_kIC78yxvQ%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
639665b9e97aad7d30114d5b9b4d4b391d1ee6e870fd4515ec28e5a24c22863a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2469988
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1100
expires
Fri, 15 Apr 2022 10:28:48 GMT
all
csm.eu.criteo.net/ Frame 9189 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=zcw2VX8m309QXgpdxHUVKBKNIX29yjnmn3ICS-ynHmDAk0eAcxQfE1C-8PkGGXe8SzWfFiKXlbRZXiw5cMYUmEkYmVhoBFa10m7ymhnulYB_Z2QhBsMQg1raMWo_wkXM29aIM3hAec7Kl-Mk3KOseUHIyzCL9Jh2X7VaiBf9oYUGtMIG3aGN7B7yHIhuWhoJ5d44qMywo3R9WFdqUY0oKu1QdZeWjeSsbmB0miHt0_rRnEtrNaER9otUQ_ASpTdCSLRrzw&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEJikKGU0QAA1KMgeVI_KPrKQZ1NQn4w&u=%7C53p4L%2Bu0rWOJoLpU%2BYTZ3OIFKjwUiOExSZYxUBAXJLU%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZ55jg2GioG1UNIFjG3inPavEoiWtYxQZz4Q9ofnHFKvp5tmIESiIMle3GPQat4DvzKiGgSbpZQzY_VRmW7eFbQbk6uNFEX7tavK404LuC1MEbFzzxWiIdyMYWgl4IJHj9qVfeN4ULFZsawAyyEjjer6PZIIlohMVDJIOomiLDjCOB2C29gV8xH0bdTeTBQ_SlzbhD4IPwoA8dCr7EAeCe0r5KkDw-5ylp0FoJMP06ZAhynKAMjcoTMVdC_TYLER7fvi17Xy-sj9Ak7jO2y3ci7d-gYL4mSezWZToHG7YLMGFnCW9m7dLdCGo_G-3VX9TRTXgWHprRvSIrWjM1KL9CcpX1uUAvMYI-MvGZ3uE_CRT6aU2Fj2eoy&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4dMze5gzYqnMEJCaZbKUtZgOyZ7SsVzFjIvgmgHAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTcyMDc2MzI3MTUzMjM3N6AB1bbS6gPIAQmpAu2N_Nuno7I-qAMBqgTvAU_QD05-yofHDk-7d6zWfLG2OkCnHbn3iblKBIERoA6sywWd2u0EyzIbSghwU8tck5pJlQjKvxMgrnlFYsj0smOe2IYdQHcZxLDVChWPbhtgVeJsWqkbF1b6YcYqozTdEMLjizmIkc2yP5-MglVcHQV0Y2n5QBVsF_jqmDJzK_vDTI9VctwvT7KKB5KmDMRAVgg6kN0Zjvx0m4uo3sBZUks11M35ZsyQjtjPSucrw3-ppeRqZK9AHD4gbWmTr45eD5G5pe8WMeEzFCLZ45A7kV7wK7GZe02gUxsXxJmcz-NxoIPY6NS5WxI0FDmFiKyXgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0dj-o0CYlVfpKDd88i_kIC78yxvQ%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 17 Mar 2022 20:22:19 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 9189 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEJikKGU0QAA1KMgeVI_KPrKQZ1NQn4w&u=%7C53p4L%2Bu0rWOJoLpU%2BYTZ3OIFKjwUiOExSZYxUBAXJLU%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZ55jg2GioG1UNIFjG3inPavEoiWtYxQZz4Q9ofnHFKvp5tmIESiIMle3GPQat4DvzKiGgSbpZQzY_VRmW7eFbQbk6uNFEX7tavK404LuC1MEbFzzxWiIdyMYWgl4IJHj9qVfeN4ULFZsawAyyEjjer6PZIIlohMVDJIOomiLDjCOB2C29gV8xH0bdTeTBQ_SlzbhD4IPwoA8dCr7EAeCe0r5KkDw-5ylp0FoJMP06ZAhynKAMjcoTMVdC_TYLER7fvi17Xy-sj9Ak7jO2y3ci7d-gYL4mSezWZToHG7YLMGFnCW9m7dLdCGo_G-3VX9TRTXgWHprRvSIrWjM1KL9CcpX1uUAvMYI-MvGZ3uE_CRT6aU2Fj2eoy&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4dMze5gzYqnMEJCaZbKUtZgOyZ7SsVzFjIvgmgHAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTcyMDc2MzI3MTUzMjM3N6AB1bbS6gPIAQmpAu2N_Nuno7I-qAMBqgTvAU_QD05-yofHDk-7d6zWfLG2OkCnHbn3iblKBIERoA6sywWd2u0EyzIbSghwU8tck5pJlQjKvxMgrnlFYsj0smOe2IYdQHcZxLDVChWPbhtgVeJsWqkbF1b6YcYqozTdEMLjizmIkc2yP5-MglVcHQV0Y2n5QBVsF_jqmDJzK_vDTI9VctwvT7KKB5KmDMRAVgg6kN0Zjvx0m4uo3sBZUks11M35ZsyQjtjPSucrw3-ppeRqZK9AHD4gbWmTr45eD5G5pe8WMeEzFCLZ45A7kV7wK7GZe02gUxsXxJmcz-NxoIPY6NS5WxI0FDmFiKyXgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0dj-o0CYlVfpKDd88i_kIC78yxvQ%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Mar 2023 20:22:20 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 9189 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEJikKGU0QAA1KMgeVI_KPrKQZ1NQn4w&u=%7C53p4L%2Bu0rWOJoLpU%2BYTZ3OIFKjwUiOExSZYxUBAXJLU%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZ55jg2GioG1UNIFjG3inPavEoiWtYxQZz4Q9ofnHFKvp5tmIESiIMle3GPQat4DvzKiGgSbpZQzY_VRmW7eFbQbk6uNFEX7tavK404LuC1MEbFzzxWiIdyMYWgl4IJHj9qVfeN4ULFZsawAyyEjjer6PZIIlohMVDJIOomiLDjCOB2C29gV8xH0bdTeTBQ_SlzbhD4IPwoA8dCr7EAeCe0r5KkDw-5ylp0FoJMP06ZAhynKAMjcoTMVdC_TYLER7fvi17Xy-sj9Ak7jO2y3ci7d-gYL4mSezWZToHG7YLMGFnCW9m7dLdCGo_G-3VX9TRTXgWHprRvSIrWjM1KL9CcpX1uUAvMYI-MvGZ3uE_CRT6aU2Fj2eoy&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4dMze5gzYqnMEJCaZbKUtZgOyZ7SsVzFjIvgmgHAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTcyMDc2MzI3MTUzMjM3N6AB1bbS6gPIAQmpAu2N_Nuno7I-qAMBqgTvAU_QD05-yofHDk-7d6zWfLG2OkCnHbn3iblKBIERoA6sywWd2u0EyzIbSghwU8tck5pJlQjKvxMgrnlFYsj0smOe2IYdQHcZxLDVChWPbhtgVeJsWqkbF1b6YcYqozTdEMLjizmIkc2yP5-MglVcHQV0Y2n5QBVsF_jqmDJzK_vDTI9VctwvT7KKB5KmDMRAVgg6kN0Zjvx0m4uo3sBZUks11M35ZsyQjtjPSucrw3-ppeRqZK9AHD4gbWmTr45eD5G5pe8WMeEzFCLZ45A7kV7wK7GZe02gUxsXxJmcz-NxoIPY6NS5WxI0FDmFiKyXgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0dj-o0CYlVfpKDd88i_kIC78yxvQ%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Mar 2023 20:22:20 GMT
animejs.js
static.criteo.net/animejs/ Frame B6C6 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewADXXICHkxrAAFRu8OjsMStkraaigP-oQ&u=%7C53p4L%2Bu0rWNeNOTdpoEapHDst9Y9WVczfBlGGQUdgZ8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XQ0-yw8NmxFGL_UnDcLO3UySnFSdUVgWANakzpgPUeta3Dy4CP1u-c5o_1uKljUG0hjirO8NdI8MKYmcR_tFnZMBgXQ5J6xrYRc-Nh8OndtdIaAP3DROvFmevssvQpM-kxCADcFkDLubQ5lIDrHphA96olCiXTOsBq8li2-BfvmHn7XLC3Z90ohVsxlji-n3iStS96-ixn4EWVByjTy4UkJUXAtfk3GchJVdYU5YevWUB66KK1WI4MpFbfIPtPm-AnlcbXCgDkvcHJT0MPOFVoBmL1dNxnLk_pOoOp77MdIFr0H_1tt3QZQyA_gZrTAe7KxkjfGnO-iIHjvnuEzAqN1AJhoOTvcmxs4vQKO78q1sY0ks8v0H8hWqCdgS9wcon7rzwF4pjvhE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC52Aqe5gzYvK6DeuY-cAPu6OFkA7JntKxXM3x4t2IAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBOcBT9DmDDtdxphOqGelRqfklzHYnrdlFYz7cDJHMcR1cVRXdq4Z5jzGumiiPkdj3GuvdHgAly6HDGZikrmNWY8KqPraawYy8jjc7PhC4QYIS3NF5FIcl4vPqHbFE-FixzfkVABpsjkwYZks549UYbAEZt4GNsV1okfOdh_4Rgx8MKu_WQrD1a-0sGRXRU30VtAG42IV0pY7v7pGvngvY4hbhesJow617OuAQavW2O1820POkluQmMoq4XP4jjrwuyH2p5fZSNR_9j8CE4PbkoWEhXCg7x-T7ShXS30_YFhs3Qy1HrIKg9-LgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0ydKr-MGoAOCm_-VOZZ9EEyw7w4A%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Mar 2023 20:22:20 GMT
img
pix.eu.criteo.net/img/ Frame B6C6 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F2%2FlogoCoroplast-Fritz-Muller-GmbH-Co-KG-30584DE-2007220954.gif%3Feb%3D1&v=3&w=400&s=dDSl07gOS-0dwERLeszgubI9&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewADXXICHkxrAAFRu8OjsMStkraaigP-oQ&u=%7C53p4L%2Bu0rWNeNOTdpoEapHDst9Y9WVczfBlGGQUdgZ8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XQ0-yw8NmxFGL_UnDcLO3UySnFSdUVgWANakzpgPUeta3Dy4CP1u-c5o_1uKljUG0hjirO8NdI8MKYmcR_tFnZMBgXQ5J6xrYRc-Nh8OndtdIaAP3DROvFmevssvQpM-kxCADcFkDLubQ5lIDrHphA96olCiXTOsBq8li2-BfvmHn7XLC3Z90ohVsxlji-n3iStS96-ixn4EWVByjTy4UkJUXAtfk3GchJVdYU5YevWUB66KK1WI4MpFbfIPtPm-AnlcbXCgDkvcHJT0MPOFVoBmL1dNxnLk_pOoOp77MdIFr0H_1tt3QZQyA_gZrTAe7KxkjfGnO-iIHjvnuEzAqN1AJhoOTvcmxs4vQKO78q1sY0ks8v0H8hWqCdgS9wcon7rzwF4pjvhE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC52Aqe5gzYvK6DeuY-cAPu6OFkA7JntKxXM3x4t2IAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBOcBT9DmDDtdxphOqGelRqfklzHYnrdlFYz7cDJHMcR1cVRXdq4Z5jzGumiiPkdj3GuvdHgAly6HDGZikrmNWY8KqPraawYy8jjc7PhC4QYIS3NF5FIcl4vPqHbFE-FixzfkVABpsjkwYZks549UYbAEZt4GNsV1okfOdh_4Rgx8MKu_WQrD1a-0sGRXRU30VtAG42IV0pY7v7pGvngvY4hbhesJow617OuAQavW2O1820POkluQmMoq4XP4jjrwuyH2p5fZSNR_9j8CE4PbkoWEhXCg7x-T7ShXS30_YFhs3Qy1HrIKg9-LgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0ydKr-MGoAOCm_-VOZZ9EEyw7w4A%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
38fae82219b536c5750f7d9df69c2fe43bcc231b0d2ae3444704e095108f0c46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1001819
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
6352
expires
Tue, 29 Mar 2022 10:39:19 GMT
img
pix.eu.criteo.net/img/ Frame B6C6 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FE%2FlogoFALKENSERVICE-SECURITY-e-K-290081DE-2202081350.gif%3Feb%3D1&v=3&w=400&s=zChjUjeY6x2C7EIMaxgtIWnA&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewADXXICHkxrAAFRu8OjsMStkraaigP-oQ&u=%7C53p4L%2Bu0rWNeNOTdpoEapHDst9Y9WVczfBlGGQUdgZ8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XQ0-yw8NmxFGL_UnDcLO3UySnFSdUVgWANakzpgPUeta3Dy4CP1u-c5o_1uKljUG0hjirO8NdI8MKYmcR_tFnZMBgXQ5J6xrYRc-Nh8OndtdIaAP3DROvFmevssvQpM-kxCADcFkDLubQ5lIDrHphA96olCiXTOsBq8li2-BfvmHn7XLC3Z90ohVsxlji-n3iStS96-ixn4EWVByjTy4UkJUXAtfk3GchJVdYU5YevWUB66KK1WI4MpFbfIPtPm-AnlcbXCgDkvcHJT0MPOFVoBmL1dNxnLk_pOoOp77MdIFr0H_1tt3QZQyA_gZrTAe7KxkjfGnO-iIHjvnuEzAqN1AJhoOTvcmxs4vQKO78q1sY0ks8v0H8hWqCdgS9wcon7rzwF4pjvhE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC52Aqe5gzYvK6DeuY-cAPu6OFkA7JntKxXM3x4t2IAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBOcBT9DmDDtdxphOqGelRqfklzHYnrdlFYz7cDJHMcR1cVRXdq4Z5jzGumiiPkdj3GuvdHgAly6HDGZikrmNWY8KqPraawYy8jjc7PhC4QYIS3NF5FIcl4vPqHbFE-FixzfkVABpsjkwYZks549UYbAEZt4GNsV1okfOdh_4Rgx8MKu_WQrD1a-0sGRXRU30VtAG42IV0pY7v7pGvngvY4hbhesJow617OuAQavW2O1820POkluQmMoq4XP4jjrwuyH2p5fZSNR_9j8CE4PbkoWEhXCg7x-T7ShXS30_YFhs3Qy1HrIKg9-LgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0ydKr-MGoAOCm_-VOZZ9EEyw7w4A%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
6ebf6e3119f960929b7dfc03c768bc514a80964aaaec1f73fee86c64eb1b6c71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2071633
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
5186
expires
Sun, 10 Apr 2022 19:49:33 GMT
img
pix.eu.criteo.net/img/ Frame B6C6 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FZ%2FlogoZEISS-3427DE.gif%3Feb%3D1&v=3&w=400&s=57jpJpXqQqO6aPmte_wy5ihf&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewADXXICHkxrAAFRu8OjsMStkraaigP-oQ&u=%7C53p4L%2Bu0rWNeNOTdpoEapHDst9Y9WVczfBlGGQUdgZ8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XQ0-yw8NmxFGL_UnDcLO3UySnFSdUVgWANakzpgPUeta3Dy4CP1u-c5o_1uKljUG0hjirO8NdI8MKYmcR_tFnZMBgXQ5J6xrYRc-Nh8OndtdIaAP3DROvFmevssvQpM-kxCADcFkDLubQ5lIDrHphA96olCiXTOsBq8li2-BfvmHn7XLC3Z90ohVsxlji-n3iStS96-ixn4EWVByjTy4UkJUXAtfk3GchJVdYU5YevWUB66KK1WI4MpFbfIPtPm-AnlcbXCgDkvcHJT0MPOFVoBmL1dNxnLk_pOoOp77MdIFr0H_1tt3QZQyA_gZrTAe7KxkjfGnO-iIHjvnuEzAqN1AJhoOTvcmxs4vQKO78q1sY0ks8v0H8hWqCdgS9wcon7rzwF4pjvhE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC52Aqe5gzYvK6DeuY-cAPu6OFkA7JntKxXM3x4t2IAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBOcBT9DmDDtdxphOqGelRqfklzHYnrdlFYz7cDJHMcR1cVRXdq4Z5jzGumiiPkdj3GuvdHgAly6HDGZikrmNWY8KqPraawYy8jjc7PhC4QYIS3NF5FIcl4vPqHbFE-FixzfkVABpsjkwYZks549UYbAEZt4GNsV1okfOdh_4Rgx8MKu_WQrD1a-0sGRXRU30VtAG42IV0pY7v7pGvngvY4hbhesJow617OuAQavW2O1820POkluQmMoq4XP4jjrwuyH2p5fZSNR_9j8CE4PbkoWEhXCg7x-T7ShXS30_YFhs3Qy1HrIKg9-LgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0ydKr-MGoAOCm_-VOZZ9EEyw7w4A%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
a6c11502463f3445d37d3184cef1016bb3c77dbc12b88636788632bfe5e87b98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2561901
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1244
expires
Sat, 16 Apr 2022 12:00:42 GMT
img
pix.eu.criteo.net/img/ Frame B6C6 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F8%2FlogoCapgemini-Invent-22500DE-2108181202.gif%3Feb%3D1&v=3&w=400&s=PFekcj3JZYAeSQ7huNKuc3SC&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewADXXICHkxrAAFRu8OjsMStkraaigP-oQ&u=%7C53p4L%2Bu0rWNeNOTdpoEapHDst9Y9WVczfBlGGQUdgZ8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XQ0-yw8NmxFGL_UnDcLO3UySnFSdUVgWANakzpgPUeta3Dy4CP1u-c5o_1uKljUG0hjirO8NdI8MKYmcR_tFnZMBgXQ5J6xrYRc-Nh8OndtdIaAP3DROvFmevssvQpM-kxCADcFkDLubQ5lIDrHphA96olCiXTOsBq8li2-BfvmHn7XLC3Z90ohVsxlji-n3iStS96-ixn4EWVByjTy4UkJUXAtfk3GchJVdYU5YevWUB66KK1WI4MpFbfIPtPm-AnlcbXCgDkvcHJT0MPOFVoBmL1dNxnLk_pOoOp77MdIFr0H_1tt3QZQyA_gZrTAe7KxkjfGnO-iIHjvnuEzAqN1AJhoOTvcmxs4vQKO78q1sY0ks8v0H8hWqCdgS9wcon7rzwF4pjvhE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC52Aqe5gzYvK6DeuY-cAPu6OFkA7JntKxXM3x4t2IAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBOcBT9DmDDtdxphOqGelRqfklzHYnrdlFYz7cDJHMcR1cVRXdq4Z5jzGumiiPkdj3GuvdHgAly6HDGZikrmNWY8KqPraawYy8jjc7PhC4QYIS3NF5FIcl4vPqHbFE-FixzfkVABpsjkwYZks549UYbAEZt4GNsV1okfOdh_4Rgx8MKu_WQrD1a-0sGRXRU30VtAG42IV0pY7v7pGvngvY4hbhesJow617OuAQavW2O1820POkluQmMoq4XP4jjrwuyH2p5fZSNR_9j8CE4PbkoWEhXCg7x-T7ShXS30_YFhs3Qy1HrIKg9-LgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0ydKr-MGoAOCm_-VOZZ9EEyw7w4A%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
28dd16c670efe7d607a46f8232d78b0c8470d2b9395042a6cd18254f6fcc4199
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2195473
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1482
expires
Tue, 12 Apr 2022 06:13:33 GMT
img
pix.eu.criteo.net/img/ Frame B6C6 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FR%2FlogoRohde-Schwarz-Cybersecurity-GmbH-171555DE.gif%3Feb%3D1&v=3&w=400&s=qv2CTmtIW0KgtnhgJOFkv3GY&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewADXXICHkxrAAFRu8OjsMStkraaigP-oQ&u=%7C53p4L%2Bu0rWNeNOTdpoEapHDst9Y9WVczfBlGGQUdgZ8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XQ0-yw8NmxFGL_UnDcLO3UySnFSdUVgWANakzpgPUeta3Dy4CP1u-c5o_1uKljUG0hjirO8NdI8MKYmcR_tFnZMBgXQ5J6xrYRc-Nh8OndtdIaAP3DROvFmevssvQpM-kxCADcFkDLubQ5lIDrHphA96olCiXTOsBq8li2-BfvmHn7XLC3Z90ohVsxlji-n3iStS96-ixn4EWVByjTy4UkJUXAtfk3GchJVdYU5YevWUB66KK1WI4MpFbfIPtPm-AnlcbXCgDkvcHJT0MPOFVoBmL1dNxnLk_pOoOp77MdIFr0H_1tt3QZQyA_gZrTAe7KxkjfGnO-iIHjvnuEzAqN1AJhoOTvcmxs4vQKO78q1sY0ks8v0H8hWqCdgS9wcon7rzwF4pjvhE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC52Aqe5gzYvK6DeuY-cAPu6OFkA7JntKxXM3x4t2IAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBOcBT9DmDDtdxphOqGelRqfklzHYnrdlFYz7cDJHMcR1cVRXdq4Z5jzGumiiPkdj3GuvdHgAly6HDGZikrmNWY8KqPraawYy8jjc7PhC4QYIS3NF5FIcl4vPqHbFE-FixzfkVABpsjkwYZks549UYbAEZt4GNsV1okfOdh_4Rgx8MKu_WQrD1a-0sGRXRU30VtAG42IV0pY7v7pGvngvY4hbhesJow617OuAQavW2O1820POkluQmMoq4XP4jjrwuyH2p5fZSNR_9j8CE4PbkoWEhXCg7x-T7ShXS30_YFhs3Qy1HrIKg9-LgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0ydKr-MGoAOCm_-VOZZ9EEyw7w4A%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
31844a6a9bdbed5ea86ca5f91a6837fdf9fad712f9f163a98d2f053b6727efcc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2135229
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1066
expires
Mon, 11 Apr 2022 13:29:29 GMT
img
pix.eu.criteo.net/img/ Frame B6C6 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FE%2FlogoEnergiequelle-GmbH-68961DE.gif%3Feb%3D1&v=3&w=400&s=De3iQUblG-UpuaDmzQhrdtLw&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewADXXICHkxrAAFRu8OjsMStkraaigP-oQ&u=%7C53p4L%2Bu0rWNeNOTdpoEapHDst9Y9WVczfBlGGQUdgZ8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XQ0-yw8NmxFGL_UnDcLO3UySnFSdUVgWANakzpgPUeta3Dy4CP1u-c5o_1uKljUG0hjirO8NdI8MKYmcR_tFnZMBgXQ5J6xrYRc-Nh8OndtdIaAP3DROvFmevssvQpM-kxCADcFkDLubQ5lIDrHphA96olCiXTOsBq8li2-BfvmHn7XLC3Z90ohVsxlji-n3iStS96-ixn4EWVByjTy4UkJUXAtfk3GchJVdYU5YevWUB66KK1WI4MpFbfIPtPm-AnlcbXCgDkvcHJT0MPOFVoBmL1dNxnLk_pOoOp77MdIFr0H_1tt3QZQyA_gZrTAe7KxkjfGnO-iIHjvnuEzAqN1AJhoOTvcmxs4vQKO78q1sY0ks8v0H8hWqCdgS9wcon7rzwF4pjvhE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC52Aqe5gzYvK6DeuY-cAPu6OFkA7JntKxXM3x4t2IAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBOcBT9DmDDtdxphOqGelRqfklzHYnrdlFYz7cDJHMcR1cVRXdq4Z5jzGumiiPkdj3GuvdHgAly6HDGZikrmNWY8KqPraawYy8jjc7PhC4QYIS3NF5FIcl4vPqHbFE-FixzfkVABpsjkwYZks549UYbAEZt4GNsV1okfOdh_4Rgx8MKu_WQrD1a-0sGRXRU30VtAG42IV0pY7v7pGvngvY4hbhesJow617OuAQavW2O1820POkluQmMoq4XP4jjrwuyH2p5fZSNR_9j8CE4PbkoWEhXCg7x-T7ShXS30_YFhs3Qy1HrIKg9-LgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0ydKr-MGoAOCm_-VOZZ9EEyw7w4A%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e8674372b3d629c4eb40e69746fad5cf5c7f60b258ba101b7bc29c1a95f8bdc7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2374241
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1086
expires
Thu, 14 Apr 2022 07:53:02 GMT
img
pix.eu.criteo.net/img/ Frame B6C6 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FM%2FlogoMentz-GmbH-5081DE.gif%3Feb%3D1&v=3&w=400&s=fyhRrpwKVWPakqLBQR0HYTwT&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewADXXICHkxrAAFRu8OjsMStkraaigP-oQ&u=%7C53p4L%2Bu0rWNeNOTdpoEapHDst9Y9WVczfBlGGQUdgZ8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XQ0-yw8NmxFGL_UnDcLO3UySnFSdUVgWANakzpgPUeta3Dy4CP1u-c5o_1uKljUG0hjirO8NdI8MKYmcR_tFnZMBgXQ5J6xrYRc-Nh8OndtdIaAP3DROvFmevssvQpM-kxCADcFkDLubQ5lIDrHphA96olCiXTOsBq8li2-BfvmHn7XLC3Z90ohVsxlji-n3iStS96-ixn4EWVByjTy4UkJUXAtfk3GchJVdYU5YevWUB66KK1WI4MpFbfIPtPm-AnlcbXCgDkvcHJT0MPOFVoBmL1dNxnLk_pOoOp77MdIFr0H_1tt3QZQyA_gZrTAe7KxkjfGnO-iIHjvnuEzAqN1AJhoOTvcmxs4vQKO78q1sY0ks8v0H8hWqCdgS9wcon7rzwF4pjvhE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC52Aqe5gzYvK6DeuY-cAPu6OFkA7JntKxXM3x4t2IAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBOcBT9DmDDtdxphOqGelRqfklzHYnrdlFYz7cDJHMcR1cVRXdq4Z5jzGumiiPkdj3GuvdHgAly6HDGZikrmNWY8KqPraawYy8jjc7PhC4QYIS3NF5FIcl4vPqHbFE-FixzfkVABpsjkwYZks549UYbAEZt4GNsV1okfOdh_4Rgx8MKu_WQrD1a-0sGRXRU30VtAG42IV0pY7v7pGvngvY4hbhesJow617OuAQavW2O1820POkluQmMoq4XP4jjrwuyH2p5fZSNR_9j8CE4PbkoWEhXCg7x-T7ShXS30_YFhs3Qy1HrIKg9-LgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0ydKr-MGoAOCm_-VOZZ9EEyw7w4A%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
5e5f0023ff8c856e2b49c920083d43fc49ed56de5501a4bc5a2b86afbd1cde55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=662091
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1404
expires
Fri, 25 Mar 2022 12:17:12 GMT
img
pix.eu.criteo.net/img/ Frame B6C6 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoDr._Oetker_Tiefk%25C3%25BChlprodukte_KG_Wittlich_69120DE.gif%3Feb%3D1&v=3&w=400&s=OMxEI_EPnsWhT0o5hg80Ua7h&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewADXXICHkxrAAFRu8OjsMStkraaigP-oQ&u=%7C53p4L%2Bu0rWNeNOTdpoEapHDst9Y9WVczfBlGGQUdgZ8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XQ0-yw8NmxFGL_UnDcLO3UySnFSdUVgWANakzpgPUeta3Dy4CP1u-c5o_1uKljUG0hjirO8NdI8MKYmcR_tFnZMBgXQ5J6xrYRc-Nh8OndtdIaAP3DROvFmevssvQpM-kxCADcFkDLubQ5lIDrHphA96olCiXTOsBq8li2-BfvmHn7XLC3Z90ohVsxlji-n3iStS96-ixn4EWVByjTy4UkJUXAtfk3GchJVdYU5YevWUB66KK1WI4MpFbfIPtPm-AnlcbXCgDkvcHJT0MPOFVoBmL1dNxnLk_pOoOp77MdIFr0H_1tt3QZQyA_gZrTAe7KxkjfGnO-iIHjvnuEzAqN1AJhoOTvcmxs4vQKO78q1sY0ks8v0H8hWqCdgS9wcon7rzwF4pjvhE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC52Aqe5gzYvK6DeuY-cAPu6OFkA7JntKxXM3x4t2IAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBOcBT9DmDDtdxphOqGelRqfklzHYnrdlFYz7cDJHMcR1cVRXdq4Z5jzGumiiPkdj3GuvdHgAly6HDGZikrmNWY8KqPraawYy8jjc7PhC4QYIS3NF5FIcl4vPqHbFE-FixzfkVABpsjkwYZks549UYbAEZt4GNsV1okfOdh_4Rgx8MKu_WQrD1a-0sGRXRU30VtAG42IV0pY7v7pGvngvY4hbhesJow617OuAQavW2O1820POkluQmMoq4XP4jjrwuyH2p5fZSNR_9j8CE4PbkoWEhXCg7x-T7ShXS30_YFhs3Qy1HrIKg9-LgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0ydKr-MGoAOCm_-VOZZ9EEyw7w4A%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
edde818ca482b250fccc4de7d39fdcb1ef84160168fbb746861b18510b7d06a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
2324
expires
Sun, 12 Mar 2023 20:22:20 GMT
img
pix.eu.criteo.net/img/ Frame B6C6 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F9%2FlogoB-S-GmbH-Logistik-und-Dienstleistungen-102868DE-2005221026.gif%3Feb%3D1&v=3&w=400&s=x8LJwOgK24se6SXZtiiubrAc&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewADXXICHkxrAAFRu8OjsMStkraaigP-oQ&u=%7C53p4L%2Bu0rWNeNOTdpoEapHDst9Y9WVczfBlGGQUdgZ8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XQ0-yw8NmxFGL_UnDcLO3UySnFSdUVgWANakzpgPUeta3Dy4CP1u-c5o_1uKljUG0hjirO8NdI8MKYmcR_tFnZMBgXQ5J6xrYRc-Nh8OndtdIaAP3DROvFmevssvQpM-kxCADcFkDLubQ5lIDrHphA96olCiXTOsBq8li2-BfvmHn7XLC3Z90ohVsxlji-n3iStS96-ixn4EWVByjTy4UkJUXAtfk3GchJVdYU5YevWUB66KK1WI4MpFbfIPtPm-AnlcbXCgDkvcHJT0MPOFVoBmL1dNxnLk_pOoOp77MdIFr0H_1tt3QZQyA_gZrTAe7KxkjfGnO-iIHjvnuEzAqN1AJhoOTvcmxs4vQKO78q1sY0ks8v0H8hWqCdgS9wcon7rzwF4pjvhE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC52Aqe5gzYvK6DeuY-cAPu6OFkA7JntKxXM3x4t2IAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBOcBT9DmDDtdxphOqGelRqfklzHYnrdlFYz7cDJHMcR1cVRXdq4Z5jzGumiiPkdj3GuvdHgAly6HDGZikrmNWY8KqPraawYy8jjc7PhC4QYIS3NF5FIcl4vPqHbFE-FixzfkVABpsjkwYZks549UYbAEZt4GNsV1okfOdh_4Rgx8MKu_WQrD1a-0sGRXRU30VtAG42IV0pY7v7pGvngvY4hbhesJow617OuAQavW2O1820POkluQmMoq4XP4jjrwuyH2p5fZSNR_9j8CE4PbkoWEhXCg7x-T7ShXS30_YFhs3Qy1HrIKg9-LgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0ydKr-MGoAOCm_-VOZZ9EEyw7w4A%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
6e0a3942f9b558837e55277eb4079684a5a275fd7a24a48ba5efcae25a33f48c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2208260
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
7262
expires
Tue, 12 Apr 2022 09:46:40 GMT
img
pix.eu.criteo.net/img/ Frame B6C6 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=116&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=594&s=ycJ8ub5V80MX6v5QX8ija4PL
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewADXXICHkxrAAFRu8OjsMStkraaigP-oQ&u=%7C53p4L%2Bu0rWNeNOTdpoEapHDst9Y9WVczfBlGGQUdgZ8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XQ0-yw8NmxFGL_UnDcLO3UySnFSdUVgWANakzpgPUeta3Dy4CP1u-c5o_1uKljUG0hjirO8NdI8MKYmcR_tFnZMBgXQ5J6xrYRc-Nh8OndtdIaAP3DROvFmevssvQpM-kxCADcFkDLubQ5lIDrHphA96olCiXTOsBq8li2-BfvmHn7XLC3Z90ohVsxlji-n3iStS96-ixn4EWVByjTy4UkJUXAtfk3GchJVdYU5YevWUB66KK1WI4MpFbfIPtPm-AnlcbXCgDkvcHJT0MPOFVoBmL1dNxnLk_pOoOp77MdIFr0H_1tt3QZQyA_gZrTAe7KxkjfGnO-iIHjvnuEzAqN1AJhoOTvcmxs4vQKO78q1sY0ks8v0H8hWqCdgS9wcon7rzwF4pjvhE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC52Aqe5gzYvK6DeuY-cAPu6OFkA7JntKxXM3x4t2IAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBOcBT9DmDDtdxphOqGelRqfklzHYnrdlFYz7cDJHMcR1cVRXdq4Z5jzGumiiPkdj3GuvdHgAly6HDGZikrmNWY8KqPraawYy8jjc7PhC4QYIS3NF5FIcl4vPqHbFE-FixzfkVABpsjkwYZks549UYbAEZt4GNsV1okfOdh_4Rgx8MKu_WQrD1a-0sGRXRU30VtAG42IV0pY7v7pGvngvY4hbhesJow617OuAQavW2O1820POkluQmMoq4XP4jjrwuyH2p5fZSNR_9j8CE4PbkoWEhXCg7x-T7ShXS30_YFhs3Qy1HrIKg9-LgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0ydKr-MGoAOCm_-VOZZ9EEyw7w4A%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
83b19de212ca6202b9339b9c3ad8b16c1775d34cc7663631c12cffbdcdacb8e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28989767
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
19171
expires
Thu, 16 Feb 2023 09:05:07 GMT
img
pix.eu.criteo.net/img/ Frame B6C6 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoRheinmetall-Group-1262DE-2101221907.gif%3Feb%3D1&v=3&w=400&s=TW6-M6NoE1cuB36irgUkZ_Qy&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewADXXICHkxrAAFRu8OjsMStkraaigP-oQ&u=%7C53p4L%2Bu0rWNeNOTdpoEapHDst9Y9WVczfBlGGQUdgZ8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XQ0-yw8NmxFGL_UnDcLO3UySnFSdUVgWANakzpgPUeta3Dy4CP1u-c5o_1uKljUG0hjirO8NdI8MKYmcR_tFnZMBgXQ5J6xrYRc-Nh8OndtdIaAP3DROvFmevssvQpM-kxCADcFkDLubQ5lIDrHphA96olCiXTOsBq8li2-BfvmHn7XLC3Z90ohVsxlji-n3iStS96-ixn4EWVByjTy4UkJUXAtfk3GchJVdYU5YevWUB66KK1WI4MpFbfIPtPm-AnlcbXCgDkvcHJT0MPOFVoBmL1dNxnLk_pOoOp77MdIFr0H_1tt3QZQyA_gZrTAe7KxkjfGnO-iIHjvnuEzAqN1AJhoOTvcmxs4vQKO78q1sY0ks8v0H8hWqCdgS9wcon7rzwF4pjvhE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC52Aqe5gzYvK6DeuY-cAPu6OFkA7JntKxXM3x4t2IAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBOcBT9DmDDtdxphOqGelRqfklzHYnrdlFYz7cDJHMcR1cVRXdq4Z5jzGumiiPkdj3GuvdHgAly6HDGZikrmNWY8KqPraawYy8jjc7PhC4QYIS3NF5FIcl4vPqHbFE-FixzfkVABpsjkwYZks549UYbAEZt4GNsV1okfOdh_4Rgx8MKu_WQrD1a-0sGRXRU30VtAG42IV0pY7v7pGvngvY4hbhesJow617OuAQavW2O1820POkluQmMoq4XP4jjrwuyH2p5fZSNR_9j8CE4PbkoWEhXCg7x-T7ShXS30_YFhs3Qy1HrIKg9-LgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0ydKr-MGoAOCm_-VOZZ9EEyw7w4A%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
cc5e65f3bf4a6f565b2e549b9b401450a1e7d283ffe50dd4a906b5375808b851
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=160
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
2446
expires
Thu, 17 Mar 2022 20:25:00 GMT
all
csm.eu.criteo.net/ Frame B6C6 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=zxYkBH8m309QXgpd0RRaYyae52bcYI7fovUwOgbiwloIx9nmthzS7p-tHXev5NHOPxPxaknuaH5ZQmnMvi509Bt3S83ACzcUf_UYwL-zhMd0J_J19UtjpJm6hZJXM_3wfE3LfP4ZlN0RNyzCdQyIKqa6FSkDC3Wbwr-PLs4yjwCK7StS6mSSJ5HCq3HPYUBW6NbzD_GUY6qe1yvJVCLec7bWSKbXXi2kJfte7buQPtdDqgdgYXGhZOPdmhbj7roi5YSfvg&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewADXXICHkxrAAFRu8OjsMStkraaigP-oQ&u=%7C53p4L%2Bu0rWNeNOTdpoEapHDst9Y9WVczfBlGGQUdgZ8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XQ0-yw8NmxFGL_UnDcLO3UySnFSdUVgWANakzpgPUeta3Dy4CP1u-c5o_1uKljUG0hjirO8NdI8MKYmcR_tFnZMBgXQ5J6xrYRc-Nh8OndtdIaAP3DROvFmevssvQpM-kxCADcFkDLubQ5lIDrHphA96olCiXTOsBq8li2-BfvmHn7XLC3Z90ohVsxlji-n3iStS96-ixn4EWVByjTy4UkJUXAtfk3GchJVdYU5YevWUB66KK1WI4MpFbfIPtPm-AnlcbXCgDkvcHJT0MPOFVoBmL1dNxnLk_pOoOp77MdIFr0H_1tt3QZQyA_gZrTAe7KxkjfGnO-iIHjvnuEzAqN1AJhoOTvcmxs4vQKO78q1sY0ks8v0H8hWqCdgS9wcon7rzwF4pjvhE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC52Aqe5gzYvK6DeuY-cAPu6OFkA7JntKxXM3x4t2IAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBOcBT9DmDDtdxphOqGelRqfklzHYnrdlFYz7cDJHMcR1cVRXdq4Z5jzGumiiPkdj3GuvdHgAly6HDGZikrmNWY8KqPraawYy8jjc7PhC4QYIS3NF5FIcl4vPqHbFE-FixzfkVABpsjkwYZks549UYbAEZt4GNsV1okfOdh_4Rgx8MKu_WQrD1a-0sGRXRU30VtAG42IV0pY7v7pGvngvY4hbhesJow617OuAQavW2O1820POkluQmMoq4XP4jjrwuyH2p5fZSNR_9j8CE4PbkoWEhXCg7x-T7ShXS30_YFhs3Qy1HrIKg9-LgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0ydKr-MGoAOCm_-VOZZ9EEyw7w4A%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 17 Mar 2022 20:22:20 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame B6C6 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewADXXICHkxrAAFRu8OjsMStkraaigP-oQ&u=%7C53p4L%2Bu0rWNeNOTdpoEapHDst9Y9WVczfBlGGQUdgZ8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XQ0-yw8NmxFGL_UnDcLO3UySnFSdUVgWANakzpgPUeta3Dy4CP1u-c5o_1uKljUG0hjirO8NdI8MKYmcR_tFnZMBgXQ5J6xrYRc-Nh8OndtdIaAP3DROvFmevssvQpM-kxCADcFkDLubQ5lIDrHphA96olCiXTOsBq8li2-BfvmHn7XLC3Z90ohVsxlji-n3iStS96-ixn4EWVByjTy4UkJUXAtfk3GchJVdYU5YevWUB66KK1WI4MpFbfIPtPm-AnlcbXCgDkvcHJT0MPOFVoBmL1dNxnLk_pOoOp77MdIFr0H_1tt3QZQyA_gZrTAe7KxkjfGnO-iIHjvnuEzAqN1AJhoOTvcmxs4vQKO78q1sY0ks8v0H8hWqCdgS9wcon7rzwF4pjvhE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC52Aqe5gzYvK6DeuY-cAPu6OFkA7JntKxXM3x4t2IAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBOcBT9DmDDtdxphOqGelRqfklzHYnrdlFYz7cDJHMcR1cVRXdq4Z5jzGumiiPkdj3GuvdHgAly6HDGZikrmNWY8KqPraawYy8jjc7PhC4QYIS3NF5FIcl4vPqHbFE-FixzfkVABpsjkwYZks549UYbAEZt4GNsV1okfOdh_4Rgx8MKu_WQrD1a-0sGRXRU30VtAG42IV0pY7v7pGvngvY4hbhesJow617OuAQavW2O1820POkluQmMoq4XP4jjrwuyH2p5fZSNR_9j8CE4PbkoWEhXCg7x-T7ShXS30_YFhs3Qy1HrIKg9-LgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0ydKr-MGoAOCm_-VOZZ9EEyw7w4A%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Mar 2023 20:22:20 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame B6C6 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewADXXICHkxrAAFRu8OjsMStkraaigP-oQ&u=%7C53p4L%2Bu0rWNeNOTdpoEapHDst9Y9WVczfBlGGQUdgZ8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XQ0-yw8NmxFGL_UnDcLO3UySnFSdUVgWANakzpgPUeta3Dy4CP1u-c5o_1uKljUG0hjirO8NdI8MKYmcR_tFnZMBgXQ5J6xrYRc-Nh8OndtdIaAP3DROvFmevssvQpM-kxCADcFkDLubQ5lIDrHphA96olCiXTOsBq8li2-BfvmHn7XLC3Z90ohVsxlji-n3iStS96-ixn4EWVByjTy4UkJUXAtfk3GchJVdYU5YevWUB66KK1WI4MpFbfIPtPm-AnlcbXCgDkvcHJT0MPOFVoBmL1dNxnLk_pOoOp77MdIFr0H_1tt3QZQyA_gZrTAe7KxkjfGnO-iIHjvnuEzAqN1AJhoOTvcmxs4vQKO78q1sY0ks8v0H8hWqCdgS9wcon7rzwF4pjvhE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC52Aqe5gzYvK6DeuY-cAPu6OFkA7JntKxXM3x4t2IAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBOcBT9DmDDtdxphOqGelRqfklzHYnrdlFYz7cDJHMcR1cVRXdq4Z5jzGumiiPkdj3GuvdHgAly6HDGZikrmNWY8KqPraawYy8jjc7PhC4QYIS3NF5FIcl4vPqHbFE-FixzfkVABpsjkwYZks549UYbAEZt4GNsV1okfOdh_4Rgx8MKu_WQrD1a-0sGRXRU30VtAG42IV0pY7v7pGvngvY4hbhesJow617OuAQavW2O1820POkluQmMoq4XP4jjrwuyH2p5fZSNR_9j8CE4PbkoWEhXCg7x-T7ShXS30_YFhs3Qy1HrIKg9-LgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0ydKr-MGoAOCm_-VOZZ9EEyw7w4A%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Mar 2023 20:22:20 GMT
animejs.js
static.criteo.net/animejs/ Frame C318 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEBRgKwl6LAAKEXv664g0NaSbCJWcKyQ&u=%7C53p4L%2Bu0rWOz40uVORlbv9jHVFGy189UnSy90Gbl0dA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKywk3aerMLAZFsyz9DD3N0k1--LnXBitkMdeKTnUxXH-3iNVHErUWUFog4Xp6U3xcnVV4X8sI9s0oqlRGvaA5qebco6zguNpaYxSy4dJ2s9eC5-5snf4ikswnEgqm0RJN-rrR8FsiTKpzgq9eBwp9LIsJ5v-7J1U8aaxKkImkoX8fMVAHxyJqP7FajKpkP5oadx7cG947pMjTADfpHgvygaGtbKwhBq5immos8cr0fMnA4WfcjzHeH-aoirTW7lBkXgriN7_cwZ3pSu7J2oUw1P62W7EC5eVpMjCWuB0ILhYqUG642NscMcRRVw8g0MnQcZUH2M1DSgC1mcXVcg15RKoOUbfRPv9PaNTMfufnOCc9El0XbQik1nkJ1PpHMBJm5LBPJ_nJv7K3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCluXNe5gzYpiKEIu9iQbeiArJntKxXLWY49aTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBOkBT9D_DEO3-tH1QI137xX8ZJlO8jTLmr0MPUae-AwoZOhSE4cmZZXEVqs6ibt-ZUSHRkcu5rHwggLHSvVG5WRJWIG8mC-thCscu-YjBqQMPTTMpp5s8dhXqeK5T_MIa9zL2CSsaAldd2HmRNtHUn8cqBYC23g8g52qL7zashZhMSEz8xjDmHAA06Uwpw47sUK9EQK70QYPsvN-9f_ewcf35ahYD5usKTYKQhPjW8S0q0Ou9OtolXyL4LhYGA8-T5Jw33Epgcl-8U9xd1Rp4ODjgz_n52KTccVhIijhBf_q7386P_i20JsmeBKABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_26XfUpxHuy4m_QhzKj6jNfTc9A7Q%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Mar 2023 20:22:20 GMT
img
pix.eu.criteo.net/img/ Frame C318 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=396&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F79f2c646e3f74b54931cff1f39d769d0_blue.png&v=3&w=196&s=VeFegqT8bXFJP1TUO2R8q-fm
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEBRgKwl6LAAKEXv664g0NaSbCJWcKyQ&u=%7C53p4L%2Bu0rWOz40uVORlbv9jHVFGy189UnSy90Gbl0dA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKywk3aerMLAZFsyz9DD3N0k1--LnXBitkMdeKTnUxXH-3iNVHErUWUFog4Xp6U3xcnVV4X8sI9s0oqlRGvaA5qebco6zguNpaYxSy4dJ2s9eC5-5snf4ikswnEgqm0RJN-rrR8FsiTKpzgq9eBwp9LIsJ5v-7J1U8aaxKkImkoX8fMVAHxyJqP7FajKpkP5oadx7cG947pMjTADfpHgvygaGtbKwhBq5immos8cr0fMnA4WfcjzHeH-aoirTW7lBkXgriN7_cwZ3pSu7J2oUw1P62W7EC5eVpMjCWuB0ILhYqUG642NscMcRRVw8g0MnQcZUH2M1DSgC1mcXVcg15RKoOUbfRPv9PaNTMfufnOCc9El0XbQik1nkJ1PpHMBJm5LBPJ_nJv7K3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCluXNe5gzYpiKEIu9iQbeiArJntKxXLWY49aTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBOkBT9D_DEO3-tH1QI137xX8ZJlO8jTLmr0MPUae-AwoZOhSE4cmZZXEVqs6ibt-ZUSHRkcu5rHwggLHSvVG5WRJWIG8mC-thCscu-YjBqQMPTTMpp5s8dhXqeK5T_MIa9zL2CSsaAldd2HmRNtHUn8cqBYC23g8g52qL7zashZhMSEz8xjDmHAA06Uwpw47sUK9EQK70QYPsvN-9f_ewcf35ahYD5usKTYKQhPjW8S0q0Ou9OtolXyL4LhYGA8-T5Jw33Epgcl-8U9xd1Rp4ODjgz_n52KTccVhIijhBf_q7386P_i20JsmeBKABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_26XfUpxHuy4m_QhzKj6jNfTc9A7Q%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
bfcd7a262745ac2a8520d46dbe261c5db424c001970e9ebe83c440bfb48454f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29522911
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
6722
expires
Wed, 22 Feb 2023 13:10:51 GMT
img
pix.eu.criteo.net/img/ Frame C318 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FT%2Flogotesa-SE-73709DE.gif%3Feb%3D1&v=3&w=400&s=x_XrGTJUeLDq-9DOX_IUad__&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEBRgKwl6LAAKEXv664g0NaSbCJWcKyQ&u=%7C53p4L%2Bu0rWOz40uVORlbv9jHVFGy189UnSy90Gbl0dA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKywk3aerMLAZFsyz9DD3N0k1--LnXBitkMdeKTnUxXH-3iNVHErUWUFog4Xp6U3xcnVV4X8sI9s0oqlRGvaA5qebco6zguNpaYxSy4dJ2s9eC5-5snf4ikswnEgqm0RJN-rrR8FsiTKpzgq9eBwp9LIsJ5v-7J1U8aaxKkImkoX8fMVAHxyJqP7FajKpkP5oadx7cG947pMjTADfpHgvygaGtbKwhBq5immos8cr0fMnA4WfcjzHeH-aoirTW7lBkXgriN7_cwZ3pSu7J2oUw1P62W7EC5eVpMjCWuB0ILhYqUG642NscMcRRVw8g0MnQcZUH2M1DSgC1mcXVcg15RKoOUbfRPv9PaNTMfufnOCc9El0XbQik1nkJ1PpHMBJm5LBPJ_nJv7K3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCluXNe5gzYpiKEIu9iQbeiArJntKxXLWY49aTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBOkBT9D_DEO3-tH1QI137xX8ZJlO8jTLmr0MPUae-AwoZOhSE4cmZZXEVqs6ibt-ZUSHRkcu5rHwggLHSvVG5WRJWIG8mC-thCscu-YjBqQMPTTMpp5s8dhXqeK5T_MIa9zL2CSsaAldd2HmRNtHUn8cqBYC23g8g52qL7zashZhMSEz8xjDmHAA06Uwpw47sUK9EQK70QYPsvN-9f_ewcf35ahYD5usKTYKQhPjW8S0q0Ou9OtolXyL4LhYGA8-T5Jw33Epgcl-8U9xd1Rp4ODjgz_n52KTccVhIijhBf_q7386P_i20JsmeBKABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_26XfUpxHuy4m_QhzKj6jNfTc9A7Q%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
1c4fe0cc424c39e9c4797b25e8a4fda45cf96ca81c0c5d799144e21fba76a477
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1982
expires
Sun, 12 Mar 2023 20:22:20 GMT
img
pix.eu.criteo.net/img/ Frame C318 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F2%2FlogoCoroplast-Fritz-Muller-GmbH-Co-KG-30584DE-2007220954.gif%3Feb%3D1&v=3&w=400&s=dDSl07gOS-0dwERLeszgubI9&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEBRgKwl6LAAKEXv664g0NaSbCJWcKyQ&u=%7C53p4L%2Bu0rWOz40uVORlbv9jHVFGy189UnSy90Gbl0dA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKywk3aerMLAZFsyz9DD3N0k1--LnXBitkMdeKTnUxXH-3iNVHErUWUFog4Xp6U3xcnVV4X8sI9s0oqlRGvaA5qebco6zguNpaYxSy4dJ2s9eC5-5snf4ikswnEgqm0RJN-rrR8FsiTKpzgq9eBwp9LIsJ5v-7J1U8aaxKkImkoX8fMVAHxyJqP7FajKpkP5oadx7cG947pMjTADfpHgvygaGtbKwhBq5immos8cr0fMnA4WfcjzHeH-aoirTW7lBkXgriN7_cwZ3pSu7J2oUw1P62W7EC5eVpMjCWuB0ILhYqUG642NscMcRRVw8g0MnQcZUH2M1DSgC1mcXVcg15RKoOUbfRPv9PaNTMfufnOCc9El0XbQik1nkJ1PpHMBJm5LBPJ_nJv7K3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCluXNe5gzYpiKEIu9iQbeiArJntKxXLWY49aTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBOkBT9D_DEO3-tH1QI137xX8ZJlO8jTLmr0MPUae-AwoZOhSE4cmZZXEVqs6ibt-ZUSHRkcu5rHwggLHSvVG5WRJWIG8mC-thCscu-YjBqQMPTTMpp5s8dhXqeK5T_MIa9zL2CSsaAldd2HmRNtHUn8cqBYC23g8g52qL7zashZhMSEz8xjDmHAA06Uwpw47sUK9EQK70QYPsvN-9f_ewcf35ahYD5usKTYKQhPjW8S0q0Ou9OtolXyL4LhYGA8-T5Jw33Epgcl-8U9xd1Rp4ODjgz_n52KTccVhIijhBf_q7386P_i20JsmeBKABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_26XfUpxHuy4m_QhzKj6jNfTc9A7Q%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
38fae82219b536c5750f7d9df69c2fe43bcc231b0d2ae3444704e095108f0c46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1001818
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
6352
expires
Tue, 29 Mar 2022 10:39:19 GMT
img
pix.eu.criteo.net/img/ Frame C318 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FM%2FlogoMentz-GmbH-5081DE.gif%3Feb%3D1&v=3&w=400&s=fyhRrpwKVWPakqLBQR0HYTwT&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEBRgKwl6LAAKEXv664g0NaSbCJWcKyQ&u=%7C53p4L%2Bu0rWOz40uVORlbv9jHVFGy189UnSy90Gbl0dA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKywk3aerMLAZFsyz9DD3N0k1--LnXBitkMdeKTnUxXH-3iNVHErUWUFog4Xp6U3xcnVV4X8sI9s0oqlRGvaA5qebco6zguNpaYxSy4dJ2s9eC5-5snf4ikswnEgqm0RJN-rrR8FsiTKpzgq9eBwp9LIsJ5v-7J1U8aaxKkImkoX8fMVAHxyJqP7FajKpkP5oadx7cG947pMjTADfpHgvygaGtbKwhBq5immos8cr0fMnA4WfcjzHeH-aoirTW7lBkXgriN7_cwZ3pSu7J2oUw1P62W7EC5eVpMjCWuB0ILhYqUG642NscMcRRVw8g0MnQcZUH2M1DSgC1mcXVcg15RKoOUbfRPv9PaNTMfufnOCc9El0XbQik1nkJ1PpHMBJm5LBPJ_nJv7K3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCluXNe5gzYpiKEIu9iQbeiArJntKxXLWY49aTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBOkBT9D_DEO3-tH1QI137xX8ZJlO8jTLmr0MPUae-AwoZOhSE4cmZZXEVqs6ibt-ZUSHRkcu5rHwggLHSvVG5WRJWIG8mC-thCscu-YjBqQMPTTMpp5s8dhXqeK5T_MIa9zL2CSsaAldd2HmRNtHUn8cqBYC23g8g52qL7zashZhMSEz8xjDmHAA06Uwpw47sUK9EQK70QYPsvN-9f_ewcf35ahYD5usKTYKQhPjW8S0q0Ou9OtolXyL4LhYGA8-T5Jw33Epgcl-8U9xd1Rp4ODjgz_n52KTccVhIijhBf_q7386P_i20JsmeBKABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_26XfUpxHuy4m_QhzKj6jNfTc9A7Q%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
5e5f0023ff8c856e2b49c920083d43fc49ed56de5501a4bc5a2b86afbd1cde55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=662091
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1404
expires
Fri, 25 Mar 2022 12:17:12 GMT
img
pix.eu.criteo.net/img/ Frame C318 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FE%2FlogoFALKENSERVICE-SECURITY-e-K-290081DE-2202081350.gif%3Feb%3D1&v=3&w=400&s=zChjUjeY6x2C7EIMaxgtIWnA&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEBRgKwl6LAAKEXv664g0NaSbCJWcKyQ&u=%7C53p4L%2Bu0rWOz40uVORlbv9jHVFGy189UnSy90Gbl0dA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKywk3aerMLAZFsyz9DD3N0k1--LnXBitkMdeKTnUxXH-3iNVHErUWUFog4Xp6U3xcnVV4X8sI9s0oqlRGvaA5qebco6zguNpaYxSy4dJ2s9eC5-5snf4ikswnEgqm0RJN-rrR8FsiTKpzgq9eBwp9LIsJ5v-7J1U8aaxKkImkoX8fMVAHxyJqP7FajKpkP5oadx7cG947pMjTADfpHgvygaGtbKwhBq5immos8cr0fMnA4WfcjzHeH-aoirTW7lBkXgriN7_cwZ3pSu7J2oUw1P62W7EC5eVpMjCWuB0ILhYqUG642NscMcRRVw8g0MnQcZUH2M1DSgC1mcXVcg15RKoOUbfRPv9PaNTMfufnOCc9El0XbQik1nkJ1PpHMBJm5LBPJ_nJv7K3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCluXNe5gzYpiKEIu9iQbeiArJntKxXLWY49aTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBOkBT9D_DEO3-tH1QI137xX8ZJlO8jTLmr0MPUae-AwoZOhSE4cmZZXEVqs6ibt-ZUSHRkcu5rHwggLHSvVG5WRJWIG8mC-thCscu-YjBqQMPTTMpp5s8dhXqeK5T_MIa9zL2CSsaAldd2HmRNtHUn8cqBYC23g8g52qL7zashZhMSEz8xjDmHAA06Uwpw47sUK9EQK70QYPsvN-9f_ewcf35ahYD5usKTYKQhPjW8S0q0Ou9OtolXyL4LhYGA8-T5Jw33Epgcl-8U9xd1Rp4ODjgz_n52KTccVhIijhBf_q7386P_i20JsmeBKABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_26XfUpxHuy4m_QhzKj6jNfTc9A7Q%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
6ebf6e3119f960929b7dfc03c768bc514a80964aaaec1f73fee86c64eb1b6c71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2071633
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
5186
expires
Sun, 10 Apr 2022 19:49:33 GMT
img
pix.eu.criteo.net/img/ Frame C318 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FZ%2FlogoZEISS-3427DE.gif%3Feb%3D1&v=3&w=400&s=57jpJpXqQqO6aPmte_wy5ihf&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEBRgKwl6LAAKEXv664g0NaSbCJWcKyQ&u=%7C53p4L%2Bu0rWOz40uVORlbv9jHVFGy189UnSy90Gbl0dA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKywk3aerMLAZFsyz9DD3N0k1--LnXBitkMdeKTnUxXH-3iNVHErUWUFog4Xp6U3xcnVV4X8sI9s0oqlRGvaA5qebco6zguNpaYxSy4dJ2s9eC5-5snf4ikswnEgqm0RJN-rrR8FsiTKpzgq9eBwp9LIsJ5v-7J1U8aaxKkImkoX8fMVAHxyJqP7FajKpkP5oadx7cG947pMjTADfpHgvygaGtbKwhBq5immos8cr0fMnA4WfcjzHeH-aoirTW7lBkXgriN7_cwZ3pSu7J2oUw1P62W7EC5eVpMjCWuB0ILhYqUG642NscMcRRVw8g0MnQcZUH2M1DSgC1mcXVcg15RKoOUbfRPv9PaNTMfufnOCc9El0XbQik1nkJ1PpHMBJm5LBPJ_nJv7K3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCluXNe5gzYpiKEIu9iQbeiArJntKxXLWY49aTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBOkBT9D_DEO3-tH1QI137xX8ZJlO8jTLmr0MPUae-AwoZOhSE4cmZZXEVqs6ibt-ZUSHRkcu5rHwggLHSvVG5WRJWIG8mC-thCscu-YjBqQMPTTMpp5s8dhXqeK5T_MIa9zL2CSsaAldd2HmRNtHUn8cqBYC23g8g52qL7zashZhMSEz8xjDmHAA06Uwpw47sUK9EQK70QYPsvN-9f_ewcf35ahYD5usKTYKQhPjW8S0q0Ou9OtolXyL4LhYGA8-T5Jw33Epgcl-8U9xd1Rp4ODjgz_n52KTccVhIijhBf_q7386P_i20JsmeBKABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_26XfUpxHuy4m_QhzKj6jNfTc9A7Q%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
a6c11502463f3445d37d3184cef1016bb3c77dbc12b88636788632bfe5e87b98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2561901
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1244
expires
Sat, 16 Apr 2022 12:00:42 GMT
img
pix.eu.criteo.net/img/ Frame C318 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoDr._Oetker_Tiefk%25C3%25BChlprodukte_KG_Wittlich_69120DE.gif%3Feb%3D1&v=3&w=400&s=OMxEI_EPnsWhT0o5hg80Ua7h&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEBRgKwl6LAAKEXv664g0NaSbCJWcKyQ&u=%7C53p4L%2Bu0rWOz40uVORlbv9jHVFGy189UnSy90Gbl0dA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKywk3aerMLAZFsyz9DD3N0k1--LnXBitkMdeKTnUxXH-3iNVHErUWUFog4Xp6U3xcnVV4X8sI9s0oqlRGvaA5qebco6zguNpaYxSy4dJ2s9eC5-5snf4ikswnEgqm0RJN-rrR8FsiTKpzgq9eBwp9LIsJ5v-7J1U8aaxKkImkoX8fMVAHxyJqP7FajKpkP5oadx7cG947pMjTADfpHgvygaGtbKwhBq5immos8cr0fMnA4WfcjzHeH-aoirTW7lBkXgriN7_cwZ3pSu7J2oUw1P62W7EC5eVpMjCWuB0ILhYqUG642NscMcRRVw8g0MnQcZUH2M1DSgC1mcXVcg15RKoOUbfRPv9PaNTMfufnOCc9El0XbQik1nkJ1PpHMBJm5LBPJ_nJv7K3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCluXNe5gzYpiKEIu9iQbeiArJntKxXLWY49aTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBOkBT9D_DEO3-tH1QI137xX8ZJlO8jTLmr0MPUae-AwoZOhSE4cmZZXEVqs6ibt-ZUSHRkcu5rHwggLHSvVG5WRJWIG8mC-thCscu-YjBqQMPTTMpp5s8dhXqeK5T_MIa9zL2CSsaAldd2HmRNtHUn8cqBYC23g8g52qL7zashZhMSEz8xjDmHAA06Uwpw47sUK9EQK70QYPsvN-9f_ewcf35ahYD5usKTYKQhPjW8S0q0Ou9OtolXyL4LhYGA8-T5Jw33Epgcl-8U9xd1Rp4ODjgz_n52KTccVhIijhBf_q7386P_i20JsmeBKABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_26XfUpxHuy4m_QhzKj6jNfTc9A7Q%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
edde818ca482b250fccc4de7d39fdcb1ef84160168fbb746861b18510b7d06a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
2324
expires
Sun, 12 Mar 2023 20:22:20 GMT
img
pix.eu.criteo.net/img/ Frame C318 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F6%2FlogoBosch-Gruppe-2804DE-1909091413.gif%3Feb%3D1&v=3&w=400&s=mpSaavc37cTAcDERDSmhZdBJ&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEBRgKwl6LAAKEXv664g0NaSbCJWcKyQ&u=%7C53p4L%2Bu0rWOz40uVORlbv9jHVFGy189UnSy90Gbl0dA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKywk3aerMLAZFsyz9DD3N0k1--LnXBitkMdeKTnUxXH-3iNVHErUWUFog4Xp6U3xcnVV4X8sI9s0oqlRGvaA5qebco6zguNpaYxSy4dJ2s9eC5-5snf4ikswnEgqm0RJN-rrR8FsiTKpzgq9eBwp9LIsJ5v-7J1U8aaxKkImkoX8fMVAHxyJqP7FajKpkP5oadx7cG947pMjTADfpHgvygaGtbKwhBq5immos8cr0fMnA4WfcjzHeH-aoirTW7lBkXgriN7_cwZ3pSu7J2oUw1P62W7EC5eVpMjCWuB0ILhYqUG642NscMcRRVw8g0MnQcZUH2M1DSgC1mcXVcg15RKoOUbfRPv9PaNTMfufnOCc9El0XbQik1nkJ1PpHMBJm5LBPJ_nJv7K3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCluXNe5gzYpiKEIu9iQbeiArJntKxXLWY49aTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBOkBT9D_DEO3-tH1QI137xX8ZJlO8jTLmr0MPUae-AwoZOhSE4cmZZXEVqs6ibt-ZUSHRkcu5rHwggLHSvVG5WRJWIG8mC-thCscu-YjBqQMPTTMpp5s8dhXqeK5T_MIa9zL2CSsaAldd2HmRNtHUn8cqBYC23g8g52qL7zashZhMSEz8xjDmHAA06Uwpw47sUK9EQK70QYPsvN-9f_ewcf35ahYD5usKTYKQhPjW8S0q0Ou9OtolXyL4LhYGA8-T5Jw33Epgcl-8U9xd1Rp4ODjgz_n52KTccVhIijhBf_q7386P_i20JsmeBKABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_26XfUpxHuy4m_QhzKj6jNfTc9A7Q%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
490319aff00a55cfc00d9e24f71f39fc0801858055c62c07bec8fabf2f6e24ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=958
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1584
expires
Thu, 17 Mar 2022 20:38:19 GMT
img
pix.eu.criteo.net/img/ Frame C318 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoRheinmetall-Group-1262DE-2101221907.gif%3Feb%3D1&v=3&w=400&s=TW6-M6NoE1cuB36irgUkZ_Qy&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEBRgKwl6LAAKEXv664g0NaSbCJWcKyQ&u=%7C53p4L%2Bu0rWOz40uVORlbv9jHVFGy189UnSy90Gbl0dA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKywk3aerMLAZFsyz9DD3N0k1--LnXBitkMdeKTnUxXH-3iNVHErUWUFog4Xp6U3xcnVV4X8sI9s0oqlRGvaA5qebco6zguNpaYxSy4dJ2s9eC5-5snf4ikswnEgqm0RJN-rrR8FsiTKpzgq9eBwp9LIsJ5v-7J1U8aaxKkImkoX8fMVAHxyJqP7FajKpkP5oadx7cG947pMjTADfpHgvygaGtbKwhBq5immos8cr0fMnA4WfcjzHeH-aoirTW7lBkXgriN7_cwZ3pSu7J2oUw1P62W7EC5eVpMjCWuB0ILhYqUG642NscMcRRVw8g0MnQcZUH2M1DSgC1mcXVcg15RKoOUbfRPv9PaNTMfufnOCc9El0XbQik1nkJ1PpHMBJm5LBPJ_nJv7K3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCluXNe5gzYpiKEIu9iQbeiArJntKxXLWY49aTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBOkBT9D_DEO3-tH1QI137xX8ZJlO8jTLmr0MPUae-AwoZOhSE4cmZZXEVqs6ibt-ZUSHRkcu5rHwggLHSvVG5WRJWIG8mC-thCscu-YjBqQMPTTMpp5s8dhXqeK5T_MIa9zL2CSsaAldd2HmRNtHUn8cqBYC23g8g52qL7zashZhMSEz8xjDmHAA06Uwpw47sUK9EQK70QYPsvN-9f_ewcf35ahYD5usKTYKQhPjW8S0q0Ou9OtolXyL4LhYGA8-T5Jw33Epgcl-8U9xd1Rp4ODjgz_n52KTccVhIijhBf_q7386P_i20JsmeBKABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_26XfUpxHuy4m_QhzKj6jNfTc9A7Q%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
cc5e65f3bf4a6f565b2e549b9b401450a1e7d283ffe50dd4a906b5375808b851
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=160
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
2446
expires
Thu, 17 Mar 2022 20:25:00 GMT
img
pix.eu.criteo.net/img/ Frame C318 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FR%2FlogoRohde-Schwarz-Cybersecurity-GmbH-171555DE.gif%3Feb%3D1&v=3&w=400&s=qv2CTmtIW0KgtnhgJOFkv3GY&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEBRgKwl6LAAKEXv664g0NaSbCJWcKyQ&u=%7C53p4L%2Bu0rWOz40uVORlbv9jHVFGy189UnSy90Gbl0dA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKywk3aerMLAZFsyz9DD3N0k1--LnXBitkMdeKTnUxXH-3iNVHErUWUFog4Xp6U3xcnVV4X8sI9s0oqlRGvaA5qebco6zguNpaYxSy4dJ2s9eC5-5snf4ikswnEgqm0RJN-rrR8FsiTKpzgq9eBwp9LIsJ5v-7J1U8aaxKkImkoX8fMVAHxyJqP7FajKpkP5oadx7cG947pMjTADfpHgvygaGtbKwhBq5immos8cr0fMnA4WfcjzHeH-aoirTW7lBkXgriN7_cwZ3pSu7J2oUw1P62W7EC5eVpMjCWuB0ILhYqUG642NscMcRRVw8g0MnQcZUH2M1DSgC1mcXVcg15RKoOUbfRPv9PaNTMfufnOCc9El0XbQik1nkJ1PpHMBJm5LBPJ_nJv7K3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCluXNe5gzYpiKEIu9iQbeiArJntKxXLWY49aTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBOkBT9D_DEO3-tH1QI137xX8ZJlO8jTLmr0MPUae-AwoZOhSE4cmZZXEVqs6ibt-ZUSHRkcu5rHwggLHSvVG5WRJWIG8mC-thCscu-YjBqQMPTTMpp5s8dhXqeK5T_MIa9zL2CSsaAldd2HmRNtHUn8cqBYC23g8g52qL7zashZhMSEz8xjDmHAA06Uwpw47sUK9EQK70QYPsvN-9f_ewcf35ahYD5usKTYKQhPjW8S0q0Ou9OtolXyL4LhYGA8-T5Jw33Epgcl-8U9xd1Rp4ODjgz_n52KTccVhIijhBf_q7386P_i20JsmeBKABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_26XfUpxHuy4m_QhzKj6jNfTc9A7Q%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
31844a6a9bdbed5ea86ca5f91a6837fdf9fad712f9f163a98d2f053b6727efcc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2135229
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1066
expires
Mon, 11 Apr 2022 13:29:29 GMT
img
pix.eu.criteo.net/img/ Frame C318 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FE%2FlogoEnergiequelle-GmbH-68961DE.gif%3Feb%3D1&v=3&w=400&s=De3iQUblG-UpuaDmzQhrdtLw&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEBRgKwl6LAAKEXv664g0NaSbCJWcKyQ&u=%7C53p4L%2Bu0rWOz40uVORlbv9jHVFGy189UnSy90Gbl0dA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKywk3aerMLAZFsyz9DD3N0k1--LnXBitkMdeKTnUxXH-3iNVHErUWUFog4Xp6U3xcnVV4X8sI9s0oqlRGvaA5qebco6zguNpaYxSy4dJ2s9eC5-5snf4ikswnEgqm0RJN-rrR8FsiTKpzgq9eBwp9LIsJ5v-7J1U8aaxKkImkoX8fMVAHxyJqP7FajKpkP5oadx7cG947pMjTADfpHgvygaGtbKwhBq5immos8cr0fMnA4WfcjzHeH-aoirTW7lBkXgriN7_cwZ3pSu7J2oUw1P62W7EC5eVpMjCWuB0ILhYqUG642NscMcRRVw8g0MnQcZUH2M1DSgC1mcXVcg15RKoOUbfRPv9PaNTMfufnOCc9El0XbQik1nkJ1PpHMBJm5LBPJ_nJv7K3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCluXNe5gzYpiKEIu9iQbeiArJntKxXLWY49aTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBOkBT9D_DEO3-tH1QI137xX8ZJlO8jTLmr0MPUae-AwoZOhSE4cmZZXEVqs6ibt-ZUSHRkcu5rHwggLHSvVG5WRJWIG8mC-thCscu-YjBqQMPTTMpp5s8dhXqeK5T_MIa9zL2CSsaAldd2HmRNtHUn8cqBYC23g8g52qL7zashZhMSEz8xjDmHAA06Uwpw47sUK9EQK70QYPsvN-9f_ewcf35ahYD5usKTYKQhPjW8S0q0Ou9OtolXyL4LhYGA8-T5Jw33Epgcl-8U9xd1Rp4ODjgz_n52KTccVhIijhBf_q7386P_i20JsmeBKABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_26XfUpxHuy4m_QhzKj6jNfTc9A7Q%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e8674372b3d629c4eb40e69746fad5cf5c7f60b258ba101b7bc29c1a95f8bdc7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2374241
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1086
expires
Thu, 14 Apr 2022 07:53:02 GMT
img
pix.eu.criteo.net/img/ Frame C318 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F5%2FlogoRhenus-High-Tech-GmbH-235305DE-1910011802.gif%3Feb%3D1&v=3&w=400&s=evpZoeOJR2oEv325ByhAP2ea&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEBRgKwl6LAAKEXv664g0NaSbCJWcKyQ&u=%7C53p4L%2Bu0rWOz40uVORlbv9jHVFGy189UnSy90Gbl0dA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKywk3aerMLAZFsyz9DD3N0k1--LnXBitkMdeKTnUxXH-3iNVHErUWUFog4Xp6U3xcnVV4X8sI9s0oqlRGvaA5qebco6zguNpaYxSy4dJ2s9eC5-5snf4ikswnEgqm0RJN-rrR8FsiTKpzgq9eBwp9LIsJ5v-7J1U8aaxKkImkoX8fMVAHxyJqP7FajKpkP5oadx7cG947pMjTADfpHgvygaGtbKwhBq5immos8cr0fMnA4WfcjzHeH-aoirTW7lBkXgriN7_cwZ3pSu7J2oUw1P62W7EC5eVpMjCWuB0ILhYqUG642NscMcRRVw8g0MnQcZUH2M1DSgC1mcXVcg15RKoOUbfRPv9PaNTMfufnOCc9El0XbQik1nkJ1PpHMBJm5LBPJ_nJv7K3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCluXNe5gzYpiKEIu9iQbeiArJntKxXLWY49aTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBOkBT9D_DEO3-tH1QI137xX8ZJlO8jTLmr0MPUae-AwoZOhSE4cmZZXEVqs6ibt-ZUSHRkcu5rHwggLHSvVG5WRJWIG8mC-thCscu-YjBqQMPTTMpp5s8dhXqeK5T_MIa9zL2CSsaAldd2HmRNtHUn8cqBYC23g8g52qL7zashZhMSEz8xjDmHAA06Uwpw47sUK9EQK70QYPsvN-9f_ewcf35ahYD5usKTYKQhPjW8S0q0Ou9OtolXyL4LhYGA8-T5Jw33Epgcl-8U9xd1Rp4ODjgz_n52KTccVhIijhBf_q7386P_i20JsmeBKABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_26XfUpxHuy4m_QhzKj6jNfTc9A7Q%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
c7a3356bbfa6bcd2ce4d0d21542f2cc2a7ff5a7fb2624ed8fd9982479d9db1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=2174615
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
2192
expires
Tue, 12 Apr 2022 00:25:55 GMT
all
csm.eu.criteo.net/ Frame C318 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=MDOf038m309QXgpdyS3GAEgsl-WdJt36C2y0xnxDDG8GFwTQuIkcdB_qz1MYqpcnsJ-FgdAt7pIHGwJqYF1gjZZdJReZyyC-c4vJugZD818WLenON_MnqXJz9AV7RIKNSkFZ_aDNwIgvNcRy-zRzO9VBpx6xI3ub6vtINQdKvHIDuec8wUQxXctbZ1iGVqRDSSsF5bs-dU1P-WysIvVyAQhJoqV3Y9rXdHoG3DIvtiUbKe98vGHF6N7IC3g3DbGMALka_g&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEBRgKwl6LAAKEXv664g0NaSbCJWcKyQ&u=%7C53p4L%2Bu0rWOz40uVORlbv9jHVFGy189UnSy90Gbl0dA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKywk3aerMLAZFsyz9DD3N0k1--LnXBitkMdeKTnUxXH-3iNVHErUWUFog4Xp6U3xcnVV4X8sI9s0oqlRGvaA5qebco6zguNpaYxSy4dJ2s9eC5-5snf4ikswnEgqm0RJN-rrR8FsiTKpzgq9eBwp9LIsJ5v-7J1U8aaxKkImkoX8fMVAHxyJqP7FajKpkP5oadx7cG947pMjTADfpHgvygaGtbKwhBq5immos8cr0fMnA4WfcjzHeH-aoirTW7lBkXgriN7_cwZ3pSu7J2oUw1P62W7EC5eVpMjCWuB0ILhYqUG642NscMcRRVw8g0MnQcZUH2M1DSgC1mcXVcg15RKoOUbfRPv9PaNTMfufnOCc9El0XbQik1nkJ1PpHMBJm5LBPJ_nJv7K3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCluXNe5gzYpiKEIu9iQbeiArJntKxXLWY49aTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBOkBT9D_DEO3-tH1QI137xX8ZJlO8jTLmr0MPUae-AwoZOhSE4cmZZXEVqs6ibt-ZUSHRkcu5rHwggLHSvVG5WRJWIG8mC-thCscu-YjBqQMPTTMpp5s8dhXqeK5T_MIa9zL2CSsaAldd2HmRNtHUn8cqBYC23g8g52qL7zashZhMSEz8xjDmHAA06Uwpw47sUK9EQK70QYPsvN-9f_ewcf35ahYD5usKTYKQhPjW8S0q0Ou9OtolXyL4LhYGA8-T5Jw33Epgcl-8U9xd1Rp4ODjgz_n52KTccVhIijhBf_q7386P_i20JsmeBKABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_26XfUpxHuy4m_QhzKj6jNfTc9A7Q%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 17 Mar 2022 20:22:20 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame C318 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEBRgKwl6LAAKEXv664g0NaSbCJWcKyQ&u=%7C53p4L%2Bu0rWOz40uVORlbv9jHVFGy189UnSy90Gbl0dA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKywk3aerMLAZFsyz9DD3N0k1--LnXBitkMdeKTnUxXH-3iNVHErUWUFog4Xp6U3xcnVV4X8sI9s0oqlRGvaA5qebco6zguNpaYxSy4dJ2s9eC5-5snf4ikswnEgqm0RJN-rrR8FsiTKpzgq9eBwp9LIsJ5v-7J1U8aaxKkImkoX8fMVAHxyJqP7FajKpkP5oadx7cG947pMjTADfpHgvygaGtbKwhBq5immos8cr0fMnA4WfcjzHeH-aoirTW7lBkXgriN7_cwZ3pSu7J2oUw1P62W7EC5eVpMjCWuB0ILhYqUG642NscMcRRVw8g0MnQcZUH2M1DSgC1mcXVcg15RKoOUbfRPv9PaNTMfufnOCc9El0XbQik1nkJ1PpHMBJm5LBPJ_nJv7K3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCluXNe5gzYpiKEIu9iQbeiArJntKxXLWY49aTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBOkBT9D_DEO3-tH1QI137xX8ZJlO8jTLmr0MPUae-AwoZOhSE4cmZZXEVqs6ibt-ZUSHRkcu5rHwggLHSvVG5WRJWIG8mC-thCscu-YjBqQMPTTMpp5s8dhXqeK5T_MIa9zL2CSsaAldd2HmRNtHUn8cqBYC23g8g52qL7zashZhMSEz8xjDmHAA06Uwpw47sUK9EQK70QYPsvN-9f_ewcf35ahYD5usKTYKQhPjW8S0q0Ou9OtolXyL4LhYGA8-T5Jw33Epgcl-8U9xd1Rp4ODjgz_n52KTccVhIijhBf_q7386P_i20JsmeBKABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_26XfUpxHuy4m_QhzKj6jNfTc9A7Q%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Mar 2023 20:22:20 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame C318 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEBRgKwl6LAAKEXv664g0NaSbCJWcKyQ&u=%7C53p4L%2Bu0rWOz40uVORlbv9jHVFGy189UnSy90Gbl0dA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKywk3aerMLAZFsyz9DD3N0k1--LnXBitkMdeKTnUxXH-3iNVHErUWUFog4Xp6U3xcnVV4X8sI9s0oqlRGvaA5qebco6zguNpaYxSy4dJ2s9eC5-5snf4ikswnEgqm0RJN-rrR8FsiTKpzgq9eBwp9LIsJ5v-7J1U8aaxKkImkoX8fMVAHxyJqP7FajKpkP5oadx7cG947pMjTADfpHgvygaGtbKwhBq5immos8cr0fMnA4WfcjzHeH-aoirTW7lBkXgriN7_cwZ3pSu7J2oUw1P62W7EC5eVpMjCWuB0ILhYqUG642NscMcRRVw8g0MnQcZUH2M1DSgC1mcXVcg15RKoOUbfRPv9PaNTMfufnOCc9El0XbQik1nkJ1PpHMBJm5LBPJ_nJv7K3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCluXNe5gzYpiKEIu9iQbeiArJntKxXLWY49aTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBOkBT9D_DEO3-tH1QI137xX8ZJlO8jTLmr0MPUae-AwoZOhSE4cmZZXEVqs6ibt-ZUSHRkcu5rHwggLHSvVG5WRJWIG8mC-thCscu-YjBqQMPTTMpp5s8dhXqeK5T_MIa9zL2CSsaAldd2HmRNtHUn8cqBYC23g8g52qL7zashZhMSEz8xjDmHAA06Uwpw47sUK9EQK70QYPsvN-9f_ewcf35ahYD5usKTYKQhPjW8S0q0Ou9OtolXyL4LhYGA8-T5Jw33Epgcl-8U9xd1Rp4ODjgz_n52KTccVhIijhBf_q7386P_i20JsmeBKABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_26XfUpxHuy4m_QhzKj6jNfTc9A7Q%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Mar 2023 20:22:20 GMT
j5FK-xqV
pbs.twimg.com/card_img/1503869678833311745/ Frame 6DB9 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1503869678833311745/j5FK-xqV?format=png&name=800x419
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CEA) /
Resource Hash
f1a5c62afaf2fe49a1885b10bc57bd0b1b14a59d9939bc0c4f9c8f4bad6ab6ef
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
x-content-type-options
nosniff
age
162308
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length
24299
x-response-time
248
surrogate-key
card_img card_img/bucket/2 card_img/1503869678833311745
last-modified
Tue, 15 Mar 2022 23:02:06 GMT
server
ECS (mil/6CEA)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ, VZ"
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
9800fad6bb6344ffe5b35eea87f64a1006f082d5094aa3c6c6b344c448253180
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
d_Ec54wO
pbs.twimg.com/card_img/1499742163705360384/ Frame 6DB9 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1499742163705360384/d_Ec54wO?format=png&name=600x314
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE6) /
Resource Hash
f6a8ee66594aca8034752c88745d4ab5c134408b2e0413e05477c176b111d0d5
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
x-content-type-options
nosniff
age
310918
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length
22774
x-response-time
238
surrogate-key
card_img card_img/bucket/2 card_img/1499742163705360384
last-modified
Fri, 04 Mar 2022 13:40:50 GMT
server
ECS (mil/6CE6)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ, VZ"
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
8f1862f7f570ee9410e6040ec6009081b649a2afcff22d1110829c31dc2500bd
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
HQWxE4e6
pbs.twimg.com/card_img/1503706247786287107/ Frame 6DB9 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1503706247786287107/HQWxE4e6?format=png&name=600x314
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE8) /
Resource Hash
106f36a58408c097b1febcc9f0fe8fdf3dc79fb29b120f06e2172dcc1ac0c921
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
x-content-type-options
nosniff
age
201297
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=2
content-length
27527
x-response-time
274
surrogate-key
card_img card_img/bucket/7 card_img/1503706247786287107
last-modified
Tue, 15 Mar 2022 12:12:41 GMT
server
ECS (mil/6CE8)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
bc2bc074372225456c94d66f4b2e47e5db0b78eb7dd98935f705ad90d34f991f
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
gXNXeni9
pbs.twimg.com/card_img/1504217905516318724/ Frame 6DB9 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1504217905516318724/gXNXeni9?format=jpg&name=600x314
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CF0) /
Resource Hash
7be5f63793eef79dfde6edc1d8e29918e831ac49766cdc8f03960efd1550fa74
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
x-content-type-options
nosniff
age
78877
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length
46803
x-response-time
262
surrogate-key
card_img card_img/bucket/5 card_img/1504217905516318724
last-modified
Wed, 16 Mar 2022 22:05:50 GMT
server
ECS (mil/6CF0)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
42819c73ee507d1d88ac8da4ee93694fe498c5e2dfe41806aba36dda53eea4a3
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
1f448.png
abs.twimg.com/emoji/v2/72x72/ Frame 6DB9 		422 B
792 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs.twimg.com/emoji/v2/72x72/1f448.png
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6BAF) /
Resource Hash
4dc8736a1f88ba8b83372678be7d33ec790a58f91125c1794c65219d533e891a
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
x-content-type-options
nosniff
age
19656352
x-ton-expected-size
422
x-cache
HIT
content-length
422
surrogate-key
twitter-assets
last-modified
Wed, 21 Feb 2018 22:28:34 GMT
server
ECAcc (mil/6BAF)
etag
"D3w7G3cLTZqaQU3X/K27SA=="
strict-transport-security
max-age=631138519
content-type
image/png
access-control-allow-origin
*
x-connection-hash
83b3b78cc1ee574c20cda106fac3e6e861c7431fb6281763a45ffdaec6140aa6
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Fri, 17 Mar 2023 20:22:20 GMT
rizT9sQe
pbs.twimg.com/card_img/1503738367548211201/ Frame 6DB9 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1503738367548211201/rizT9sQe?format=jpg&name=600x314
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CF4) /
Resource Hash
268dfb1131e147b12fe728c27f9e8186fa739a25a9ab7d70946d9e8d1d5b597a
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
x-content-type-options
nosniff
age
193814
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=2
content-length
21586
x-response-time
265
surrogate-key
card_img card_img/bucket/5 card_img/1503738367548211201
last-modified
Tue, 15 Mar 2022 14:20:19 GMT
server
ECS (mil/6CF4)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
cd9ea3246dbd77fdc928a145b801d8d641be4b0bd6401e017e21ca9ea259e453
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
mbx8mGDx
pbs.twimg.com/card_img/1504263718779170823/ Frame 6DB9 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1504263718779170823/mbx8mGDx?format=jpg&name=600x314
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CEC) /
Resource Hash
edce17cae96873e2cf08323e45f8316b500e4596563b8c69b63e162250038e91
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
x-content-type-options
nosniff
age
67512
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length
26818
x-response-time
245
surrogate-key
card_img card_img/bucket/3 card_img/1504263718779170823
last-modified
Thu, 17 Mar 2022 01:07:53 GMT
server
ECS (mil/6CEC)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
f1d5cf86a4ac3062e7b4242386206f97bab10c239e623172000bb2d536db5263
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
1f602.png
abs.twimg.com/emoji/v2/72x72/ Frame 6DB9 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs.twimg.com/emoji/v2/72x72/1f602.png
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C6F) /
Resource Hash
c252a58367211c11d839155e50dc5e98551826c64b8d2e8d6267124c054ceae0
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
x-content-type-options
nosniff
age
25357345
x-ton-expected-size
1095
x-cache
HIT
content-length
1095
surrogate-key
twitter-assets
last-modified
Wed, 21 Feb 2018 22:30:28 GMT
server
ECAcc (mil/6C6F)
etag
"CskKXLmjEnqr5kggS5rnnQ=="
strict-transport-security
max-age=631138519
content-type
image/png
access-control-allow-origin
*
x-connection-hash
7d2b3c02adf5ed28c9fb615762d414a7498ca74999e534a751eab550f53a1c59
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Fri, 17 Mar 2023 20:22:20 GMT
1f918.png
abs.twimg.com/emoji/v2/72x72/ Frame 6DB9 		603 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs.twimg.com/emoji/v2/72x72/1f918.png
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C8A) /
Resource Hash
13da23e323658067823edcbc9f6033522a57cbe4325eb72470ab93f6c77f5c38
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
x-content-type-options
nosniff
age
24839219
x-ton-expected-size
603
x-cache
HIT
content-length
603
surrogate-key
twitter-assets
last-modified
Fri, 18 Jan 2019 20:57:56 GMT
server
ECAcc (mil/6C8A)
etag
"SabOq57Qub/blwNeQOJr5w=="
strict-transport-security
max-age=631138519
content-type
image/png
access-control-allow-origin
*
x-connection-hash
d386fa95aae0129ebb5b0d8a4a6fa226689308f114cec040b1dd6bb3532cc078
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Fri, 17 Mar 2023 20:22:20 GMT
1f33b.png
abs.twimg.com/emoji/v2/72x72/ Frame 6DB9 		835 B
1010 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs.twimg.com/emoji/v2/72x72/1f33b.png
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C43) /
Resource Hash
cec65ee7ed23f5724798c193f8570661a789c210836ee2c8cb7dd16aacbcee18
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
x-content-type-options
nosniff
age
3092320
x-ton-expected-size
835
x-cache
HIT
content-length
835
x-response-time
9
surrogate-key
twitter-assets
last-modified
Wed, 21 Feb 2018 22:28:29 GMT
server
ECAcc (mil/6C43)
etag
"PMtdmpls9tAhrdseUWTMCw=="
strict-transport-security
max-age=631138519
content-type
image/png
access-control-allow-origin
*
x-connection-hash
4d648480cb91b97ef8891077d253930fa060230dbd69ba6f92150bc3c2aac73c
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Fri, 17 Mar 2023 20:22:20 GMT
vO8hHfAO
pbs.twimg.com/card_img/1503605537594052610/ Frame 6DB9 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1503605537594052610/vO8hHfAO?format=jpg&name=600x314
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CEB) /
Resource Hash
558e624c6b2b348a585985d9204bf4c76539d9b66a40f9fb0c6c23d341f5468b
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
x-content-type-options
nosniff
age
225320
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=2
content-length
24904
x-response-time
293
surrogate-key
card_img card_img/bucket/3 card_img/1503605537594052610
last-modified
Tue, 15 Mar 2022 05:32:30 GMT
server
ECS (mil/6CEB)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
4bbfef27e81e9df0ac7c18fd715fa356ee2809b47eb7834b498da1442f4fa1a2
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
animejs.js
static.criteo.net/animejs/ Frame 21FC 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEffwCHkMJAA8DdPERq1dGt6bgudtwuQ&u=%7C53p4L%2Bu0rWN58YE5tUTS7ovOL2wpomK5zsMhbCPhDOI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy3JygHL7QPZbHQg5vtw827UZuL-K2XIlI_HIIoK5Yw9BJjaku2-EdFUqMZy9wvtdHma2jh0Mr4Om94qV24hCREvtjjSzBY9OMRlwBKGUyblphCb5GSrQYfustV3nP8gS9mMEW1mbwEqByUjteOu695KWM3vQwjcVB43GGzw6Xe2THuwTfPH6I3Fwzid42nRxiv9cS4HDSuk1nZWsFt6YlvSBcrbuEZgJDUmKhx_HbXdw2guMLKuDBJhJcYZTJf2bHMvCuGRZylDfM-xCCif69ZNQouFDS2qrHesz_K74b7u7PgLWQsU5DTN7chRHGiZkTccixZZ2Zq_v489QbL9pkkBCYKtxVPN2P9HPc1wn_4GKHoBK7gYc4Wlz7UWf0-8PLSKQsWbkQoCd&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfdcse5gzYvz7EYmG-cAP9Ia8-AHJntKxXM3hkvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQJ70boV0JiyPqgDAaoE7gFP0Ae1QU__BGkr6YCbuQl3UkfK1Yizj1k-sb_SKTHmLeKLO4a2xTkuN_iBOGNQpszVMkn3YeTaVVYPv6cE1T-QeVTq6lvVkyvyeRnW8-TJ18kA7Be2GQFgo2vP3xowTT89mbAgglFbHdpnUkwxd3MSdI4pCR6MkIOaxFVaUTFbhcGPgEhc7JCHk3yeUXQHIxJoabeepb07MH1jbsJd8FY1Vma2vjJMHx8820UufRplB-cVrHp87p_zMvjDNgkBuRL4n6P999I-KpmAM0WHzM_clbQs4ZQiMBpPfW2fR4cKXfUBjVzKMvt-0WKaqrHvgAaalI351ZKE078BoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_12lleO4KPSwB-GqkIMR_X3GsZUHg%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Mar 2023 20:22:20 GMT
animejs.js
static.criteo.net/animejs/ Frame AD4C 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAFBNQKwlSvAAr6C7Wf3l8tKt5G_N6MsQ&u=%7C53p4L%2Bu0rWNn4i3xCBKCIxYnCP%2FzJOWrZ%2B6D8H6ABdM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZaAgZ6Zq4A97VoyRtB5juWrbcTCGS5dG8n78RyvSsyonrnv6k0TN2Vw2r_H89DYzUrXZOjNvuLW31lxHy6-FkZboMzx3ZVxAMhxjPqpWNpcMHv0AuLjMFSxCiZzWxFxHo3-7SBq9y29En88DR45xIjItPZxf6LJOQBZh0fZIWdqUa2ll9xha5ZMkdSmEoAbOcQVwxKCzyGcmGvWwEadvbWDVpbAvwoxve1z8TZExayxcdXAviKINBd_XN5lupepBtibwGKOxQmQAM170gTU5KN3O4Ep684qGxIBDLK6IPL7uyvocqjQ7YrtvixP3_Nvke4R-EM55wfKDJGSs31b28EzobkZAVNQZI0T6iiposyj_b1AnKW3vRK1T3bvSu2wDA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbmdre5gzYtSJFK-piQaL9KvwCcme0rFc9eqhhogBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQLtjfzbp6OyPqgDAaoE7gFP0MH0kXzSeUKXy-CPaWSWqNaTZOrMvVp0HkGLqX1aLbiO4XbXzH5CHKAg9a2pL_pMaoj1H7UtLRvOy3oEu5r4vwIPkmxCfrnREYX6Mj9WqcxF1r3EcdClZMfvDOWxMYjjMV2fiOOIeIySqPJGHxCa7CrAtoWauYWmDo-O3-K89l_zN-7YbQKfOQJs19Q9O-0hhtGBu5ihjv8cAT2vkIKu78DD16lEk8QiD60r8jc10z0DVbY1DjczXmGzndE4YPM6EAYnVO6moqACSd6I5FL0sqBITQbbQxcKnSoMJ3nmgxq5u1iuoFjZSLpIvUHdgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_04DDEXhZq359YFxJbqUUK6sxcNjg%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Mar 2023 20:22:20 GMT
img
pix.eu.criteo.net/img/ Frame AD4C 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F8%2FlogoCapgemini-Invent-22500DE-2108181202.gif%3Feb%3D1&v=3&w=400&s=PFekcj3JZYAeSQ7huNKuc3SC&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAFBNQKwlSvAAr6C7Wf3l8tKt5G_N6MsQ&u=%7C53p4L%2Bu0rWNn4i3xCBKCIxYnCP%2FzJOWrZ%2B6D8H6ABdM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZaAgZ6Zq4A97VoyRtB5juWrbcTCGS5dG8n78RyvSsyonrnv6k0TN2Vw2r_H89DYzUrXZOjNvuLW31lxHy6-FkZboMzx3ZVxAMhxjPqpWNpcMHv0AuLjMFSxCiZzWxFxHo3-7SBq9y29En88DR45xIjItPZxf6LJOQBZh0fZIWdqUa2ll9xha5ZMkdSmEoAbOcQVwxKCzyGcmGvWwEadvbWDVpbAvwoxve1z8TZExayxcdXAviKINBd_XN5lupepBtibwGKOxQmQAM170gTU5KN3O4Ep684qGxIBDLK6IPL7uyvocqjQ7YrtvixP3_Nvke4R-EM55wfKDJGSs31b28EzobkZAVNQZI0T6iiposyj_b1AnKW3vRK1T3bvSu2wDA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbmdre5gzYtSJFK-piQaL9KvwCcme0rFc9eqhhogBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQLtjfzbp6OyPqgDAaoE7gFP0MH0kXzSeUKXy-CPaWSWqNaTZOrMvVp0HkGLqX1aLbiO4XbXzH5CHKAg9a2pL_pMaoj1H7UtLRvOy3oEu5r4vwIPkmxCfrnREYX6Mj9WqcxF1r3EcdClZMfvDOWxMYjjMV2fiOOIeIySqPJGHxCa7CrAtoWauYWmDo-O3-K89l_zN-7YbQKfOQJs19Q9O-0hhtGBu5ihjv8cAT2vkIKu78DD16lEk8QiD60r8jc10z0DVbY1DjczXmGzndE4YPM6EAYnVO6moqACSd6I5FL0sqBITQbbQxcKnSoMJ3nmgxq5u1iuoFjZSLpIvUHdgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_04DDEXhZq359YFxJbqUUK6sxcNjg%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
28dd16c670efe7d607a46f8232d78b0c8470d2b9395042a6cd18254f6fcc4199
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2195473
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1482
expires
Tue, 12 Apr 2022 06:13:33 GMT
img
pix.eu.criteo.net/img/ Frame AD4C 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FM%2FlogoMentz-GmbH-5081DE.gif%3Feb%3D1&v=3&w=400&s=fyhRrpwKVWPakqLBQR0HYTwT&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAFBNQKwlSvAAr6C7Wf3l8tKt5G_N6MsQ&u=%7C53p4L%2Bu0rWNn4i3xCBKCIxYnCP%2FzJOWrZ%2B6D8H6ABdM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZaAgZ6Zq4A97VoyRtB5juWrbcTCGS5dG8n78RyvSsyonrnv6k0TN2Vw2r_H89DYzUrXZOjNvuLW31lxHy6-FkZboMzx3ZVxAMhxjPqpWNpcMHv0AuLjMFSxCiZzWxFxHo3-7SBq9y29En88DR45xIjItPZxf6LJOQBZh0fZIWdqUa2ll9xha5ZMkdSmEoAbOcQVwxKCzyGcmGvWwEadvbWDVpbAvwoxve1z8TZExayxcdXAviKINBd_XN5lupepBtibwGKOxQmQAM170gTU5KN3O4Ep684qGxIBDLK6IPL7uyvocqjQ7YrtvixP3_Nvke4R-EM55wfKDJGSs31b28EzobkZAVNQZI0T6iiposyj_b1AnKW3vRK1T3bvSu2wDA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbmdre5gzYtSJFK-piQaL9KvwCcme0rFc9eqhhogBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQLtjfzbp6OyPqgDAaoE7gFP0MH0kXzSeUKXy-CPaWSWqNaTZOrMvVp0HkGLqX1aLbiO4XbXzH5CHKAg9a2pL_pMaoj1H7UtLRvOy3oEu5r4vwIPkmxCfrnREYX6Mj9WqcxF1r3EcdClZMfvDOWxMYjjMV2fiOOIeIySqPJGHxCa7CrAtoWauYWmDo-O3-K89l_zN-7YbQKfOQJs19Q9O-0hhtGBu5ihjv8cAT2vkIKu78DD16lEk8QiD60r8jc10z0DVbY1DjczXmGzndE4YPM6EAYnVO6moqACSd6I5FL0sqBITQbbQxcKnSoMJ3nmgxq5u1iuoFjZSLpIvUHdgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_04DDEXhZq359YFxJbqUUK6sxcNjg%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
5e5f0023ff8c856e2b49c920083d43fc49ed56de5501a4bc5a2b86afbd1cde55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=662091
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1404
expires
Fri, 25 Mar 2022 12:17:12 GMT
img
pix.eu.criteo.net/img/ Frame AD4C 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FZ%2FlogoZEISS-3427DE.gif%3Feb%3D1&v=3&w=400&s=57jpJpXqQqO6aPmte_wy5ihf&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAFBNQKwlSvAAr6C7Wf3l8tKt5G_N6MsQ&u=%7C53p4L%2Bu0rWNn4i3xCBKCIxYnCP%2FzJOWrZ%2B6D8H6ABdM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZaAgZ6Zq4A97VoyRtB5juWrbcTCGS5dG8n78RyvSsyonrnv6k0TN2Vw2r_H89DYzUrXZOjNvuLW31lxHy6-FkZboMzx3ZVxAMhxjPqpWNpcMHv0AuLjMFSxCiZzWxFxHo3-7SBq9y29En88DR45xIjItPZxf6LJOQBZh0fZIWdqUa2ll9xha5ZMkdSmEoAbOcQVwxKCzyGcmGvWwEadvbWDVpbAvwoxve1z8TZExayxcdXAviKINBd_XN5lupepBtibwGKOxQmQAM170gTU5KN3O4Ep684qGxIBDLK6IPL7uyvocqjQ7YrtvixP3_Nvke4R-EM55wfKDJGSs31b28EzobkZAVNQZI0T6iiposyj_b1AnKW3vRK1T3bvSu2wDA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbmdre5gzYtSJFK-piQaL9KvwCcme0rFc9eqhhogBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQLtjfzbp6OyPqgDAaoE7gFP0MH0kXzSeUKXy-CPaWSWqNaTZOrMvVp0HkGLqX1aLbiO4XbXzH5CHKAg9a2pL_pMaoj1H7UtLRvOy3oEu5r4vwIPkmxCfrnREYX6Mj9WqcxF1r3EcdClZMfvDOWxMYjjMV2fiOOIeIySqPJGHxCa7CrAtoWauYWmDo-O3-K89l_zN-7YbQKfOQJs19Q9O-0hhtGBu5ihjv8cAT2vkIKu78DD16lEk8QiD60r8jc10z0DVbY1DjczXmGzndE4YPM6EAYnVO6moqACSd6I5FL0sqBITQbbQxcKnSoMJ3nmgxq5u1iuoFjZSLpIvUHdgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_04DDEXhZq359YFxJbqUUK6sxcNjg%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
a6c11502463f3445d37d3184cef1016bb3c77dbc12b88636788632bfe5e87b98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2561901
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1244
expires
Sat, 16 Apr 2022 12:00:42 GMT
img
pix.eu.criteo.net/img/ Frame AD4C 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FR%2FlogoRohde-Schwarz-Cybersecurity-GmbH-171555DE.gif%3Feb%3D1&v=3&w=400&s=qv2CTmtIW0KgtnhgJOFkv3GY&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAFBNQKwlSvAAr6C7Wf3l8tKt5G_N6MsQ&u=%7C53p4L%2Bu0rWNn4i3xCBKCIxYnCP%2FzJOWrZ%2B6D8H6ABdM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZaAgZ6Zq4A97VoyRtB5juWrbcTCGS5dG8n78RyvSsyonrnv6k0TN2Vw2r_H89DYzUrXZOjNvuLW31lxHy6-FkZboMzx3ZVxAMhxjPqpWNpcMHv0AuLjMFSxCiZzWxFxHo3-7SBq9y29En88DR45xIjItPZxf6LJOQBZh0fZIWdqUa2ll9xha5ZMkdSmEoAbOcQVwxKCzyGcmGvWwEadvbWDVpbAvwoxve1z8TZExayxcdXAviKINBd_XN5lupepBtibwGKOxQmQAM170gTU5KN3O4Ep684qGxIBDLK6IPL7uyvocqjQ7YrtvixP3_Nvke4R-EM55wfKDJGSs31b28EzobkZAVNQZI0T6iiposyj_b1AnKW3vRK1T3bvSu2wDA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbmdre5gzYtSJFK-piQaL9KvwCcme0rFc9eqhhogBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQLtjfzbp6OyPqgDAaoE7gFP0MH0kXzSeUKXy-CPaWSWqNaTZOrMvVp0HkGLqX1aLbiO4XbXzH5CHKAg9a2pL_pMaoj1H7UtLRvOy3oEu5r4vwIPkmxCfrnREYX6Mj9WqcxF1r3EcdClZMfvDOWxMYjjMV2fiOOIeIySqPJGHxCa7CrAtoWauYWmDo-O3-K89l_zN-7YbQKfOQJs19Q9O-0hhtGBu5ihjv8cAT2vkIKu78DD16lEk8QiD60r8jc10z0DVbY1DjczXmGzndE4YPM6EAYnVO6moqACSd6I5FL0sqBITQbbQxcKnSoMJ3nmgxq5u1iuoFjZSLpIvUHdgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_04DDEXhZq359YFxJbqUUK6sxcNjg%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
31844a6a9bdbed5ea86ca5f91a6837fdf9fad712f9f163a98d2f053b6727efcc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2135229
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1066
expires
Mon, 11 Apr 2022 13:29:29 GMT
img
pix.eu.criteo.net/img/ Frame AD4C 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F2%2FlogoCoroplast-Fritz-Muller-GmbH-Co-KG-30584DE-2007220954.gif%3Feb%3D1&v=3&w=400&s=dDSl07gOS-0dwERLeszgubI9&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAFBNQKwlSvAAr6C7Wf3l8tKt5G_N6MsQ&u=%7C53p4L%2Bu0rWNn4i3xCBKCIxYnCP%2FzJOWrZ%2B6D8H6ABdM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZaAgZ6Zq4A97VoyRtB5juWrbcTCGS5dG8n78RyvSsyonrnv6k0TN2Vw2r_H89DYzUrXZOjNvuLW31lxHy6-FkZboMzx3ZVxAMhxjPqpWNpcMHv0AuLjMFSxCiZzWxFxHo3-7SBq9y29En88DR45xIjItPZxf6LJOQBZh0fZIWdqUa2ll9xha5ZMkdSmEoAbOcQVwxKCzyGcmGvWwEadvbWDVpbAvwoxve1z8TZExayxcdXAviKINBd_XN5lupepBtibwGKOxQmQAM170gTU5KN3O4Ep684qGxIBDLK6IPL7uyvocqjQ7YrtvixP3_Nvke4R-EM55wfKDJGSs31b28EzobkZAVNQZI0T6iiposyj_b1AnKW3vRK1T3bvSu2wDA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbmdre5gzYtSJFK-piQaL9KvwCcme0rFc9eqhhogBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQLtjfzbp6OyPqgDAaoE7gFP0MH0kXzSeUKXy-CPaWSWqNaTZOrMvVp0HkGLqX1aLbiO4XbXzH5CHKAg9a2pL_pMaoj1H7UtLRvOy3oEu5r4vwIPkmxCfrnREYX6Mj9WqcxF1r3EcdClZMfvDOWxMYjjMV2fiOOIeIySqPJGHxCa7CrAtoWauYWmDo-O3-K89l_zN-7YbQKfOQJs19Q9O-0hhtGBu5ihjv8cAT2vkIKu78DD16lEk8QiD60r8jc10z0DVbY1DjczXmGzndE4YPM6EAYnVO6moqACSd6I5FL0sqBITQbbQxcKnSoMJ3nmgxq5u1iuoFjZSLpIvUHdgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_04DDEXhZq359YFxJbqUUK6sxcNjg%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
38fae82219b536c5750f7d9df69c2fe43bcc231b0d2ae3444704e095108f0c46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1001818
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
6352
expires
Tue, 29 Mar 2022 10:39:19 GMT
img
pix.eu.criteo.net/img/ Frame AD4C 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FJ%2FlogoJS_Deutschland_GmbH_24984DE.gif%3Feb%3D1&v=3&w=400&s=t5TW_8UYa2eFuuuPo_Q7nmQe&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAFBNQKwlSvAAr6C7Wf3l8tKt5G_N6MsQ&u=%7C53p4L%2Bu0rWNn4i3xCBKCIxYnCP%2FzJOWrZ%2B6D8H6ABdM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZaAgZ6Zq4A97VoyRtB5juWrbcTCGS5dG8n78RyvSsyonrnv6k0TN2Vw2r_H89DYzUrXZOjNvuLW31lxHy6-FkZboMzx3ZVxAMhxjPqpWNpcMHv0AuLjMFSxCiZzWxFxHo3-7SBq9y29En88DR45xIjItPZxf6LJOQBZh0fZIWdqUa2ll9xha5ZMkdSmEoAbOcQVwxKCzyGcmGvWwEadvbWDVpbAvwoxve1z8TZExayxcdXAviKINBd_XN5lupepBtibwGKOxQmQAM170gTU5KN3O4Ep684qGxIBDLK6IPL7uyvocqjQ7YrtvixP3_Nvke4R-EM55wfKDJGSs31b28EzobkZAVNQZI0T6iiposyj_b1AnKW3vRK1T3bvSu2wDA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbmdre5gzYtSJFK-piQaL9KvwCcme0rFc9eqhhogBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQLtjfzbp6OyPqgDAaoE7gFP0MH0kXzSeUKXy-CPaWSWqNaTZOrMvVp0HkGLqX1aLbiO4XbXzH5CHKAg9a2pL_pMaoj1H7UtLRvOy3oEu5r4vwIPkmxCfrnREYX6Mj9WqcxF1r3EcdClZMfvDOWxMYjjMV2fiOOIeIySqPJGHxCa7CrAtoWauYWmDo-O3-K89l_zN-7YbQKfOQJs19Q9O-0hhtGBu5ihjv8cAT2vkIKu78DD16lEk8QiD60r8jc10z0DVbY1DjczXmGzndE4YPM6EAYnVO6moqACSd6I5FL0sqBITQbbQxcKnSoMJ3nmgxq5u1iuoFjZSLpIvUHdgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_04DDEXhZq359YFxJbqUUK6sxcNjg%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
639665b9e97aad7d30114d5b9b4d4b391d1ee6e870fd4515ec28e5a24c22863a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2469987
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1100
expires
Fri, 15 Apr 2022 10:28:48 GMT
img
pix.eu.criteo.net/img/ Frame AD4C 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoDr._Oetker_Tiefk%25C3%25BChlprodukte_KG_Wittlich_69120DE.gif%3Feb%3D1&v=3&w=400&s=OMxEI_EPnsWhT0o5hg80Ua7h&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAFBNQKwlSvAAr6C7Wf3l8tKt5G_N6MsQ&u=%7C53p4L%2Bu0rWNn4i3xCBKCIxYnCP%2FzJOWrZ%2B6D8H6ABdM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZaAgZ6Zq4A97VoyRtB5juWrbcTCGS5dG8n78RyvSsyonrnv6k0TN2Vw2r_H89DYzUrXZOjNvuLW31lxHy6-FkZboMzx3ZVxAMhxjPqpWNpcMHv0AuLjMFSxCiZzWxFxHo3-7SBq9y29En88DR45xIjItPZxf6LJOQBZh0fZIWdqUa2ll9xha5ZMkdSmEoAbOcQVwxKCzyGcmGvWwEadvbWDVpbAvwoxve1z8TZExayxcdXAviKINBd_XN5lupepBtibwGKOxQmQAM170gTU5KN3O4Ep684qGxIBDLK6IPL7uyvocqjQ7YrtvixP3_Nvke4R-EM55wfKDJGSs31b28EzobkZAVNQZI0T6iiposyj_b1AnKW3vRK1T3bvSu2wDA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbmdre5gzYtSJFK-piQaL9KvwCcme0rFc9eqhhogBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQLtjfzbp6OyPqgDAaoE7gFP0MH0kXzSeUKXy-CPaWSWqNaTZOrMvVp0HkGLqX1aLbiO4XbXzH5CHKAg9a2pL_pMaoj1H7UtLRvOy3oEu5r4vwIPkmxCfrnREYX6Mj9WqcxF1r3EcdClZMfvDOWxMYjjMV2fiOOIeIySqPJGHxCa7CrAtoWauYWmDo-O3-K89l_zN-7YbQKfOQJs19Q9O-0hhtGBu5ihjv8cAT2vkIKu78DD16lEk8QiD60r8jc10z0DVbY1DjczXmGzndE4YPM6EAYnVO6moqACSd6I5FL0sqBITQbbQxcKnSoMJ3nmgxq5u1iuoFjZSLpIvUHdgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_04DDEXhZq359YFxJbqUUK6sxcNjg%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
edde818ca482b250fccc4de7d39fdcb1ef84160168fbb746861b18510b7d06a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
2324
expires
Sun, 12 Mar 2023 20:22:20 GMT
img
pix.eu.criteo.net/img/ Frame AD4C 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FE%2FlogoFALKENSERVICE-SECURITY-e-K-290081DE-2202081350.gif%3Feb%3D1&v=3&w=400&s=zChjUjeY6x2C7EIMaxgtIWnA&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAFBNQKwlSvAAr6C7Wf3l8tKt5G_N6MsQ&u=%7C53p4L%2Bu0rWNn4i3xCBKCIxYnCP%2FzJOWrZ%2B6D8H6ABdM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZaAgZ6Zq4A97VoyRtB5juWrbcTCGS5dG8n78RyvSsyonrnv6k0TN2Vw2r_H89DYzUrXZOjNvuLW31lxHy6-FkZboMzx3ZVxAMhxjPqpWNpcMHv0AuLjMFSxCiZzWxFxHo3-7SBq9y29En88DR45xIjItPZxf6LJOQBZh0fZIWdqUa2ll9xha5ZMkdSmEoAbOcQVwxKCzyGcmGvWwEadvbWDVpbAvwoxve1z8TZExayxcdXAviKINBd_XN5lupepBtibwGKOxQmQAM170gTU5KN3O4Ep684qGxIBDLK6IPL7uyvocqjQ7YrtvixP3_Nvke4R-EM55wfKDJGSs31b28EzobkZAVNQZI0T6iiposyj_b1AnKW3vRK1T3bvSu2wDA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbmdre5gzYtSJFK-piQaL9KvwCcme0rFc9eqhhogBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQLtjfzbp6OyPqgDAaoE7gFP0MH0kXzSeUKXy-CPaWSWqNaTZOrMvVp0HkGLqX1aLbiO4XbXzH5CHKAg9a2pL_pMaoj1H7UtLRvOy3oEu5r4vwIPkmxCfrnREYX6Mj9WqcxF1r3EcdClZMfvDOWxMYjjMV2fiOOIeIySqPJGHxCa7CrAtoWauYWmDo-O3-K89l_zN-7YbQKfOQJs19Q9O-0hhtGBu5ihjv8cAT2vkIKu78DD16lEk8QiD60r8jc10z0DVbY1DjczXmGzndE4YPM6EAYnVO6moqACSd6I5FL0sqBITQbbQxcKnSoMJ3nmgxq5u1iuoFjZSLpIvUHdgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_04DDEXhZq359YFxJbqUUK6sxcNjg%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
6ebf6e3119f960929b7dfc03c768bc514a80964aaaec1f73fee86c64eb1b6c71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2071633
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
5186
expires
Sun, 10 Apr 2022 19:49:33 GMT
img
pix.eu.criteo.net/img/ Frame AD4C 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=396&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=196&s=Xzn5qn-PjNhsYf6Tg2wBNgno
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAFBNQKwlSvAAr6C7Wf3l8tKt5G_N6MsQ&u=%7C53p4L%2Bu0rWNn4i3xCBKCIxYnCP%2FzJOWrZ%2B6D8H6ABdM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZaAgZ6Zq4A97VoyRtB5juWrbcTCGS5dG8n78RyvSsyonrnv6k0TN2Vw2r_H89DYzUrXZOjNvuLW31lxHy6-FkZboMzx3ZVxAMhxjPqpWNpcMHv0AuLjMFSxCiZzWxFxHo3-7SBq9y29En88DR45xIjItPZxf6LJOQBZh0fZIWdqUa2ll9xha5ZMkdSmEoAbOcQVwxKCzyGcmGvWwEadvbWDVpbAvwoxve1z8TZExayxcdXAviKINBd_XN5lupepBtibwGKOxQmQAM170gTU5KN3O4Ep684qGxIBDLK6IPL7uyvocqjQ7YrtvixP3_Nvke4R-EM55wfKDJGSs31b28EzobkZAVNQZI0T6iiposyj_b1AnKW3vRK1T3bvSu2wDA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbmdre5gzYtSJFK-piQaL9KvwCcme0rFc9eqhhogBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQLtjfzbp6OyPqgDAaoE7gFP0MH0kXzSeUKXy-CPaWSWqNaTZOrMvVp0HkGLqX1aLbiO4XbXzH5CHKAg9a2pL_pMaoj1H7UtLRvOy3oEu5r4vwIPkmxCfrnREYX6Mj9WqcxF1r3EcdClZMfvDOWxMYjjMV2fiOOIeIySqPJGHxCa7CrAtoWauYWmDo-O3-K89l_zN-7YbQKfOQJs19Q9O-0hhtGBu5ihjv8cAT2vkIKu78DD16lEk8QiD60r8jc10z0DVbY1DjczXmGzndE4YPM6EAYnVO6moqACSd6I5FL0sqBITQbbQxcKnSoMJ3nmgxq5u1iuoFjZSLpIvUHdgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_04DDEXhZq359YFxJbqUUK6sxcNjg%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
080069b2dce01872cbc2bfcc0b6a2cd9b9a5b9fbb22fc1683ece0cea17aac96f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28989766
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
5106
expires
Thu, 16 Feb 2023 09:05:07 GMT
img
pix.eu.criteo.net/img/ Frame AD4C 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FM%2FlogoM-M-Software-GmbH-24210DE.gif%3Feb%3D1&v=3&w=400&s=Cv52b1v7srz8f7s6InZOWBw5&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAFBNQKwlSvAAr6C7Wf3l8tKt5G_N6MsQ&u=%7C53p4L%2Bu0rWNn4i3xCBKCIxYnCP%2FzJOWrZ%2B6D8H6ABdM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZaAgZ6Zq4A97VoyRtB5juWrbcTCGS5dG8n78RyvSsyonrnv6k0TN2Vw2r_H89DYzUrXZOjNvuLW31lxHy6-FkZboMzx3ZVxAMhxjPqpWNpcMHv0AuLjMFSxCiZzWxFxHo3-7SBq9y29En88DR45xIjItPZxf6LJOQBZh0fZIWdqUa2ll9xha5ZMkdSmEoAbOcQVwxKCzyGcmGvWwEadvbWDVpbAvwoxve1z8TZExayxcdXAviKINBd_XN5lupepBtibwGKOxQmQAM170gTU5KN3O4Ep684qGxIBDLK6IPL7uyvocqjQ7YrtvixP3_Nvke4R-EM55wfKDJGSs31b28EzobkZAVNQZI0T6iiposyj_b1AnKW3vRK1T3bvSu2wDA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbmdre5gzYtSJFK-piQaL9KvwCcme0rFc9eqhhogBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQLtjfzbp6OyPqgDAaoE7gFP0MH0kXzSeUKXy-CPaWSWqNaTZOrMvVp0HkGLqX1aLbiO4XbXzH5CHKAg9a2pL_pMaoj1H7UtLRvOy3oEu5r4vwIPkmxCfrnREYX6Mj9WqcxF1r3EcdClZMfvDOWxMYjjMV2fiOOIeIySqPJGHxCa7CrAtoWauYWmDo-O3-K89l_zN-7YbQKfOQJs19Q9O-0hhtGBu5ihjv8cAT2vkIKu78DD16lEk8QiD60r8jc10z0DVbY1DjczXmGzndE4YPM6EAYnVO6moqACSd6I5FL0sqBITQbbQxcKnSoMJ3nmgxq5u1iuoFjZSLpIvUHdgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_04DDEXhZq359YFxJbqUUK6sxcNjg%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
2f27f0a2ebcd6e8cb2b682750bcf5d073b033dbcecbca0b8431176609d889da2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
3214
expires
Sun, 12 Mar 2023 20:22:20 GMT
img
pix.eu.criteo.net/img/ Frame AD4C 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FS%2FlogoStadtwerke-Wertheim-GmbH-211714DE.gif%3Feb%3D1&v=3&w=400&s=lSL21Vu45OLGIwMg9Z3zZgyY&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAFBNQKwlSvAAr6C7Wf3l8tKt5G_N6MsQ&u=%7C53p4L%2Bu0rWNn4i3xCBKCIxYnCP%2FzJOWrZ%2B6D8H6ABdM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZaAgZ6Zq4A97VoyRtB5juWrbcTCGS5dG8n78RyvSsyonrnv6k0TN2Vw2r_H89DYzUrXZOjNvuLW31lxHy6-FkZboMzx3ZVxAMhxjPqpWNpcMHv0AuLjMFSxCiZzWxFxHo3-7SBq9y29En88DR45xIjItPZxf6LJOQBZh0fZIWdqUa2ll9xha5ZMkdSmEoAbOcQVwxKCzyGcmGvWwEadvbWDVpbAvwoxve1z8TZExayxcdXAviKINBd_XN5lupepBtibwGKOxQmQAM170gTU5KN3O4Ep684qGxIBDLK6IPL7uyvocqjQ7YrtvixP3_Nvke4R-EM55wfKDJGSs31b28EzobkZAVNQZI0T6iiposyj_b1AnKW3vRK1T3bvSu2wDA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbmdre5gzYtSJFK-piQaL9KvwCcme0rFc9eqhhogBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQLtjfzbp6OyPqgDAaoE7gFP0MH0kXzSeUKXy-CPaWSWqNaTZOrMvVp0HkGLqX1aLbiO4XbXzH5CHKAg9a2pL_pMaoj1H7UtLRvOy3oEu5r4vwIPkmxCfrnREYX6Mj9WqcxF1r3EcdClZMfvDOWxMYjjMV2fiOOIeIySqPJGHxCa7CrAtoWauYWmDo-O3-K89l_zN-7YbQKfOQJs19Q9O-0hhtGBu5ihjv8cAT2vkIKu78DD16lEk8QiD60r8jc10z0DVbY1DjczXmGzndE4YPM6EAYnVO6moqACSd6I5FL0sqBITQbbQxcKnSoMJ3nmgxq5u1iuoFjZSLpIvUHdgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_04DDEXhZq359YFxJbqUUK6sxcNjg%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e6f01f39a18148c0becb659547ac85f12fa2421747cc6ce0deee265a68886b25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2389223
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
2590
expires
Thu, 14 Apr 2022 12:02:44 GMT
all
csm.eu.criteo.net/ Frame AD4C 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=ZTyM_n8m309QXgpddEDXZKTgYTVxGHGCFo58u56IZbrv1cMTdDWtVwv5TEH_7x_OHPBzv0uMkQ7v5koF8NSlcgkZKgVBIB76vrS00E_GVsLwlJWfXsYhKctAM1g1NnJwvMn41ESC5uzvIAm__xCk5Uywm-I_HDUtLBOLjo1VOWt07QaTEGVWgjpR9l-fW8hLlHrFvEK_yuj5PQuZH79MmhtKqVAEdvEyyh9eUI4ArN-NpX9Swjad23DajRPPkrYETun3Rw&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAFBNQKwlSvAAr6C7Wf3l8tKt5G_N6MsQ&u=%7C53p4L%2Bu0rWNn4i3xCBKCIxYnCP%2FzJOWrZ%2B6D8H6ABdM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZaAgZ6Zq4A97VoyRtB5juWrbcTCGS5dG8n78RyvSsyonrnv6k0TN2Vw2r_H89DYzUrXZOjNvuLW31lxHy6-FkZboMzx3ZVxAMhxjPqpWNpcMHv0AuLjMFSxCiZzWxFxHo3-7SBq9y29En88DR45xIjItPZxf6LJOQBZh0fZIWdqUa2ll9xha5ZMkdSmEoAbOcQVwxKCzyGcmGvWwEadvbWDVpbAvwoxve1z8TZExayxcdXAviKINBd_XN5lupepBtibwGKOxQmQAM170gTU5KN3O4Ep684qGxIBDLK6IPL7uyvocqjQ7YrtvixP3_Nvke4R-EM55wfKDJGSs31b28EzobkZAVNQZI0T6iiposyj_b1AnKW3vRK1T3bvSu2wDA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbmdre5gzYtSJFK-piQaL9KvwCcme0rFc9eqhhogBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQLtjfzbp6OyPqgDAaoE7gFP0MH0kXzSeUKXy-CPaWSWqNaTZOrMvVp0HkGLqX1aLbiO4XbXzH5CHKAg9a2pL_pMaoj1H7UtLRvOy3oEu5r4vwIPkmxCfrnREYX6Mj9WqcxF1r3EcdClZMfvDOWxMYjjMV2fiOOIeIySqPJGHxCa7CrAtoWauYWmDo-O3-K89l_zN-7YbQKfOQJs19Q9O-0hhtGBu5ihjv8cAT2vkIKu78DD16lEk8QiD60r8jc10z0DVbY1DjczXmGzndE4YPM6EAYnVO6moqACSd6I5FL0sqBITQbbQxcKnSoMJ3nmgxq5u1iuoFjZSLpIvUHdgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_04DDEXhZq359YFxJbqUUK6sxcNjg%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 17 Mar 2022 20:22:20 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame AD4C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAFBNQKwlSvAAr6C7Wf3l8tKt5G_N6MsQ&u=%7C53p4L%2Bu0rWNn4i3xCBKCIxYnCP%2FzJOWrZ%2B6D8H6ABdM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZaAgZ6Zq4A97VoyRtB5juWrbcTCGS5dG8n78RyvSsyonrnv6k0TN2Vw2r_H89DYzUrXZOjNvuLW31lxHy6-FkZboMzx3ZVxAMhxjPqpWNpcMHv0AuLjMFSxCiZzWxFxHo3-7SBq9y29En88DR45xIjItPZxf6LJOQBZh0fZIWdqUa2ll9xha5ZMkdSmEoAbOcQVwxKCzyGcmGvWwEadvbWDVpbAvwoxve1z8TZExayxcdXAviKINBd_XN5lupepBtibwGKOxQmQAM170gTU5KN3O4Ep684qGxIBDLK6IPL7uyvocqjQ7YrtvixP3_Nvke4R-EM55wfKDJGSs31b28EzobkZAVNQZI0T6iiposyj_b1AnKW3vRK1T3bvSu2wDA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbmdre5gzYtSJFK-piQaL9KvwCcme0rFc9eqhhogBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQLtjfzbp6OyPqgDAaoE7gFP0MH0kXzSeUKXy-CPaWSWqNaTZOrMvVp0HkGLqX1aLbiO4XbXzH5CHKAg9a2pL_pMaoj1H7UtLRvOy3oEu5r4vwIPkmxCfrnREYX6Mj9WqcxF1r3EcdClZMfvDOWxMYjjMV2fiOOIeIySqPJGHxCa7CrAtoWauYWmDo-O3-K89l_zN-7YbQKfOQJs19Q9O-0hhtGBu5ihjv8cAT2vkIKu78DD16lEk8QiD60r8jc10z0DVbY1DjczXmGzndE4YPM6EAYnVO6moqACSd6I5FL0sqBITQbbQxcKnSoMJ3nmgxq5u1iuoFjZSLpIvUHdgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_04DDEXhZq359YFxJbqUUK6sxcNjg%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Mar 2023 20:22:20 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame AD4C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAFBNQKwlSvAAr6C7Wf3l8tKt5G_N6MsQ&u=%7C53p4L%2Bu0rWNn4i3xCBKCIxYnCP%2FzJOWrZ%2B6D8H6ABdM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZaAgZ6Zq4A97VoyRtB5juWrbcTCGS5dG8n78RyvSsyonrnv6k0TN2Vw2r_H89DYzUrXZOjNvuLW31lxHy6-FkZboMzx3ZVxAMhxjPqpWNpcMHv0AuLjMFSxCiZzWxFxHo3-7SBq9y29En88DR45xIjItPZxf6LJOQBZh0fZIWdqUa2ll9xha5ZMkdSmEoAbOcQVwxKCzyGcmGvWwEadvbWDVpbAvwoxve1z8TZExayxcdXAviKINBd_XN5lupepBtibwGKOxQmQAM170gTU5KN3O4Ep684qGxIBDLK6IPL7uyvocqjQ7YrtvixP3_Nvke4R-EM55wfKDJGSs31b28EzobkZAVNQZI0T6iiposyj_b1AnKW3vRK1T3bvSu2wDA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbmdre5gzYtSJFK-piQaL9KvwCcme0rFc9eqhhogBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQLtjfzbp6OyPqgDAaoE7gFP0MH0kXzSeUKXy-CPaWSWqNaTZOrMvVp0HkGLqX1aLbiO4XbXzH5CHKAg9a2pL_pMaoj1H7UtLRvOy3oEu5r4vwIPkmxCfrnREYX6Mj9WqcxF1r3EcdClZMfvDOWxMYjjMV2fiOOIeIySqPJGHxCa7CrAtoWauYWmDo-O3-K89l_zN-7YbQKfOQJs19Q9O-0hhtGBu5ihjv8cAT2vkIKu78DD16lEk8QiD60r8jc10z0DVbY1DjczXmGzndE4YPM6EAYnVO6moqACSd6I5FL0sqBITQbbQxcKnSoMJ3nmgxq5u1iuoFjZSLpIvUHdgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_04DDEXhZq359YFxJbqUUK6sxcNjg%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Mar 2023 20:22:20 GMT
timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ Frame 6DB9 		53 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE4) /
Resource Hash
8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 20:22:20 GMT
Content-Encoding
gzip
Age
164808
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length
12144
x-tw-cdn
VZ
Last-Modified
Wed, 16 Feb 2022 18:36:21 GMT
Server
ECS (mil/6CE4)
Etag
"fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE4) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 20:22:20 GMT
Content-Encoding
gzip
Age
164808
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length
12144
x-tw-cdn
VZ
Last-Modified
Wed, 16 Feb 2022 18:36:21 GMT
Server
ECS (mil/6CE4)
Etag
"fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
animejs.js
static.criteo.net/animejs/ Frame 6051 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEVU8CHkaPAAyfC9FjAq2If5WfIw0mCw&u=%7C53p4L%2Bu0rWM%2BTsyFqirdRWCTyUNie9PYtftzCAkF%2FHg%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZ70Q6dia6bMfzyoS-aYT9Fx4ee-Awz8y4_TTAPGhvJRXzrsiDKrq10REObWzELP_66DRq458QX0gR7eWxdPlXaZT8SKOEAclUUMGNM4GccGo52zFKHTXtnRSBR_VaLD5HZz1rspDQQOPIas2FB3_qR3ucekWhQ3wBlBlpmLLI6lY8kJpG-2SSo8ym0EuloqJ8YqIHZWStKAUx7MstTKUveKWp3ebuPatzWy2OpKSii5Wq9iecsK1HbsxygoON7JxHchBWTeYTKiYqpijra0ZYqEVqla3op5K2v3ViApRk-kwLXOpxzE-5O-Prm8PDlPT3x98ccdxl4OkQiEwFLZOIyucCPg0RpEm_R4-QgIw7G0V87g5abZfPR&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-apqe5gzYs-qEY-N-cAPi76ymALJntKxXPXalvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQLtjfzbp6OyPqgDAaoE7gFP0G06ASU2uAT6jyKaLDBf3wKKz9gfNsbNvu4YSslJ4YhVMHE1AdtR78-YQsfhFFnMLcPLIYC8Hdm4ds1aR-OEUmPWaD7ENAD4uibJ3nXH33UvJkqlmjaOCHuS-iAylKPq295eVF2lfQP-m5twGXQzVSWPUIgKgULHblqNu8unWL5Uki6YA6NU8VqO41iLCI4kQV5PfJEhxnRVZEqxT1tAGm3q-IuzIwd8RlQJT8ulpCGpzzC_uEva2NhqlFa78TLb98o13LmDiciOk9vIgNAPZc33oUvgDhaPA--Ezm-M39V6ewH5Twtk1WhVTZUpgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0boZxqM0isbECGkIQIvkt8Dlw7Cg%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Mar 2023 20:22:20 GMT
img
pix.eu.criteo.net/img/ Frame 6051 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=396&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=196&s=Xzn5qn-PjNhsYf6Tg2wBNgno
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEVU8CHkaPAAyfC9FjAq2If5WfIw0mCw&u=%7C53p4L%2Bu0rWM%2BTsyFqirdRWCTyUNie9PYtftzCAkF%2FHg%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZ70Q6dia6bMfzyoS-aYT9Fx4ee-Awz8y4_TTAPGhvJRXzrsiDKrq10REObWzELP_66DRq458QX0gR7eWxdPlXaZT8SKOEAclUUMGNM4GccGo52zFKHTXtnRSBR_VaLD5HZz1rspDQQOPIas2FB3_qR3ucekWhQ3wBlBlpmLLI6lY8kJpG-2SSo8ym0EuloqJ8YqIHZWStKAUx7MstTKUveKWp3ebuPatzWy2OpKSii5Wq9iecsK1HbsxygoON7JxHchBWTeYTKiYqpijra0ZYqEVqla3op5K2v3ViApRk-kwLXOpxzE-5O-Prm8PDlPT3x98ccdxl4OkQiEwFLZOIyucCPg0RpEm_R4-QgIw7G0V87g5abZfPR&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-apqe5gzYs-qEY-N-cAPi76ymALJntKxXPXalvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQLtjfzbp6OyPqgDAaoE7gFP0G06ASU2uAT6jyKaLDBf3wKKz9gfNsbNvu4YSslJ4YhVMHE1AdtR78-YQsfhFFnMLcPLIYC8Hdm4ds1aR-OEUmPWaD7ENAD4uibJ3nXH33UvJkqlmjaOCHuS-iAylKPq295eVF2lfQP-m5twGXQzVSWPUIgKgULHblqNu8unWL5Uki6YA6NU8VqO41iLCI4kQV5PfJEhxnRVZEqxT1tAGm3q-IuzIwd8RlQJT8ulpCGpzzC_uEva2NhqlFa78TLb98o13LmDiciOk9vIgNAPZc33oUvgDhaPA--Ezm-M39V6ewH5Twtk1WhVTZUpgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0boZxqM0isbECGkIQIvkt8Dlw7Cg%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
080069b2dce01872cbc2bfcc0b6a2cd9b9a5b9fbb22fc1683ece0cea17aac96f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28989766
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
5106
expires
Thu, 16 Feb 2023 09:05:07 GMT
img
pix.eu.criteo.net/img/ Frame 6051 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FT%2Flogotesa-SE-73709DE.gif%3Feb%3D1&v=3&w=400&s=x_XrGTJUeLDq-9DOX_IUad__&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEVU8CHkaPAAyfC9FjAq2If5WfIw0mCw&u=%7C53p4L%2Bu0rWM%2BTsyFqirdRWCTyUNie9PYtftzCAkF%2FHg%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZ70Q6dia6bMfzyoS-aYT9Fx4ee-Awz8y4_TTAPGhvJRXzrsiDKrq10REObWzELP_66DRq458QX0gR7eWxdPlXaZT8SKOEAclUUMGNM4GccGo52zFKHTXtnRSBR_VaLD5HZz1rspDQQOPIas2FB3_qR3ucekWhQ3wBlBlpmLLI6lY8kJpG-2SSo8ym0EuloqJ8YqIHZWStKAUx7MstTKUveKWp3ebuPatzWy2OpKSii5Wq9iecsK1HbsxygoON7JxHchBWTeYTKiYqpijra0ZYqEVqla3op5K2v3ViApRk-kwLXOpxzE-5O-Prm8PDlPT3x98ccdxl4OkQiEwFLZOIyucCPg0RpEm_R4-QgIw7G0V87g5abZfPR&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-apqe5gzYs-qEY-N-cAPi76ymALJntKxXPXalvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQLtjfzbp6OyPqgDAaoE7gFP0G06ASU2uAT6jyKaLDBf3wKKz9gfNsbNvu4YSslJ4YhVMHE1AdtR78-YQsfhFFnMLcPLIYC8Hdm4ds1aR-OEUmPWaD7ENAD4uibJ3nXH33UvJkqlmjaOCHuS-iAylKPq295eVF2lfQP-m5twGXQzVSWPUIgKgULHblqNu8unWL5Uki6YA6NU8VqO41iLCI4kQV5PfJEhxnRVZEqxT1tAGm3q-IuzIwd8RlQJT8ulpCGpzzC_uEva2NhqlFa78TLb98o13LmDiciOk9vIgNAPZc33oUvgDhaPA--Ezm-M39V6ewH5Twtk1WhVTZUpgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0boZxqM0isbECGkIQIvkt8Dlw7Cg%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
1c4fe0cc424c39e9c4797b25e8a4fda45cf96ca81c0c5d799144e21fba76a477
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1982
expires
Sun, 12 Mar 2023 20:22:20 GMT
img
pix.eu.criteo.net/img/ Frame 6051 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F2%2FlogoCoroplast-Fritz-Muller-GmbH-Co-KG-30584DE-2007220954.gif%3Feb%3D1&v=3&w=400&s=dDSl07gOS-0dwERLeszgubI9&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEVU8CHkaPAAyfC9FjAq2If5WfIw0mCw&u=%7C53p4L%2Bu0rWM%2BTsyFqirdRWCTyUNie9PYtftzCAkF%2FHg%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZ70Q6dia6bMfzyoS-aYT9Fx4ee-Awz8y4_TTAPGhvJRXzrsiDKrq10REObWzELP_66DRq458QX0gR7eWxdPlXaZT8SKOEAclUUMGNM4GccGo52zFKHTXtnRSBR_VaLD5HZz1rspDQQOPIas2FB3_qR3ucekWhQ3wBlBlpmLLI6lY8kJpG-2SSo8ym0EuloqJ8YqIHZWStKAUx7MstTKUveKWp3ebuPatzWy2OpKSii5Wq9iecsK1HbsxygoON7JxHchBWTeYTKiYqpijra0ZYqEVqla3op5K2v3ViApRk-kwLXOpxzE-5O-Prm8PDlPT3x98ccdxl4OkQiEwFLZOIyucCPg0RpEm_R4-QgIw7G0V87g5abZfPR&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-apqe5gzYs-qEY-N-cAPi76ymALJntKxXPXalvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQLtjfzbp6OyPqgDAaoE7gFP0G06ASU2uAT6jyKaLDBf3wKKz9gfNsbNvu4YSslJ4YhVMHE1AdtR78-YQsfhFFnMLcPLIYC8Hdm4ds1aR-OEUmPWaD7ENAD4uibJ3nXH33UvJkqlmjaOCHuS-iAylKPq295eVF2lfQP-m5twGXQzVSWPUIgKgULHblqNu8unWL5Uki6YA6NU8VqO41iLCI4kQV5PfJEhxnRVZEqxT1tAGm3q-IuzIwd8RlQJT8ulpCGpzzC_uEva2NhqlFa78TLb98o13LmDiciOk9vIgNAPZc33oUvgDhaPA--Ezm-M39V6ewH5Twtk1WhVTZUpgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0boZxqM0isbECGkIQIvkt8Dlw7Cg%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
38fae82219b536c5750f7d9df69c2fe43bcc231b0d2ae3444704e095108f0c46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1001818
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
6352
expires
Tue, 29 Mar 2022 10:39:19 GMT
img
pix.eu.criteo.net/img/ Frame 6051 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F8%2FlogoCapgemini-Invent-22500DE-2108181202.gif%3Feb%3D1&v=3&w=400&s=PFekcj3JZYAeSQ7huNKuc3SC&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEVU8CHkaPAAyfC9FjAq2If5WfIw0mCw&u=%7C53p4L%2Bu0rWM%2BTsyFqirdRWCTyUNie9PYtftzCAkF%2FHg%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZ70Q6dia6bMfzyoS-aYT9Fx4ee-Awz8y4_TTAPGhvJRXzrsiDKrq10REObWzELP_66DRq458QX0gR7eWxdPlXaZT8SKOEAclUUMGNM4GccGo52zFKHTXtnRSBR_VaLD5HZz1rspDQQOPIas2FB3_qR3ucekWhQ3wBlBlpmLLI6lY8kJpG-2SSo8ym0EuloqJ8YqIHZWStKAUx7MstTKUveKWp3ebuPatzWy2OpKSii5Wq9iecsK1HbsxygoON7JxHchBWTeYTKiYqpijra0ZYqEVqla3op5K2v3ViApRk-kwLXOpxzE-5O-Prm8PDlPT3x98ccdxl4OkQiEwFLZOIyucCPg0RpEm_R4-QgIw7G0V87g5abZfPR&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-apqe5gzYs-qEY-N-cAPi76ymALJntKxXPXalvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQLtjfzbp6OyPqgDAaoE7gFP0G06ASU2uAT6jyKaLDBf3wKKz9gfNsbNvu4YSslJ4YhVMHE1AdtR78-YQsfhFFnMLcPLIYC8Hdm4ds1aR-OEUmPWaD7ENAD4uibJ3nXH33UvJkqlmjaOCHuS-iAylKPq295eVF2lfQP-m5twGXQzVSWPUIgKgULHblqNu8unWL5Uki6YA6NU8VqO41iLCI4kQV5PfJEhxnRVZEqxT1tAGm3q-IuzIwd8RlQJT8ulpCGpzzC_uEva2NhqlFa78TLb98o13LmDiciOk9vIgNAPZc33oUvgDhaPA--Ezm-M39V6ewH5Twtk1WhVTZUpgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0boZxqM0isbECGkIQIvkt8Dlw7Cg%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
28dd16c670efe7d607a46f8232d78b0c8470d2b9395042a6cd18254f6fcc4199
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2195473
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1482
expires
Tue, 12 Apr 2022 06:13:33 GMT
img
pix.eu.criteo.net/img/ Frame 6051 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FR%2FlogoRohde-Schwarz-Cybersecurity-GmbH-171555DE.gif%3Feb%3D1&v=3&w=400&s=qv2CTmtIW0KgtnhgJOFkv3GY&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEVU8CHkaPAAyfC9FjAq2If5WfIw0mCw&u=%7C53p4L%2Bu0rWM%2BTsyFqirdRWCTyUNie9PYtftzCAkF%2FHg%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZ70Q6dia6bMfzyoS-aYT9Fx4ee-Awz8y4_TTAPGhvJRXzrsiDKrq10REObWzELP_66DRq458QX0gR7eWxdPlXaZT8SKOEAclUUMGNM4GccGo52zFKHTXtnRSBR_VaLD5HZz1rspDQQOPIas2FB3_qR3ucekWhQ3wBlBlpmLLI6lY8kJpG-2SSo8ym0EuloqJ8YqIHZWStKAUx7MstTKUveKWp3ebuPatzWy2OpKSii5Wq9iecsK1HbsxygoON7JxHchBWTeYTKiYqpijra0ZYqEVqla3op5K2v3ViApRk-kwLXOpxzE-5O-Prm8PDlPT3x98ccdxl4OkQiEwFLZOIyucCPg0RpEm_R4-QgIw7G0V87g5abZfPR&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-apqe5gzYs-qEY-N-cAPi76ymALJntKxXPXalvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQLtjfzbp6OyPqgDAaoE7gFP0G06ASU2uAT6jyKaLDBf3wKKz9gfNsbNvu4YSslJ4YhVMHE1AdtR78-YQsfhFFnMLcPLIYC8Hdm4ds1aR-OEUmPWaD7ENAD4uibJ3nXH33UvJkqlmjaOCHuS-iAylKPq295eVF2lfQP-m5twGXQzVSWPUIgKgULHblqNu8unWL5Uki6YA6NU8VqO41iLCI4kQV5PfJEhxnRVZEqxT1tAGm3q-IuzIwd8RlQJT8ulpCGpzzC_uEva2NhqlFa78TLb98o13LmDiciOk9vIgNAPZc33oUvgDhaPA--Ezm-M39V6ewH5Twtk1WhVTZUpgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0boZxqM0isbECGkIQIvkt8Dlw7Cg%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
31844a6a9bdbed5ea86ca5f91a6837fdf9fad712f9f163a98d2f053b6727efcc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2135229
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1066
expires
Mon, 11 Apr 2022 13:29:29 GMT
img
pix.eu.criteo.net/img/ Frame 6051 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoDr._Oetker_Tiefk%25C3%25BChlprodukte_KG_Wittlich_69120DE.gif%3Feb%3D1&v=3&w=400&s=OMxEI_EPnsWhT0o5hg80Ua7h&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEVU8CHkaPAAyfC9FjAq2If5WfIw0mCw&u=%7C53p4L%2Bu0rWM%2BTsyFqirdRWCTyUNie9PYtftzCAkF%2FHg%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZ70Q6dia6bMfzyoS-aYT9Fx4ee-Awz8y4_TTAPGhvJRXzrsiDKrq10REObWzELP_66DRq458QX0gR7eWxdPlXaZT8SKOEAclUUMGNM4GccGo52zFKHTXtnRSBR_VaLD5HZz1rspDQQOPIas2FB3_qR3ucekWhQ3wBlBlpmLLI6lY8kJpG-2SSo8ym0EuloqJ8YqIHZWStKAUx7MstTKUveKWp3ebuPatzWy2OpKSii5Wq9iecsK1HbsxygoON7JxHchBWTeYTKiYqpijra0ZYqEVqla3op5K2v3ViApRk-kwLXOpxzE-5O-Prm8PDlPT3x98ccdxl4OkQiEwFLZOIyucCPg0RpEm_R4-QgIw7G0V87g5abZfPR&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-apqe5gzYs-qEY-N-cAPi76ymALJntKxXPXalvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQLtjfzbp6OyPqgDAaoE7gFP0G06ASU2uAT6jyKaLDBf3wKKz9gfNsbNvu4YSslJ4YhVMHE1AdtR78-YQsfhFFnMLcPLIYC8Hdm4ds1aR-OEUmPWaD7ENAD4uibJ3nXH33UvJkqlmjaOCHuS-iAylKPq295eVF2lfQP-m5twGXQzVSWPUIgKgULHblqNu8unWL5Uki6YA6NU8VqO41iLCI4kQV5PfJEhxnRVZEqxT1tAGm3q-IuzIwd8RlQJT8ulpCGpzzC_uEva2NhqlFa78TLb98o13LmDiciOk9vIgNAPZc33oUvgDhaPA--Ezm-M39V6ewH5Twtk1WhVTZUpgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0boZxqM0isbECGkIQIvkt8Dlw7Cg%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
edde818ca482b250fccc4de7d39fdcb1ef84160168fbb746861b18510b7d06a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
2324
expires
Sun, 12 Mar 2023 20:22:20 GMT
img
pix.eu.criteo.net/img/ Frame 6051 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FZ%2FlogoZEISS-3427DE.gif%3Feb%3D1&v=3&w=400&s=57jpJpXqQqO6aPmte_wy5ihf&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEVU8CHkaPAAyfC9FjAq2If5WfIw0mCw&u=%7C53p4L%2Bu0rWM%2BTsyFqirdRWCTyUNie9PYtftzCAkF%2FHg%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZ70Q6dia6bMfzyoS-aYT9Fx4ee-Awz8y4_TTAPGhvJRXzrsiDKrq10REObWzELP_66DRq458QX0gR7eWxdPlXaZT8SKOEAclUUMGNM4GccGo52zFKHTXtnRSBR_VaLD5HZz1rspDQQOPIas2FB3_qR3ucekWhQ3wBlBlpmLLI6lY8kJpG-2SSo8ym0EuloqJ8YqIHZWStKAUx7MstTKUveKWp3ebuPatzWy2OpKSii5Wq9iecsK1HbsxygoON7JxHchBWTeYTKiYqpijra0ZYqEVqla3op5K2v3ViApRk-kwLXOpxzE-5O-Prm8PDlPT3x98ccdxl4OkQiEwFLZOIyucCPg0RpEm_R4-QgIw7G0V87g5abZfPR&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-apqe5gzYs-qEY-N-cAPi76ymALJntKxXPXalvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQLtjfzbp6OyPqgDAaoE7gFP0G06ASU2uAT6jyKaLDBf3wKKz9gfNsbNvu4YSslJ4YhVMHE1AdtR78-YQsfhFFnMLcPLIYC8Hdm4ds1aR-OEUmPWaD7ENAD4uibJ3nXH33UvJkqlmjaOCHuS-iAylKPq295eVF2lfQP-m5twGXQzVSWPUIgKgULHblqNu8unWL5Uki6YA6NU8VqO41iLCI4kQV5PfJEhxnRVZEqxT1tAGm3q-IuzIwd8RlQJT8ulpCGpzzC_uEva2NhqlFa78TLb98o13LmDiciOk9vIgNAPZc33oUvgDhaPA--Ezm-M39V6ewH5Twtk1WhVTZUpgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0boZxqM0isbECGkIQIvkt8Dlw7Cg%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
a6c11502463f3445d37d3184cef1016bb3c77dbc12b88636788632bfe5e87b98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2561901
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1244
expires
Sat, 16 Apr 2022 12:00:42 GMT
img
pix.eu.criteo.net/img/ Frame 6051 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FM%2FlogoM-M-Software-GmbH-24210DE.gif%3Feb%3D1&v=3&w=400&s=Cv52b1v7srz8f7s6InZOWBw5&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEVU8CHkaPAAyfC9FjAq2If5WfIw0mCw&u=%7C53p4L%2Bu0rWM%2BTsyFqirdRWCTyUNie9PYtftzCAkF%2FHg%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZ70Q6dia6bMfzyoS-aYT9Fx4ee-Awz8y4_TTAPGhvJRXzrsiDKrq10REObWzELP_66DRq458QX0gR7eWxdPlXaZT8SKOEAclUUMGNM4GccGo52zFKHTXtnRSBR_VaLD5HZz1rspDQQOPIas2FB3_qR3ucekWhQ3wBlBlpmLLI6lY8kJpG-2SSo8ym0EuloqJ8YqIHZWStKAUx7MstTKUveKWp3ebuPatzWy2OpKSii5Wq9iecsK1HbsxygoON7JxHchBWTeYTKiYqpijra0ZYqEVqla3op5K2v3ViApRk-kwLXOpxzE-5O-Prm8PDlPT3x98ccdxl4OkQiEwFLZOIyucCPg0RpEm_R4-QgIw7G0V87g5abZfPR&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-apqe5gzYs-qEY-N-cAPi76ymALJntKxXPXalvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQLtjfzbp6OyPqgDAaoE7gFP0G06ASU2uAT6jyKaLDBf3wKKz9gfNsbNvu4YSslJ4YhVMHE1AdtR78-YQsfhFFnMLcPLIYC8Hdm4ds1aR-OEUmPWaD7ENAD4uibJ3nXH33UvJkqlmjaOCHuS-iAylKPq295eVF2lfQP-m5twGXQzVSWPUIgKgULHblqNu8unWL5Uki6YA6NU8VqO41iLCI4kQV5PfJEhxnRVZEqxT1tAGm3q-IuzIwd8RlQJT8ulpCGpzzC_uEva2NhqlFa78TLb98o13LmDiciOk9vIgNAPZc33oUvgDhaPA--Ezm-M39V6ewH5Twtk1WhVTZUpgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0boZxqM0isbECGkIQIvkt8Dlw7Cg%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
2f27f0a2ebcd6e8cb2b682750bcf5d073b033dbcecbca0b8431176609d889da2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
3214
expires
Sun, 12 Mar 2023 20:22:20 GMT
img
pix.eu.criteo.net/img/ Frame 6051 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F9%2FlogoB-S-GmbH-Logistik-und-Dienstleistungen-102868DE-2005221026.gif%3Feb%3D1&v=3&w=400&s=x8LJwOgK24se6SXZtiiubrAc&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEVU8CHkaPAAyfC9FjAq2If5WfIw0mCw&u=%7C53p4L%2Bu0rWM%2BTsyFqirdRWCTyUNie9PYtftzCAkF%2FHg%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZ70Q6dia6bMfzyoS-aYT9Fx4ee-Awz8y4_TTAPGhvJRXzrsiDKrq10REObWzELP_66DRq458QX0gR7eWxdPlXaZT8SKOEAclUUMGNM4GccGo52zFKHTXtnRSBR_VaLD5HZz1rspDQQOPIas2FB3_qR3ucekWhQ3wBlBlpmLLI6lY8kJpG-2SSo8ym0EuloqJ8YqIHZWStKAUx7MstTKUveKWp3ebuPatzWy2OpKSii5Wq9iecsK1HbsxygoON7JxHchBWTeYTKiYqpijra0ZYqEVqla3op5K2v3ViApRk-kwLXOpxzE-5O-Prm8PDlPT3x98ccdxl4OkQiEwFLZOIyucCPg0RpEm_R4-QgIw7G0V87g5abZfPR&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-apqe5gzYs-qEY-N-cAPi76ymALJntKxXPXalvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQLtjfzbp6OyPqgDAaoE7gFP0G06ASU2uAT6jyKaLDBf3wKKz9gfNsbNvu4YSslJ4YhVMHE1AdtR78-YQsfhFFnMLcPLIYC8Hdm4ds1aR-OEUmPWaD7ENAD4uibJ3nXH33UvJkqlmjaOCHuS-iAylKPq295eVF2lfQP-m5twGXQzVSWPUIgKgULHblqNu8unWL5Uki6YA6NU8VqO41iLCI4kQV5PfJEhxnRVZEqxT1tAGm3q-IuzIwd8RlQJT8ulpCGpzzC_uEva2NhqlFa78TLb98o13LmDiciOk9vIgNAPZc33oUvgDhaPA--Ezm-M39V6ewH5Twtk1WhVTZUpgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0boZxqM0isbECGkIQIvkt8Dlw7Cg%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
6e0a3942f9b558837e55277eb4079684a5a275fd7a24a48ba5efcae25a33f48c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2208259
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
7262
expires
Tue, 12 Apr 2022 09:46:40 GMT
img
pix.eu.criteo.net/img/ Frame 6051 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FC%2FlogoClariant-SE-33091DE.gif%3Feb%3D1&v=3&w=400&s=5TF0a7BE9e9jVm_j0BiCNnBP&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEVU8CHkaPAAyfC9FjAq2If5WfIw0mCw&u=%7C53p4L%2Bu0rWM%2BTsyFqirdRWCTyUNie9PYtftzCAkF%2FHg%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZ70Q6dia6bMfzyoS-aYT9Fx4ee-Awz8y4_TTAPGhvJRXzrsiDKrq10REObWzELP_66DRq458QX0gR7eWxdPlXaZT8SKOEAclUUMGNM4GccGo52zFKHTXtnRSBR_VaLD5HZz1rspDQQOPIas2FB3_qR3ucekWhQ3wBlBlpmLLI6lY8kJpG-2SSo8ym0EuloqJ8YqIHZWStKAUx7MstTKUveKWp3ebuPatzWy2OpKSii5Wq9iecsK1HbsxygoON7JxHchBWTeYTKiYqpijra0ZYqEVqla3op5K2v3ViApRk-kwLXOpxzE-5O-Prm8PDlPT3x98ccdxl4OkQiEwFLZOIyucCPg0RpEm_R4-QgIw7G0V87g5abZfPR&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-apqe5gzYs-qEY-N-cAPi76ymALJntKxXPXalvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQLtjfzbp6OyPqgDAaoE7gFP0G06ASU2uAT6jyKaLDBf3wKKz9gfNsbNvu4YSslJ4YhVMHE1AdtR78-YQsfhFFnMLcPLIYC8Hdm4ds1aR-OEUmPWaD7ENAD4uibJ3nXH33UvJkqlmjaOCHuS-iAylKPq295eVF2lfQP-m5twGXQzVSWPUIgKgULHblqNu8unWL5Uki6YA6NU8VqO41iLCI4kQV5PfJEhxnRVZEqxT1tAGm3q-IuzIwd8RlQJT8ulpCGpzzC_uEva2NhqlFa78TLb98o13LmDiciOk9vIgNAPZc33oUvgDhaPA--Ezm-M39V6ewH5Twtk1WhVTZUpgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0boZxqM0isbECGkIQIvkt8Dlw7Cg%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
bea003cfb20cb7a02f3d991a04b53d78142076475ec00f981d55147421a7f753
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2203972
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1154
expires
Tue, 12 Apr 2022 08:35:13 GMT
all
csm.eu.criteo.net/ Frame 6051 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=N6fIxX8m309QXgpdVjm3Rsyllzf2QZNL5WT8kWomWYT2mwi6CEHo3VrMjRRYOVgL6LQA4_a9eYDOAGQCrlpJO8tTqTGOyTKf0A9wOPiiujCwZKYfk0zauZOTO9C_k_ZtNwGzVYnr3KpPFEkXPE1iljoxETq6nxeQ73g1Y5IiDc8GIWVnillAaPgJh-WsfDNCwcKKDqMEAjp0dOnNNV_jSUjwM0bVGPz4lBEohH_Fm7m9cQHT26Lo_n7RnXF9YyfTAPOU3A&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEVU8CHkaPAAyfC9FjAq2If5WfIw0mCw&u=%7C53p4L%2Bu0rWM%2BTsyFqirdRWCTyUNie9PYtftzCAkF%2FHg%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZ70Q6dia6bMfzyoS-aYT9Fx4ee-Awz8y4_TTAPGhvJRXzrsiDKrq10REObWzELP_66DRq458QX0gR7eWxdPlXaZT8SKOEAclUUMGNM4GccGo52zFKHTXtnRSBR_VaLD5HZz1rspDQQOPIas2FB3_qR3ucekWhQ3wBlBlpmLLI6lY8kJpG-2SSo8ym0EuloqJ8YqIHZWStKAUx7MstTKUveKWp3ebuPatzWy2OpKSii5Wq9iecsK1HbsxygoON7JxHchBWTeYTKiYqpijra0ZYqEVqla3op5K2v3ViApRk-kwLXOpxzE-5O-Prm8PDlPT3x98ccdxl4OkQiEwFLZOIyucCPg0RpEm_R4-QgIw7G0V87g5abZfPR&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-apqe5gzYs-qEY-N-cAPi76ymALJntKxXPXalvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQLtjfzbp6OyPqgDAaoE7gFP0G06ASU2uAT6jyKaLDBf3wKKz9gfNsbNvu4YSslJ4YhVMHE1AdtR78-YQsfhFFnMLcPLIYC8Hdm4ds1aR-OEUmPWaD7ENAD4uibJ3nXH33UvJkqlmjaOCHuS-iAylKPq295eVF2lfQP-m5twGXQzVSWPUIgKgULHblqNu8unWL5Uki6YA6NU8VqO41iLCI4kQV5PfJEhxnRVZEqxT1tAGm3q-IuzIwd8RlQJT8ulpCGpzzC_uEva2NhqlFa78TLb98o13LmDiciOk9vIgNAPZc33oUvgDhaPA--Ezm-M39V6ewH5Twtk1WhVTZUpgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0boZxqM0isbECGkIQIvkt8Dlw7Cg%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 17 Mar 2022 20:22:20 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 6051 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEVU8CHkaPAAyfC9FjAq2If5WfIw0mCw&u=%7C53p4L%2Bu0rWM%2BTsyFqirdRWCTyUNie9PYtftzCAkF%2FHg%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZ70Q6dia6bMfzyoS-aYT9Fx4ee-Awz8y4_TTAPGhvJRXzrsiDKrq10REObWzELP_66DRq458QX0gR7eWxdPlXaZT8SKOEAclUUMGNM4GccGo52zFKHTXtnRSBR_VaLD5HZz1rspDQQOPIas2FB3_qR3ucekWhQ3wBlBlpmLLI6lY8kJpG-2SSo8ym0EuloqJ8YqIHZWStKAUx7MstTKUveKWp3ebuPatzWy2OpKSii5Wq9iecsK1HbsxygoON7JxHchBWTeYTKiYqpijra0ZYqEVqla3op5K2v3ViApRk-kwLXOpxzE-5O-Prm8PDlPT3x98ccdxl4OkQiEwFLZOIyucCPg0RpEm_R4-QgIw7G0V87g5abZfPR&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-apqe5gzYs-qEY-N-cAPi76ymALJntKxXPXalvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQLtjfzbp6OyPqgDAaoE7gFP0G06ASU2uAT6jyKaLDBf3wKKz9gfNsbNvu4YSslJ4YhVMHE1AdtR78-YQsfhFFnMLcPLIYC8Hdm4ds1aR-OEUmPWaD7ENAD4uibJ3nXH33UvJkqlmjaOCHuS-iAylKPq295eVF2lfQP-m5twGXQzVSWPUIgKgULHblqNu8unWL5Uki6YA6NU8VqO41iLCI4kQV5PfJEhxnRVZEqxT1tAGm3q-IuzIwd8RlQJT8ulpCGpzzC_uEva2NhqlFa78TLb98o13LmDiciOk9vIgNAPZc33oUvgDhaPA--Ezm-M39V6ewH5Twtk1WhVTZUpgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0boZxqM0isbECGkIQIvkt8Dlw7Cg%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Mar 2023 20:22:20 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 6051 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEVU8CHkaPAAyfC9FjAq2If5WfIw0mCw&u=%7C53p4L%2Bu0rWM%2BTsyFqirdRWCTyUNie9PYtftzCAkF%2FHg%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZ70Q6dia6bMfzyoS-aYT9Fx4ee-Awz8y4_TTAPGhvJRXzrsiDKrq10REObWzELP_66DRq458QX0gR7eWxdPlXaZT8SKOEAclUUMGNM4GccGo52zFKHTXtnRSBR_VaLD5HZz1rspDQQOPIas2FB3_qR3ucekWhQ3wBlBlpmLLI6lY8kJpG-2SSo8ym0EuloqJ8YqIHZWStKAUx7MstTKUveKWp3ebuPatzWy2OpKSii5Wq9iecsK1HbsxygoON7JxHchBWTeYTKiYqpijra0ZYqEVqla3op5K2v3ViApRk-kwLXOpxzE-5O-Prm8PDlPT3x98ccdxl4OkQiEwFLZOIyucCPg0RpEm_R4-QgIw7G0V87g5abZfPR&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-apqe5gzYs-qEY-N-cAPi76ymALJntKxXPXalvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQLtjfzbp6OyPqgDAaoE7gFP0G06ASU2uAT6jyKaLDBf3wKKz9gfNsbNvu4YSslJ4YhVMHE1AdtR78-YQsfhFFnMLcPLIYC8Hdm4ds1aR-OEUmPWaD7ENAD4uibJ3nXH33UvJkqlmjaOCHuS-iAylKPq295eVF2lfQP-m5twGXQzVSWPUIgKgULHblqNu8unWL5Uki6YA6NU8VqO41iLCI4kQV5PfJEhxnRVZEqxT1tAGm3q-IuzIwd8RlQJT8ulpCGpzzC_uEva2NhqlFa78TLb98o13LmDiciOk9vIgNAPZc33oUvgDhaPA--Ezm-M39V6ewH5Twtk1WhVTZUpgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0boZxqM0isbECGkIQIvkt8Dlw7Cg%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Mar 2023 20:22:20 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 924A 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEavYKGRsCAA0K8fBPL5xdFtQ0QUk4Yw&u=%7C53p4L%2Bu0rWOy%2F1rxsRFMKk8g3%2FwCUHl5uNb%2FH5tIBVw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfbhC2m1A6WTTEufLo8HoGRYa45YGGUAqy4AywvQ9yT2o3NG4NRf_zk2AHO8p_D4_vw6pd7lHRffu6TqJCil9_8wBCVgY4uxrNspSo4_0e9Fz2qaio3WlqPiJDlw2CDCbzwuVhocKugljEil8NHkN2XJEXiZLjCB-dHZGuBvlyFLWUBh8H6TNRYvPhKYE8upM2qF-YvQ2jZrVsDCvlp5cmwVGtYuHqqJejZdW7IyszhHn9egG93dVJ1d5rIP_GHpsj7NCxxq1OSQLPk_b6zBrSs8zu-oJNdPL0PVFkzqCHjXQrB7NsjN51SLc-b2Ll2inWvRJlf0YEjtQ7cWS1O7cFJNcqI5k7jO0e8H115i6cF0LCzf_ugHj5Xv&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCobgwe5gzYvbVEYK2ZPGVtPAGyZ7SsVyF_pf3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBO4BT9CEZO93g4eJ6gbs4-12BnhlNfLYyQfUue_RqEvSbo37BXK1SQ2V600cP_YMd8-9y5ND-C_PXc8M-OTEk71GwryjLL6Cbsu45lNN-BMskkbVG1B8_aSSudt4V2-AfTCDvQtQE-UOTQ7Nko9OuSLwZ9LDJ-xN697JYQ5jULaSsyblRyeMV8RN4VRfGDjEHO3Nmi8mBpA83pezEOFdsUQO54FYZDRODyCt-XC4u1rHTVG0YZyr9CN4ivDte_b8frmIA-iDNIUONNBzr0kNWKs4jhacuUok5PEeyzwPQvZlEoST52NQieE1czH8U3H0noAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0uiMg3xn3GRAMDHZFAVg0e76_qKw%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Mar 2023 20:22:20 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 924A 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEavYKGRsCAA0K8fBPL5xdFtQ0QUk4Yw&u=%7C53p4L%2Bu0rWOy%2F1rxsRFMKk8g3%2FwCUHl5uNb%2FH5tIBVw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfbhC2m1A6WTTEufLo8HoGRYa45YGGUAqy4AywvQ9yT2o3NG4NRf_zk2AHO8p_D4_vw6pd7lHRffu6TqJCil9_8wBCVgY4uxrNspSo4_0e9Fz2qaio3WlqPiJDlw2CDCbzwuVhocKugljEil8NHkN2XJEXiZLjCB-dHZGuBvlyFLWUBh8H6TNRYvPhKYE8upM2qF-YvQ2jZrVsDCvlp5cmwVGtYuHqqJejZdW7IyszhHn9egG93dVJ1d5rIP_GHpsj7NCxxq1OSQLPk_b6zBrSs8zu-oJNdPL0PVFkzqCHjXQrB7NsjN51SLc-b2Ll2inWvRJlf0YEjtQ7cWS1O7cFJNcqI5k7jO0e8H115i6cF0LCzf_ugHj5Xv&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCobgwe5gzYvbVEYK2ZPGVtPAGyZ7SsVyF_pf3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBO4BT9CEZO93g4eJ6gbs4-12BnhlNfLYyQfUue_RqEvSbo37BXK1SQ2V600cP_YMd8-9y5ND-C_PXc8M-OTEk71GwryjLL6Cbsu45lNN-BMskkbVG1B8_aSSudt4V2-AfTCDvQtQE-UOTQ7Nko9OuSLwZ9LDJ-xN697JYQ5jULaSsyblRyeMV8RN4VRfGDjEHO3Nmi8mBpA83pezEOFdsUQO54FYZDRODyCt-XC4u1rHTVG0YZyr9CN4ivDte_b8frmIA-iDNIUONNBzr0kNWKs4jhacuUok5PEeyzwPQvZlEoST52NQieE1czH8U3H0noAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0uiMg3xn3GRAMDHZFAVg0e76_qKw%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Mar 2023 20:22:20 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 924A 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEavYKGRsCAA0K8fBPL5xdFtQ0QUk4Yw&u=%7C53p4L%2Bu0rWOy%2F1rxsRFMKk8g3%2FwCUHl5uNb%2FH5tIBVw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfbhC2m1A6WTTEufLo8HoGRYa45YGGUAqy4AywvQ9yT2o3NG4NRf_zk2AHO8p_D4_vw6pd7lHRffu6TqJCil9_8wBCVgY4uxrNspSo4_0e9Fz2qaio3WlqPiJDlw2CDCbzwuVhocKugljEil8NHkN2XJEXiZLjCB-dHZGuBvlyFLWUBh8H6TNRYvPhKYE8upM2qF-YvQ2jZrVsDCvlp5cmwVGtYuHqqJejZdW7IyszhHn9egG93dVJ1d5rIP_GHpsj7NCxxq1OSQLPk_b6zBrSs8zu-oJNdPL0PVFkzqCHjXQrB7NsjN51SLc-b2Ll2inWvRJlf0YEjtQ7cWS1O7cFJNcqI5k7jO0e8H115i6cF0LCzf_ugHj5Xv&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCobgwe5gzYvbVEYK2ZPGVtPAGyZ7SsVyF_pf3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBO4BT9CEZO93g4eJ6gbs4-12BnhlNfLYyQfUue_RqEvSbo37BXK1SQ2V600cP_YMd8-9y5ND-C_PXc8M-OTEk71GwryjLL6Cbsu45lNN-BMskkbVG1B8_aSSudt4V2-AfTCDvQtQE-UOTQ7Nko9OuSLwZ9LDJ-xN697JYQ5jULaSsyblRyeMV8RN4VRfGDjEHO3Nmi8mBpA83pezEOFdsUQO54FYZDRODyCt-XC4u1rHTVG0YZyr9CN4ivDte_b8frmIA-iDNIUONNBzr0kNWKs4jhacuUok5PEeyzwPQvZlEoST52NQieE1czH8U3H0noAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0uiMg3xn3GRAMDHZFAVg0e76_qKw%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 12 Mar 2023 20:22:20 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame 924A 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEavYKGRsCAA0K8fBPL5xdFtQ0QUk4Yw&u=%7C53p4L%2Bu0rWOy%2F1rxsRFMKk8g3%2FwCUHl5uNb%2FH5tIBVw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfbhC2m1A6WTTEufLo8HoGRYa45YGGUAqy4AywvQ9yT2o3NG4NRf_zk2AHO8p_D4_vw6pd7lHRffu6TqJCil9_8wBCVgY4uxrNspSo4_0e9Fz2qaio3WlqPiJDlw2CDCbzwuVhocKugljEil8NHkN2XJEXiZLjCB-dHZGuBvlyFLWUBh8H6TNRYvPhKYE8upM2qF-YvQ2jZrVsDCvlp5cmwVGtYuHqqJejZdW7IyszhHn9egG93dVJ1d5rIP_GHpsj7NCxxq1OSQLPk_b6zBrSs8zu-oJNdPL0PVFkzqCHjXQrB7NsjN51SLc-b2Ll2inWvRJlf0YEjtQ7cWS1O7cFJNcqI5k7jO0e8H115i6cF0LCzf_ugHj5Xv&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCobgwe5gzYvbVEYK2ZPGVtPAGyZ7SsVyF_pf3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBO4BT9CEZO93g4eJ6gbs4-12BnhlNfLYyQfUue_RqEvSbo37BXK1SQ2V600cP_YMd8-9y5ND-C_PXc8M-OTEk71GwryjLL6Cbsu45lNN-BMskkbVG1B8_aSSudt4V2-AfTCDvQtQE-UOTQ7Nko9OuSLwZ9LDJ-xN697JYQ5jULaSsyblRyeMV8RN4VRfGDjEHO3Nmi8mBpA83pezEOFdsUQO54FYZDRODyCt-XC4u1rHTVG0YZyr9CN4ivDte_b8frmIA-iDNIUONNBzr0kNWKs4jhacuUok5PEeyzwPQvZlEoST52NQieE1czH8U3H0noAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0uiMg3xn3GRAMDHZFAVg0e76_qKw%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Sun, 12 Mar 2023 20:22:20 GMT
m
secure-gl.imrworldwide.com/cgi-bin/ Frame 924A 		0
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1647548539
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEavYKGRsCAA0K8fBPL5xdFtQ0QUk4Yw&u=%7C53p4L%2Bu0rWOy%2F1rxsRFMKk8g3%2FwCUHl5uNb%2FH5tIBVw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfbhC2m1A6WTTEufLo8HoGRYa45YGGUAqy4AywvQ9yT2o3NG4NRf_zk2AHO8p_D4_vw6pd7lHRffu6TqJCil9_8wBCVgY4uxrNspSo4_0e9Fz2qaio3WlqPiJDlw2CDCbzwuVhocKugljEil8NHkN2XJEXiZLjCB-dHZGuBvlyFLWUBh8H6TNRYvPhKYE8upM2qF-YvQ2jZrVsDCvlp5cmwVGtYuHqqJejZdW7IyszhHn9egG93dVJ1d5rIP_GHpsj7NCxxq1OSQLPk_b6zBrSs8zu-oJNdPL0PVFkzqCHjXQrB7NsjN51SLc-b2Ll2inWvRJlf0YEjtQ7cWS1O7cFJNcqI5k7jO0e8H115i6cF0LCzf_ugHj5Xv&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCobgwe5gzYvbVEYK2ZPGVtPAGyZ7SsVyF_pf3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBO4BT9CEZO93g4eJ6gbs4-12BnhlNfLYyQfUue_RqEvSbo37BXK1SQ2V600cP_YMd8-9y5ND-C_PXc8M-OTEk71GwryjLL6Cbsu45lNN-BMskkbVG1B8_aSSudt4V2-AfTCDvQtQE-UOTQ7Nko9OuSLwZ9LDJ-xN697JYQ5jULaSsyblRyeMV8RN4VRfGDjEHO3Nmi8mBpA83pezEOFdsUQO54FYZDRODyCt-XC4u1rHTVG0YZyr9CN4ivDte_b8frmIA-iDNIUONNBzr0kNWKs4jhacuUok5PEeyzwPQvZlEoST52NQieE1czH8U3H0noAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0uiMg3xn3GRAMDHZFAVg0e76_qKw%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225a:7400:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 20:22:20 GMT
via
1.1 88c4efc7a0d40cb6034579fa005452bc.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
TXL50-P1
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
x-cache
Miss from cloudfront
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length
0
x-amz-cf-id
_JY-XcoHyTJDrY5WOYzGplC-5ds1alzBy0Nm23-PAfaGGyr8NSr3_w==
expires
Thu, 01 Dec 1994 16:00:00 GMT
lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame 924A 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=o00D8qIgar3PdS5R9BM-mVDRxQWfi8jZN6fF6sj3OAWUxntl6C-GzJY6zHtZL5cZ0zm029EzgF5-55v4PXRfi1jqsLNzEiUsTRBQrkdh4MqLw8hiRDSsrYxbMS7TuPtnf5IDr2n9s0B_TmsO7d_0pq_WZvIUW2b0YGnPjRSGzHy45Xl0ObfTLplAy3hR9GXVlE_habXoGhGLlqJLn14--hTfsWGPMIL2UUrRy5iRVtxJi_3oGTZ_PJaNFOzJB2F9WBw6JPbtY3M4OsbwjnrBPogCKaV_3jaV23apiJhUtzB97nCif96cZEnJr53TrjBXHVzZyk-8N-RSJ3rVGg4qoJSB_KCOumKczkX3SKFcfgqsrLOUzRqkoISUhwoFT-VIeN31Wp8aESvQvyHKjitbYfK51KnV-ub4BtMvk-3Up0OdzJRnO_wAKSOc9M8FK62l2dGfOQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEavYKGRsCAA0K8fBPL5xdFtQ0QUk4Yw&u=%7C53p4L%2Bu0rWOy%2F1rxsRFMKk8g3%2FwCUHl5uNb%2FH5tIBVw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfbhC2m1A6WTTEufLo8HoGRYa45YGGUAqy4AywvQ9yT2o3NG4NRf_zk2AHO8p_D4_vw6pd7lHRffu6TqJCil9_8wBCVgY4uxrNspSo4_0e9Fz2qaio3WlqPiJDlw2CDCbzwuVhocKugljEil8NHkN2XJEXiZLjCB-dHZGuBvlyFLWUBh8H6TNRYvPhKYE8upM2qF-YvQ2jZrVsDCvlp5cmwVGtYuHqqJejZdW7IyszhHn9egG93dVJ1d5rIP_GHpsj7NCxxq1OSQLPk_b6zBrSs8zu-oJNdPL0PVFkzqCHjXQrB7NsjN51SLc-b2Ll2inWvRJlf0YEjtQ7cWS1O7cFJNcqI5k7jO0e8H115i6cF0LCzf_ugHj5Xv&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCobgwe5gzYvbVEYK2ZPGVtPAGyZ7SsVyF_pf3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBO4BT9CEZO93g4eJ6gbs4-12BnhlNfLYyQfUue_RqEvSbo37BXK1SQ2V600cP_YMd8-9y5ND-C_PXc8M-OTEk71GwryjLL6Cbsu45lNN-BMskkbVG1B8_aSSudt4V2-AfTCDvQtQE-UOTQ7Nko9OuSLwZ9LDJ-xN697JYQ5jULaSsyblRyeMV8RN4VRfGDjEHO3Nmi8mBpA83pezEOFdsUQO54FYZDRODyCt-XC4u1rHTVG0YZyr9CN4ivDte_b8frmIA-iDNIUONNBzr0kNWKs4jhacuUok5PEeyzwPQvZlEoST52NQieE1czH8U3H0noAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0uiMg3xn3GRAMDHZFAVg0e76_qKw%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 20:22:19 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2576776
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
animejs.js
static.criteo.net/animejs/ Frame 2A90 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAFXhQCHkItAAhrcCGKFIu_PvOdT-9SKQ&u=%7C53p4L%2Bu0rWPphGaIm%2FFdHttMPf%2BxfQjPlAmgqGmWYW0%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy3JygHL7QPZbHQg5vtw827VIdug1IH5QSs611gFA-0cRVozMc2BBFD8gBDxD-jInhsI4iS1mf-pRLoXmySWDexqH-9_IbotiGyX2mohiwxwROdUgmjxw5Pw97S2AzjYWaC1IJ39NLZixo4wat24Km1b2F66Yo_RBimiZmpfkKfw5MV7wzocfLAA5jRNTEtKqTrG2K4bu1nvax5l_1PQoCv2tf0pbTNL4ZkD2E4eYUJTI1m5DKKObgVyPXctdq31WCGrCWeCvFtmwToCVCzanomCeb5PFmIcyzD9A1EuhCpC8VIv5J35om6a8_U8-jgvR7lFzwoSQpnwsfidUXvzk7PZ26T86gxSOFqzb58KnaIJARXGf9rhzdbQ95c9xDJMatqZKfR7xNFBr&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCevyde5gzYpS8Fa2E-cAP8NahwAHJntKxXI3w4taTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakCe9G6FdCYsj6oAwGqBO4BT9Au4N9rNKlgPoPrun2FJw2X4b2xc_gRfAliicDTR3QVvl_CzV2VAFNje0sYOMARk5LpqzZjJZJb8VUXAs2Kf1R-dyIHGDBR6Zfxri8OzECL7GbLXkPZ7wn_UEK2Lz2f_bIwZGL_eiohLGTntH6ZORC_3kjoWS-SsR3PaR1WMLba9szZl9Zqqi6NxJ_ML-y_x_i4cVPvFdtdW7nO5e2AqopLJw-FBel_Qa-9Rf3cc779RbcjL8c73EPSQXuUR2z_THRrATPqRAGLuGbUIv0cCXtyOu3R9vaurqLaghxo9PT_40lQPNWBYHqI0EyVBIAGmpSN-dWShNO_AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3KvSr1BN8xW0sJ85gB8bUbjlt_dA%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Mar 2023 20:22:20 GMT
3c188aa99fad5c48d7282a7b12121b0c.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 7E0E 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3c188aa99fad5c48d7282a7b12121b0c.jpg
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2233b5245323b0dd4fc358cfa901b52db32efbe201043b4e7ac5e5455e237ba2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 17 Mar 2022 20:22:20 GMT
via
1.1 varnish, 1.1 varnish
age
3222431
edge-cache-tag
343936481254991481097575987301493665269,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag
343936481254991481097575987301493665269,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
152
expiration
expiry-date="Thu, 10 Mar 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3c188aa99fad5c48d7282a7b12121b0c.jpg
content-length
10940
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Mon, 07 Feb 2022 14:51:15 GMT
server
nginx
x-timer
S1647548541.634126,VS0,VE1
etag
"7f70762d7084f958817cbb196443c968"
x-served-by
cache-bwi5075-BWI, cache-iad-kcgs7200099-IAD, cache-hhn4081-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
tbp
15.taboola.com/ Frame 7E0E 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://15.taboola.com/tbp?oid=15&pubid=166277&tagid=948107&pstn=[pstn]&cb=[cb]&callback=TRC.pVideoCallbacks.videoCallback1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220317-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
79d13a711332e8ab5638c5d8ab17b4fd28b4c27a6e110e6de0e53a765863a28b

Request headers

Referer
https://www.threatminer.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
content-encoding
gzip
access-control-allow-origin
https://www.threatminer.org
machineid
1416
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn4081-HHN
pragma
no-cache
server
nginx
x-timer
S1647548541.637086,VS0,VE18
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
fc47205c0ca2dce69b72d3f6b5ea6e0f.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 7E0E 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fc47205c0ca2dce69b72d3f6b5ea6e0f.jpeg
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
93f393a2b1de6e84b23b0eb105987bd779b48e788c48b7a91db7becf6e237218

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 17 Mar 2022 20:22:20 GMT
via
1.1 varnish, 1.1 varnish
age
280687
edge-cache-tag
365836330699709642365401133871586342678,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag
365836330699709642365401133871586342678,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
453
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fc47205c0ca2dce69b72d3f6b5ea6e0f.jpeg
content-length
11244
x-request-id
a11b7ccd43dedd6d5862f926a62318ae
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Mon, 14 Mar 2022 12:06:42 GMT
server
nginx
x-timer
S1647548541.637338,VS0,VE1
etag
"db036f3de24fd53ed87df577a05b01c0"
x-served-by
cache-bwi5059-BWI, cache-iad-kjyo7100066-IAD, cache-hhn4081-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
943de76840269fb52eeedcfbda616580.jfif
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 7E0E 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/943de76840269fb52eeedcfbda616580.jfif
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220317-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
219bae97d4f16ea48ffb78a363182c5ea2a3937488b03fb74a89b60d0e80aa50

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 17 Mar 2022 20:22:20 GMT
via
1.1 varnish, 1.1 varnish
age
1476724
edge-cache-tag
444910687945873722450631421443045237597,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag
444910687945873722450631421443045237597,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
33
expiration
expiry-date="Thu, 31 Mar 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/943de76840269fb52eeedcfbda616580.jfif
content-length
7644
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Mon, 28 Feb 2022 13:54:45 GMT
server
nginx
x-timer
S1647548541.637464,VS0,VE0
etag
"09f58cd643a292308391d9f63dd89239"
x-served-by
cache-bwi5079-BWI, cache-iad-kjyo7100169-IAD, cache-hhn4081-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 3
tbp
15.taboola.com/ Frame 7E0E 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://15.taboola.com/tbp?oid=15&pubid=166277&tagid=948107&pstn=[pstn]&cb=[cb]&callback=TRC.pVideoCallbacks.videoCallback2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220317-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f3343f4dfc9f0746319b18274db4d1fe7ac4c17102b98ad20c901e2d97491883

Request headers

Referer
https://www.threatminer.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
content-encoding
gzip
access-control-allow-origin
https://www.threatminer.org
machineid
1415
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn4081-HHN
pragma
no-cache
server
nginx
x-timer
S1647548541.638560,VS0,VE24
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
45fba52f57e5a3036342c9f31469159e.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 7E0E 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/45fba52f57e5a3036342c9f31469159e.jpg
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c7de9bb00906bb0a8f142d28228417b097cef7eeb84456bdd531f5e9a7ec454c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 17 Mar 2022 20:22:20 GMT
via
1.1 varnish, 1.1 varnish
age
37740
edge-cache-tag
332343129876768491095563592186744983175,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag
332343129876768491095563592186744983175,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
519
x-cache
MISS, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/45fba52f57e5a3036342c9f31469159e.jpg
content-length
7884
x-request-id
b024541bf9bd0b01ec4f9826406bbd6b
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Thu, 17 Mar 2022 07:36:49 GMT
server
nginx
x-timer
S1647548541.638657,VS0,VE1
etag
"cc6d13c333130a9a4228046bb5d24344"
x-served-by
cache-wdc5520-WDC, cache-iad-kcgs7200046-IAD, cache-hhn4081-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1
75af26290d1c422fa1348137bc6a4b68.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 7E0E 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/75af26290d1c422fa1348137bc6a4b68.jpg
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bb6fe6ea51772638f8c2a04593fa4ee92717aa3d899c2def04b8509c50975e3a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 17 Mar 2022 20:22:20 GMT
via
1.1 varnish, 1.1 varnish
age
1421794
edge-cache-tag
419649402235686168963062171367090614525,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag
419649402235686168963062171367090614525,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
224
expiration
expiry-date="Thu, 31 Mar 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/75af26290d1c422fa1348137bc6a4b68.jpg
content-length
13410
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified
Mon, 28 Feb 2022 13:55:56 GMT
server
nginx
x-timer
S1647548541.638761,VS0,VE1
etag
"f01cf5dde89f9c09245b94dcab16040e"
x-served-by
cache-bwi5032-BWI, cache-iad-kcgs7200115-IAD, cache-hhn4081-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
195cb737df8de9f19504199374e47f60.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 7E0E 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/195cb737df8de9f19504199374e47f60.jpg
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220317-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d98cbae27516de590fffa26b6d3c6a4cda56092313c4e00848b34759ed5a9a8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 17 Mar 2022 20:22:20 GMT
via
1.1 varnish, 1.1 varnish
age
1591728
edge-cache-tag
420576888841939107814244004741557393202,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag
420576888841939107814244004741557393202,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
648
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/195cb737df8de9f19504199374e47f60.jpg
content-length
7962
x-request-id
c1a86cbaea092c3eb177a73aaf6ca88f
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified
Sun, 20 Feb 2022 09:22:38 GMT
server
nginx
x-timer
S1647548541.638841,VS0,VE0
etag
"2f5ba94376aef424c891a505b2c06be1"
x-served-by
cache-wdc5525-WDC, cache-iad-kiad7000048-IAD, cache-hhn4081-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 3
img
pix.eu.criteo.net/img/ Frame 21FC 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?m=0&partner=93301&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F93301%2F220308%2F8135cf59197a4aaeaf077ce3c95d7012_uranium_banners_1200_628px.jpg&v=3&s=HZbeXGaHiwgEBZbMhh2-H80A
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEffwCHkMJAA8DdPERq1dGt6bgudtwuQ&u=%7C53p4L%2Bu0rWN58YE5tUTS7ovOL2wpomK5zsMhbCPhDOI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy3JygHL7QPZbHQg5vtw827UZuL-K2XIlI_HIIoK5Yw9BJjaku2-EdFUqMZy9wvtdHma2jh0Mr4Om94qV24hCREvtjjSzBY9OMRlwBKGUyblphCb5GSrQYfustV3nP8gS9mMEW1mbwEqByUjteOu695KWM3vQwjcVB43GGzw6Xe2THuwTfPH6I3Fwzid42nRxiv9cS4HDSuk1nZWsFt6YlvSBcrbuEZgJDUmKhx_HbXdw2guMLKuDBJhJcYZTJf2bHMvCuGRZylDfM-xCCif69ZNQouFDS2qrHesz_K74b7u7PgLWQsU5DTN7chRHGiZkTccixZZ2Zq_v489QbL9pkkBCYKtxVPN2P9HPc1wn_4GKHoBK7gYc4Wlz7UWf0-8PLSKQsWbkQoCd&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfdcse5gzYvz7EYmG-cAP9Ia8-AHJntKxXM3hkvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQJ70boV0JiyPqgDAaoE7gFP0Ae1QU__BGkr6YCbuQl3UkfK1Yizj1k-sb_SKTHmLeKLO4a2xTkuN_iBOGNQpszVMkn3YeTaVVYPv6cE1T-QeVTq6lvVkyvyeRnW8-TJ18kA7Be2GQFgo2vP3xowTT89mbAgglFbHdpnUkwxd3MSdI4pCR6MkIOaxFVaUTFbhcGPgEhc7JCHk3yeUXQHIxJoabeepb07MH1jbsJd8FY1Vma2vjJMHx8820UufRplB-cVrHp87p_zMvjDNgkBuRL4n6P999I-KpmAM0WHzM_clbQs4ZQiMBpPfW2fR4cKXfUBjVzKMvt-0WKaqrHvgAaalI351ZKE078BoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_12lleO4KPSwB-GqkIMR_X3GsZUHg%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
5088414f9c14d5edb1807485a06097481409917ea4d1415edef8bdfbfbb3053d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30316265
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
74492
expires
Fri, 03 Mar 2023 17:33:26 GMT
img
pix.eu.criteo.net/img/ Frame 21FC 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=396&m=0&partner=93301&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F93301%2F220308%2Ffab7ecdb83454ac8bef590f953ff843d_an-logo-green.png&v=3&w=2396&s=kIzrxjlGfnuY2oprpccF2lzw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEffwCHkMJAA8DdPERq1dGt6bgudtwuQ&u=%7C53p4L%2Bu0rWN58YE5tUTS7ovOL2wpomK5zsMhbCPhDOI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy3JygHL7QPZbHQg5vtw827UZuL-K2XIlI_HIIoK5Yw9BJjaku2-EdFUqMZy9wvtdHma2jh0Mr4Om94qV24hCREvtjjSzBY9OMRlwBKGUyblphCb5GSrQYfustV3nP8gS9mMEW1mbwEqByUjteOu695KWM3vQwjcVB43GGzw6Xe2THuwTfPH6I3Fwzid42nRxiv9cS4HDSuk1nZWsFt6YlvSBcrbuEZgJDUmKhx_HbXdw2guMLKuDBJhJcYZTJf2bHMvCuGRZylDfM-xCCif69ZNQouFDS2qrHesz_K74b7u7PgLWQsU5DTN7chRHGiZkTccixZZ2Zq_v489QbL9pkkBCYKtxVPN2P9HPc1wn_4GKHoBK7gYc4Wlz7UWf0-8PLSKQsWbkQoCd&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfdcse5gzYvz7EYmG-cAP9Ia8-AHJntKxXM3hkvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQJ70boV0JiyPqgDAaoE7gFP0Ae1QU__BGkr6YCbuQl3UkfK1Yizj1k-sb_SKTHmLeKLO4a2xTkuN_iBOGNQpszVMkn3YeTaVVYPv6cE1T-QeVTq6lvVkyvyeRnW8-TJ18kA7Be2GQFgo2vP3xowTT89mbAgglFbHdpnUkwxd3MSdI4pCR6MkIOaxFVaUTFbhcGPgEhc7JCHk3yeUXQHIxJoabeepb07MH1jbsJd8FY1Vma2vjJMHx8820UufRplB-cVrHp87p_zMvjDNgkBuRL4n6P999I-KpmAM0WHzM_clbQs4ZQiMBpPfW2fR4cKXfUBjVzKMvt-0WKaqrHvgAaalI351ZKE078BoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_12lleO4KPSwB-GqkIMR_X3GsZUHg%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
51589a34af2909c1f9656815b92dca57e27faa69c4dd3a00c613fd0df59b0754
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:19 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=30315931
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
11390
expires
Fri, 03 Mar 2023 17:27:52 GMT
all
csm.eu.criteo.net/ Frame 21FC 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=10_9Y38m309QXgpd_OroTo6RUdxtpoPbj_33lyIWM4-gkSipwdWGRJIzWGWcapbBDK0GOeVEl922A2YMbMWGjpF-YFdBcEvzPYZvUSMmOWmGGb6xUZ4CCYUVrnRhQ_G9Xxe7HtfEWTFCVYIDKjdYy61nA0ULnGMvdCEL2FKpSC5d7MKsiDtrgxYT1Xe7j4OrvC3sHcz9IQb7sOG6mliXwzHDxtv-9fsk6Et4jpp5KVwT5PRlATsPkYC4wK69cYJ0MvT4Sg&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEffwCHkMJAA8DdPERq1dGt6bgudtwuQ&u=%7C53p4L%2Bu0rWN58YE5tUTS7ovOL2wpomK5zsMhbCPhDOI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy3JygHL7QPZbHQg5vtw827UZuL-K2XIlI_HIIoK5Yw9BJjaku2-EdFUqMZy9wvtdHma2jh0Mr4Om94qV24hCREvtjjSzBY9OMRlwBKGUyblphCb5GSrQYfustV3nP8gS9mMEW1mbwEqByUjteOu695KWM3vQwjcVB43GGzw6Xe2THuwTfPH6I3Fwzid42nRxiv9cS4HDSuk1nZWsFt6YlvSBcrbuEZgJDUmKhx_HbXdw2guMLKuDBJhJcYZTJf2bHMvCuGRZylDfM-xCCif69ZNQouFDS2qrHesz_K74b7u7PgLWQsU5DTN7chRHGiZkTccixZZ2Zq_v489QbL9pkkBCYKtxVPN2P9HPc1wn_4GKHoBK7gYc4Wlz7UWf0-8PLSKQsWbkQoCd&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfdcse5gzYvz7EYmG-cAP9Ia8-AHJntKxXM3hkvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQJ70boV0JiyPqgDAaoE7gFP0Ae1QU__BGkr6YCbuQl3UkfK1Yizj1k-sb_SKTHmLeKLO4a2xTkuN_iBOGNQpszVMkn3YeTaVVYPv6cE1T-QeVTq6lvVkyvyeRnW8-TJ18kA7Be2GQFgo2vP3xowTT89mbAgglFbHdpnUkwxd3MSdI4pCR6MkIOaxFVaUTFbhcGPgEhc7JCHk3yeUXQHIxJoabeepb07MH1jbsJd8FY1Vma2vjJMHx8820UufRplB-cVrHp87p_zMvjDNgkBuRL4n6P999I-KpmAM0WHzM_clbQs4ZQiMBpPfW2fR4cKXfUBjVzKMvt-0WKaqrHvgAaalI351ZKE078BoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_12lleO4KPSwB-GqkIMR_X3GsZUHg%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 17 Mar 2022 20:22:20 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 21FC 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEffwCHkMJAA8DdPERq1dGt6bgudtwuQ&u=%7C53p4L%2Bu0rWN58YE5tUTS7ovOL2wpomK5zsMhbCPhDOI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy3JygHL7QPZbHQg5vtw827UZuL-K2XIlI_HIIoK5Yw9BJjaku2-EdFUqMZy9wvtdHma2jh0Mr4Om94qV24hCREvtjjSzBY9OMRlwBKGUyblphCb5GSrQYfustV3nP8gS9mMEW1mbwEqByUjteOu695KWM3vQwjcVB43GGzw6Xe2THuwTfPH6I3Fwzid42nRxiv9cS4HDSuk1nZWsFt6YlvSBcrbuEZgJDUmKhx_HbXdw2guMLKuDBJhJcYZTJf2bHMvCuGRZylDfM-xCCif69ZNQouFDS2qrHesz_K74b7u7PgLWQsU5DTN7chRHGiZkTccixZZ2Zq_v489QbL9pkkBCYKtxVPN2P9HPc1wn_4GKHoBK7gYc4Wlz7UWf0-8PLSKQsWbkQoCd&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfdcse5gzYvz7EYmG-cAP9Ia8-AHJntKxXM3hkvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQJ70boV0JiyPqgDAaoE7gFP0Ae1QU__BGkr6YCbuQl3UkfK1Yizj1k-sb_SKTHmLeKLO4a2xTkuN_iBOGNQpszVMkn3YeTaVVYPv6cE1T-QeVTq6lvVkyvyeRnW8-TJ18kA7Be2GQFgo2vP3xowTT89mbAgglFbHdpnUkwxd3MSdI4pCR6MkIOaxFVaUTFbhcGPgEhc7JCHk3yeUXQHIxJoabeepb07MH1jbsJd8FY1Vma2vjJMHx8820UufRplB-cVrHp87p_zMvjDNgkBuRL4n6P999I-KpmAM0WHzM_clbQs4ZQiMBpPfW2fR4cKXfUBjVzKMvt-0WKaqrHvgAaalI351ZKE078BoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_12lleO4KPSwB-GqkIMR_X3GsZUHg%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Mar 2023 20:22:20 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 21FC 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEffwCHkMJAA8DdPERq1dGt6bgudtwuQ&u=%7C53p4L%2Bu0rWN58YE5tUTS7ovOL2wpomK5zsMhbCPhDOI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy3JygHL7QPZbHQg5vtw827UZuL-K2XIlI_HIIoK5Yw9BJjaku2-EdFUqMZy9wvtdHma2jh0Mr4Om94qV24hCREvtjjSzBY9OMRlwBKGUyblphCb5GSrQYfustV3nP8gS9mMEW1mbwEqByUjteOu695KWM3vQwjcVB43GGzw6Xe2THuwTfPH6I3Fwzid42nRxiv9cS4HDSuk1nZWsFt6YlvSBcrbuEZgJDUmKhx_HbXdw2guMLKuDBJhJcYZTJf2bHMvCuGRZylDfM-xCCif69ZNQouFDS2qrHesz_K74b7u7PgLWQsU5DTN7chRHGiZkTccixZZ2Zq_v489QbL9pkkBCYKtxVPN2P9HPc1wn_4GKHoBK7gYc4Wlz7UWf0-8PLSKQsWbkQoCd&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfdcse5gzYvz7EYmG-cAP9Ia8-AHJntKxXM3hkvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQJ70boV0JiyPqgDAaoE7gFP0Ae1QU__BGkr6YCbuQl3UkfK1Yizj1k-sb_SKTHmLeKLO4a2xTkuN_iBOGNQpszVMkn3YeTaVVYPv6cE1T-QeVTq6lvVkyvyeRnW8-TJ18kA7Be2GQFgo2vP3xowTT89mbAgglFbHdpnUkwxd3MSdI4pCR6MkIOaxFVaUTFbhcGPgEhc7JCHk3yeUXQHIxJoabeepb07MH1jbsJd8FY1Vma2vjJMHx8820UufRplB-cVrHp87p_zMvjDNgkBuRL4n6P999I-KpmAM0WHzM_clbQs4ZQiMBpPfW2fR4cKXfUBjVzKMvt-0WKaqrHvgAaalI351ZKE078BoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_12lleO4KPSwB-GqkIMR_X3GsZUHg%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Mar 2023 20:22:20 GMT
img
pix.eu.criteo.net/img/ Frame 2A90 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?m=0&partner=93301&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F93301%2F220308%2F8135cf59197a4aaeaf077ce3c95d7012_uranium_banners_1200_628px.jpg&v=3&s=HZbeXGaHiwgEBZbMhh2-H80A
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAFXhQCHkItAAhrcCGKFIu_PvOdT-9SKQ&u=%7C53p4L%2Bu0rWPphGaIm%2FFdHttMPf%2BxfQjPlAmgqGmWYW0%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy3JygHL7QPZbHQg5vtw827VIdug1IH5QSs611gFA-0cRVozMc2BBFD8gBDxD-jInhsI4iS1mf-pRLoXmySWDexqH-9_IbotiGyX2mohiwxwROdUgmjxw5Pw97S2AzjYWaC1IJ39NLZixo4wat24Km1b2F66Yo_RBimiZmpfkKfw5MV7wzocfLAA5jRNTEtKqTrG2K4bu1nvax5l_1PQoCv2tf0pbTNL4ZkD2E4eYUJTI1m5DKKObgVyPXctdq31WCGrCWeCvFtmwToCVCzanomCeb5PFmIcyzD9A1EuhCpC8VIv5J35om6a8_U8-jgvR7lFzwoSQpnwsfidUXvzk7PZ26T86gxSOFqzb58KnaIJARXGf9rhzdbQ95c9xDJMatqZKfR7xNFBr&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCevyde5gzYpS8Fa2E-cAP8NahwAHJntKxXI3w4taTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakCe9G6FdCYsj6oAwGqBO4BT9Au4N9rNKlgPoPrun2FJw2X4b2xc_gRfAliicDTR3QVvl_CzV2VAFNje0sYOMARk5LpqzZjJZJb8VUXAs2Kf1R-dyIHGDBR6Zfxri8OzECL7GbLXkPZ7wn_UEK2Lz2f_bIwZGL_eiohLGTntH6ZORC_3kjoWS-SsR3PaR1WMLba9szZl9Zqqi6NxJ_ML-y_x_i4cVPvFdtdW7nO5e2AqopLJw-FBel_Qa-9Rf3cc779RbcjL8c73EPSQXuUR2z_THRrATPqRAGLuGbUIv0cCXtyOu3R9vaurqLaghxo9PT_40lQPNWBYHqI0EyVBIAGmpSN-dWShNO_AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3KvSr1BN8xW0sJ85gB8bUbjlt_dA%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
5088414f9c14d5edb1807485a06097481409917ea4d1415edef8bdfbfbb3053d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30316265
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
74492
expires
Fri, 03 Mar 2023 17:33:26 GMT
img
pix.eu.criteo.net/img/ Frame 2A90 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=396&m=0&partner=93301&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F93301%2F220308%2Ffab7ecdb83454ac8bef590f953ff843d_an-logo-green.png&v=3&w=2396&s=kIzrxjlGfnuY2oprpccF2lzw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAFXhQCHkItAAhrcCGKFIu_PvOdT-9SKQ&u=%7C53p4L%2Bu0rWPphGaIm%2FFdHttMPf%2BxfQjPlAmgqGmWYW0%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy3JygHL7QPZbHQg5vtw827VIdug1IH5QSs611gFA-0cRVozMc2BBFD8gBDxD-jInhsI4iS1mf-pRLoXmySWDexqH-9_IbotiGyX2mohiwxwROdUgmjxw5Pw97S2AzjYWaC1IJ39NLZixo4wat24Km1b2F66Yo_RBimiZmpfkKfw5MV7wzocfLAA5jRNTEtKqTrG2K4bu1nvax5l_1PQoCv2tf0pbTNL4ZkD2E4eYUJTI1m5DKKObgVyPXctdq31WCGrCWeCvFtmwToCVCzanomCeb5PFmIcyzD9A1EuhCpC8VIv5J35om6a8_U8-jgvR7lFzwoSQpnwsfidUXvzk7PZ26T86gxSOFqzb58KnaIJARXGf9rhzdbQ95c9xDJMatqZKfR7xNFBr&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCevyde5gzYpS8Fa2E-cAP8NahwAHJntKxXI3w4taTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakCe9G6FdCYsj6oAwGqBO4BT9Au4N9rNKlgPoPrun2FJw2X4b2xc_gRfAliicDTR3QVvl_CzV2VAFNje0sYOMARk5LpqzZjJZJb8VUXAs2Kf1R-dyIHGDBR6Zfxri8OzECL7GbLXkPZ7wn_UEK2Lz2f_bIwZGL_eiohLGTntH6ZORC_3kjoWS-SsR3PaR1WMLba9szZl9Zqqi6NxJ_ML-y_x_i4cVPvFdtdW7nO5e2AqopLJw-FBel_Qa-9Rf3cc779RbcjL8c73EPSQXuUR2z_THRrATPqRAGLuGbUIv0cCXtyOu3R9vaurqLaghxo9PT_40lQPNWBYHqI0EyVBIAGmpSN-dWShNO_AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3KvSr1BN8xW0sJ85gB8bUbjlt_dA%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
51589a34af2909c1f9656815b92dca57e27faa69c4dd3a00c613fd0df59b0754
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=30315931
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
11390
expires
Fri, 03 Mar 2023 17:27:52 GMT
all
csm.eu.criteo.net/ Frame 2A90 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=lMIrt38m309QXgpdeM-hf3jPm-XQUZIk0KgzgCgpgJ3I26OG9zDqx5arnf59A-tjz3XF6_1-hcfcFWOGqtjwPDvm5xTFlc-q3YJfxs5J1GIBNdrkRygFa4NkVMHTTG7BOg0rA1eexulmm3h2V41XwsKIdzv4bvSX7gqJ1GMVoim2Fhau-CaSwgtk8T_28nARaJDpFJgvjYQlFu9MYRNP9f6ZaSYLL8wMb1PZdoOp17ZZzEIYtxI1Nxx2vFSKgYsEVJea9g&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAFXhQCHkItAAhrcCGKFIu_PvOdT-9SKQ&u=%7C53p4L%2Bu0rWPphGaIm%2FFdHttMPf%2BxfQjPlAmgqGmWYW0%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy3JygHL7QPZbHQg5vtw827VIdug1IH5QSs611gFA-0cRVozMc2BBFD8gBDxD-jInhsI4iS1mf-pRLoXmySWDexqH-9_IbotiGyX2mohiwxwROdUgmjxw5Pw97S2AzjYWaC1IJ39NLZixo4wat24Km1b2F66Yo_RBimiZmpfkKfw5MV7wzocfLAA5jRNTEtKqTrG2K4bu1nvax5l_1PQoCv2tf0pbTNL4ZkD2E4eYUJTI1m5DKKObgVyPXctdq31WCGrCWeCvFtmwToCVCzanomCeb5PFmIcyzD9A1EuhCpC8VIv5J35om6a8_U8-jgvR7lFzwoSQpnwsfidUXvzk7PZ26T86gxSOFqzb58KnaIJARXGf9rhzdbQ95c9xDJMatqZKfR7xNFBr&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCevyde5gzYpS8Fa2E-cAP8NahwAHJntKxXI3w4taTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakCe9G6FdCYsj6oAwGqBO4BT9Au4N9rNKlgPoPrun2FJw2X4b2xc_gRfAliicDTR3QVvl_CzV2VAFNje0sYOMARk5LpqzZjJZJb8VUXAs2Kf1R-dyIHGDBR6Zfxri8OzECL7GbLXkPZ7wn_UEK2Lz2f_bIwZGL_eiohLGTntH6ZORC_3kjoWS-SsR3PaR1WMLba9szZl9Zqqi6NxJ_ML-y_x_i4cVPvFdtdW7nO5e2AqopLJw-FBel_Qa-9Rf3cc779RbcjL8c73EPSQXuUR2z_THRrATPqRAGLuGbUIv0cCXtyOu3R9vaurqLaghxo9PT_40lQPNWBYHqI0EyVBIAGmpSN-dWShNO_AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3KvSr1BN8xW0sJ85gB8bUbjlt_dA%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 17 Mar 2022 20:22:20 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 2A90 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAFXhQCHkItAAhrcCGKFIu_PvOdT-9SKQ&u=%7C53p4L%2Bu0rWPphGaIm%2FFdHttMPf%2BxfQjPlAmgqGmWYW0%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy3JygHL7QPZbHQg5vtw827VIdug1IH5QSs611gFA-0cRVozMc2BBFD8gBDxD-jInhsI4iS1mf-pRLoXmySWDexqH-9_IbotiGyX2mohiwxwROdUgmjxw5Pw97S2AzjYWaC1IJ39NLZixo4wat24Km1b2F66Yo_RBimiZmpfkKfw5MV7wzocfLAA5jRNTEtKqTrG2K4bu1nvax5l_1PQoCv2tf0pbTNL4ZkD2E4eYUJTI1m5DKKObgVyPXctdq31WCGrCWeCvFtmwToCVCzanomCeb5PFmIcyzD9A1EuhCpC8VIv5J35om6a8_U8-jgvR7lFzwoSQpnwsfidUXvzk7PZ26T86gxSOFqzb58KnaIJARXGf9rhzdbQ95c9xDJMatqZKfR7xNFBr&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCevyde5gzYpS8Fa2E-cAP8NahwAHJntKxXI3w4taTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakCe9G6FdCYsj6oAwGqBO4BT9Au4N9rNKlgPoPrun2FJw2X4b2xc_gRfAliicDTR3QVvl_CzV2VAFNje0sYOMARk5LpqzZjJZJb8VUXAs2Kf1R-dyIHGDBR6Zfxri8OzECL7GbLXkPZ7wn_UEK2Lz2f_bIwZGL_eiohLGTntH6ZORC_3kjoWS-SsR3PaR1WMLba9szZl9Zqqi6NxJ_ML-y_x_i4cVPvFdtdW7nO5e2AqopLJw-FBel_Qa-9Rf3cc779RbcjL8c73EPSQXuUR2z_THRrATPqRAGLuGbUIv0cCXtyOu3R9vaurqLaghxo9PT_40lQPNWBYHqI0EyVBIAGmpSN-dWShNO_AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3KvSr1BN8xW0sJ85gB8bUbjlt_dA%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Mar 2023 20:22:20 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 2A90 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAFXhQCHkItAAhrcCGKFIu_PvOdT-9SKQ&u=%7C53p4L%2Bu0rWPphGaIm%2FFdHttMPf%2BxfQjPlAmgqGmWYW0%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy3JygHL7QPZbHQg5vtw827VIdug1IH5QSs611gFA-0cRVozMc2BBFD8gBDxD-jInhsI4iS1mf-pRLoXmySWDexqH-9_IbotiGyX2mohiwxwROdUgmjxw5Pw97S2AzjYWaC1IJ39NLZixo4wat24Km1b2F66Yo_RBimiZmpfkKfw5MV7wzocfLAA5jRNTEtKqTrG2K4bu1nvax5l_1PQoCv2tf0pbTNL4ZkD2E4eYUJTI1m5DKKObgVyPXctdq31WCGrCWeCvFtmwToCVCzanomCeb5PFmIcyzD9A1EuhCpC8VIv5J35om6a8_U8-jgvR7lFzwoSQpnwsfidUXvzk7PZ26T86gxSOFqzb58KnaIJARXGf9rhzdbQ95c9xDJMatqZKfR7xNFBr&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCevyde5gzYpS8Fa2E-cAP8NahwAHJntKxXI3w4taTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakCe9G6FdCYsj6oAwGqBO4BT9Au4N9rNKlgPoPrun2FJw2X4b2xc_gRfAliicDTR3QVvl_CzV2VAFNje0sYOMARk5LpqzZjJZJb8VUXAs2Kf1R-dyIHGDBR6Zfxri8OzECL7GbLXkPZ7wn_UEK2Lz2f_bIwZGL_eiohLGTntH6ZORC_3kjoWS-SsR3PaR1WMLba9szZl9Zqqi6NxJ_ML-y_x_i4cVPvFdtdW7nO5e2AqopLJw-FBel_Qa-9Rf3cc779RbcjL8c73EPSQXuUR2z_THRrATPqRAGLuGbUIv0cCXtyOu3R9vaurqLaghxo9PT_40lQPNWBYHqI0EyVBIAGmpSN-dWShNO_AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3KvSr1BN8xW0sJ85gB8bUbjlt_dA%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Mar 2023 20:22:20 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 855B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssJ-Ua-wXl-SAMR05jCwmqClKBIx2QCOJBoqopu7wmPeoz0UjSjsiPPrui-FaVb66KNnQEcdg83eI5u8oMQ2XDIHA&sig=Cg0ArKJSzJWGa_YhNtkKEAE&id=lidar2&mcvt=1073&p=0,0,250,299&mtos=1073,1073,1073,1073,1073&tos=1073,0,0,0,0&v=20220316&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1382012186&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647548539120&rpt=487&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 20:22:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
event.gif
referrer.disqus.com/juggler/ 		43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://referrer.disqus.com/juggler/event.gif?imp=6visu8p1nvuuth&experiment=network_default&variant=fallthrough&service=dynamic&area=top&product=embed&forum=threatminer&zone=thread&version=4c17dbce49f331e55ae0e3654575eb6a&page_url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com%23gsc.tab%3D0%26gsc.q%3Dip.acc.sogou.com%26gsc.page%3D1&page_referrer=&object_type=advertisement&provider=taboola&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&object_id=%5B184193%5D&section=default&verb=load&advertisement_id=184193&forum_id=5993718
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 20:22:20 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Content-Type
image/gif
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
415b2ac65c7d1b6df1383922a2275fda.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame A1CC 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/415b2ac65c7d1b6df1383922a2275fda.jpg
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8e68f00a9da4c1a595c5a1ae865ef53156d34239deabf20ec018734bcbbc637e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 17 Mar 2022 20:22:20 GMT
via
1.1 varnish, 1.1 varnish
age
4414038
edge-cache-tag
335680939579248661493744367728157286530,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag
335680939579248661493744367728157286530,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
85
expiration
expiry-date="Sun, 30 Jan 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/415b2ac65c7d1b6df1383922a2275fda.jpg
content-length
5998
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified
Thu, 30 Dec 2021 16:45:01 GMT
server
nginx
x-timer
S1647548541.735320,VS0,VE0
etag
"9057779dd8dc0e59d29037801b8562e9"
x-served-by
cache-bwi5027-BWI, cache-iad-kjyo7100152-IAD, cache-hhn4081-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 3
5f1d5ba45d16d21b3027a8ac607144eb.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame A1CC 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5f1d5ba45d16d21b3027a8ac607144eb.jpeg
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
22841fbfbd90b3664e6a10924d684e69f3abc6567acac5fac9d83e89b1ff65ab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 17 Mar 2022 20:22:20 GMT
via
1.1 varnish, 1.1 varnish
age
2460770
edge-cache-tag
385489854243790316348739416577429000953,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag
385489854243790316348739416577429000953,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
36
expiration
expiry-date="Fri, 18 Mar 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5f1d5ba45d16d21b3027a8ac607144eb.jpeg
content-length
8254
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Tue, 15 Feb 2022 11:09:32 GMT
server
nginx
x-timer
S1647548541.735440,VS0,VE0
etag
"d4120c9e94bd67839f3ecf49b68a61f5"
x-served-by
cache-bwi5071-BWI, cache-iad-kcgs7200028-IAD, cache-hhn4081-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 8608
357ddf017e7a016913d2a99816a96520.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame A1CC 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/357ddf017e7a016913d2a99816a96520.png
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bb35c990687adce309473f322847f1ed00df5d747b878d1c1fb17ed08bb4c6d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 17 Mar 2022 20:22:20 GMT
via
1.1 varnish, 1.1 varnish
age
1425441
edge-cache-tag
331637262338431415085098021364481681079,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag
331637262338431415085098021364481681079,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
98
x-envoy-upstream-service-time
36
expiration
expiry-date="Thu, 03 Mar 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/357ddf017e7a016913d2a99816a96520.png
content-length
9512
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Mon, 31 Jan 2022 10:51:26 GMT
server
nginx
x-timer
S1647548541.736029,VS0,VE0
etag
"87446e6c385ef4aea9b830a03e955e15"
x-served-by
cache-wdc5565-WDC, cache-iad-kjyo7100074-IAD, cache-hhn4081-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 3
edf611c43d4542531888c3d1a31ba942.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame A1CC 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/edf611c43d4542531888c3d1a31ba942.png
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c1cb0391a7350246e78b832768ac97c5c45b7375a8d6d03f9f72c90ce3e6b45c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 17 Mar 2022 20:22:20 GMT
via
1.1 varnish, 1.1 varnish
age
2488711
edge-cache-tag
567986803542660119462745307891726157490,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag
567986803542660119462745307891726157490,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
87
expiration
expiry-date="Thu, 17 Feb 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/edf611c43d4542531888c3d1a31ba942.png
content-length
6034
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified
Mon, 17 Jan 2022 15:46:45 GMT
server
nginx
x-timer
S1647548541.736195,VS0,VE0
etag
"ed89d241173a4a1d86b4291b6c538a0d"
x-served-by
cache-bwi5071-BWI, cache-iad-kiad7000140-IAD, cache-hhn4081-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 3
943de76840269fb52eeedcfbda616580.jfif
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame A1CC 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/943de76840269fb52eeedcfbda616580.jfif
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
219bae97d4f16ea48ffb78a363182c5ea2a3937488b03fb74a89b60d0e80aa50

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 17 Mar 2022 20:22:20 GMT
via
1.1 varnish, 1.1 varnish
age
1476724
edge-cache-tag
444910687945873722450631421443045237597,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag
444910687945873722450631421443045237597,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
33
expiration
expiry-date="Thu, 31 Mar 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/943de76840269fb52eeedcfbda616580.jfif
content-length
7644
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Mon, 28 Feb 2022 13:54:45 GMT
server
nginx
x-timer
S1647548541.736313,VS0,VE0
etag
"09f58cd643a292308391d9f63dd89239"
x-served-by
cache-bwi5079-BWI, cache-iad-kjyo7100169-IAD, cache-hhn4081-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 4
5caf2e65bec1862417560f766e3017ed.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame A1CC 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5caf2e65bec1862417560f766e3017ed.jpg
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
69d3945a8d076a254a46eacaee06ae6cf7db0306c8727fd7c451f23c3a2b26ce

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 17 Mar 2022 20:22:20 GMT
via
1.1 varnish, 1.1 varnish
age
3164341
edge-cache-tag
473510749030488951307065470310466400699,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag
473510749030488951307065470310466400699,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
112
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5caf2e65bec1862417560f766e3017ed.jpg
content-length
29726
x-request-id
959079ffd786581231ed20a2ea40f354
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified
Sat, 22 Jan 2022 00:27:45 GMT
server
nginx
x-timer
S1647548541.736399,VS0,VE0
etag
"0a4c867f6f6dfd844a117a9a44931b11"
x-served-by
cache-wdc5570-WDC, cache-iad-kcgs7200035-IAD, cache-hhn4081-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
event.gif
referrer.disqus.com/juggler/ 		43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://referrer.disqus.com/juggler/event.gif?imp=6visu8p1nvuuth&experiment=network_default&variant=fallthrough&service=dynamic&area=bottom&product=embed&forum=threatminer&zone=thread&version=4c17dbce49f331e55ae0e3654575eb6a&page_url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com%23gsc.tab%3D0%26gsc.q%3Dip.acc.sogou.com%26gsc.page%3D1&page_referrer=&object_type=advertisement&provider=taboola&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&object_id=%5B184193%5D&section=default&verb=load&advertisement_id=184193&forum_id=5993718
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 20:22:20 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Content-Type
image/gif
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
j5FK-xqV
pbs.twimg.com/card_img/1503869678833311745/ Frame 6DB9 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1503869678833311745/j5FK-xqV?format=png&name=800x419
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline.4391e0bf4053fbaa2a022e3fad2a1e1a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CEA) /
Resource Hash
f1a5c62afaf2fe49a1885b10bc57bd0b1b14a59d9939bc0c4f9c8f4bad6ab6ef
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
x-content-type-options
nosniff
age
162308
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length
24299
x-response-time
248
surrogate-key
card_img card_img/bucket/2 card_img/1503869678833311745
last-modified
Tue, 15 Mar 2022 23:02:06 GMT
server
ECS (mil/6CEA)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ, VZ"
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
9800fad6bb6344ffe5b35eea87f64a1006f082d5094aa3c6c6b344c448253180
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
d_Ec54wO
pbs.twimg.com/card_img/1499742163705360384/ Frame 6DB9 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1499742163705360384/d_Ec54wO?format=png&name=600x314
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline.4391e0bf4053fbaa2a022e3fad2a1e1a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE6) /
Resource Hash
f6a8ee66594aca8034752c88745d4ab5c134408b2e0413e05477c176b111d0d5
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
x-content-type-options
nosniff
age
310918
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length
22774
x-response-time
238
surrogate-key
card_img card_img/bucket/2 card_img/1499742163705360384
last-modified
Fri, 04 Mar 2022 13:40:50 GMT
server
ECS (mil/6CE6)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ, VZ"
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
8f1862f7f570ee9410e6040ec6009081b649a2afcff22d1110829c31dc2500bd
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
HQWxE4e6
pbs.twimg.com/card_img/1503706247786287107/ Frame 6DB9 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1503706247786287107/HQWxE4e6?format=png&name=600x314
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline.4391e0bf4053fbaa2a022e3fad2a1e1a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE8) /
Resource Hash
106f36a58408c097b1febcc9f0fe8fdf3dc79fb29b120f06e2172dcc1ac0c921
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
x-content-type-options
nosniff
age
201297
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=2
content-length
27527
x-response-time
274
surrogate-key
card_img card_img/bucket/7 card_img/1503706247786287107
last-modified
Tue, 15 Mar 2022 12:12:41 GMT
server
ECS (mil/6CE8)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
bc2bc074372225456c94d66f4b2e47e5db0b78eb7dd98935f705ad90d34f991f
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
gXNXeni9
pbs.twimg.com/card_img/1504217905516318724/ Frame 6DB9 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1504217905516318724/gXNXeni9?format=jpg&name=600x314
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline.4391e0bf4053fbaa2a022e3fad2a1e1a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CF0) /
Resource Hash
7be5f63793eef79dfde6edc1d8e29918e831ac49766cdc8f03960efd1550fa74
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
x-content-type-options
nosniff
age
78877
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=2
content-length
46803
x-response-time
262
surrogate-key
card_img card_img/bucket/5 card_img/1504217905516318724
last-modified
Wed, 16 Mar 2022 22:05:50 GMT
server
ECS (mil/6CF0)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
42819c73ee507d1d88ac8da4ee93694fe498c5e2dfe41806aba36dda53eea4a3
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
rizT9sQe
pbs.twimg.com/card_img/1503738367548211201/ Frame 6DB9 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1503738367548211201/rizT9sQe?format=jpg&name=600x314
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline.4391e0bf4053fbaa2a022e3fad2a1e1a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CF4) /
Resource Hash
268dfb1131e147b12fe728c27f9e8186fa739a25a9ab7d70946d9e8d1d5b597a
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
x-content-type-options
nosniff
age
193814
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=2
content-length
21586
x-response-time
265
surrogate-key
card_img card_img/bucket/5 card_img/1503738367548211201
last-modified
Tue, 15 Mar 2022 14:20:19 GMT
server
ECS (mil/6CF4)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
cd9ea3246dbd77fdc928a145b801d8d641be4b0bd6401e017e21ca9ea259e453
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
mbx8mGDx
pbs.twimg.com/card_img/1504263718779170823/ Frame 6DB9 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1504263718779170823/mbx8mGDx?format=jpg&name=600x314
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline.4391e0bf4053fbaa2a022e3fad2a1e1a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CEC) /
Resource Hash
edce17cae96873e2cf08323e45f8316b500e4596563b8c69b63e162250038e91
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
x-content-type-options
nosniff
age
67512
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=2
content-length
26818
x-response-time
245
surrogate-key
card_img card_img/bucket/3 card_img/1504263718779170823
last-modified
Thu, 17 Mar 2022 01:07:53 GMT
server
ECS (mil/6CEC)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
f1d5cf86a4ac3062e7b4242386206f97bab10c239e623172000bb2d536db5263
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
vO8hHfAO
pbs.twimg.com/card_img/1503605537594052610/ Frame 6DB9 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1503605537594052610/vO8hHfAO?format=jpg&name=600x314
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline.4391e0bf4053fbaa2a022e3fad2a1e1a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CEB) /
Resource Hash
558e624c6b2b348a585985d9204bf4c76539d9b66a40f9fb0c6c23d341f5468b
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
x-content-type-options
nosniff
age
225320
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length
24904
x-response-time
293
surrogate-key
card_img card_img/bucket/3 card_img/1503605537594052610
last-modified
Tue, 15 Mar 2022 05:32:30 GMT
server
ECS (mil/6CEB)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
4bbfef27e81e9df0ac7c18fd715fa356ee2809b47eb7834b498da1442f4fa1a2
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
3UAW7s5h_normal.png
pbs.twimg.com/profile_images/653471756741685248/ Frame 6DB9 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/653471756741685248/3UAW7s5h_normal.png
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE6) /
Resource Hash
a98187a68b2512ba8073f68fb559db3b672ad9a36459d74af942d8bb4ed3278f
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
x-content-type-options
nosniff
age
268413
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length
5151
x-response-time
122
surrogate-key
profile_images profile_images/bucket/7 profile_images/653471756741685248
last-modified
Mon, 12 Oct 2015 07:24:22 GMT
server
ECS (mil/6CE6)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ, VZ"
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
7f51c74e9aff46e897d4d943c1e62bc53b58d7dfcd75d0110bb950284b785686
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
aMbi352I_normal.jpg
pbs.twimg.com/profile_images/1481284390932074499/ Frame 6DB9 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1481284390932074499/aMbi352I_normal.jpg
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CF4) /
Resource Hash
5f82d10b244c0811546fce6bc98e767655bceee2b7f41c6b41aef2e630a1ace8
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
x-content-type-options
nosniff
age
103484
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length
2567
x-response-time
121
surrogate-key
profile_images profile_images/bucket/1 profile_images/1481284390932074499
last-modified
Wed, 12 Jan 2022 15:16:14 GMT
server
ECS (mil/6CF4)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
a872bdc1eded72a7408842fc2202e36e0be82e405c6ab0bfba06f4873b07a532
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
5q1AbFXy_normal.jpg
pbs.twimg.com/profile_images/1346196937985433601/ Frame 6DB9 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1346196937985433601/5q1AbFXy_normal.jpg
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CEE) /
Resource Hash
91b4ac439a88193b25a302f46fc9a2b0c5455ca4b1f30b7406a541fbc6201200
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
x-content-type-options
nosniff
age
131842
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length
2263
x-response-time
121
surrogate-key
profile_images profile_images/bucket/0 profile_images/1346196937985433601
last-modified
Mon, 04 Jan 2021 20:46:55 GMT
server
ECS (mil/6CEE)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ, VZ"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
bccf6255a5f9dc080ea62b70826584c87d89839c672cc030494eb5d12305b467
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
bMS2a9P1_normal.jpg
pbs.twimg.com/profile_images/1294860240299728897/ Frame 6DB9 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1294860240299728897/bMS2a9P1_normal.jpg
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CED) /
Resource Hash
91ccad943b75171869dacbe5c42de58887b92a1d9fbc567651ade87e7193984d
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
x-content-type-options
nosniff
age
46456
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length
1883
x-response-time
110
surrogate-key
profile_images profile_images/bucket/5 profile_images/1294860240299728897
last-modified
Sun, 16 Aug 2020 04:53:13 GMT
server
ECS (mil/6CED)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
4dc3b0a7191fd01e7cbbc1c5b0a53c6cb9256d80f395064e6ab22f4754c864db
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
XHt2EJFn_normal.jpg
pbs.twimg.com/profile_images/753748648085848065/ Frame 6DB9 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/753748648085848065/XHt2EJFn_normal.jpg
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CF8) /
Resource Hash
5a7b3090bd9f8835e6add21f9c4e519a19af8fcedb40d3e9488d0e5e23a2fe36
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
x-content-type-options
nosniff
age
201363
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length
1807
x-response-time
111
surrogate-key
profile_images profile_images/bucket/0 profile_images/753748648085848065
last-modified
Fri, 15 Jul 2016 00:28:56 GMT
server
ECS (mil/6CF8)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ, VZ"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
96775d8a2de8811049b82b73c026344a5b99254d8ee680be9c5890d44c5b946c
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
xWoK6KuP_normal.jpg
pbs.twimg.com/profile_images/1463883343079088138/ Frame 6DB9 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1463883343079088138/xWoK6KuP_normal.jpg
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CF8) /
Resource Hash
70f157c3fb7e1d05c83d4f8f269d9c6b67203e37863329eefc5202b97af308cc
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
x-content-type-options
nosniff
age
14826
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length
2035
x-response-time
111
surrogate-key
profile_images profile_images/bucket/3 profile_images/1463883343079088138
last-modified
Thu, 25 Nov 2021 14:50:41 GMT
server
ECS (mil/6CF8)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ, VZ"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
955c999198b524328c98afd7924f666b5f2349965eb156a830542a7e49f60f30
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
5MAHUhST_normal.jpg
pbs.twimg.com/profile_images/1367943482053115905/ Frame 6DB9 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1367943482053115905/5MAHUhST_normal.jpg
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CFA) /
Resource Hash
28350b1ee2c38c7a5eb134d520dedd01ab578d81c2ebe814e63e5d212c6ab1f1
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
x-content-type-options
nosniff
age
456653
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=4
content-length
2111
x-response-time
113
surrogate-key
profile_images profile_images/bucket/0 profile_images/1367943482053115905
last-modified
Fri, 05 Mar 2021 20:59:55 GMT
server
ECS (mil/6CFA)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ, VZ"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
05d28eb12356820d117b493ef655264945d6959c6ce97c6e689a5e7809974706
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
Zpfst2wh_normal.jpg
pbs.twimg.com/profile_images/1165118373585403904/ Frame 6DB9 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1165118373585403904/Zpfst2wh_normal.jpg
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CF5) /
Resource Hash
999a740fc678f340320d75cf6083acc26c1d005b81d6819cc3af4598b328d503
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
x-content-type-options
nosniff
age
351749
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length
1959
x-response-time
117
surrogate-key
profile_images profile_images/bucket/6 profile_images/1165118373585403904
last-modified
Sat, 24 Aug 2019 04:25:21 GMT
server
ECS (mil/6CF5)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ, VZ"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
9360bf0dd4c78774c5b47652edf1e48747ea3e10c2967e77e55d548268231fea
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
0YdvRUp3_normal.jpg
pbs.twimg.com/profile_images/1233771657581547523/ Frame 6DB9 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1233771657581547523/0YdvRUp3_normal.jpg
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CDF) /
Resource Hash
1de1b94f2eb27f99f30e3a3afdfc9db5333cca95520d2342b73ee5db60fd8bae
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
x-content-type-options
nosniff
age
82948
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length
1959
x-response-time
107
surrogate-key
profile_images profile_images/bucket/0 profile_images/1233771657581547523
last-modified
Sat, 29 Feb 2020 15:09:00 GMT
server
ECS (mil/6CDF)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ, VZ"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
347ce7e9ff2ea827cb390a2d0553a30252600c6e03f309fe53de91d8c4285da3
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
PpXyevIF_normal.jpg
pbs.twimg.com/profile_images/817871248063610881/ Frame 6DB9 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/817871248063610881/PpXyevIF_normal.jpg
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CF6) /
Resource Hash
605eefd6f113ffc50e197d237861a4fbfefc52a781370ed5ad047e2e32632091
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
x-content-type-options
nosniff
age
76356
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=2
content-length
1883
x-response-time
110
surrogate-key
profile_images profile_images/bucket/9 profile_images/817871248063610881
last-modified
Sat, 07 Jan 2017 23:09:15 GMT
server
ECS (mil/6CF6)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
34d7b04352a988fff6163ce229ca2f4d8f888b99dcdcd99068ca478484f76f47
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
E520b31VIAMiSRo
pbs.twimg.com/media/ Frame 6DB9 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/E520b31VIAMiSRo?format=jpg&name=small
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CF5) /
Resource Hash
bdb581fa06f3f03a95aabe175a9d30c381faaf15cc34c35a0ff4c5cc13c45f48
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
x-content-type-options
nosniff
age
297229
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length
38316
x-response-time
117
surrogate-key
media media/bucket/3 media/1413484249001304067
last-modified
Fri, 09 Jul 2021 13:02:40 GMT
server
ECS (mil/6CF5)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ, VZ"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
47b9e591a12b30792b7102048cc98d98b2a9d51f15f7ea81f14428970260e372
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
EJQs_KmUcAAujwA
pbs.twimg.com/media/ Frame 6DB9 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/EJQs_KmUcAAujwA?format=jpg&name=small
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE5) /
Resource Hash
058b7f33a61ef0de50995d1e74f6d171f0923c3305824a47bf588c6c4cf2fd8a
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
x-content-type-options
nosniff
age
429687
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length
31653
x-response-time
115
surrogate-key
media media/bucket/9 media/1194629264848482304
last-modified
Wed, 13 Nov 2019 14:51:06 GMT
server
ECS (mil/6CE5)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ, VZ"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
56858944702bf61d88a36d4c37981731fd20af5230ede0fb1ae676cd740809b8
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
D2wzfrBX4AEGE9H
pbs.twimg.com/tweet_video_thumb/ Frame 6DB9 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/tweet_video_thumb/D2wzfrBX4AEGE9H?format=jpg&name=small
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CEF) /
Resource Hash
3d56f2bc68d9d190a05df1dc24bd2653eaff3c20660fa4e8b4fda71ebd8ada64
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
x-content-type-options
nosniff
age
45998
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length
3024
x-response-time
109
surrogate-key
tweet_video_thumb tweet_video_thumb/bucket/1 tweet_video_thumb/1111319827271114753
last-modified
Thu, 28 Mar 2019 17:29:08 GMT
server
ECS (mil/6CEF)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
5f01f82c395d24254e8cb56df1d4fbb9182dad2a7c0e9285b870da31d5eb3aa9
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
D1ErO9GW0AQ_Cn_
pbs.twimg.com/tweet_video_thumb/ Frame 6DB9 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/tweet_video_thumb/D1ErO9GW0AQ_Cn_?format=jpg&name=small
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CF6) /
Resource Hash
0df35dc4906a0b5425ab3e2dd3e7b4aee3c01734f8966c3f38aade193df6bbca
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
x-content-type-options
nosniff
age
426830
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=2
content-length
4144
x-response-time
110
surrogate-key
tweet_video_thumb tweet_video_thumb/bucket/9 tweet_video_thumb/1103710919601868804
last-modified
Thu, 07 Mar 2019 17:34:03 GMT
server
ECS (mil/6CF6)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
b2b51f62508217ea6c24aace6e94c0cbfc66f7566f1b11c86c242858000e6760
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
D05-zlYXgAUGuMn
pbs.twimg.com/media/ Frame 6DB9 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/D05-zlYXgAUGuMn?format=jpg&name=small
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CF6) /
Resource Hash
4a2266339c6f702080a356cb4823f95f42dfb25eb49dc3b5f6d56711761379a6
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
x-content-type-options
nosniff
age
541381
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=2
content-length
43575
x-response-time
108
surrogate-key
media media/bucket/5 media/1102958383425093637
last-modified
Tue, 05 Mar 2019 15:43:45 GMT
server
ECS (mil/6CF6)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
e7f1ed472bff1bc052b4789398118f5cfb94b509a19569d4f8e1bfd933f3006d
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
UnitWidgetItemDesktop.min.js
vidstat.taboola.com/lite-unit/1.4.0/ Frame 7E0E 		79 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/1.4.0/UnitWidgetItemDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220317-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e92552bc193c8bae835c7b6db6eea8a39593fa14fb75a227f738c415330cc84e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
via
1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront), 1.1 varnish
age
73324
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
23743
x-served-by
cache-hhn4081-HHN
last-modified
Tue, 31 Mar 2020 13:14:35 GMT
server
AmazonS3
x-timer
S1647548541.788469,VS0,VE0
etag
"b683c290896a82c974838a04b4ea4aff"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
WiS0fh_cXILKTu8bUdrsdhq5IsQD6YXsCWXO_RK6jQQzsgdiU8eYFQ==
x-cache-hits
10
creative_js.js
vidstat.taboola.com/vpaid/units/27_2_17/creatives/ Frame A1CC 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220317-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6258018e9f890f2383a09a2be6df7792affd977d856e7247ace8341f5b5487f0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
via
1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront), 1.1 varnish
age
1027342
x-amz-meta-mtime
1580720676
x-cache
Hit from cloudfront, HIT
x-amz-meta-ctime
1580720957
x-amz-meta-mode
33188
content-encoding
gzip
content-length
1904
x-served-by
cache-hhn4081-HHN
last-modified
Mon, 03 Feb 2020 09:09:18 GMT
server
AmazonS3
x-timer
S1647548541.791556,VS0,VE0
etag
"d80eacb3ed43f93a2da80d76e65d19a8"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
application/javascript
access-control-allow-headers
*
x-amz-cf-id
weURnwUwOHgFt6bTo3Iz_wVjW8GmAzFabBY2qdh0wOmhvZi_Ab2wtQ==
x-cache-hits
41600
activeview
pagead2.googlesyndication.com/pcs/ Frame 68F5 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvt1-Du_dpPLy6OEhPjn4SeLuYI7IIiBI4YTroctMw4cD9oMu-R-jDiTUZ7Hw6uLZ-UoggEGGK9-pR4b4wD7zzyPg&sig=Cg0ArKJSzMA7GwjHBvFKEAE&id=lidar2&mcvt=1077&p=0,0,200,1182&mtos=1077,1077,1077,1077,1077&tos=1077,0,0,0,0&v=20220316&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2644663765&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647548539229&rpt=470&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 20:22:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ Frame 6DB9 		44 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C76) /
Resource Hash
a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32048
x-ton-expected-size
45170
x-cache
HIT
vary
Accept-Encoding
content-length
6839
x-response-time
6
surrogate-key
tfw
last-modified
Tue, 14 May 2019 18:53:54 GMT
server
ECAcc (mil/6C76)
etag
"4mhImCFS9rptiUICNnLD1g=="
strict-transport-security
max-age=631138519
content-type
text/css
access-control-allow-origin
*
x-connection-hash
f2d71a88dc5e2516ed6eb8b6e7ac7b5ce3a09eb5474e23db12934ea2374fa4cf
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Thu, 24 Mar 2022 20:22:20 GMT
syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C76) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32048
x-ton-expected-size
45170
x-cache
HIT
vary
Accept-Encoding
content-length
6839
x-response-time
6
surrogate-key
tfw
last-modified
Tue, 14 May 2019 18:53:54 GMT
server
ECAcc (mil/6C76)
etag
"4mhImCFS9rptiUICNnLD1g=="
strict-transport-security
max-age=631138519
content-type
text/css
access-control-allow-origin
*
x-connection-hash
f2d71a88dc5e2516ed6eb8b6e7ac7b5ce3a09eb5474e23db12934ea2374fa4cf
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Thu, 24 Mar 2022 20:22:20 GMT
creative_js.js
vidstat.taboola.com/vpaid/units/27_2_17/creatives/ Frame 7E0E 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220317-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6258018e9f890f2383a09a2be6df7792affd977d856e7247ace8341f5b5487f0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
via
1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront), 1.1 varnish
age
1027342
x-amz-meta-mtime
1580720676
x-cache
Hit from cloudfront, HIT
x-amz-meta-ctime
1580720957
x-amz-meta-mode
33188
content-encoding
gzip
content-length
1904
x-served-by
cache-hhn4081-HHN
last-modified
Mon, 03 Feb 2020 09:09:18 GMT
server
AmazonS3
x-timer
S1647548541.835883,VS0,VE0
etag
"d80eacb3ed43f93a2da80d76e65d19a8"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
application/javascript
access-control-allow-headers
*
x-amz-cf-id
weURnwUwOHgFt6bTo3Iz_wVjW8GmAzFabBY2qdh0wOmhvZi_Ab2wtQ==
x-cache-hits
41601
3c188aa99fad5c48d7282a7b12121b0c.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 7E0E 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3c188aa99fad5c48d7282a7b12121b0c.jpg
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2233b5245323b0dd4fc358cfa901b52db32efbe201043b4e7ac5e5455e237ba2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 17 Mar 2022 20:22:20 GMT
via
1.1 varnish, 1.1 varnish
age
3222431
edge-cache-tag
343936481254991481097575987301493665269,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag
343936481254991481097575987301493665269,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
152
expiration
expiry-date="Thu, 10 Mar 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3c188aa99fad5c48d7282a7b12121b0c.jpg
content-length
10940
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Mon, 07 Feb 2022 14:51:15 GMT
server
nginx
x-timer
S1647548541.841239,VS0,VE0
etag
"7f70762d7084f958817cbb196443c968"
x-served-by
cache-bwi5075-BWI, cache-iad-kcgs7200099-IAD, cache-hhn4081-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
fc47205c0ca2dce69b72d3f6b5ea6e0f.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 7E0E 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fc47205c0ca2dce69b72d3f6b5ea6e0f.jpeg
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
93f393a2b1de6e84b23b0eb105987bd779b48e788c48b7a91db7becf6e237218

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 17 Mar 2022 20:22:20 GMT
via
1.1 varnish, 1.1 varnish
age
280687
edge-cache-tag
365836330699709642365401133871586342678,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag
365836330699709642365401133871586342678,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
453
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fc47205c0ca2dce69b72d3f6b5ea6e0f.jpeg
content-length
11244
x-request-id
a11b7ccd43dedd6d5862f926a62318ae
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Mon, 14 Mar 2022 12:06:42 GMT
server
nginx
x-timer
S1647548541.845311,VS0,VE0
etag
"db036f3de24fd53ed87df577a05b01c0"
x-served-by
cache-bwi5059-BWI, cache-iad-kjyo7100066-IAD, cache-hhn4081-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
943de76840269fb52eeedcfbda616580.jfif
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 7E0E 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/943de76840269fb52eeedcfbda616580.jfif
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
219bae97d4f16ea48ffb78a363182c5ea2a3937488b03fb74a89b60d0e80aa50

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 17 Mar 2022 20:22:20 GMT
via
1.1 varnish, 1.1 varnish
age
1476724
edge-cache-tag
444910687945873722450631421443045237597,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag
444910687945873722450631421443045237597,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
33
expiration
expiry-date="Thu, 31 Mar 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/943de76840269fb52eeedcfbda616580.jfif
content-length
7644
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Mon, 28 Feb 2022 13:54:45 GMT
server
nginx
x-timer
S1647548541.849925,VS0,VE0
etag
"09f58cd643a292308391d9f63dd89239"
x-served-by
cache-bwi5079-BWI, cache-iad-kjyo7100169-IAD, cache-hhn4081-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 5
45fba52f57e5a3036342c9f31469159e.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 7E0E 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/45fba52f57e5a3036342c9f31469159e.jpg
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c7de9bb00906bb0a8f142d28228417b097cef7eeb84456bdd531f5e9a7ec454c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 17 Mar 2022 20:22:20 GMT
via
1.1 varnish, 1.1 varnish
age
37740
edge-cache-tag
332343129876768491095563592186744983175,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag
332343129876768491095563592186744983175,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
519
x-cache
MISS, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/45fba52f57e5a3036342c9f31469159e.jpg
content-length
7884
x-request-id
b024541bf9bd0b01ec4f9826406bbd6b
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Thu, 17 Mar 2022 07:36:49 GMT
server
nginx
x-timer
S1647548541.854517,VS0,VE0
etag
"cc6d13c333130a9a4228046bb5d24344"
x-served-by
cache-wdc5520-WDC, cache-iad-kcgs7200046-IAD, cache-hhn4081-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 2
75af26290d1c422fa1348137bc6a4b68.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 7E0E 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/75af26290d1c422fa1348137bc6a4b68.jpg
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bb6fe6ea51772638f8c2a04593fa4ee92717aa3d899c2def04b8509c50975e3a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 17 Mar 2022 20:22:20 GMT
via
1.1 varnish, 1.1 varnish
age
1421794
edge-cache-tag
419649402235686168963062171367090614525,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag
419649402235686168963062171367090614525,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
224
expiration
expiry-date="Thu, 31 Mar 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/75af26290d1c422fa1348137bc6a4b68.jpg
content-length
13410
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified
Mon, 28 Feb 2022 13:55:56 GMT
server
nginx
x-timer
S1647548541.864814,VS0,VE0
etag
"f01cf5dde89f9c09245b94dcab16040e"
x-served-by
cache-bwi5032-BWI, cache-iad-kcgs7200115-IAD, cache-hhn4081-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
195cb737df8de9f19504199374e47f60.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 7E0E 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/195cb737df8de9f19504199374e47f60.jpg
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d98cbae27516de590fffa26b6d3c6a4cda56092313c4e00848b34759ed5a9a8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 17 Mar 2022 20:22:20 GMT
via
1.1 varnish, 1.1 varnish
age
1591728
edge-cache-tag
420576888841939107814244004741557393202,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag
420576888841939107814244004741557393202,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
648
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/195cb737df8de9f19504199374e47f60.jpg
content-length
7962
x-request-id
c1a86cbaea092c3eb177a73aaf6ca88f
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified
Sun, 20 Feb 2022 09:22:38 GMT
server
nginx
x-timer
S1647548541.864948,VS0,VE0
etag
"2f5ba94376aef424c891a505b2c06be1"
x-served-by
cache-wdc5525-WDC, cache-iad-kiad7000048-IAD, cache-hhn4081-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 4
animejs.js
static.criteo.net/animejs/ Frame 924A 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEavYKGRsCAA0K8fBPL5xdFtQ0QUk4Yw&u=%7C53p4L%2Bu0rWOy%2F1rxsRFMKk8g3%2FwCUHl5uNb%2FH5tIBVw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfbhC2m1A6WTTEufLo8HoGRYa45YGGUAqy4AywvQ9yT2o3NG4NRf_zk2AHO8p_D4_vw6pd7lHRffu6TqJCil9_8wBCVgY4uxrNspSo4_0e9Fz2qaio3WlqPiJDlw2CDCbzwuVhocKugljEil8NHkN2XJEXiZLjCB-dHZGuBvlyFLWUBh8H6TNRYvPhKYE8upM2qF-YvQ2jZrVsDCvlp5cmwVGtYuHqqJejZdW7IyszhHn9egG93dVJ1d5rIP_GHpsj7NCxxq1OSQLPk_b6zBrSs8zu-oJNdPL0PVFkzqCHjXQrB7NsjN51SLc-b2Ll2inWvRJlf0YEjtQ7cWS1O7cFJNcqI5k7jO0e8H115i6cF0LCzf_ugHj5Xv&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCobgwe5gzYvbVEYK2ZPGVtPAGyZ7SsVyF_pf3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBO4BT9CEZO93g4eJ6gbs4-12BnhlNfLYyQfUue_RqEvSbo37BXK1SQ2V600cP_YMd8-9y5ND-C_PXc8M-OTEk71GwryjLL6Cbsu45lNN-BMskkbVG1B8_aSSudt4V2-AfTCDvQtQE-UOTQ7Nko9OuSLwZ9LDJ-xN697JYQ5jULaSsyblRyeMV8RN4VRfGDjEHO3Nmi8mBpA83pezEOFdsUQO54FYZDRODyCt-XC4u1rHTVG0YZyr9CN4ivDte_b8frmIA-iDNIUONNBzr0kNWKs4jhacuUok5PEeyzwPQvZlEoST52NQieE1czH8U3H0noAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0uiMg3xn3GRAMDHZFAVg0e76_qKw%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Mar 2023 20:22:20 GMT
img
pix.eu.criteo.net/img/ Frame 924A 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=396&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F79f2c646e3f74b54931cff1f39d769d0_blue.png&v=3&w=196&s=VeFegqT8bXFJP1TUO2R8q-fm
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEavYKGRsCAA0K8fBPL5xdFtQ0QUk4Yw&u=%7C53p4L%2Bu0rWOy%2F1rxsRFMKk8g3%2FwCUHl5uNb%2FH5tIBVw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfbhC2m1A6WTTEufLo8HoGRYa45YGGUAqy4AywvQ9yT2o3NG4NRf_zk2AHO8p_D4_vw6pd7lHRffu6TqJCil9_8wBCVgY4uxrNspSo4_0e9Fz2qaio3WlqPiJDlw2CDCbzwuVhocKugljEil8NHkN2XJEXiZLjCB-dHZGuBvlyFLWUBh8H6TNRYvPhKYE8upM2qF-YvQ2jZrVsDCvlp5cmwVGtYuHqqJejZdW7IyszhHn9egG93dVJ1d5rIP_GHpsj7NCxxq1OSQLPk_b6zBrSs8zu-oJNdPL0PVFkzqCHjXQrB7NsjN51SLc-b2Ll2inWvRJlf0YEjtQ7cWS1O7cFJNcqI5k7jO0e8H115i6cF0LCzf_ugHj5Xv&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCobgwe5gzYvbVEYK2ZPGVtPAGyZ7SsVyF_pf3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBO4BT9CEZO93g4eJ6gbs4-12BnhlNfLYyQfUue_RqEvSbo37BXK1SQ2V600cP_YMd8-9y5ND-C_PXc8M-OTEk71GwryjLL6Cbsu45lNN-BMskkbVG1B8_aSSudt4V2-AfTCDvQtQE-UOTQ7Nko9OuSLwZ9LDJ-xN697JYQ5jULaSsyblRyeMV8RN4VRfGDjEHO3Nmi8mBpA83pezEOFdsUQO54FYZDRODyCt-XC4u1rHTVG0YZyr9CN4ivDte_b8frmIA-iDNIUONNBzr0kNWKs4jhacuUok5PEeyzwPQvZlEoST52NQieE1czH8U3H0noAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0uiMg3xn3GRAMDHZFAVg0e76_qKw%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
bfcd7a262745ac2a8520d46dbe261c5db424c001970e9ebe83c440bfb48454f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29522910
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
6722
expires
Wed, 22 Feb 2023 13:10:51 GMT
img
pix.eu.criteo.net/img/ Frame 924A 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FE%2FlogoFALKENSERVICE-SECURITY-e-K-290081DE-2202081350.gif%3Feb%3D1&v=3&w=400&s=zChjUjeY6x2C7EIMaxgtIWnA&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEavYKGRsCAA0K8fBPL5xdFtQ0QUk4Yw&u=%7C53p4L%2Bu0rWOy%2F1rxsRFMKk8g3%2FwCUHl5uNb%2FH5tIBVw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfbhC2m1A6WTTEufLo8HoGRYa45YGGUAqy4AywvQ9yT2o3NG4NRf_zk2AHO8p_D4_vw6pd7lHRffu6TqJCil9_8wBCVgY4uxrNspSo4_0e9Fz2qaio3WlqPiJDlw2CDCbzwuVhocKugljEil8NHkN2XJEXiZLjCB-dHZGuBvlyFLWUBh8H6TNRYvPhKYE8upM2qF-YvQ2jZrVsDCvlp5cmwVGtYuHqqJejZdW7IyszhHn9egG93dVJ1d5rIP_GHpsj7NCxxq1OSQLPk_b6zBrSs8zu-oJNdPL0PVFkzqCHjXQrB7NsjN51SLc-b2Ll2inWvRJlf0YEjtQ7cWS1O7cFJNcqI5k7jO0e8H115i6cF0LCzf_ugHj5Xv&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCobgwe5gzYvbVEYK2ZPGVtPAGyZ7SsVyF_pf3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBO4BT9CEZO93g4eJ6gbs4-12BnhlNfLYyQfUue_RqEvSbo37BXK1SQ2V600cP_YMd8-9y5ND-C_PXc8M-OTEk71GwryjLL6Cbsu45lNN-BMskkbVG1B8_aSSudt4V2-AfTCDvQtQE-UOTQ7Nko9OuSLwZ9LDJ-xN697JYQ5jULaSsyblRyeMV8RN4VRfGDjEHO3Nmi8mBpA83pezEOFdsUQO54FYZDRODyCt-XC4u1rHTVG0YZyr9CN4ivDte_b8frmIA-iDNIUONNBzr0kNWKs4jhacuUok5PEeyzwPQvZlEoST52NQieE1czH8U3H0noAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0uiMg3xn3GRAMDHZFAVg0e76_qKw%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
6ebf6e3119f960929b7dfc03c768bc514a80964aaaec1f73fee86c64eb1b6c71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2071632
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
5186
expires
Sun, 10 Apr 2022 19:49:33 GMT
img
pix.eu.criteo.net/img/ Frame 924A 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FZ%2FlogoZEISS-3427DE.gif%3Feb%3D1&v=3&w=400&s=57jpJpXqQqO6aPmte_wy5ihf&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEavYKGRsCAA0K8fBPL5xdFtQ0QUk4Yw&u=%7C53p4L%2Bu0rWOy%2F1rxsRFMKk8g3%2FwCUHl5uNb%2FH5tIBVw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfbhC2m1A6WTTEufLo8HoGRYa45YGGUAqy4AywvQ9yT2o3NG4NRf_zk2AHO8p_D4_vw6pd7lHRffu6TqJCil9_8wBCVgY4uxrNspSo4_0e9Fz2qaio3WlqPiJDlw2CDCbzwuVhocKugljEil8NHkN2XJEXiZLjCB-dHZGuBvlyFLWUBh8H6TNRYvPhKYE8upM2qF-YvQ2jZrVsDCvlp5cmwVGtYuHqqJejZdW7IyszhHn9egG93dVJ1d5rIP_GHpsj7NCxxq1OSQLPk_b6zBrSs8zu-oJNdPL0PVFkzqCHjXQrB7NsjN51SLc-b2Ll2inWvRJlf0YEjtQ7cWS1O7cFJNcqI5k7jO0e8H115i6cF0LCzf_ugHj5Xv&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCobgwe5gzYvbVEYK2ZPGVtPAGyZ7SsVyF_pf3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBO4BT9CEZO93g4eJ6gbs4-12BnhlNfLYyQfUue_RqEvSbo37BXK1SQ2V600cP_YMd8-9y5ND-C_PXc8M-OTEk71GwryjLL6Cbsu45lNN-BMskkbVG1B8_aSSudt4V2-AfTCDvQtQE-UOTQ7Nko9OuSLwZ9LDJ-xN697JYQ5jULaSsyblRyeMV8RN4VRfGDjEHO3Nmi8mBpA83pezEOFdsUQO54FYZDRODyCt-XC4u1rHTVG0YZyr9CN4ivDte_b8frmIA-iDNIUONNBzr0kNWKs4jhacuUok5PEeyzwPQvZlEoST52NQieE1czH8U3H0noAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0uiMg3xn3GRAMDHZFAVg0e76_qKw%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
a6c11502463f3445d37d3184cef1016bb3c77dbc12b88636788632bfe5e87b98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2561901
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1244
expires
Sat, 16 Apr 2022 12:00:42 GMT
img
pix.eu.criteo.net/img/ Frame 924A 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F2%2FlogoCoroplast-Fritz-Muller-GmbH-Co-KG-30584DE-2007220954.gif%3Feb%3D1&v=3&w=400&s=dDSl07gOS-0dwERLeszgubI9&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEavYKGRsCAA0K8fBPL5xdFtQ0QUk4Yw&u=%7C53p4L%2Bu0rWOy%2F1rxsRFMKk8g3%2FwCUHl5uNb%2FH5tIBVw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfbhC2m1A6WTTEufLo8HoGRYa45YGGUAqy4AywvQ9yT2o3NG4NRf_zk2AHO8p_D4_vw6pd7lHRffu6TqJCil9_8wBCVgY4uxrNspSo4_0e9Fz2qaio3WlqPiJDlw2CDCbzwuVhocKugljEil8NHkN2XJEXiZLjCB-dHZGuBvlyFLWUBh8H6TNRYvPhKYE8upM2qF-YvQ2jZrVsDCvlp5cmwVGtYuHqqJejZdW7IyszhHn9egG93dVJ1d5rIP_GHpsj7NCxxq1OSQLPk_b6zBrSs8zu-oJNdPL0PVFkzqCHjXQrB7NsjN51SLc-b2Ll2inWvRJlf0YEjtQ7cWS1O7cFJNcqI5k7jO0e8H115i6cF0LCzf_ugHj5Xv&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCobgwe5gzYvbVEYK2ZPGVtPAGyZ7SsVyF_pf3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBO4BT9CEZO93g4eJ6gbs4-12BnhlNfLYyQfUue_RqEvSbo37BXK1SQ2V600cP_YMd8-9y5ND-C_PXc8M-OTEk71GwryjLL6Cbsu45lNN-BMskkbVG1B8_aSSudt4V2-AfTCDvQtQE-UOTQ7Nko9OuSLwZ9LDJ-xN697JYQ5jULaSsyblRyeMV8RN4VRfGDjEHO3Nmi8mBpA83pezEOFdsUQO54FYZDRODyCt-XC4u1rHTVG0YZyr9CN4ivDte_b8frmIA-iDNIUONNBzr0kNWKs4jhacuUok5PEeyzwPQvZlEoST52NQieE1czH8U3H0noAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0uiMg3xn3GRAMDHZFAVg0e76_qKw%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
38fae82219b536c5750f7d9df69c2fe43bcc231b0d2ae3444704e095108f0c46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1001818
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
6352
expires
Tue, 29 Mar 2022 10:39:19 GMT
img
pix.eu.criteo.net/img/ Frame 924A 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FE%2FlogoEnergiequelle-GmbH-68961DE.gif%3Feb%3D1&v=3&w=400&s=De3iQUblG-UpuaDmzQhrdtLw&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEavYKGRsCAA0K8fBPL5xdFtQ0QUk4Yw&u=%7C53p4L%2Bu0rWOy%2F1rxsRFMKk8g3%2FwCUHl5uNb%2FH5tIBVw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfbhC2m1A6WTTEufLo8HoGRYa45YGGUAqy4AywvQ9yT2o3NG4NRf_zk2AHO8p_D4_vw6pd7lHRffu6TqJCil9_8wBCVgY4uxrNspSo4_0e9Fz2qaio3WlqPiJDlw2CDCbzwuVhocKugljEil8NHkN2XJEXiZLjCB-dHZGuBvlyFLWUBh8H6TNRYvPhKYE8upM2qF-YvQ2jZrVsDCvlp5cmwVGtYuHqqJejZdW7IyszhHn9egG93dVJ1d5rIP_GHpsj7NCxxq1OSQLPk_b6zBrSs8zu-oJNdPL0PVFkzqCHjXQrB7NsjN51SLc-b2Ll2inWvRJlf0YEjtQ7cWS1O7cFJNcqI5k7jO0e8H115i6cF0LCzf_ugHj5Xv&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCobgwe5gzYvbVEYK2ZPGVtPAGyZ7SsVyF_pf3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBO4BT9CEZO93g4eJ6gbs4-12BnhlNfLYyQfUue_RqEvSbo37BXK1SQ2V600cP_YMd8-9y5ND-C_PXc8M-OTEk71GwryjLL6Cbsu45lNN-BMskkbVG1B8_aSSudt4V2-AfTCDvQtQE-UOTQ7Nko9OuSLwZ9LDJ-xN697JYQ5jULaSsyblRyeMV8RN4VRfGDjEHO3Nmi8mBpA83pezEOFdsUQO54FYZDRODyCt-XC4u1rHTVG0YZyr9CN4ivDte_b8frmIA-iDNIUONNBzr0kNWKs4jhacuUok5PEeyzwPQvZlEoST52NQieE1czH8U3H0noAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0uiMg3xn3GRAMDHZFAVg0e76_qKw%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e8674372b3d629c4eb40e69746fad5cf5c7f60b258ba101b7bc29c1a95f8bdc7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2374241
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1086
expires
Thu, 14 Apr 2022 07:53:02 GMT
img
pix.eu.criteo.net/img/ Frame 924A 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FR%2FlogoRohde-Schwarz-Cybersecurity-GmbH-171555DE.gif%3Feb%3D1&v=3&w=400&s=qv2CTmtIW0KgtnhgJOFkv3GY&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEavYKGRsCAA0K8fBPL5xdFtQ0QUk4Yw&u=%7C53p4L%2Bu0rWOy%2F1rxsRFMKk8g3%2FwCUHl5uNb%2FH5tIBVw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfbhC2m1A6WTTEufLo8HoGRYa45YGGUAqy4AywvQ9yT2o3NG4NRf_zk2AHO8p_D4_vw6pd7lHRffu6TqJCil9_8wBCVgY4uxrNspSo4_0e9Fz2qaio3WlqPiJDlw2CDCbzwuVhocKugljEil8NHkN2XJEXiZLjCB-dHZGuBvlyFLWUBh8H6TNRYvPhKYE8upM2qF-YvQ2jZrVsDCvlp5cmwVGtYuHqqJejZdW7IyszhHn9egG93dVJ1d5rIP_GHpsj7NCxxq1OSQLPk_b6zBrSs8zu-oJNdPL0PVFkzqCHjXQrB7NsjN51SLc-b2Ll2inWvRJlf0YEjtQ7cWS1O7cFJNcqI5k7jO0e8H115i6cF0LCzf_ugHj5Xv&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCobgwe5gzYvbVEYK2ZPGVtPAGyZ7SsVyF_pf3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBO4BT9CEZO93g4eJ6gbs4-12BnhlNfLYyQfUue_RqEvSbo37BXK1SQ2V600cP_YMd8-9y5ND-C_PXc8M-OTEk71GwryjLL6Cbsu45lNN-BMskkbVG1B8_aSSudt4V2-AfTCDvQtQE-UOTQ7Nko9OuSLwZ9LDJ-xN697JYQ5jULaSsyblRyeMV8RN4VRfGDjEHO3Nmi8mBpA83pezEOFdsUQO54FYZDRODyCt-XC4u1rHTVG0YZyr9CN4ivDte_b8frmIA-iDNIUONNBzr0kNWKs4jhacuUok5PEeyzwPQvZlEoST52NQieE1czH8U3H0noAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0uiMg3xn3GRAMDHZFAVg0e76_qKw%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
31844a6a9bdbed5ea86ca5f91a6837fdf9fad712f9f163a98d2f053b6727efcc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2135228
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1066
expires
Mon, 11 Apr 2022 13:29:29 GMT
img
pix.eu.criteo.net/img/ Frame 924A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F5%2FlogoRhenus-High-Tech-GmbH-235305DE-1910011802.gif%3Feb%3D1&v=3&w=400&s=evpZoeOJR2oEv325ByhAP2ea&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEavYKGRsCAA0K8fBPL5xdFtQ0QUk4Yw&u=%7C53p4L%2Bu0rWOy%2F1rxsRFMKk8g3%2FwCUHl5uNb%2FH5tIBVw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfbhC2m1A6WTTEufLo8HoGRYa45YGGUAqy4AywvQ9yT2o3NG4NRf_zk2AHO8p_D4_vw6pd7lHRffu6TqJCil9_8wBCVgY4uxrNspSo4_0e9Fz2qaio3WlqPiJDlw2CDCbzwuVhocKugljEil8NHkN2XJEXiZLjCB-dHZGuBvlyFLWUBh8H6TNRYvPhKYE8upM2qF-YvQ2jZrVsDCvlp5cmwVGtYuHqqJejZdW7IyszhHn9egG93dVJ1d5rIP_GHpsj7NCxxq1OSQLPk_b6zBrSs8zu-oJNdPL0PVFkzqCHjXQrB7NsjN51SLc-b2Ll2inWvRJlf0YEjtQ7cWS1O7cFJNcqI5k7jO0e8H115i6cF0LCzf_ugHj5Xv&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCobgwe5gzYvbVEYK2ZPGVtPAGyZ7SsVyF_pf3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBO4BT9CEZO93g4eJ6gbs4-12BnhlNfLYyQfUue_RqEvSbo37BXK1SQ2V600cP_YMd8-9y5ND-C_PXc8M-OTEk71GwryjLL6Cbsu45lNN-BMskkbVG1B8_aSSudt4V2-AfTCDvQtQE-UOTQ7Nko9OuSLwZ9LDJ-xN697JYQ5jULaSsyblRyeMV8RN4VRfGDjEHO3Nmi8mBpA83pezEOFdsUQO54FYZDRODyCt-XC4u1rHTVG0YZyr9CN4ivDte_b8frmIA-iDNIUONNBzr0kNWKs4jhacuUok5PEeyzwPQvZlEoST52NQieE1czH8U3H0noAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0uiMg3xn3GRAMDHZFAVg0e76_qKw%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
c7a3356bbfa6bcd2ce4d0d21542f2cc2a7ff5a7fb2624ed8fd9982479d9db1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=2174615
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
2192
expires
Tue, 12 Apr 2022 00:25:55 GMT
img
pix.eu.criteo.net/img/ Frame 924A 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F8%2FlogoCapgemini-Invent-22500DE-2108181202.gif%3Feb%3D1&v=3&w=400&s=PFekcj3JZYAeSQ7huNKuc3SC&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEavYKGRsCAA0K8fBPL5xdFtQ0QUk4Yw&u=%7C53p4L%2Bu0rWOy%2F1rxsRFMKk8g3%2FwCUHl5uNb%2FH5tIBVw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfbhC2m1A6WTTEufLo8HoGRYa45YGGUAqy4AywvQ9yT2o3NG4NRf_zk2AHO8p_D4_vw6pd7lHRffu6TqJCil9_8wBCVgY4uxrNspSo4_0e9Fz2qaio3WlqPiJDlw2CDCbzwuVhocKugljEil8NHkN2XJEXiZLjCB-dHZGuBvlyFLWUBh8H6TNRYvPhKYE8upM2qF-YvQ2jZrVsDCvlp5cmwVGtYuHqqJejZdW7IyszhHn9egG93dVJ1d5rIP_GHpsj7NCxxq1OSQLPk_b6zBrSs8zu-oJNdPL0PVFkzqCHjXQrB7NsjN51SLc-b2Ll2inWvRJlf0YEjtQ7cWS1O7cFJNcqI5k7jO0e8H115i6cF0LCzf_ugHj5Xv&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCobgwe5gzYvbVEYK2ZPGVtPAGyZ7SsVyF_pf3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBO4BT9CEZO93g4eJ6gbs4-12BnhlNfLYyQfUue_RqEvSbo37BXK1SQ2V600cP_YMd8-9y5ND-C_PXc8M-OTEk71GwryjLL6Cbsu45lNN-BMskkbVG1B8_aSSudt4V2-AfTCDvQtQE-UOTQ7Nko9OuSLwZ9LDJ-xN697JYQ5jULaSsyblRyeMV8RN4VRfGDjEHO3Nmi8mBpA83pezEOFdsUQO54FYZDRODyCt-XC4u1rHTVG0YZyr9CN4ivDte_b8frmIA-iDNIUONNBzr0kNWKs4jhacuUok5PEeyzwPQvZlEoST52NQieE1czH8U3H0noAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0uiMg3xn3GRAMDHZFAVg0e76_qKw%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
28dd16c670efe7d607a46f8232d78b0c8470d2b9395042a6cd18254f6fcc4199
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2195472
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1482
expires
Tue, 12 Apr 2022 06:13:33 GMT
img
pix.eu.criteo.net/img/ Frame 924A 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoRheinmetall-Group-1262DE-2101221907.gif%3Feb%3D1&v=3&w=400&s=TW6-M6NoE1cuB36irgUkZ_Qy&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEavYKGRsCAA0K8fBPL5xdFtQ0QUk4Yw&u=%7C53p4L%2Bu0rWOy%2F1rxsRFMKk8g3%2FwCUHl5uNb%2FH5tIBVw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfbhC2m1A6WTTEufLo8HoGRYa45YGGUAqy4AywvQ9yT2o3NG4NRf_zk2AHO8p_D4_vw6pd7lHRffu6TqJCil9_8wBCVgY4uxrNspSo4_0e9Fz2qaio3WlqPiJDlw2CDCbzwuVhocKugljEil8NHkN2XJEXiZLjCB-dHZGuBvlyFLWUBh8H6TNRYvPhKYE8upM2qF-YvQ2jZrVsDCvlp5cmwVGtYuHqqJejZdW7IyszhHn9egG93dVJ1d5rIP_GHpsj7NCxxq1OSQLPk_b6zBrSs8zu-oJNdPL0PVFkzqCHjXQrB7NsjN51SLc-b2Ll2inWvRJlf0YEjtQ7cWS1O7cFJNcqI5k7jO0e8H115i6cF0LCzf_ugHj5Xv&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCobgwe5gzYvbVEYK2ZPGVtPAGyZ7SsVyF_pf3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBO4BT9CEZO93g4eJ6gbs4-12BnhlNfLYyQfUue_RqEvSbo37BXK1SQ2V600cP_YMd8-9y5ND-C_PXc8M-OTEk71GwryjLL6Cbsu45lNN-BMskkbVG1B8_aSSudt4V2-AfTCDvQtQE-UOTQ7Nko9OuSLwZ9LDJ-xN697JYQ5jULaSsyblRyeMV8RN4VRfGDjEHO3Nmi8mBpA83pezEOFdsUQO54FYZDRODyCt-XC4u1rHTVG0YZyr9CN4ivDte_b8frmIA-iDNIUONNBzr0kNWKs4jhacuUok5PEeyzwPQvZlEoST52NQieE1czH8U3H0noAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0uiMg3xn3GRAMDHZFAVg0e76_qKw%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
cc5e65f3bf4a6f565b2e549b9b401450a1e7d283ffe50dd4a906b5375808b851
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=159
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
2446
expires
Thu, 17 Mar 2022 20:25:00 GMT
img
pix.eu.criteo.net/img/ Frame 924A 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F9%2FlogoB-S-GmbH-Logistik-und-Dienstleistungen-102868DE-2005221026.gif%3Feb%3D1&v=3&w=400&s=x8LJwOgK24se6SXZtiiubrAc&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEavYKGRsCAA0K8fBPL5xdFtQ0QUk4Yw&u=%7C53p4L%2Bu0rWOy%2F1rxsRFMKk8g3%2FwCUHl5uNb%2FH5tIBVw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfbhC2m1A6WTTEufLo8HoGRYa45YGGUAqy4AywvQ9yT2o3NG4NRf_zk2AHO8p_D4_vw6pd7lHRffu6TqJCil9_8wBCVgY4uxrNspSo4_0e9Fz2qaio3WlqPiJDlw2CDCbzwuVhocKugljEil8NHkN2XJEXiZLjCB-dHZGuBvlyFLWUBh8H6TNRYvPhKYE8upM2qF-YvQ2jZrVsDCvlp5cmwVGtYuHqqJejZdW7IyszhHn9egG93dVJ1d5rIP_GHpsj7NCxxq1OSQLPk_b6zBrSs8zu-oJNdPL0PVFkzqCHjXQrB7NsjN51SLc-b2Ll2inWvRJlf0YEjtQ7cWS1O7cFJNcqI5k7jO0e8H115i6cF0LCzf_ugHj5Xv&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCobgwe5gzYvbVEYK2ZPGVtPAGyZ7SsVyF_pf3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBO4BT9CEZO93g4eJ6gbs4-12BnhlNfLYyQfUue_RqEvSbo37BXK1SQ2V600cP_YMd8-9y5ND-C_PXc8M-OTEk71GwryjLL6Cbsu45lNN-BMskkbVG1B8_aSSudt4V2-AfTCDvQtQE-UOTQ7Nko9OuSLwZ9LDJ-xN697JYQ5jULaSsyblRyeMV8RN4VRfGDjEHO3Nmi8mBpA83pezEOFdsUQO54FYZDRODyCt-XC4u1rHTVG0YZyr9CN4ivDte_b8frmIA-iDNIUONNBzr0kNWKs4jhacuUok5PEeyzwPQvZlEoST52NQieE1czH8U3H0noAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0uiMg3xn3GRAMDHZFAVg0e76_qKw%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
6e0a3942f9b558837e55277eb4079684a5a275fd7a24a48ba5efcae25a33f48c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2208259
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
7262
expires
Tue, 12 Apr 2022 09:46:40 GMT
img
pix.eu.criteo.net/img/ Frame 924A 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F3%2FlogoHeidelbergCement-AG-25005DE-2112211726.gif%3Feb%3D1&v=3&w=400&s=E81ggT6F8lEEKth-kmEqw3BP&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEavYKGRsCAA0K8fBPL5xdFtQ0QUk4Yw&u=%7C53p4L%2Bu0rWOy%2F1rxsRFMKk8g3%2FwCUHl5uNb%2FH5tIBVw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfbhC2m1A6WTTEufLo8HoGRYa45YGGUAqy4AywvQ9yT2o3NG4NRf_zk2AHO8p_D4_vw6pd7lHRffu6TqJCil9_8wBCVgY4uxrNspSo4_0e9Fz2qaio3WlqPiJDlw2CDCbzwuVhocKugljEil8NHkN2XJEXiZLjCB-dHZGuBvlyFLWUBh8H6TNRYvPhKYE8upM2qF-YvQ2jZrVsDCvlp5cmwVGtYuHqqJejZdW7IyszhHn9egG93dVJ1d5rIP_GHpsj7NCxxq1OSQLPk_b6zBrSs8zu-oJNdPL0PVFkzqCHjXQrB7NsjN51SLc-b2Ll2inWvRJlf0YEjtQ7cWS1O7cFJNcqI5k7jO0e8H115i6cF0LCzf_ugHj5Xv&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCobgwe5gzYvbVEYK2ZPGVtPAGyZ7SsVyF_pf3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBO4BT9CEZO93g4eJ6gbs4-12BnhlNfLYyQfUue_RqEvSbo37BXK1SQ2V600cP_YMd8-9y5ND-C_PXc8M-OTEk71GwryjLL6Cbsu45lNN-BMskkbVG1B8_aSSudt4V2-AfTCDvQtQE-UOTQ7Nko9OuSLwZ9LDJ-xN697JYQ5jULaSsyblRyeMV8RN4VRfGDjEHO3Nmi8mBpA83pezEOFdsUQO54FYZDRODyCt-XC4u1rHTVG0YZyr9CN4ivDte_b8frmIA-iDNIUONNBzr0kNWKs4jhacuUok5PEeyzwPQvZlEoST52NQieE1czH8U3H0noAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0uiMg3xn3GRAMDHZFAVg0e76_qKw%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
6166ab45c9bd0aea7b8a250968d9274a213adeac336dc687b8d3263c9b5ab809
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
2618
expires
Sun, 12 Mar 2023 20:22:20 GMT
img
pix.eu.criteo.net/img/ Frame 924A 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoHGK-Shipping-GmbH-249676DE-2112291354.gif%3Feb%3D1&v=3&w=400&s=H1kBx7gLwvOZEseKaN5tvXkZ&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEavYKGRsCAA0K8fBPL5xdFtQ0QUk4Yw&u=%7C53p4L%2Bu0rWOy%2F1rxsRFMKk8g3%2FwCUHl5uNb%2FH5tIBVw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfbhC2m1A6WTTEufLo8HoGRYa45YGGUAqy4AywvQ9yT2o3NG4NRf_zk2AHO8p_D4_vw6pd7lHRffu6TqJCil9_8wBCVgY4uxrNspSo4_0e9Fz2qaio3WlqPiJDlw2CDCbzwuVhocKugljEil8NHkN2XJEXiZLjCB-dHZGuBvlyFLWUBh8H6TNRYvPhKYE8upM2qF-YvQ2jZrVsDCvlp5cmwVGtYuHqqJejZdW7IyszhHn9egG93dVJ1d5rIP_GHpsj7NCxxq1OSQLPk_b6zBrSs8zu-oJNdPL0PVFkzqCHjXQrB7NsjN51SLc-b2Ll2inWvRJlf0YEjtQ7cWS1O7cFJNcqI5k7jO0e8H115i6cF0LCzf_ugHj5Xv&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCobgwe5gzYvbVEYK2ZPGVtPAGyZ7SsVyF_pf3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBO4BT9CEZO93g4eJ6gbs4-12BnhlNfLYyQfUue_RqEvSbo37BXK1SQ2V600cP_YMd8-9y5ND-C_PXc8M-OTEk71GwryjLL6Cbsu45lNN-BMskkbVG1B8_aSSudt4V2-AfTCDvQtQE-UOTQ7Nko9OuSLwZ9LDJ-xN697JYQ5jULaSsyblRyeMV8RN4VRfGDjEHO3Nmi8mBpA83pezEOFdsUQO54FYZDRODyCt-XC4u1rHTVG0YZyr9CN4ivDte_b8frmIA-iDNIUONNBzr0kNWKs4jhacuUok5PEeyzwPQvZlEoST52NQieE1czH8U3H0noAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0uiMg3xn3GRAMDHZFAVg0e76_qKw%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
d01bc02c49e71e9703a7dff06bceff534948649edc22a40d742c510a4dd24a6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1269514
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1506
expires
Fri, 01 Apr 2022 13:00:55 GMT
all
csm.eu.criteo.net/ Frame 924A 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=OTiQ6H8m309QXgpdpyzOVnOk8NhOsiFvbs2RqcKHAURWBLgOK-NV0UCtuTBtawl0X8oVI10Wn7Q_MtoZ3bTQaCZ4Y_yezWrvOWBSSv8uWMI2cbG-KouEh_qYcSbHRLhQNBRQSXxO7mJc3T5L3diFybIXiUU4DJaZGe1hWYdkPXTxYU4vkj1A82FVuFeHTrlOTbGDLIPhBWpQc7Tv9LoQV6Dz9tF6RpbhgYbJRvZfngNlbEJuHMn6cacso5JgH9caNJ0iig&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEavYKGRsCAA0K8fBPL5xdFtQ0QUk4Yw&u=%7C53p4L%2Bu0rWOy%2F1rxsRFMKk8g3%2FwCUHl5uNb%2FH5tIBVw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfbhC2m1A6WTTEufLo8HoGRYa45YGGUAqy4AywvQ9yT2o3NG4NRf_zk2AHO8p_D4_vw6pd7lHRffu6TqJCil9_8wBCVgY4uxrNspSo4_0e9Fz2qaio3WlqPiJDlw2CDCbzwuVhocKugljEil8NHkN2XJEXiZLjCB-dHZGuBvlyFLWUBh8H6TNRYvPhKYE8upM2qF-YvQ2jZrVsDCvlp5cmwVGtYuHqqJejZdW7IyszhHn9egG93dVJ1d5rIP_GHpsj7NCxxq1OSQLPk_b6zBrSs8zu-oJNdPL0PVFkzqCHjXQrB7NsjN51SLc-b2Ll2inWvRJlf0YEjtQ7cWS1O7cFJNcqI5k7jO0e8H115i6cF0LCzf_ugHj5Xv&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCobgwe5gzYvbVEYK2ZPGVtPAGyZ7SsVyF_pf3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBO4BT9CEZO93g4eJ6gbs4-12BnhlNfLYyQfUue_RqEvSbo37BXK1SQ2V600cP_YMd8-9y5ND-C_PXc8M-OTEk71GwryjLL6Cbsu45lNN-BMskkbVG1B8_aSSudt4V2-AfTCDvQtQE-UOTQ7Nko9OuSLwZ9LDJ-xN697JYQ5jULaSsyblRyeMV8RN4VRfGDjEHO3Nmi8mBpA83pezEOFdsUQO54FYZDRODyCt-XC4u1rHTVG0YZyr9CN4ivDte_b8frmIA-iDNIUONNBzr0kNWKs4jhacuUok5PEeyzwPQvZlEoST52NQieE1czH8U3H0noAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0uiMg3xn3GRAMDHZFAVg0e76_qKw%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 17 Mar 2022 20:22:20 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 924A 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEavYKGRsCAA0K8fBPL5xdFtQ0QUk4Yw&u=%7C53p4L%2Bu0rWOy%2F1rxsRFMKk8g3%2FwCUHl5uNb%2FH5tIBVw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfbhC2m1A6WTTEufLo8HoGRYa45YGGUAqy4AywvQ9yT2o3NG4NRf_zk2AHO8p_D4_vw6pd7lHRffu6TqJCil9_8wBCVgY4uxrNspSo4_0e9Fz2qaio3WlqPiJDlw2CDCbzwuVhocKugljEil8NHkN2XJEXiZLjCB-dHZGuBvlyFLWUBh8H6TNRYvPhKYE8upM2qF-YvQ2jZrVsDCvlp5cmwVGtYuHqqJejZdW7IyszhHn9egG93dVJ1d5rIP_GHpsj7NCxxq1OSQLPk_b6zBrSs8zu-oJNdPL0PVFkzqCHjXQrB7NsjN51SLc-b2Ll2inWvRJlf0YEjtQ7cWS1O7cFJNcqI5k7jO0e8H115i6cF0LCzf_ugHj5Xv&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCobgwe5gzYvbVEYK2ZPGVtPAGyZ7SsVyF_pf3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBO4BT9CEZO93g4eJ6gbs4-12BnhlNfLYyQfUue_RqEvSbo37BXK1SQ2V600cP_YMd8-9y5ND-C_PXc8M-OTEk71GwryjLL6Cbsu45lNN-BMskkbVG1B8_aSSudt4V2-AfTCDvQtQE-UOTQ7Nko9OuSLwZ9LDJ-xN697JYQ5jULaSsyblRyeMV8RN4VRfGDjEHO3Nmi8mBpA83pezEOFdsUQO54FYZDRODyCt-XC4u1rHTVG0YZyr9CN4ivDte_b8frmIA-iDNIUONNBzr0kNWKs4jhacuUok5PEeyzwPQvZlEoST52NQieE1czH8U3H0noAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0uiMg3xn3GRAMDHZFAVg0e76_qKw%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Mar 2023 20:22:20 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 924A 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEavYKGRsCAA0K8fBPL5xdFtQ0QUk4Yw&u=%7C53p4L%2Bu0rWOy%2F1rxsRFMKk8g3%2FwCUHl5uNb%2FH5tIBVw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfbhC2m1A6WTTEufLo8HoGRYa45YGGUAqy4AywvQ9yT2o3NG4NRf_zk2AHO8p_D4_vw6pd7lHRffu6TqJCil9_8wBCVgY4uxrNspSo4_0e9Fz2qaio3WlqPiJDlw2CDCbzwuVhocKugljEil8NHkN2XJEXiZLjCB-dHZGuBvlyFLWUBh8H6TNRYvPhKYE8upM2qF-YvQ2jZrVsDCvlp5cmwVGtYuHqqJejZdW7IyszhHn9egG93dVJ1d5rIP_GHpsj7NCxxq1OSQLPk_b6zBrSs8zu-oJNdPL0PVFkzqCHjXQrB7NsjN51SLc-b2Ll2inWvRJlf0YEjtQ7cWS1O7cFJNcqI5k7jO0e8H115i6cF0LCzf_ugHj5Xv&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCobgwe5gzYvbVEYK2ZPGVtPAGyZ7SsVyF_pf3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBO4BT9CEZO93g4eJ6gbs4-12BnhlNfLYyQfUue_RqEvSbo37BXK1SQ2V600cP_YMd8-9y5ND-C_PXc8M-OTEk71GwryjLL6Cbsu45lNN-BMskkbVG1B8_aSSudt4V2-AfTCDvQtQE-UOTQ7Nko9OuSLwZ9LDJ-xN697JYQ5jULaSsyblRyeMV8RN4VRfGDjEHO3Nmi8mBpA83pezEOFdsUQO54FYZDRODyCt-XC4u1rHTVG0YZyr9CN4ivDte_b8frmIA-iDNIUONNBzr0kNWKs4jhacuUok5PEeyzwPQvZlEoST52NQieE1czH8U3H0noAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0uiMg3xn3GRAMDHZFAVg0e76_qKw%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Mar 2023 20:22:20 GMT
st
imprammp.taboola.com/ Frame 9A03 		0
52 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=C05D40C1161189486266612269&cicmp=1337627&cijs=1&dast=V7WAoCFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHHUNYjUiDDWMxWyyGy9FwNlktFpPVbrMcLCZLmJjFYjEarlajsWaxWIwms9VwCgZb-Jzu7jZwoOl0-Fz3et3vdxcdLS-H6e20uyx3veXnlwMAAADAAwBRSzTEjm9DewQAAACABM_ItQJFQMW_hcAFAAAAAAYAgVi4BgAUR4K4TqfP6WEy_QMA4EEBBABAACMEoPnqUAQAAABgBAAAwIEEQCCxsATA4W7RBAAg4C9zsfTtBAAA4KBO5mmb5f___z8GIO-9SQaAIm3jxqAH4MEH4EEIAADgY2heLGyqWWVjlKiAtIgRAAAAQDbQ5cHRpE6oLKr-____rQCuAAAC_jIXSxuzbk6KWcMAAAAAxhboYfH7zQ67xu922f________-_2f8ZAJoQk154WpANrpQaz8i1wtovIAAA27sBALwJwMUcgB0AAADA3f___38eAABAxx4l22s1nj3Kep_BFj6nu7t-E7YYrSaTzXI4Wy4mg-FoOBrtTyCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZggRYsGk9VoNFlMhqvRZDVbLna7DVK0ajUbbQbD1Wwy2-1Ww8FwORrhhC1Gq8lksxzOlovJYDgajkZDPKg6l87n1fnIIIvdXDaaK1aLuW6VAAAAAAAAAACWMGXeBAAAAOA0iNlsstutuPFmzwSxVqtlDQAAAMCtGzk!&excid=22&tst=1&docw=0&cs=false
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/

Response headers

server
nginx
accept-ranges
bytes
date
Thu, 17 Mar 2022 20:22:21 GMT
via
1.1 varnish
x-served-by
cache-hhn4081-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1647548541.000607,VS0,VE9
content-length
0
cmTagCUSTOM.js
vidstat.taboola.com/vpaid/units/30_3_6010/infra/ 		604 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/30_3_6010/infra/cmTagCUSTOM.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
f11884de40899d47234c1cf86074c4e1daf2adf2b83ecff07996dba83044fa47

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:21 GMT
via
1.1 varnish
age
2104923
x-amz-meta-mtime
1637665336
x-cache
HIT
x-amz-meta-ctime
1637665337
x-amz-meta-mode
33188
content-encoding
br
content-length
114684
x-amz-id-2
0nGhQyYL6JJMNrNtgN9DZ54Xe47FlcMytbRNYowkLHISIE+ayuuCG0l+V0ZSZ+siOhY7wKkivBg=
x-served-by
cache-hhn4081-HHN
accept-ranges
bytes
last-modified
Tue, 23 Nov 2021 11:02:18 GMT
server
AmazonS3-br
x-timer
S1647548541.000431,VS0,VE0
etag
"c85616763ae0c5c14b78b36594bb92db"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
1BJTM91JQABF5B1D
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-headers
*
x-cache-hits
96831
cmOsUnit.css
vidstat.taboola.com/vpaid/units/30_3_6010/assets/css/ 		61 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/30_3_6010/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
e811e414f4376d969d84db459974e258fbea5cb9aaa9fc90049c18946eb2a6e7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:21 GMT
via
1.1 varnish
age
2105756
x-amz-meta-mtime
1637665346
x-cache
HIT
x-amz-meta-ctime
1637665346
x-amz-meta-mode
33188
content-encoding
br
content-length
8011
x-amz-id-2
DorYSe3tYgOl1kHh+s4QSJZ4EV7e6QatR1h0Kst7losPnxWoI5OXRUDbs44/HPvWpI9TzqPsi28=
x-served-by
cache-hhn4081-HHN
accept-ranges
bytes
last-modified
Tue, 23 Nov 2021 11:02:27 GMT
server
AmazonS3-br
x-timer
S1647548541.000492,VS0,VE0
etag
"35d592e602402e62e13fc963c20298fc"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
QF5WB9J15028EQTS
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
text/css
access-control-allow-headers
*
x-cache-hits
89832
st
imprammp.taboola.com/ Frame 5474 		0
93 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=A15619C53D93291906447012027&cicmp=1337627&cijs=1&dast=V72bcCFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHHMFYzRbLDWszYm4my8VysFosJ5PVYjVZLJcwMYvFYjRcrUZjzWKxGE1mq-EUDLbwOd3dbeBA0-nwue71ut_vLjpaXg7T22l3We56y88vBwAAAIAHAKKWaIgd34b2CAAAAAAJnpFrBYqAin8LgQsAAAAADAACsXANACiOBHGdTp_Tw2T6BwDAgwIIAIAARghA89WvCAAAAMAIAACAAwmAQGJhCYDD3aIJAEDAX-aiKfgJAADAQZ3M0zbL____fwxA3nuTDABF2saNQQ_Agw_AgxAAAMDH0JM5wL7OkFwjUcFhESMAAACAbKDLg6NJnVBZVP3___9bAVwBAAT8ZS6avmfdnBSzhgEAAACMLdDD4vebHXaN3-2y_________3-z_zMANCEmvfC0IBtcKTWekWuFtV9AAAC2dwMAeBOAizkAOwAAAIC7_____zwAAICQPUq212o8e5T1PoMtfE53d_0mbDFaTSab5XC2XEwGw9FwNNqfQC4HOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKFg0mq9FospgMV6PJarZc7HYbpGjVajbaDIar2WS2262Gg-FyNMIJW4xWk8lmOZwtF5PBcDQcjYZ4UHUunc-r85FBFru5bDRXrBZz3SoBAAAAAAAAACxhyrwJAAAAwGkQs9lkt1tx482eCWKtVssaAAAAgFs3cg!&excid=22&tst=1&docw=0&cs=false
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/

Response headers

server
nginx
accept-ranges
bytes
date
Thu, 17 Mar 2022 20:22:21 GMT
via
1.1 varnish
x-served-by
cache-hhn4081-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1647548541.000707,VS0,VE259
content-length
0
st
imprammp.taboola.com/ Frame A1C7 		0
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=6B9F81A2E19326812943420965&cicmp=1337627&cijs=1&dast=V7DHUCFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHHDZhzoiLBWXFWG4ms-FiMlwsdoPVYrVbDZYwMYvFYjRcrUZjzWKxGE1mq-EUDLbwOd3dbeBA0-nwue71ut_vLjpaXg7T22l3We56y88vBwAAAIAHAKKWaIgd34b2CAAAAAAJnpFrBYqAin8LgQsAAAAADAACsXANACiOBHGdTp_Tw2T6BwDAgwIIAIAARghA85WvCAAAAMAIAACAAwmAQGJhCYDD3aIJAEDAX-aiafQJAADAQZ3M0zbL____fwxA3nuTDABF2saNQQ_Agw_AgxAAAMDHkDteeesfJacPUQFiESMAAACAbKDLg6NJnVBZVP3___9bAVwBAAT8ZS6apmfdnBSzhgEAAACMLdDD4vebHXaN3-2y_________3-z_zMANCEmvfC0IBtcKTWekWuFtV9AAAC2dwMAeBOAizkAOwAAAIC7_____zwAAACWPUq212o8e5T1PoMtfE53d_0mbDFaTSab5XC2XEwGw9FwNNqfQC4HOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKFg0mq9FospgMV6PJarZc7HYbpGjVajbaDIar2WS2262Gg-FyNMIJW4xWk8lmOZwtF5PBcDQcjYZ4UHUunc-r85FBFru5bDRXrBZz3SoBAAAAAAAAACxhyrwJAAAAwGkQs9lkt1tx482eCWKtVssaAAAAgFs3cg!&excid=22&tst=1&docw=0&cs=false
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/

Response headers

server
nginx
accept-ranges
bytes
date
Thu, 17 Mar 2022 20:22:21 GMT
via
1.1 varnish
x-served-by
cache-hhn4081-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1647548541.000795,VS0,VE10
content-length
0
PMS.js
vidstat.taboola.com/PMS/2.2.1/ 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/PMS/2.2.1/PMS.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_3_6010/infra/cmTagCUSTOM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a9e402d2d19f1057cdea09b2152d8cfd35664182564595e19bb83916c1f00201

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:21 GMT
via
1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront), 1.1 varnish
age
1326156
x-amz-meta-mtime
1542789750
x-cache
Hit from cloudfront, HIT
x-amz-meta-mode
33188
content-encoding
gzip
content-length
15795
x-served-by
cache-hhn4081-HHN
last-modified
Wed, 21 Nov 2018 08:42:31 GMT
server
AmazonS3
x-timer
S1647548541.080654,VS0,VE0
etag
"57a7ebef371550a9ab54a2f0f82547af"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
access-control-allow-headers
*
x-amz-cf-id
0O7z6VW9AL1L88cf_kIuoP_A5jN71DAJkA3vm2xv6yILK0B1A5FTlg==
x-cache-hits
34013
video-autoplay-detector.js
vidstat.taboola.com/video-autoplay-detector/1.0.0/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/video-autoplay-detector/1.0.0/video-autoplay-detector.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_3_6010/infra/cmTagCUSTOM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5b497b3dea8511b361da644850f9a576c982e26ce7b18754c5c82f50f4049024

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:21 GMT
via
1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront), 1.1 varnish
age
1442600
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
2210
x-served-by
cache-hhn4081-HHN
last-modified
Mon, 10 Jun 2019 11:55:53 GMT
server
AmazonS3
x-timer
S1647548541.240044,VS0,VE0
etag
"2fac39530c1c168282a35d1ab56450ed"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
dMQndaMYz4lAKRlFPrdUyMaueOEjTlwBX-FuhX2o7-w7PeNmsjlMEw==
x-cache-hits
361916
45fba52f57e5a3036342c9f31469159e.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		0
0
45fba52f57e5a3036342c9f31469159e.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 7E0E 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/45fba52f57e5a3036342c9f31469159e.jpg
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_3_6010/infra/cmTagCUSTOM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c7de9bb00906bb0a8f142d28228417b097cef7eeb84456bdd531f5e9a7ec454c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 17 Mar 2022 20:22:21 GMT
via
1.1 varnish, 1.1 varnish
age
37741
edge-cache-tag
332343129876768491095563592186744983175,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag
332343129876768491095563592186744983175,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
519
x-cache
MISS, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/45fba52f57e5a3036342c9f31469159e.jpg
content-length
7884
x-request-id
b024541bf9bd0b01ec4f9826406bbd6b
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Thu, 17 Mar 2022 07:36:49 GMT
server
nginx
x-timer
S1647548541.247410,VS0,VE0
etag
"cc6d13c333130a9a4228046bb5d24344"
x-served-by
cache-wdc5520-WDC, cache-iad-kcgs7200046-IAD, cache-hhn4081-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 4
5caf2e65bec1862417560f766e3017ed.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		0
0
5caf2e65bec1862417560f766e3017ed.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame A1CC 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5caf2e65bec1862417560f766e3017ed.jpg
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_3_6010/infra/cmTagCUSTOM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
69d3945a8d076a254a46eacaee06ae6cf7db0306c8727fd7c451f23c3a2b26ce

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 17 Mar 2022 20:22:21 GMT
via
1.1 varnish, 1.1 varnish
age
3164342
edge-cache-tag
473510749030488951307065470310466400699,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag
473510749030488951307065470310466400699,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
112
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5caf2e65bec1862417560f766e3017ed.jpg
content-length
29726
x-request-id
959079ffd786581231ed20a2ea40f354
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified
Sat, 22 Jan 2022 00:27:45 GMT
server
nginx
x-timer
S1647548541.265998,VS0,VE0
etag
"0a4c867f6f6dfd844a117a9a44931b11"
x-served-by
cache-wdc5570-WDC, cache-iad-kcgs7200035-IAD, cache-hhn4081-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 4
fc47205c0ca2dce69b72d3f6b5ea6e0f.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		0
0
fc47205c0ca2dce69b72d3f6b5ea6e0f.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 7E0E 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fc47205c0ca2dce69b72d3f6b5ea6e0f.jpeg
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_3_6010/infra/cmTagCUSTOM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
93f393a2b1de6e84b23b0eb105987bd779b48e788c48b7a91db7becf6e237218

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 17 Mar 2022 20:22:21 GMT
via
1.1 varnish, 1.1 varnish
age
280688
edge-cache-tag
365836330699709642365401133871586342678,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag
365836330699709642365401133871586342678,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
453
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fc47205c0ca2dce69b72d3f6b5ea6e0f.jpeg
content-length
11244
x-request-id
a11b7ccd43dedd6d5862f926a62318ae
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Mon, 14 Mar 2022 12:06:42 GMT
server
nginx
x-timer
S1647548541.281672,VS0,VE0
etag
"db036f3de24fd53ed87df577a05b01c0"
x-served-by
cache-bwi5059-BWI, cache-iad-kjyo7100066-IAD, cache-hhn4081-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 4
udx1hbqulmwsznbiukdb.mp4
cdn.taboola.com/libtrc/static/video/v1647502594/ Frame 7E0E 		952 KB
953 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1647502594/udx1hbqulmwsznbiukdb.mp4
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
05c1b47cbc0bd73b54d4ba9d4782c7038fad368d90a133c30144ca90cdacea08

Request headers

Referer
https://www.threatminer.org/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
w1jy7XUMxDYLaBcnbPbCVEOtoizYyAI8
via
1.1 varnish
etag
"ddda7d290d6ad023eceb00f0af66ccdc"
age
39
x-cache
HIT
Content-Range
bytes 0-974469/974470
x-amz-replication-status
COMPLETED
Content-Length
974470
x-amz-id-2
x0Y7ONj2FPzjVsPdWl5YWFoMZJLcwkShfxhpgmzl4vPoAup78FNlsY7uyIv0MYmXYEptP2mMODw=
x-served-by
cache-hhn4081-HHN
last-modified
Thu, 17 Mar 2022 07:36:41 GMT
server
AmazonS3
x-timer
S1647548541.291923,VS0,VE1
date
Thu, 17 Mar 2022 20:22:21 GMT
x-amz-request-id
EK8HCWYQZKP741RZ
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
video/mp4;codecs=avc1
abp
25
x-cache-hits
0
p2ir5zp3hsomahuoskft.mp4
cdn.taboola.com/libtrc/static/video/v1636621236/ Frame A1CC 		949 KB
950 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1636621236/p2ir5zp3hsomahuoskft.mp4
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
628c4ca6a2e9b9d5537bcb63c21f00a08db72948fadf002274908eac0c839f37

Request headers

Referer
https://www.threatminer.org/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
4ZVchzla.3qns74npXpEJ86MwRvO9TvZ
via
1.1 varnish
etag
"a2a9ca0c50f6fd644e369a50d94beb7f"
age
69
x-cache
HIT
Content-Range
bytes 0-971562/971563
x-amz-replication-status
COMPLETED
Content-Length
971563
x-amz-id-2
MKedSoJRQSSnc2Q9BjKW5wq7d3yYw5OuKuU4KoSUrSecI5gfizkDSFDhTILUWI7PlVmpikasPyo=
x-served-by
cache-hhn4081-HHN
last-modified
Thu, 11 Nov 2021 09:00:44 GMT
server
AmazonS3
x-timer
S1647548541.293313,VS0,VE1
date
Thu, 17 Mar 2022 20:22:21 GMT
x-amz-request-id
ERMPQSCYHQ968V1R
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
video/mp4;codecs=avc1
abp
25
x-cache-hits
0
nw6ei68ixdmmglceadvk.mp4
cdn.taboola.com/libtrc/static/video/v1647513107/ Frame 7E0E 		1 MB
1 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1647513107/nw6ei68ixdmmglceadvk.mp4
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ed69c80626dd979265437b824a8b0890becd990c7fce41a2b00167c985603cca

Request headers

Referer
https://www.threatminer.org/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
MaZ_9iQ60Fj6tWz1oDSKVGIZb6YTBZIM
via
1.1 varnish
etag
"e58c20c52c79de83680781d77c5950ec"
age
72
x-cache
HIT
Content-Range
bytes 0-1198416/1198417
x-amz-replication-status
COMPLETED
Content-Length
1198417
x-amz-id-2
hJBrSXQx5JCJDe9iYmyROVHJ6LVHxMKPtWJQ2IDLUBYajoYPYlPBaN2BPUzNL3KHAkyEXk+ET7c=
x-served-by
cache-hhn4081-HHN
last-modified
Thu, 17 Mar 2022 10:31:56 GMT
server
AmazonS3
x-timer
S1647548541.306078,VS0,VE1
date
Thu, 17 Mar 2022 20:22:21 GMT
x-amz-request-id
0CGEYYJ6JPPSJTVN
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
video/mp4;codecs=avc1
abp
25
x-cache-hits
0
bulk
trc.taboola.com/disqus-widget-safetylevel20longtail09/log/3/ Frame A1CC 		0
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/disqus-widget-safetylevel20longtail09/log/3/bulk?tvi2=-2&route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220317-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.threatminer.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Thu, 17 Mar 2022 20:22:21 GMT
via
1.1 varnish
server
nginx
x-timer
S1647548541.306200,VS0,VE9
x-served-by
cache-hhn4081-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.threatminer.org
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
jot.html
platform.twitter.com/ Frame 2CD6
Redirect Chain
  • https://syndication.twitter.com/i/jot
  • https://platform.twitter.com/jot.html
80 B
633 B 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/jot.html
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE9) /
Resource Hash
90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88

Request headers

Upgrade-Insecure-Requests
1
Origin
https://www.threatminer.org
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
164808
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Thu, 17 Mar 2022 20:22:21 GMT
Etag
"d9592a6c704736fa4da218d4357976dd"
Last-Modified
Wed, 16 Feb 2022 18:46:17 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (mil/6CE9)
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
80

Redirect headers

date
Thu, 17 Mar 2022 20:22:21 GMT
pragma
no-cache
server
tsa_o
status
302 Found
expires
Tue, 31 Mar 1981 05:00:00 GMT
location
https://platform.twitter.com/jot.html
content-type
text/html;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
last-modified
Thu, 17 Mar 2022 20:22:21 GMT
x-transaction
8ece4472ceeb29b9
content-length
0
x-frame-options
SAMEORIGIN
x-xss-protection
0
x-content-type-options
nosniff
x-twitter-response-tags
BouncerCompliant
strict-transport-security
max-age=631138519
x-response-time
128
x-connection-hash
311d6b0604196a2bd8b11a75531159ff7c1f7deb25d6995f90854104f78f5a75
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.threatminer.org
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5720763271532377&plah=www.threatminer.org
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Mar 2022 20:22:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.threatminer.org
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5720763271532377&plah=www.threatminer.org
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Mar 2022 20:22:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/ Frame C97B 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5720763271532377&plah=www.threatminer.org
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4502
x-xss-protection
0
date
Wed, 16 Mar 2022 23:04:53 GMT
expires
Wed, 30 Mar 2022 23:04:53 GMT
cache-control
public, max-age=1209600
etag
4044455266028820542
content-type
text/html; charset=UTF-8
age
76648
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
afr.php
ads.eu.criteo.com/delivery/r/ Frame 9A3F 		116 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAFgIcH_YEeAATCcMHQn25iYyh0iQhGYw&u=%7C53p4L%2Bu0rWMeOFko3IKmq40IyVhbf6Bgz7IwBEfQt1M%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUDrsKhjwerj6PpzHw1ip9ScxvToNTb5TffiYm79N6ISTdLjrmszPRpsKectrxegdlYTHfSF5qmViYGL13jQKExZFSD4G5IlLP80rOW81SozK2MLsSj5Nm7yWfPluJ7zrdsVeUWdVInvkEw9yI-IxyMPieNE_ibAQyAn2u6EAEsKZfa1Jw7RvqNN1GE4nycvJk2QVf8rJs-6H_-KdQm-14SPg_y08ZaCJXLT9xFXA4BVGgBYNKqqF7ZD9t6B6IejPjl3KDpnLi8XjrFm4DcWUjaoXcnRKsMKTOcyUXVy74Kbl7SFB8_f83M7WvHMY8r7CODvwT7iv3za66FHLNirg0gpPP2GhweXi1yHDr1oX1XjIxtjGOgqCxxnBVY0PkvB0Lw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9T0le5gzYoeBFp6C9u8P8IST0AfJntKxXM3hkvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQJMKtfWA5OyPqgDAaoE6QFP0AXpOC6nEJu7w8odyx0lvH4eaUMALdnp26QpT4qrtBcIdpJHlTjQVVWmu3eKnjEIFpjVqb4pKJLCBieMPkWm9UqskE_TTVJgsXGG53Wsu-N5U6g13BmYrGhd8RX-WToSV_U1eiptVKYrOMgQIScNEng_5Qbzj5FIBUGIlMzPU2qstI_IAxXnecFtYcrZK7eL5vlRT4KLjhWW9ch7IWxssglTyKeXTDNZ64mruwj5RQa3QRsooPkpx42_v9GyXr9MiZVImyIBMD7jqjXeLxiTSpf_aSTl_r7qve45WkFRiJZnjJsK8NTQHYAGmpSN-dWShNO_AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2At_9YsjcV7zWxFO88moZKeTQ6Tw%26client%3Dca-pub-5720763271532377%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
763f6f1b3e047442f5350193cd50b2ce3e2f70f75b1d7f3c872e594c19380ae1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Thu, 17 Mar 2022 20:22:20 GMT
content-type
text/html
server
Kestrel
cache-control
private, max-age=0, no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cross-origin-resource-policy
cross-origin
p3p
CP='CUR ADM OUR NOR STA NID'
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=-iQcm38m309QXgpdIS42xmu7L6k9SG8ANueLKm1IuZUgP0K7cgRhUapmmFzzsHL9_sCeaFV-jS6O0vLYNVUF4axw57kL7tL1b0osTI0skO8YeSXCy_EGst0tvHDgy8O9VSOE235z9m57dfkHXhwcRN1vsMeKS3HTRw6dMxgGhiqEPxJiuVKwNWYdURmzqpSxcHnZspV5wCNHXB1WmbOoRBupoKNVHwmiN_-IOou9LXcbHqR2qXv9YhbhxS2Al1g8m4vDTw"}], "max_age": 86400}
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks
24592428
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame C97B 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:12:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
591
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 31 Mar 2022 20:12:30 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C97B 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:810::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1647431472276194"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 17 Mar 2022 20:22:21 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame C97B 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 19:46:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2133
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 31 Mar 2022 19:46:48 GMT
all
csm.eu.criteo.net/ Frame 8F5A 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=ObuEU38m309QXgpd341nvFJRlpkAZ0WQxR_jhhrjxrJB33RG4HlScd2cpL2B4G8uQPlsQmxXHjAZbthL7iBDtpegP0oidvSezChsAbiaSSQevJK-rON4nCAHJbu3LDGblkw6Ayk0q2xy47iIrX0ERxhZ2AubtVkITHqSY0uM7eotVcOd5052qXw4Ji1wVELedhkZy7W_SztOIbsHV2XNh4KBqNofi2b77fXN3pmN54xQyeg3PXjSsdsUD1TgeNvo3Rg5TQ&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewACYC8Iu9hHAA6Zc2IMEmV7pL4UA-nx0w&u=%7C53p4L%2Bu0rWOLeLRoFW0xlvwbAwpN%2Fl7N8awjTUH7fMI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy__U_jolI7iL-L4oo_FnJwiubozSo-ehhClHR-RUc1pMORvr7HWGnt5CeKzYGx0_R3ZptaVSSnLpMm8-bs3vtYBCtohikjPe5sAD7gPCEzs1T3b7xX-L4_NFW2CtTa711-v7bWs9q-huGrUXm3LhIR7bXvVOJQK0aNg_IA--jTl4zzDy7VFQT7zrPL3Uux2KiaKXnHS9ChsP-Z-5hRlYb0RGKWYayAcK98t5b_9ThjMJdmi3Qawc1VHy5MJ-qibN0NKRP-x-GfXPWTJjF5eKQFPgpEx8oglQcP4IGkPzyE-n0zK8PEV8ee-uP-ReVkkdPxr32R5Ry_sq0ThlWXB_l_hd47Bfbsp-oulj3xHl7p-qmSWDyNVh802qC1Ykcs4ba0hQ7KQhJzbx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-uELe5gzYq_ACcew7_UP87K64ArJntKxXPXqoYaIAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakCe9G6FdCYsj6oAwGqBOgBT9DRNPF56QzUWZ4zcJPykuEZaESU8bqsx3CXMZb-hHkR7norcLcw_bI0m6NYUSBDqSEdkdcC5LBnqRZADpFRf_UFlGCvgCEhSRrFVLMaQthoW5UnmvPtUhAfiFmHflvMI9l6R-gErI0c387QCTvH1HcAl0JRuSCxoKcyftDD1qZyjvaEfZ8STWvgDXp9PFJSze1Nqrpj35uXB59DMzsNvQE0poqLoj9OsrxXm8W2k6tIar50Y0cVUSVBnyBWbB1TajHALw1fpHJRWRbCnc4XtGJOuMJlW3sfv7Hnx5YDdy-vQ4cR75GqrYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_10JrfhKJPOIpuJH7z7rbVC-2ND3w%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 17 Mar 2022 20:22:21 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
bulk
trc.taboola.com/disqus-widget-safetylevel20longtail09/log/3/ Frame 7E0E 		0
102 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/disqus-widget-safetylevel20longtail09/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220317-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.threatminer.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Thu, 17 Mar 2022 20:22:21 GMT
via
1.1 varnish
server
nginx
x-timer
S1647548542.638750,VS0,VE9
x-served-by
cache-hhn4081-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.threatminer.org
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
all
csm.eu.criteo.net/ Frame C318 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=MDOf038m309QXgpdyS3GAEgsl-WdJt36C2y0xnxDDG8GFwTQuIkcdB_qz1MYqpcnsJ-FgdAt7pIHGwJqYF1gjZZdJReZyyC-c4vJugZD818WLenON_MnqXJz9AV7RIKNSkFZ_aDNwIgvNcRy-zRzO9VBpx6xI3ub6vtINQdKvHIDuec8wUQxXctbZ1iGVqRDSSsF5bs-dU1P-WysIvVyAQhJoqV3Y9rXdHoG3DIvtiUbKe98vGHF6N7IC3g3DbGMALka_g&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAEBRgKwl6LAAKEXv664g0NaSbCJWcKyQ&u=%7C53p4L%2Bu0rWOz40uVORlbv9jHVFGy189UnSy90Gbl0dA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKywk3aerMLAZFsyz9DD3N0k1--LnXBitkMdeKTnUxXH-3iNVHErUWUFog4Xp6U3xcnVV4X8sI9s0oqlRGvaA5qebco6zguNpaYxSy4dJ2s9eC5-5snf4ikswnEgqm0RJN-rrR8FsiTKpzgq9eBwp9LIsJ5v-7J1U8aaxKkImkoX8fMVAHxyJqP7FajKpkP5oadx7cG947pMjTADfpHgvygaGtbKwhBq5immos8cr0fMnA4WfcjzHeH-aoirTW7lBkXgriN7_cwZ3pSu7J2oUw1P62W7EC5eVpMjCWuB0ILhYqUG642NscMcRRVw8g0MnQcZUH2M1DSgC1mcXVcg15RKoOUbfRPv9PaNTMfufnOCc9El0XbQik1nkJ1PpHMBJm5LBPJ_nJv7K3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCluXNe5gzYpiKEIu9iQbeiArJntKxXLWY49aTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakC7Y3826ejsj6oAwGqBOkBT9D_DEO3-tH1QI137xX8ZJlO8jTLmr0MPUae-AwoZOhSE4cmZZXEVqs6ibt-ZUSHRkcu5rHwggLHSvVG5WRJWIG8mC-thCscu-YjBqQMPTTMpp5s8dhXqeK5T_MIa9zL2CSsaAldd2HmRNtHUn8cqBYC23g8g52qL7zashZhMSEz8xjDmHAA06Uwpw47sUK9EQK70QYPsvN-9f_ewcf35ahYD5usKTYKQhPjW8S0q0Ou9OtolXyL4LhYGA8-T5Jw33Epgcl-8U9xd1Rp4ODjgz_n52KTccVhIijhBf_q7386P_i20JsmeBKABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_26XfUpxHuy4m_QhzKj6jNfTc9A7Q%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 17 Mar 2022 20:22:20 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
privacy_small.svg
static.criteo.net/flash/icon/ Frame 9A3F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAFgIcH_YEeAATCcMHQn25iYyh0iQhGYw&u=%7C53p4L%2Bu0rWMeOFko3IKmq40IyVhbf6Bgz7IwBEfQt1M%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUDrsKhjwerj6PpzHw1ip9ScxvToNTb5TffiYm79N6ISTdLjrmszPRpsKectrxegdlYTHfSF5qmViYGL13jQKExZFSD4G5IlLP80rOW81SozK2MLsSj5Nm7yWfPluJ7zrdsVeUWdVInvkEw9yI-IxyMPieNE_ibAQyAn2u6EAEsKZfa1Jw7RvqNN1GE4nycvJk2QVf8rJs-6H_-KdQm-14SPg_y08ZaCJXLT9xFXA4BVGgBYNKqqF7ZD9t6B6IejPjl3KDpnLi8XjrFm4DcWUjaoXcnRKsMKTOcyUXVy74Kbl7SFB8_f83M7WvHMY8r7CODvwT7iv3za66FHLNirg0gpPP2GhweXi1yHDr1oX1XjIxtjGOgqCxxnBVY0PkvB0Lw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9T0le5gzYoeBFp6C9u8P8IST0AfJntKxXM3hkvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQJMKtfWA5OyPqgDAaoE6QFP0AXpOC6nEJu7w8odyx0lvH4eaUMALdnp26QpT4qrtBcIdpJHlTjQVVWmu3eKnjEIFpjVqb4pKJLCBieMPkWm9UqskE_TTVJgsXGG53Wsu-N5U6g13BmYrGhd8RX-WToSV_U1eiptVKYrOMgQIScNEng_5Qbzj5FIBUGIlMzPU2qstI_IAxXnecFtYcrZK7eL5vlRT4KLjhWW9ch7IWxssglTyKeXTDNZ64mruwj5RQa3QRsooPkpx42_v9GyXr9MiZVImyIBMD7jqjXeLxiTSpf_aSTl_r7qve45WkFRiJZnjJsK8NTQHYAGmpSN-dWShNO_AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2At_9YsjcV7zWxFO88moZKeTQ6Tw%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:21 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Mar 2023 20:22:21 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 9A3F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAFgIcH_YEeAATCcMHQn25iYyh0iQhGYw&u=%7C53p4L%2Bu0rWMeOFko3IKmq40IyVhbf6Bgz7IwBEfQt1M%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUDrsKhjwerj6PpzHw1ip9ScxvToNTb5TffiYm79N6ISTdLjrmszPRpsKectrxegdlYTHfSF5qmViYGL13jQKExZFSD4G5IlLP80rOW81SozK2MLsSj5Nm7yWfPluJ7zrdsVeUWdVInvkEw9yI-IxyMPieNE_ibAQyAn2u6EAEsKZfa1Jw7RvqNN1GE4nycvJk2QVf8rJs-6H_-KdQm-14SPg_y08ZaCJXLT9xFXA4BVGgBYNKqqF7ZD9t6B6IejPjl3KDpnLi8XjrFm4DcWUjaoXcnRKsMKTOcyUXVy74Kbl7SFB8_f83M7WvHMY8r7CODvwT7iv3za66FHLNirg0gpPP2GhweXi1yHDr1oX1XjIxtjGOgqCxxnBVY0PkvB0Lw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9T0le5gzYoeBFp6C9u8P8IST0AfJntKxXM3hkvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQJMKtfWA5OyPqgDAaoE6QFP0AXpOC6nEJu7w8odyx0lvH4eaUMALdnp26QpT4qrtBcIdpJHlTjQVVWmu3eKnjEIFpjVqb4pKJLCBieMPkWm9UqskE_TTVJgsXGG53Wsu-N5U6g13BmYrGhd8RX-WToSV_U1eiptVKYrOMgQIScNEng_5Qbzj5FIBUGIlMzPU2qstI_IAxXnecFtYcrZK7eL5vlRT4KLjhWW9ch7IWxssglTyKeXTDNZ64mruwj5RQa3QRsooPkpx42_v9GyXr9MiZVImyIBMD7jqjXeLxiTSpf_aSTl_r7qve45WkFRiJZnjJsK8NTQHYAGmpSN-dWShNO_AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2At_9YsjcV7zWxFO88moZKeTQ6Tw%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:21 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Mar 2023 20:22:21 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 9A3F 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAFgIcH_YEeAATCcMHQn25iYyh0iQhGYw&u=%7C53p4L%2Bu0rWMeOFko3IKmq40IyVhbf6Bgz7IwBEfQt1M%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUDrsKhjwerj6PpzHw1ip9ScxvToNTb5TffiYm79N6ISTdLjrmszPRpsKectrxegdlYTHfSF5qmViYGL13jQKExZFSD4G5IlLP80rOW81SozK2MLsSj5Nm7yWfPluJ7zrdsVeUWdVInvkEw9yI-IxyMPieNE_ibAQyAn2u6EAEsKZfa1Jw7RvqNN1GE4nycvJk2QVf8rJs-6H_-KdQm-14SPg_y08ZaCJXLT9xFXA4BVGgBYNKqqF7ZD9t6B6IejPjl3KDpnLi8XjrFm4DcWUjaoXcnRKsMKTOcyUXVy74Kbl7SFB8_f83M7WvHMY8r7CODvwT7iv3za66FHLNirg0gpPP2GhweXi1yHDr1oX1XjIxtjGOgqCxxnBVY0PkvB0Lw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9T0le5gzYoeBFp6C9u8P8IST0AfJntKxXM3hkvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQJMKtfWA5OyPqgDAaoE6QFP0AXpOC6nEJu7w8odyx0lvH4eaUMALdnp26QpT4qrtBcIdpJHlTjQVVWmu3eKnjEIFpjVqb4pKJLCBieMPkWm9UqskE_TTVJgsXGG53Wsu-N5U6g13BmYrGhd8RX-WToSV_U1eiptVKYrOMgQIScNEng_5Qbzj5FIBUGIlMzPU2qstI_IAxXnecFtYcrZK7eL5vlRT4KLjhWW9ch7IWxssglTyKeXTDNZ64mruwj5RQa3QRsooPkpx42_v9GyXr9MiZVImyIBMD7jqjXeLxiTSpf_aSTl_r7qve45WkFRiJZnjJsK8NTQHYAGmpSN-dWShNO_AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2At_9YsjcV7zWxFO88moZKeTQ6Tw%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:21 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 12 Mar 2023 20:22:21 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame 9A3F 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAFgIcH_YEeAATCcMHQn25iYyh0iQhGYw&u=%7C53p4L%2Bu0rWMeOFko3IKmq40IyVhbf6Bgz7IwBEfQt1M%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUDrsKhjwerj6PpzHw1ip9ScxvToNTb5TffiYm79N6ISTdLjrmszPRpsKectrxegdlYTHfSF5qmViYGL13jQKExZFSD4G5IlLP80rOW81SozK2MLsSj5Nm7yWfPluJ7zrdsVeUWdVInvkEw9yI-IxyMPieNE_ibAQyAn2u6EAEsKZfa1Jw7RvqNN1GE4nycvJk2QVf8rJs-6H_-KdQm-14SPg_y08ZaCJXLT9xFXA4BVGgBYNKqqF7ZD9t6B6IejPjl3KDpnLi8XjrFm4DcWUjaoXcnRKsMKTOcyUXVy74Kbl7SFB8_f83M7WvHMY8r7CODvwT7iv3za66FHLNirg0gpPP2GhweXi1yHDr1oX1XjIxtjGOgqCxxnBVY0PkvB0Lw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9T0le5gzYoeBFp6C9u8P8IST0AfJntKxXM3hkvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQJMKtfWA5OyPqgDAaoE6QFP0AXpOC6nEJu7w8odyx0lvH4eaUMALdnp26QpT4qrtBcIdpJHlTjQVVWmu3eKnjEIFpjVqb4pKJLCBieMPkWm9UqskE_TTVJgsXGG53Wsu-N5U6g13BmYrGhd8RX-WToSV_U1eiptVKYrOMgQIScNEng_5Qbzj5FIBUGIlMzPU2qstI_IAxXnecFtYcrZK7eL5vlRT4KLjhWW9ch7IWxssglTyKeXTDNZ64mruwj5RQa3QRsooPkpx42_v9GyXr9MiZVImyIBMD7jqjXeLxiTSpf_aSTl_r7qve45WkFRiJZnjJsK8NTQHYAGmpSN-dWShNO_AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2At_9YsjcV7zWxFO88moZKeTQ6Tw%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:21 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Sun, 12 Mar 2023 20:22:21 GMT
lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame 9A3F 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=MdNJDaj-_nUTPhwtB1-SiGYmvmtkz__egd5rNdXkz2827PRRnC3ep8rWoay9G7xUqorrc6ZtPHS-XynjFEQVWhDsxCQNSPO5UMgiVU93FtOf5fl76ZCea59vMRtiwMArDWLhwjNqt80K4FI-Y9-0t07hWeDWCG8jClJgjwrXx24KaiTUqdVWjSXK5ITLJ_ejpN1Q2UU-ipn2n_v4g91muF2zeSsCDqY1qNNajfLtrifPp5kK1pQ6Hb0KNpNL6mV9bkETKgvhZI1Za4dBNmn1qiTg1HM34pSHYIZyuC4XvISwrz4i9F6yGMPOOnNjNUl9euzd6y0nIwiY0WSHIOGdk8dmng5OkyfsbUKOqJHlkAclIADctUYlC__FrXpRoKuh51jVHfhnr3sPAQsjkm5HXl-DNAQlNL9578kKcen6fJ4MiMIuyry3qv3fnx_8fAPDhs4X5w
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAFgIcH_YEeAATCcMHQn25iYyh0iQhGYw&u=%7C53p4L%2Bu0rWMeOFko3IKmq40IyVhbf6Bgz7IwBEfQt1M%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUDrsKhjwerj6PpzHw1ip9ScxvToNTb5TffiYm79N6ISTdLjrmszPRpsKectrxegdlYTHfSF5qmViYGL13jQKExZFSD4G5IlLP80rOW81SozK2MLsSj5Nm7yWfPluJ7zrdsVeUWdVInvkEw9yI-IxyMPieNE_ibAQyAn2u6EAEsKZfa1Jw7RvqNN1GE4nycvJk2QVf8rJs-6H_-KdQm-14SPg_y08ZaCJXLT9xFXA4BVGgBYNKqqF7ZD9t6B6IejPjl3KDpnLi8XjrFm4DcWUjaoXcnRKsMKTOcyUXVy74Kbl7SFB8_f83M7WvHMY8r7CODvwT7iv3za66FHLNirg0gpPP2GhweXi1yHDr1oX1XjIxtjGOgqCxxnBVY0PkvB0Lw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9T0le5gzYoeBFp6C9u8P8IST0AfJntKxXM3hkvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQJMKtfWA5OyPqgDAaoE6QFP0AXpOC6nEJu7w8odyx0lvH4eaUMALdnp26QpT4qrtBcIdpJHlTjQVVWmu3eKnjEIFpjVqb4pKJLCBieMPkWm9UqskE_TTVJgsXGG53Wsu-N5U6g13BmYrGhd8RX-WToSV_U1eiptVKYrOMgQIScNEng_5Qbzj5FIBUGIlMzPU2qstI_IAxXnecFtYcrZK7eL5vlRT4KLjhWW9ch7IWxssglTyKeXTDNZ64mruwj5RQa3QRsooPkpx42_v9GyXr9MiZVImyIBMD7jqjXeLxiTSpf_aSTl_r7qve45WkFRiJZnjJsK8NTQHYAGmpSN-dWShNO_AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2At_9YsjcV7zWxFO88moZKeTQ6Tw%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 20:22:20 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3276639
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
animejs.js
static.criteo.net/animejs/ Frame 9A3F 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAFgIcH_YEeAATCcMHQn25iYyh0iQhGYw&u=%7C53p4L%2Bu0rWMeOFko3IKmq40IyVhbf6Bgz7IwBEfQt1M%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUDrsKhjwerj6PpzHw1ip9ScxvToNTb5TffiYm79N6ISTdLjrmszPRpsKectrxegdlYTHfSF5qmViYGL13jQKExZFSD4G5IlLP80rOW81SozK2MLsSj5Nm7yWfPluJ7zrdsVeUWdVInvkEw9yI-IxyMPieNE_ibAQyAn2u6EAEsKZfa1Jw7RvqNN1GE4nycvJk2QVf8rJs-6H_-KdQm-14SPg_y08ZaCJXLT9xFXA4BVGgBYNKqqF7ZD9t6B6IejPjl3KDpnLi8XjrFm4DcWUjaoXcnRKsMKTOcyUXVy74Kbl7SFB8_f83M7WvHMY8r7CODvwT7iv3za66FHLNirg0gpPP2GhweXi1yHDr1oX1XjIxtjGOgqCxxnBVY0PkvB0Lw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9T0le5gzYoeBFp6C9u8P8IST0AfJntKxXM3hkvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQJMKtfWA5OyPqgDAaoE6QFP0AXpOC6nEJu7w8odyx0lvH4eaUMALdnp26QpT4qrtBcIdpJHlTjQVVWmu3eKnjEIFpjVqb4pKJLCBieMPkWm9UqskE_TTVJgsXGG53Wsu-N5U6g13BmYrGhd8RX-WToSV_U1eiptVKYrOMgQIScNEng_5Qbzj5FIBUGIlMzPU2qstI_IAxXnecFtYcrZK7eL5vlRT4KLjhWW9ch7IWxssglTyKeXTDNZ64mruwj5RQa3QRsooPkpx42_v9GyXr9MiZVImyIBMD7jqjXeLxiTSpf_aSTl_r7qve45WkFRiJZnjJsK8NTQHYAGmpSN-dWShNO_AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2At_9YsjcV7zWxFO88moZKeTQ6Tw%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:21 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Mar 2023 20:22:21 GMT
all
csm.eu.criteo.net/ Frame 9A3F 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=-iQcm38m309QXgpdIS42xmu7L6k9SG8ANueLKm1IuZUgP0K7cgRhUapmmFzzsHL9_sCeaFV-jS6O0vLYNVUF4axw57kL7tL1b0osTI0skO8YeSXCy_EGst0tvHDgy8O9VSOE235z9m57dfkHXhwcRN1vsMeKS3HTRw6dMxgGhiqEPxJiuVKwNWYdURmzqpSxcHnZspV5wCNHXB1WmbOoRBupoKNVHwmiN_-IOou9LXcbHqR2qXv9YhbhxS2Al1g8m4vDTw&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAFgIcH_YEeAATCcMHQn25iYyh0iQhGYw&u=%7C53p4L%2Bu0rWMeOFko3IKmq40IyVhbf6Bgz7IwBEfQt1M%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUDrsKhjwerj6PpzHw1ip9ScxvToNTb5TffiYm79N6ISTdLjrmszPRpsKectrxegdlYTHfSF5qmViYGL13jQKExZFSD4G5IlLP80rOW81SozK2MLsSj5Nm7yWfPluJ7zrdsVeUWdVInvkEw9yI-IxyMPieNE_ibAQyAn2u6EAEsKZfa1Jw7RvqNN1GE4nycvJk2QVf8rJs-6H_-KdQm-14SPg_y08ZaCJXLT9xFXA4BVGgBYNKqqF7ZD9t6B6IejPjl3KDpnLi8XjrFm4DcWUjaoXcnRKsMKTOcyUXVy74Kbl7SFB8_f83M7WvHMY8r7CODvwT7iv3za66FHLNirg0gpPP2GhweXi1yHDr1oX1XjIxtjGOgqCxxnBVY0PkvB0Lw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9T0le5gzYoeBFp6C9u8P8IST0AfJntKxXM3hkvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQJMKtfWA5OyPqgDAaoE6QFP0AXpOC6nEJu7w8odyx0lvH4eaUMALdnp26QpT4qrtBcIdpJHlTjQVVWmu3eKnjEIFpjVqb4pKJLCBieMPkWm9UqskE_TTVJgsXGG53Wsu-N5U6g13BmYrGhd8RX-WToSV_U1eiptVKYrOMgQIScNEng_5Qbzj5FIBUGIlMzPU2qstI_IAxXnecFtYcrZK7eL5vlRT4KLjhWW9ch7IWxssglTyKeXTDNZ64mruwj5RQa3QRsooPkpx42_v9GyXr9MiZVImyIBMD7jqjXeLxiTSpf_aSTl_r7qve45WkFRiJZnjJsK8NTQHYAGmpSN-dWShNO_AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2At_9YsjcV7zWxFO88moZKeTQ6Tw%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 17 Mar 2022 20:22:20 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 9A3F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAFgIcH_YEeAATCcMHQn25iYyh0iQhGYw&u=%7C53p4L%2Bu0rWMeOFko3IKmq40IyVhbf6Bgz7IwBEfQt1M%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUDrsKhjwerj6PpzHw1ip9ScxvToNTb5TffiYm79N6ISTdLjrmszPRpsKectrxegdlYTHfSF5qmViYGL13jQKExZFSD4G5IlLP80rOW81SozK2MLsSj5Nm7yWfPluJ7zrdsVeUWdVInvkEw9yI-IxyMPieNE_ibAQyAn2u6EAEsKZfa1Jw7RvqNN1GE4nycvJk2QVf8rJs-6H_-KdQm-14SPg_y08ZaCJXLT9xFXA4BVGgBYNKqqF7ZD9t6B6IejPjl3KDpnLi8XjrFm4DcWUjaoXcnRKsMKTOcyUXVy74Kbl7SFB8_f83M7WvHMY8r7CODvwT7iv3za66FHLNirg0gpPP2GhweXi1yHDr1oX1XjIxtjGOgqCxxnBVY0PkvB0Lw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9T0le5gzYoeBFp6C9u8P8IST0AfJntKxXM3hkvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQJMKtfWA5OyPqgDAaoE6QFP0AXpOC6nEJu7w8odyx0lvH4eaUMALdnp26QpT4qrtBcIdpJHlTjQVVWmu3eKnjEIFpjVqb4pKJLCBieMPkWm9UqskE_TTVJgsXGG53Wsu-N5U6g13BmYrGhd8RX-WToSV_U1eiptVKYrOMgQIScNEng_5Qbzj5FIBUGIlMzPU2qstI_IAxXnecFtYcrZK7eL5vlRT4KLjhWW9ch7IWxssglTyKeXTDNZ64mruwj5RQa3QRsooPkpx42_v9GyXr9MiZVImyIBMD7jqjXeLxiTSpf_aSTl_r7qve45WkFRiJZnjJsK8NTQHYAGmpSN-dWShNO_AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2At_9YsjcV7zWxFO88moZKeTQ6Tw%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:21 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Mar 2023 20:22:21 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 9A3F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAFgIcH_YEeAATCcMHQn25iYyh0iQhGYw&u=%7C53p4L%2Bu0rWMeOFko3IKmq40IyVhbf6Bgz7IwBEfQt1M%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUDrsKhjwerj6PpzHw1ip9ScxvToNTb5TffiYm79N6ISTdLjrmszPRpsKectrxegdlYTHfSF5qmViYGL13jQKExZFSD4G5IlLP80rOW81SozK2MLsSj5Nm7yWfPluJ7zrdsVeUWdVInvkEw9yI-IxyMPieNE_ibAQyAn2u6EAEsKZfa1Jw7RvqNN1GE4nycvJk2QVf8rJs-6H_-KdQm-14SPg_y08ZaCJXLT9xFXA4BVGgBYNKqqF7ZD9t6B6IejPjl3KDpnLi8XjrFm4DcWUjaoXcnRKsMKTOcyUXVy74Kbl7SFB8_f83M7WvHMY8r7CODvwT7iv3za66FHLNirg0gpPP2GhweXi1yHDr1oX1XjIxtjGOgqCxxnBVY0PkvB0Lw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9T0le5gzYoeBFp6C9u8P8IST0AfJntKxXM3hkvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQJMKtfWA5OyPqgDAaoE6QFP0AXpOC6nEJu7w8odyx0lvH4eaUMALdnp26QpT4qrtBcIdpJHlTjQVVWmu3eKnjEIFpjVqb4pKJLCBieMPkWm9UqskE_TTVJgsXGG53Wsu-N5U6g13BmYrGhd8RX-WToSV_U1eiptVKYrOMgQIScNEng_5Qbzj5FIBUGIlMzPU2qstI_IAxXnecFtYcrZK7eL5vlRT4KLjhWW9ch7IWxssglTyKeXTDNZ64mruwj5RQa3QRsooPkpx42_v9GyXr9MiZVImyIBMD7jqjXeLxiTSpf_aSTl_r7qve45WkFRiJZnjJsK8NTQHYAGmpSN-dWShNO_AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2At_9YsjcV7zWxFO88moZKeTQ6Tw%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:21 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Mar 2023 20:22:21 GMT
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame A1CC 		254 B
674 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
18477
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
yeuhtSaIHTRzn5Sb/BhoRbmorY6jlIGKTN3jBjNJ2gjscig6jQv3GZOmCUvDSqzUCzHWH69H00k=
x-served-by
cache-hhn4081-HHN
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1647548542.847469,VS0,VE0
date
Thu, 17 Mar 2022 20:22:21 GMT
x-amz-request-id
DM4PBFJ9QH08DD7N
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
25
x-cache-hits
3677
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 7E0E 		254 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
18477
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
yeuhtSaIHTRzn5Sb/BhoRbmorY6jlIGKTN3jBjNJ2gjscig6jQv3GZOmCUvDSqzUCzHWH69H00k=
x-served-by
cache-hhn4081-HHN
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1647548542.946019,VS0,VE0
date
Thu, 17 Mar 2022 20:22:21 GMT
x-amz-request-id
DM4PBFJ9QH08DD7N
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
25
x-cache-hits
3678
cds-pips.js
cdn.taboola.com/scripts/ Frame A1CC 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220317-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding
gzip
etag
"3aa74dbf5cd656dbb65deda2d238ddbd"
age
1540
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
911
x-amz-id-2
3ooERr0EdY38VCsujzdBLxFyMxxIwT9TvmjmUUsyE7y0ZsXAo3xsmgaOj6Q8i0uVgL3KsmWI/jru4l7xGcurVg==
x-served-by
cache-hhn4081-HHN
last-modified
Wed, 14 Jul 2021 05:06:01 GMT
server
AmazonS3
x-timer
S1647548542.101243,VS0,VE0
date
Thu, 17 Mar 2022 20:22:22 GMT
vary
Accept-Encoding
x-amz-request-id
WS5T00GB0CFS2RGF
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
25
x-cache-hits
3059
eid.js
cdn.taboola.com/scripts/ Frame A1CC 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eid.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220317-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
82f3e86bf88366e93c62eb14a8a7aa06afb75aa135c27988f3ccb946875d2f33

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
Rgk6TX83.a2Xbi9.mRUycMEPnxVzEJhe
content-encoding
gzip
etag
"f7917ed1eb799a729725a7db50d1f828"
age
16919
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5258
x-amz-id-2
EwjnA1m7DFjnk4Q/HTHhIyhScuXOn45gr6W3OjlUeJRdijSn84zkGq2a9MhWZXCEkR6K5jj11w0=
x-served-by
cache-hhn4081-HHN
last-modified
Tue, 28 Dec 2021 08:10:40 GMT
server
AmazonS3
x-timer
S1647548542.101342,VS0,VE0
date
Thu, 17 Mar 2022 20:22:22 GMT
vary
Accept-Encoding
x-amz-request-id
2NXV5CRDB1RZETY5
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
25
x-cache-hits
34372
/
pips.taboola.com/ Frame A1CC 		64 B
243 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
3d02c41e04bcf3ea222a276e22b80a72b1c4049c73787daf04cc3c9eac4a9cdc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:22 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-mxp6963-MXP
access-control-allow-methods
GET
access-control-allow-origin
https://www.threatminer.org
cache-control
no-store
x-cache
HIT
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
/
cds.taboola.com/ Frame A1CC 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=91430338-dd96-4fff-91eb-ac4a94df2317-tuct92d1dfb&uad=863b15218682dd48bea07d2a0370c59e5a136bf8424acd0b56ac1d917687a374
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 17 Mar 2022 20:22:22 GMT
Cache-Control
no-store
Server
nginx
Connection
close
cds-pips.js
cdn.taboola.com/scripts/ Frame 7E0E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220317-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding
gzip
etag
"3aa74dbf5cd656dbb65deda2d238ddbd"
age
1541
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
911
x-amz-id-2
3ooERr0EdY38VCsujzdBLxFyMxxIwT9TvmjmUUsyE7y0ZsXAo3xsmgaOj6Q8i0uVgL3KsmWI/jru4l7xGcurVg==
x-served-by
cache-hhn4081-HHN
last-modified
Wed, 14 Jul 2021 05:06:01 GMT
server
AmazonS3
x-timer
S1647548542.269512,VS0,VE0
date
Thu, 17 Mar 2022 20:22:22 GMT
vary
Accept-Encoding
x-amz-request-id
WS5T00GB0CFS2RGF
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
25
x-cache-hits
3060
eid.js
cdn.taboola.com/scripts/ Frame 7E0E 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eid.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220317-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
82f3e86bf88366e93c62eb14a8a7aa06afb75aa135c27988f3ccb946875d2f33

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
Rgk6TX83.a2Xbi9.mRUycMEPnxVzEJhe
content-encoding
gzip
etag
"f7917ed1eb799a729725a7db50d1f828"
age
16919
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5258
x-amz-id-2
EwjnA1m7DFjnk4Q/HTHhIyhScuXOn45gr6W3OjlUeJRdijSn84zkGq2a9MhWZXCEkR6K5jj11w0=
x-served-by
cache-hhn4081-HHN
last-modified
Tue, 28 Dec 2021 08:10:40 GMT
server
AmazonS3
x-timer
S1647548542.269630,VS0,VE0
date
Thu, 17 Mar 2022 20:22:22 GMT
vary
Accept-Encoding
x-amz-request-id
2NXV5CRDB1RZETY5
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
25
x-cache-hits
34374
/
pips.taboola.com/ Frame 7E0E 		64 B
99 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
3d02c41e04bcf3ea222a276e22b80a72b1c4049c73787daf04cc3c9eac4a9cdc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:22:22 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-mxp6963-MXP
access-control-allow-methods
GET
access-control-allow-origin
https://www.threatminer.org
cache-control
no-store
x-cache
HIT
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
/
cds.taboola.com/ Frame 7E0E 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=905492e9-08ab-4b54-b02c-7e3aed2ede47-tuct92d1dfb&uad=863b15218682dd48bea07d2a0370c59e5a136bf8424acd0b56ac1d917687a374
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 17 Mar 2022 20:22:22 GMT
Cache-Control
no-store
Server
nginx
Connection
close
all
csm.eu.criteo.net/ Frame AD4C 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=ZTyM_n8m309QXgpddEDXZKTgYTVxGHGCFo58u56IZbrv1cMTdDWtVwv5TEH_7x_OHPBzv0uMkQ7v5koF8NSlcgkZKgVBIB76vrS00E_GVsLwlJWfXsYhKctAM1g1NnJwvMn41ESC5uzvIAm__xCk5Uywm-I_HDUtLBOLjo1VOWt07QaTEGVWgjpR9l-fW8hLlHrFvEK_yuj5PQuZH79MmhtKqVAEdvEyyh9eUI4ArN-NpX9Swjad23DajRPPkrYETun3Rw&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjOYewAFBNQKwlSvAAr6C7Wf3l8tKt5G_N6MsQ&u=%7C53p4L%2Bu0rWNn4i3xCBKCIxYnCP%2FzJOWrZ%2B6D8H6ABdM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZaAgZ6Zq4A97VoyRtB5juWrbcTCGS5dG8n78RyvSsyonrnv6k0TN2Vw2r_H89DYzUrXZOjNvuLW31lxHy6-FkZboMzx3ZVxAMhxjPqpWNpcMHv0AuLjMFSxCiZzWxFxHo3-7SBq9y29En88DR45xIjItPZxf6LJOQBZh0fZIWdqUa2ll9xha5ZMkdSmEoAbOcQVwxKCzyGcmGvWwEadvbWDVpbAvwoxve1z8TZExayxcdXAviKINBd_XN5lupepBtibwGKOxQmQAM170gTU5KN3O4Ep684qGxIBDLK6IPL7uyvocqjQ7YrtvixP3_Nvke4R-EM55wfKDJGSs31b28EzobkZAVNQZI0T6iiposyj_b1AnKW3vRK1T3bvSu2wDA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbmdre5gzYtSJFK-piQaL9KvwCcme0rFc9eqhhogBwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQLtjfzbp6OyPqgDAaoE7gFP0MH0kXzSeUKXy-CPaWSWqNaTZOrMvVp0HkGLqX1aLbiO4XbXzH5CHKAg9a2pL_pMaoj1H7UtLRvOy3oEu5r4vwIPkmxCfrnREYX6Mj9WqcxF1r3EcdClZMfvDOWxMYjjMV2fiOOIeIySqPJGHxCa7CrAtoWauYWmDo-O3-K89l_zN-7YbQKfOQJs19Q9O-0hhtGBu5ihjv8cAT2vkIKu78DD16lEk8QiD60r8jc10z0DVbY1DjczXmGzndE4YPM6EAYnVO6moqACSd6I5FL0sqBITQbbQxcKnSoMJ3nmgxq5u1iuoFjZSLpIvUHdgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_04DDEXhZq359YFxJbqUUK6sxcNjg%26client%3Dca-pub-5720763271532377%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 17 Mar 2022 20:22:22 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
disqus.com
URL
https://disqus.com/embed/comments/?base=default&f=threatminer&t_i=ip.acc.sogou.com&t_u=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&t_d=Domain%3A%20ip.acc.sogou.com%20%7C%20ThreatMiner.org&t_t=Domain%3A%20ip.acc.sogou.com%20%7C%20ThreatMiner.org&s_o=default
Domain
sync.inmobi.com
URL
https://sync.inmobi.com/oRTB?redirect=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fim-usync%3Fuid%3D%7BID5UID%7D
Domain
reporting.services.disqus.com
URL
https://reporting.services.disqus.com/_log/taboola?placement=%7B%22domain%22%3A%20%22https%3A%2F%2Fwww.threatminer.org%22%2C%20%22experiment%22%3A%20%22network_default%22%2C%20%22position%22%3A%20%22top%22%2C%20%22shortname%22%3A%20%22threatminer%22%2C%20%22variant%22%3A%20%22fallthrough%22%7D&is_taboola_named=false&language=en&colorscheme=light&typeface=sans-serif&variant=fallthrough&forum_id=5993718&source_url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&organization_id=4448595&taboola_publisher_name=disqus-widget-safetylevel20longtail09&experiment=network_default&mode=thumbnails-a&position=top&shortname=threatminer&referrer_url=https%3A%2F%2Fwww.threatminer.org%2F&canonical_url&q=ip.acc.sogou.com&1647548539358
Domain
reporting.services.disqus.com
URL
https://reporting.services.disqus.com/_log/taboola?placement=%7B%22domain%22%3A%20%22https%3A%2F%2Fwww.threatminer.org%22%2C%20%22experiment%22%3A%20%22network_default%22%2C%20%22position%22%3A%20%22bottom%22%2C%20%22shortname%22%3A%20%22threatminer%22%2C%20%22variant%22%3A%20%22fallthrough%22%7D&is_taboola_named=false&language=en&colorscheme=light&typeface=sans-serif&variant=fallthrough&forum_id=5993718&source_url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&organization_id=4448595&taboola_publisher_name=disqus-widget-safetylevel20longtail09&experiment=network_default&mode=thumbnails-b&position=bottom&shortname=threatminer&referrer_url=https%3A%2F%2Fwww.threatminer.org%2F&canonical_url&q=ip.acc.sogou.com&1647548539368
Domain
images.taboola.com
URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/45fba52f57e5a3036342c9f31469159e.jpg
Domain
images.taboola.com
URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5caf2e65bec1862417560f766e3017ed.jpg
Domain
images.taboola.com
URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fc47205c0ca2dce69b72d3f6b5ea6e0f.jpeg

Verdicts & Comments Add Verdict or Comment

143 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 function| structuredClone object| oncontextlost object| oncontextrestored string| GoogleAnalyticsObject function| ga object| adsbygoogle function| disqus_config function| $ function| jQuery object| jQuery1124033527038658053376 object| google_tag_data object| gaplugins object| gaGlobal object| gaData undefined| _ function| setImmediate function| clearImmediate object| __core-js_shared__ object| pdfMake function| createPdf function| JSZip function| check_have_i_been_pwned function| getData function| getReportData function| getReport function| find_reports function| show_report function| checkForm function| createCookie function| readCookie function| eraseCookie object| SocialShareKit number| infolinks_pid number| infolinks_wsid object| $iceboot object| INFOLINKS object| googletag object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map string| google_user_agent_client_hint object| DISQUS object| psl object| rt function| mkfirst function| mklast function| b function| tipclick function| tipon function| tipoff function| go function| rtgo boolean| rtpleasego function| rtcb object| __twttrll object| twttr object| __twttr function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| _typeof object| $ice object| $infolinks object| __gcse object| module$exports$cse$search object| module$exports$cse$CustomImageSearch object| module$exports$cse$CustomWebSearch object| google object| module$exports$cse$searchcontrol object| module$exports$cse$customsearchcontrol function| _googCsa number| nextSearchboxId number| $iceId object| google_image_requests number| googleNDT_ number| googleAltLoader object| TRC number| taboola_view_id object| google_llp object| _google_rum_ns_ function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| ima object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent function| ILVideo object| cmTag function| webpackHotUpdate function| startCMTagMain object| _taboola

56 Cookies

Domain/Path Name / Value
www.threatminer.org/ Name: PHPSESSID
Value: fsrjnpr56ab3m7efd2o6ll7n26
.threatminer.org/ Name: _ga
Value: GA1.2.738020247.1647548539
.threatminer.org/ Name: _gid
Value: GA1.2.890291527.1647548539
.threatminer.org/ Name: _gat
Value: 1
www.threatminer.org/ Name: logglytrackingsession
Value: e70ea28c-2841-4818-a961-922246b1477a
.threatminer.org/ Name: __gads
Value: ID=6082e33e6cecd8b1-22fb64ad5ecd0061:T=1647548539:RT=1647548539:S=ALNI_MZOJkIAopPNiCdrpGiFt7OQj6kt6g
.infolinks.com/ Name: cuid
Value: 9ebee591-2240-43ac-a878-44b571de4091
.casalemedia.com/ Name: CMID
Value: YjOYe9vPjP40KnObWOFA3gAA
.casalemedia.com/ Name: CMPS
Value: 5201
.adnxs.com/ Name: uuid2
Value: 6670387150791064016
.advertising.com/ Name: APID
Value: UPf1ed09f4-a62f-11ec-a432-06bfa37d4102
.casalemedia.com/ Name: CMPRO
Value: 1150
.casalemedia.com/ Name: CMST
Value: YjOYe2IzmHsA
.doubleclick.net/ Name: IDE
Value: AHWqTUkFGRuqqHoGMJ0N7YNzD2OjjM5Tu7awdHZJwvn3lX3xFPUFFnP-HsmgcAmLFRI
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.360yield.com/ Name: tuuid
Value: 3c428a9d-5413-49a9-bf5c-63d877debea1
.360yield.com/ Name: tuuid_lu
Value: 1647548539
.adsrvr.org/ Name: TDID
Value: a378dff8-b7a6-4ce2-ae34-61798a73e832
.cpx.to/ Name: cpSess
Value: 1a3a70e204a4ca85
.cpx.to/ Name: dsp_app_nexus
Value: 6670387150791064016#1647548539531
.acuityplatform.com/ Name: auid
Value: 656686392351
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqAOPqNdXNlck1hdGNoaW5nSWTQkWxhc3REcm9wVGltZU1pbGxpcyUBP2YxOheOmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAT9mMToXjo90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.scorecardresearch.com/ Name: UID
Value: 1447e2929391505ab2db3ed1647548539
.turn.com/ Name: uid
Value: 8186704334279025973
.infolinks.com/ Name: ANUSERCOOKIE
Value: 6670387150791064016
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwi48tuU0pfEOhAFOAE.
.infolinks.com/ Name: IXUSERCOOKIE
Value: YjOYe9vPjP40KnObWOFA3gAA&1150
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-4dacb8ab-8728-409c-9d1d-d87ac35c6778-003%22%2C%22nxtrdr%22%3Afalse%7D
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAFslzmtoZmJuamJhamxpbmwIADzHHU0QAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNjU0sDA1tTQ3MjK3MLc0MLAwsBTiM9Qtr0gtDK-siDJxK08FAKRpjuUlAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNjU0sDA1tTQ3MjK3MLc0MLAwsBTiM9Qtr0gtDK-siDJxK0-V4jU0MzE3NbEwNbY0NzYEAFdXBdE0AAAA
.infolinks.com/ Name: IMDUSERCOOKIE
Value: 3c428a9d-5413-49a9-bf5c-63d877debea1
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-4dacb8ab-8728-409c-9d1d-d87ac35c6778-003%22%7D
.yahoo.com/ Name: A3
Value: d=AQABBHuYM2ICENZXN-REyfGGfzaAlKxKUaYFEgEBAQHpNGI9YgAAAAAA_eMAAA&S=AQAAAmyyubStAYKa2thgjnSJWeU
.infolinks.com/ Name: ZTUSERCOOKIE
Value: 5108559722787900809
.casalemedia.com/ Name: CMRUM3
Value: c36233987b2760av-1ab5bd1b-95ca-4b1b-813a-649282fb6ec1&276233987b0b40&0a6233987b2760656686392351&2d6233987b2760CAESEFIKqsyw-ViXLDdaRXZ550M&116233987b05a0&e66233987b2760&f16233987b05a0&046233987b27608186704334279025973
.infolinks.com/ Name: R1USERCOOKIE
Value: RX-4dacb8ab-8728-409c-9d1d-d87ac35c6778-003
.analytics.yahoo.com/ Name: IDSYNC
Value: 192u~23t8
www.threatminer.org/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D905492e9-08ab-4b54-b02c-7e3aed2ede47-tuct92d1dfb
.bnmla.com/ Name: rx_sspurl_1000361
Value: https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fenbd-usync%3Fuid%3D521aae50-2b80-448d-9e76-c5a2d66e5536
.bnmla.com/ Name: rx_uuid
Value: 521aae50-2b80-448d-9e76-c5a2d66e5536
.bnmla.com/ Name: rx_maxage_1000361
Value: 1648844540
.bnmla.com/ Name: rx_sspid_1000361
Value: 1_6_170_162_175_181_19_203_213
.infolinks.com/ Name: VRUSERCOOKIE
Value: y-hySLVRJE2uEYbL_0L1.ekD8EhUKMHj3GXXvKrzo-~A
.infolinks.com/ Name: OUTHUSERCOOKIE
Value: y-U6PqO9VE2uGoPQ3ZERWsMtTi8VUMNuW4~A~UPf1ed09f4-a62f-11ec-a432-06bfa37d4102
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 6cd09a647cd943e6
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.pubmatic.com/ Name: SyncRTB3
Value: 1648684800%3A220
.pubmatic.com/ Name: KADUSERCOOKIE
Value: D6526E1A-2A05-467D-AE4D-7BE12B1C08DC
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: pi
Value: 156872:3
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.infolinks.com/ Name: PUBMUSERCOOKIE
Value: D6526E1A-2A05-467D-AE4D-7BE12B1C08DC
.tapad.com/ Name: TapAd_TS
Value: 1647548544844
.tapad.com/ Name: TapAd_DID
Value: 8110f159-3ce4-4e28-b990-b4369e99ea0a
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:

5 Console Messages

Source Level URL
Text
javascript error URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Message:
Access to XMLHttpRequest at 'https://reporting.services.disqus.com/_log/taboola?placement=%7B%22domain%22%3A%20%22https%3A%2F%2Fwww.threatminer.org%22%2C%20%22experiment%22%3A%20%22network_default%22%2C%20%22position%22%3A%20%22top%22%2C%20%22shortname%22%3A%20%22threatminer%22%2C%20%22variant%22%3A%20%22fallthrough%22%7D&is_taboola_named=false&language=en&colorscheme=light&typeface=sans-serif&variant=fallthrough&forum_id=5993718&source_url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&organization_id=4448595&taboola_publisher_name=disqus-widget-safetylevel20longtail09&experiment=network_default&mode=thumbnails-a&position=top&shortname=threatminer&referrer_url=https%3A%2F%2Fwww.threatminer.org%2F&canonical_url&q=ip.acc.sogou.com&1647548539358' from origin 'https://www.threatminer.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://reporting.services.disqus.com/_log/taboola?placement=%7B%22domain%22%3A%20%22https%3A%2F%2Fwww.threatminer.org%22%2C%20%22experiment%22%3A%20%22network_default%22%2C%20%22position%22%3A%20%22top%22%2C%20%22shortname%22%3A%20%22threatminer%22%2C%20%22variant%22%3A%20%22fallthrough%22%7D&is_taboola_named=false&language=en&colorscheme=light&typeface=sans-serif&variant=fallthrough&forum_id=5993718&source_url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&organization_id=4448595&taboola_publisher_name=disqus-widget-safetylevel20longtail09&experiment=network_default&mode=thumbnails-a&position=top&shortname=threatminer&referrer_url=https%3A%2F%2Fwww.threatminer.org%2F&canonical_url&q=ip.acc.sogou.com&1647548539358
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.threatminer.org/domain.php?q=ip.acc.sogou.com
Message:
Access to XMLHttpRequest at 'https://reporting.services.disqus.com/_log/taboola?placement=%7B%22domain%22%3A%20%22https%3A%2F%2Fwww.threatminer.org%22%2C%20%22experiment%22%3A%20%22network_default%22%2C%20%22position%22%3A%20%22bottom%22%2C%20%22shortname%22%3A%20%22threatminer%22%2C%20%22variant%22%3A%20%22fallthrough%22%7D&is_taboola_named=false&language=en&colorscheme=light&typeface=sans-serif&variant=fallthrough&forum_id=5993718&source_url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&organization_id=4448595&taboola_publisher_name=disqus-widget-safetylevel20longtail09&experiment=network_default&mode=thumbnails-b&position=bottom&shortname=threatminer&referrer_url=https%3A%2F%2Fwww.threatminer.org%2F&canonical_url&q=ip.acc.sogou.com&1647548539368' from origin 'https://www.threatminer.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://reporting.services.disqus.com/_log/taboola?placement=%7B%22domain%22%3A%20%22https%3A%2F%2Fwww.threatminer.org%22%2C%20%22experiment%22%3A%20%22network_default%22%2C%20%22position%22%3A%20%22bottom%22%2C%20%22shortname%22%3A%20%22threatminer%22%2C%20%22variant%22%3A%20%22fallthrough%22%7D&is_taboola_named=false&language=en&colorscheme=light&typeface=sans-serif&variant=fallthrough&forum_id=5993718&source_url=https%3A%2F%2Fwww.threatminer.org%2Fdomain.php%3Fq%3Dip.acc.sogou.com&organization_id=4448595&taboola_publisher_name=disqus-widget-safetylevel20longtail09&experiment=network_default&mode=thumbnails-b&position=bottom&shortname=threatminer&referrer_url=https%3A%2F%2Fwww.threatminer.org%2F&canonical_url&q=ip.acc.sogou.com&1647548539368
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://match.bnmla.com/usersync?dspid=1&uuid=tMBCGMuFEACK&ev=1&us_privacy=${us_privacy}&pid=558752
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
abs.twimg.com
ad.360yield.com
ad.turn.com
ads.eu.criteo.com
adservice.google.com
adservice.google.de
ap.lijit.com
b1sync.zemanta.com
bh.contextweb.com
c.disquscdn.com
cat.nl.eu.criteo.com
cdn.syndication.twimg.com
cdn.taboola.com
cds.taboola.com
clients1.google.com
cm.g.doubleclick.net
cse.google.com
csm.eu.criteo.net
de.tynt.com
disqus.com
dsp.adkernel.com
dsum-sec.casalemedia.com
googleads.g.doubleclick.net
i.creativecommons.org
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image8.pubmatic.com
images.taboola.com
imasdk.googleapis.com
imprammp.taboola.com
licensebuttons.net
match.adsrvr.org
match.bnmla.com
nep.advangelists.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pbs.twimg.com
pips.taboola.com
pix.eu.criteo.net
pixel.advertising.com
pixel.tapad.com
platform.twitter.com
referrer.disqus.com
reporting.services.disqus.com
resources.infolinks.com
router.infolinks.com
rt3024.infolinks.com
rtb.fr.eu.criteo.com
rtb.nl.eu.criteo.com
s.amazon-adsystem.com
s.cpx.to
sb.scorecardresearch.com
secure-gl.imrworldwide.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
static.criteo.net
sync.1rx.io
sync.go.sonobi.com
sync.inmobi.com
sync.targeting.unrulymedia.com
syndication.twitter.com
tempest.services.disqus.com
thmirt.robtex.com
threatminer.disqus.com
ton.twimg.com
tpc.googlesyndication.com
trc.taboola.com
u.openx.net
ums.acuityplatform.com
ups.analytics.yahoo.com
vidstat.taboola.com
www.google-analytics.com
www.google.com
www.googleapis.com
www.googletagservices.com
www.threatminer.org
disqus.com
images.taboola.com
reporting.services.disqus.com
sync.inmobi.com
104.244.42.8
104.90.181.210
13.32.99.23
141.226.224.32
142.250.181.226
142.250.186.130
151.101.193.44
151.101.64.134
154.59.122.79
172.66.41.9
174.137.133.49
178.162.133.149
178.250.2.135
178.250.2.148
178.250.2.150
18.185.44.17
185.64.190.80
192.82.242.208
193.0.160.128
198.148.27.140
198.47.127.20
199.232.192.134
199.232.196.134
199.232.196.64
2001:678:cb4:bbbb::11
209.54.177.54
213.19.147.44
216.52.2.39
2600:9000:2156:d800:6:8656:f5c0:93a1
2600:9000:225a:7400:1e:a43d:b640:93a1
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:233:7ee2:97c:ab4c:6c70:be36
2606:2800:233:8173:898f:63b3:95c3:79d2
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:10::6814:9710
2606:4700:20::681a:5d6
2606:4700:20::681a:672
2606:4700:20::681a:feb
2a00:1450:4001:808::200e
2a00:1450:4001:80f::200a
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:812::2004
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2002
2a00:1450:400e:810::2002
2a00:1450:400e:810::200e
2a00:1450:400e:811::200a
2a02:2638:1::11
2a02:2638:1::2
2a02:2638::2
2a02:2638::3
2a04:4e42:400::300
34.250.1.173
34.255.218.80
35.227.248.159
35.244.159.8
35.71.131.137
37.252.173.27
38.27.122.158
50.17.222.208
51.89.9.253
54.153.103.110
64.202.112.127
67.202.105.24
67.202.105.33
023532e7417dded0bfb0b9ad813c48bff31bd42373525e0eb24396d5e84c311f
058b7f33a61ef0de50995d1e74f6d171f0923c3305824a47bf588c6c4cf2fd8a
05c1b47cbc0bd73b54d4ba9d4782c7038fad368d90a133c30144ca90cdacea08
05f8a853b24b8f63be958490ca3df93c07e949cc017849d55aa70660d501eae3
0684503231b8f925a2059184197b1a447f90392494b96b2b02d6c07cc89f62a1
069d7a7c226fdef601e182e031dcfb8ab175516f08f4f57ca7994d2b5f832e17
06a9d6e3450dcfb31f019e9f27dc4e9a84a51f65129a6cb79aabaa73f2964aaf
07a081c6a38ab09a0163aecaaf77713ffae6e09d06ba1a112efef22e01857ddc
080069b2dce01872cbc2bfcc0b6a2cd9b9a5b9fbb22fc1683ece0cea17aac96f
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b13f84a6dde5e31b8a9e05852d609f5aa9d41b1b86c26d2d4f773b7dca0a675
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
0df35dc4906a0b5425ab3e2dd3e7b4aee3c01734f8966c3f38aade193df6bbca
0ec2b0b4c13e431046ac9342f7b2b974e2b9fb23cc6828d557a8c0a7d4da20ba
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
106f36a58408c097b1febcc9f0fe8fdf3dc79fb29b120f06e2172dcc1ac0c921
13da23e323658067823edcbc9f6033522a57cbe4325eb72470ab93f6c77f5c38
14ad8a76fbc518f57f46d4f8d37c962ebc8776428773f9d613ee527fab472c17
14e473d33a4e7081a5acf2c02eb8b8d2800dd827f333b96ab40120a5816420bc
1563b4b7778cd83abd36fe33c751c32d18533abb40905f99aca22f64a70df50c
164c27d4eda016f39091f2d7b7ec30062e06597f874bb7a2a702b71f01d1dae3
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
18f50752d3665f518947dbb033aeb83022d915c0625810db4d78c1e4cad76a77
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
1c4fe0cc424c39e9c4797b25e8a4fda45cf96ca81c0c5d799144e21fba76a477
1de1b94f2eb27f99f30e3a3afdfc9db5333cca95520d2342b73ee5db60fd8bae
215667f9e3ec661991bab882d051bde245e642548a5b25b7a8500a67c28dcf50
2161e1f1a09607774b072e2dbaf494f1268d29cef775541542bf9d42b1e67919
219bae97d4f16ea48ffb78a363182c5ea2a3937488b03fb74a89b60d0e80aa50
2233b5245323b0dd4fc358cfa901b52db32efbe201043b4e7ac5e5455e237ba2
22841fbfbd90b3664e6a10924d684e69f3abc6567acac5fac9d83e89b1ff65ab
2530adbc58d971474448b98ddb000140482318b1e9b0a9e477bcf8945b774b49
268dfb1131e147b12fe728c27f9e8186fa739a25a9ab7d70946d9e8d1d5b597a
26b455d05301acda19c24cf35fa5aec0945bf50244421d00678502a785d33393
27078706c3d7dce41daba975d93a3956ebe09ce8035eed3c3ea0c3d83844b91d
28350b1ee2c38c7a5eb134d520dedd01ab578d81c2ebe814e63e5d212c6ab1f1
28dd16c670efe7d607a46f8232d78b0c8470d2b9395042a6cd18254f6fcc4199
2a37c46bd603e9a0f81f59395f9e50c1318510b0b23c0ccee5f223bc45426f4b
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
2c41ab562019affd9695b46d5d578f89084f57a52d49b1dc615eaee4c712334d
2ebd9aa9494786b937d613ea1275db6a3037711ffd26df6ce7bc4d310d2e5cf5
2f27f0a2ebcd6e8cb2b682750bcf5d073b033dbcecbca0b8431176609d889da2
31844a6a9bdbed5ea86ca5f91a6837fdf9fad712f9f163a98d2f053b6727efcc
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16
35698eef2eae473ffa56ca2cdc91bd7715c0e1d3ddeabebeb6a261b626a82312
36e85c0bdb3b49928c61a8f5293aa809265d6c434596cac469973f04c6ba6a47
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37b932f974f5a3531df146c536ff8fac7d8d76c2c4256f5877ce6c2a0d126186
38fae82219b536c5750f7d9df69c2fe43bcc231b0d2ae3444704e095108f0c46
3ab0a74bbd399efdf7c9c9bffb689f0a755fc7131d5af04c8393d45f5163a69b
3be77b5d96e69629ec17a791decb1408cd9638d7f07b635b67d1bd009c4d4991
3d02c41e04bcf3ea222a276e22b80a72b1c4049c73787daf04cc3c9eac4a9cdc
3d56f2bc68d9d190a05df1dc24bd2653eaff3c20660fa4e8b4fda71ebd8ada64
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
409eb4ef2adc01fba3fdd832fb60ba61aa321afc458e87cb97d62aded47f59e2
416bc73dbcb17fc757737c91e3d8211b11078dc48293ef79bc71d2eab2641620
4213007144c37c15898f6529d459f5ad73a6f9c8edb5cb2ad92a8323e722fc9e
42c9e4f9d8c14ea0ecac49e147f029a6bb58b69e544bd63667e5b0e64169f631
43e0665e9c7adf39a3e9f9f74d045ce68b0df805abf892beae3c34f84e184b38
45b3ffadbc785de6091fa798527891eb7264e4d115e3c1a37acb60e3d70d4966
4614779c5982b7cb716f9fc95aa3df60e2d14e5446ff73d29bf9c9ce20ba0e8a
48c9a4d4aa290a866126159687441006eb39adf48ae31e1910aa0f21e0b21376
490319aff00a55cfc00d9e24f71f39fc0801858055c62c07bec8fabf2f6e24ff
4a2266339c6f702080a356cb4823f95f42dfb25eb49dc3b5f6d56711761379a6
4aa2af89ff604c533bf7fa3cbf966d13fcafb1a91504aa8fb15b6c3eba16ae2c
4dac0b828b21f4627c577dfca268046e050a2bb8bfc720184e1acbebca2b7359
4dc8736a1f88ba8b83372678be7d33ec790a58f91125c1794c65219d533e891a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e76994cdf238bb46382a21798ab6ddc56d9b81036aeff185ec5abd05b022534
5088414f9c14d5edb1807485a06097481409917ea4d1415edef8bdfbfbb3053d
50d6e541020cbfdddf888aa2c42ad1c8d2296f9045709983354441032e2eb55d
512bb60b9981033c3ec382f732587c32daed1f292a67405c3d1f3ccf13312d2e
51589a34af2909c1f9656815b92dca57e27faa69c4dd3a00c613fd0df59b0754
517565667bad60c17e3ba0452d6107d29e52e762cbf079171b8e92fde7ae5ed3
546e1c2bff422ccefe6c8fb39cedd6a279dd8790a0a01343492e93ece15c695e
558e624c6b2b348a585985d9204bf4c76539d9b66a40f9fb0c6c23d341f5468b
5a7b3090bd9f8835e6add21f9c4e519a19af8fcedb40d3e9488d0e5e23a2fe36
5b497b3dea8511b361da644850f9a576c982e26ce7b18754c5c82f50f4049024
5d7db98c88c66d2c68c789724917b40abb8abd726eadc43fdc2ecb484b4c3d21
5e5f0023ff8c856e2b49c920083d43fc49ed56de5501a4bc5a2b86afbd1cde55
5f82d10b244c0811546fce6bc98e767655bceee2b7f41c6b41aef2e630a1ace8
605eefd6f113ffc50e197d237861a4fbfefc52a781370ed5ad047e2e32632091
60adb5d029ec8a5d4613d7d57ff8a799c43caae1d1d1c2e5c230d65850fd5273
6166ab45c9bd0aea7b8a250968d9274a213adeac336dc687b8d3263c9b5ab809
6258018e9f890f2383a09a2be6df7792affd977d856e7247ace8341f5b5487f0
628c4ca6a2e9b9d5537bcb63c21f00a08db72948fadf002274908eac0c839f37
639665b9e97aad7d30114d5b9b4d4b391d1ee6e870fd4515ec28e5a24c22863a
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
67acfffbed97ad10202f3984f746a848e97dea4989eb820845a98028797c052f
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
68431248a86c06eb2ba054640f82dc9ce6ce49dc51e69b93953e6e495d2eac75
6932c36e60e2d933e97f80d85fda7ad93734466fc4147936af9c7275c2ecb964
697c41fffac431521f2db48c7426ac23b972b6eb7b1242f0bb47d6079884d3a4
69d3945a8d076a254a46eacaee06ae6cf7db0306c8727fd7c451f23c3a2b26ce
6d6eddcecb4bbafa0f7ab8725eec96c2ea10d00c5633077d997b013819a7c150
6e0a3942f9b558837e55277eb4079684a5a275fd7a24a48ba5efcae25a33f48c
6ebf6e3119f960929b7dfc03c768bc514a80964aaaec1f73fee86c64eb1b6c71
70b472effea64db0364e2b35128780d85809cbc3db371da775b30ebf39f36942
70f157c3fb7e1d05c83d4f8f269d9c6b67203e37863329eefc5202b97af308cc
763f6f1b3e047442f5350193cd50b2ce3e2f70f75b1d7f3c872e594c19380ae1
78658a51bd5cce032f3b2d69d371363442efc496766b88993f578b9e514da6f8
7972bb5fed2e53f0b4f856eff2caa7f838d4ae4ae45f5c0b05acb596106e62e3
79d13a711332e8ab5638c5d8ab17b4fd28b4c27a6e110e6de0e53a765863a28b
7be5f63793eef79dfde6edc1d8e29918e831ac49766cdc8f03960efd1550fa74
7c6b011a23469d32abd42a2e44769f5ec9659aa09d6b3489ec35f2a8d6e8f452
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3
80d626edf52f23fc063b973fb3111d98580d855f37559188e2663313e9096eb6
829c250d2c4ed10fb79edd2d5f5012599c530f96b0f3a930b458e78b6723f413
82f3e86bf88366e93c62eb14a8a7aa06afb75aa135c27988f3ccb946875d2f33
83b19de212ca6202b9339b9c3ad8b16c1775d34cc7663631c12cffbdcdacb8e1
83d9adcc73cef40732463f1c6ab33ce335c7beee66ce9bb5764780589855fa4b
86c2468dff7ca5fad3ea942f4e1cfc98fb7a59bec121133725944bef4e81662e
86f243738c5f1c4f2bf207919ef1390de6c7a48cc0aa0808e25ba26e159d1cf5
8707f99ef38099b16c6a88670622fec80bc7cdc84e221589ccad804df715320b
8875e0e5a0f6bfaf4d66fde0622a609e9fe7b599adaef3ad01d6d613574c69b1
8882c05ade8d73602a50fccfc5e3d2ad0ff2427e6c7adafc2d8f13a1da7f1ec4
890aa3057adef62a4db2c9a099ce0bc755abbf39c849d71d08701466bffb17a5
8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2
8aeaf60f6f34ced8ed9c83b249bdfc8544cc8f318294074898e6ced1d04e678c
8d4162059d6cd7b0466a9ce82a9291edf80f6b6f917b3c16d609189642d0f577
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e68f00a9da4c1a595c5a1ae865ef53156d34239deabf20ec018734bcbbc637e
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f4d3b47b47a8a31163dad5d7fb15e27a0056d07b0c34c6089fd9225664e847c
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88
91b4ac439a88193b25a302f46fc9a2b0c5455ca4b1f30b7406a541fbc6201200
91ccad943b75171869dacbe5c42de58887b92a1d9fbc567651ade87e7193984d
93117c9749f75b309c1f4614c4bc15a612480d393aaf2f5d6647ba5098ea79fd
934abde684325043e16edeffd73752cd5f0ab00b5723d8e47a618ce3f16a3799
93f393a2b1de6e84b23b0eb105987bd779b48e788c48b7a91db7becf6e237218
97514ae8b9755cc2ff6a49206c643dfcbab5ccbb94a22a192bedf2b884e1e417
977b0f8ae798c42cd16e6753f86b00e39e77355b56ffffa535293e08bce4b246
98661a1702a0761f9029a99c5a4eb769ecf67b178194cf7ea53440b0a2f7d10f
9926a0d226b45faff8db829a1c445f33efa6522e213fafed1000365d5abf73df
993c8a53d1040a237c948ec523eff3228e955b1b5b8cb9d681275db84e4ff9fd
999a740fc678f340320d75cf6083acc26c1d005b81d6819cc3af4598b328d503
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1aca09ecba6cc08b977ccc20f2d105095aa5ce740479721bb2de04959607fe8
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf
a57d41331f8198228de9a87cbd9f10ec69b093cd5e1a33c7e0b99a26bf53c71b
a6c11502463f3445d37d3184cef1016bb3c77dbc12b88636788632bfe5e87b98
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a7dcd35efcb5bf6fb34c1bba60eb620b0512abf4adc40c32e1637b603c370ed1
a905062b971bfb70ba70dda1a454d9cb7f7389be7ff515f6eb9009c8e697a34b
a98187a68b2512ba8073f68fb559db3b672ad9a36459d74af942d8bb4ed3278f
a9e402d2d19f1057cdea09b2152d8cfd35664182564595e19bb83916c1f00201
abd88df9325b4176f0f9a715dc327522eec4b7f6d10b586fb95c08f3a36aa514
ac74cddb007ace18442f5111c4c23125de6031dca42bcead5ea5bfb12d2ca332
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2b59df9ea81774e47b6c3a10cda87bdd6a84236056dc674a68149f6bcb945c4
b2bdac211f43fbee9eeb4d50f8755206599f76296cd15316a97c9d2cb2050d2f
b2c1fd2de38fb5018ebbfa1f6c786934eb02163a880aa99175757dfb43a23400
bb35c990687adce309473f322847f1ed00df5d747b878d1c1fb17ed08bb4c6d2
bb6fe6ea51772638f8c2a04593fa4ee92717aa3d899c2def04b8509c50975e3a
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
bdb581fa06f3f03a95aabe175a9d30c381faaf15cc34c35a0ff4c5cc13c45f48
bea003cfb20cb7a02f3d991a04b53d78142076475ec00f981d55147421a7f753
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
bfcd7a262745ac2a8520d46dbe261c5db424c001970e9ebe83c440bfb48454f7
c17a7e8fe6d4f33b2b7fa71591f53652bdf8b4050c8690b6bd9d6cfccc1615c1
c1cb0391a7350246e78b832768ac97c5c45b7375a8d6d03f9f72c90ce3e6b45c
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c252a58367211c11d839155e50dc5e98551826c64b8d2e8d6267124c054ceae0
c43a2158bf0871af3ef7eb75193622f7a7ca5094f7442492076efc932385ae93
c692f0d15d92d902c12d745947ba1f892a76bbf3f74c6f3a9f590afd0653ee04
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c7a3356bbfa6bcd2ce4d0d21542f2cc2a7ff5a7fb2624ed8fd9982479d9db1e6
c7d55fb721c0a1bb591d30b6e06f7781fbd13ab200a8aef0fa8df62e455bc0b1
c7de9bb00906bb0a8f142d28228417b097cef7eeb84456bdd531f5e9a7ec454c
c9a35e6a04a65ef59009f7f48fda051d802dea8c7814533ba432b6477410c9b0
cc5e65f3bf4a6f565b2e549b9b401450a1e7d283ffe50dd4a906b5375808b851
cec65ee7ed23f5724798c193f8570661a789c210836ee2c8cb7dd16aacbcee18
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf919e6fbfbf62a4f8cfaab4cf5c5f80e7c10be2bc9f7e4c70142175c0b49b4f
d01bc02c49e71e9703a7dff06bceff534948649edc22a40d742c510a4dd24a6e
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8
d98cbae27516de590fffa26b6d3c6a4cda56092313c4e00848b34759ed5a9a8a
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
dcfc71befcb3837ba46791d046bcede913a5df4fe1e9ae086eff502b1b1fdf73
e0dc574fb2b266dba913861d60b0c69d1e41f0fd095a3341a45f26401cd8b6b3
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6be931bf378ce9f5189085025e8fafa2af4b97d9a5a6302f38580eb3018237b
e6f01f39a18148c0becb659547ac85f12fa2421747cc6ce0deee265a68886b25
e725928ffb665a91ca8a3631e3002edba9b0f9ec66b40a59d53db0f44827e34e
e811e414f4376d969d84db459974e258fbea5cb9aaa9fc90049c18946eb2a6e7
e8674372b3d629c4eb40e69746fad5cf5c7f60b258ba101b7bc29c1a95f8bdc7
e92552bc193c8bae835c7b6db6eea8a39593fa14fb75a227f738c415330cc84e
e9471e9177ce537f29c9c30140634c74d742c946227c4879715999bdb4062526
e99d0a2e069744b51b3e8736ffe353b0fea9beb788db283272a8fae5a5eb6f06
e9e6d43114b4187eb4c0f6550554d9b422eaad45083e345d1fa7b82dd6afcd24
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
ecee1d502f45731162f99f4d6aa07c0315a26a8382c1b1bc3c9958ab3ff04000
ed69c80626dd979265437b824a8b0890becd990c7fce41a2b00167c985603cca
ed99491fe47b5733d1ad2fbf90f5d9066d049a530d1b92ebe47be5e0c527a32e
edce17cae96873e2cf08323e45f8316b500e4596563b8c69b63e162250038e91
edde818ca482b250fccc4de7d39fdcb1ef84160168fbb746861b18510b7d06a8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5
f11884de40899d47234c1cf86074c4e1daf2adf2b83ecff07996dba83044fa47
f12fb1782d155950b8d171ad1c7284fa17537a6e59874a1588208e1dd3578e24
f1a5c62afaf2fe49a1885b10bc57bd0b1b14a59d9939bc0c4f9c8f4bad6ab6ef
f3343f4dfc9f0746319b18274db4d1fe7ac4c17102b98ad20c901e2d97491883
f4256129f0f6f5ce7591cdd0fba3d4bd50b4a22000e4241b91df545a3ca832de
f43d4d35e7ac1e815dc0c8897806e30d928ee62e1aa6ac20f49c649f8b694004
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6940807517bf847d57693f5a8b6ded4ea1af361577ea7588fc3b4a16f642718
f6a8ee66594aca8034752c88745d4ab5c134408b2e0413e05477c176b111d0d5
f7ca0c97f439b00b185eb7d8ea5a9000e8b10d70d52c861737aca278c81cbb47
f919207358c1fe8c8de70517a8b312285a2dd3b1ef7132c0002f1a73a0ebd41a
f9adb85568e820d965276429e8f778f6ba223fd160884be9ffd19929f112fee9
fac55d188233bffb66023997fcdf69c38df2f62ee4654ad62c61a85b6e81d705
fd5a9373ac8af62cd4e0cf06713c0f002c074f5c92c1f5198262e710b3cf051c
ffe389096d941ff15747566b452237dac4e95277fea7273ba67d74f93c74e93d