urlscan.io logo urlscan.io
SecurityTrails logo

mcgrp.ru Open in urlscan Pro
2606:4700:20::ac43:47c7  Public Scan

Go To Rescan Add Verdict Report
URL: https://mcgrp.ru/files/viewer/483184/8
Submission: On February 12 via manual from RU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 39 IPs in 8 countries across 29 domains to perform 188 HTTP transactions. The main IP is 2606:4700:20::ac43:47c7, located in United States and belongs to CLOUDFLARENET, US. The main domain is mcgrp.ru.
TLS certificate: Issued by GTS CA 1P5 on January 31st 2024. Valid for: 3 months.
This is the only time mcgrp.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 41 2606:4700:20:... 13335 (CLOUDFLAR...)
1 109.235.165.222 43247 (YOOMONEY-AS)
15 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a02:6b8:a::a 13238 (YANDEX)
1 23.111.96.36 39134 (UNITEDNET)
5 14 2a02:6b8::1:119 13238 (YANDEX)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a02:6b8::16b 13238 (YANDEX)
9 2a02:6b8:20::215 13238 (YANDEX)
8 2a00:1450:400... 15169 (GOOGLE)
2 95.217.244.119 24940 (HETZNER-AS)
2 2a02:6b8::194 13238 (YANDEX)
1 188.42.34.64 7979 (SERVERS-COM)
1 193.3.184.211 50214 (QWARTA)
1 2 138.201.34.239 24940 (HETZNER-AS)
1 2a00:1148:db0... 47764 (VK-AS)
1 95.163.43.46 47764 (VK-AS)
1 23.111.119.60 39134 (UNITEDNET)
1 2a02:2d8:0:10... 9002 (RETN-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2001:4860:480... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a02:2638:3::12 44788 (ASN-CRITE...)
2 2a02:2638:3::9 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:d::c 44788 (ASN-CRITE...)
24 2a02:2638:3::3 44788 (ASN-CRITE...)
3 178.250.1.6 44788 (ASN-CRITE...)
3 2600:9000:225... 16509 (AMAZON-02)
3 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
16 2a02:2638:3::10 44788 (ASN-CRITE...)
5 2a02:2638:3::1a 44788 (ASN-CRITE...)
1 2a02:6b8::2:242 13238 (YANDEX)
188 39
41    2606:4700:20::ac43:47c7 (United States)

ASN13335 (CLOUDFLARENET, US)
mcgrp.ru
1    109.235.165.222 (Russian Federation)

ASN43247 (YOOMONEY-AS, RU)
PTR: ip-109-235-165-222.yoomoney.ru
yoomoney.ru
15    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    2a00:1450:400c:c0c::54 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
accounts.google.com
1    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
2    2a02:6b8:a::a (Russian Federation)

ASN13238 (YANDEX, RU)
yandex.ru
1    23.111.96.36 (Russian Federation)

ASN39134 (UNITEDNET, RU)
content.adriver.ru
14    2a02:6b8::1:119 (Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
mc.yandex.com
mc.webvisor.org
2    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a02:6b8::16b (Russian Federation)

ASN13238 (YANDEX, RU)
matchid.adfox.yandex.ru
9    2a02:6b8:20::215 (Russian Federation)

ASN13238 (YANDEX, RU)
yastatic.net
8    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    95.217.244.119 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: mail.mcgrp.ru
ws.mcgrp.ru
2    2a02:6b8::194 (Russian Federation)

ASN13238 (YANDEX, RU)
translate.yandex.net
1    188.42.34.64 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    193.3.184.211 (Russian Federation)

ASN50214 (QWARTA, RU)
ssp-rtb.sape.ru
2    138.201.34.239 (Papenburg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.239.34.201.138.clients.your-server.de
exchange.buzzoola.com
1    2a00:1148:db00::17 (Russian Federation)

ASN47764 (VK-AS, RU)
ad.mail.ru
1    95.163.43.46 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: relap.io
relap.io
1    23.111.119.60 (Russian Federation)

ASN39134 (UNITEDNET, RU)
pbs.alfasense.com
1    2a02:2d8:0:1025::20 (United Kingdom)

ASN9002 (RETN-AS, GB)
mediatoday.ru
1    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
10    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
lh3.googleusercontent.com
3    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
2    2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl3.eu.criteo.com
1    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr3.eu.criteo.com
24    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
3    178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl3.eu.criteo.com
3    2600:9000:225b:5a00:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)
secure-gl.imrworldwide.com
3    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
16    2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
imageproxy.eu.criteo.net
5    2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
1    2a02:6b8::2:242 (Russian Federation)

ASN13238 (YANDEX, RU)
ya.ru
Apex Domain
Subdomains		 Transfer
45 criteo.net
static.criteo.net — Cisco Umbrella Rank: 667
imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9305
csm.eu.criteo.net — Cisco Umbrella Rank: 8856
280 KB
43 mcgrp.ru
mcgrp.ru
ws.mcgrp.ru
579 KB
24 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 114
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
521 KB
12 yandex.ru
yandex.ru — Cisco Umbrella Rank: 2082
mc.yandex.ru — Cisco Umbrella Rank: 4118
matchid.adfox.yandex.ru — Cisco Umbrella Rank: 32007
207 KB
9 criteo.com
ads.eu.criteo.com — Cisco Umbrella Rank: 8767
rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 14614
rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 14835
cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10356
168 KB
9 yastatic.net
yastatic.net — Cisco Umbrella Rank: 6748
271 KB
9 google.com
accounts.google.com — Cisco Umbrella Rank: 23
apis.google.com — Cisco Umbrella Rank: 115
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 649
www.google.com — Cisco Umbrella Rank: 2
223 KB
8 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
50 KB
4 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 8796
3 KB
3 gstatic.com
fonts.gstatic.com
220 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 223
14 KB
3 imrworldwide.com
secure-gl.imrworldwide.com — Cisco Umbrella Rank: 2038
2 KB
2 webvisor.org
mc.webvisor.org — Cisco Umbrella Rank: 27827
886 B
2 buzzoola.com
exchange.buzzoola.com — Cisco Umbrella Rank: 20893
987 B
2 yandex.net
translate.yandex.net — Cisco Umbrella Rank: 28062
57 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
162 KB
1 ya.ru
ya.ru — Cisco Umbrella Rank: 21941
1 KB
1 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 46
4 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
6 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2173
249 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 314
88 KB
1 mediatoday.ru
mediatoday.ru — Cisco Umbrella Rank: 81956
444 B
1 alfasense.com
pbs.alfasense.com — Cisco Umbrella Rank: 96554
870 B
1 relap.io
relap.io — Cisco Umbrella Rank: 52574
982 B
1 mail.ru
ad.mail.ru — Cisco Umbrella Rank: 11918
331 B
1 sape.ru
ssp-rtb.sape.ru — Cisco Umbrella Rank: 27367
573 B
1 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1918
890 B
1 adriver.ru
content.adriver.ru — Cisco Umbrella Rank: 34191
pb.adriver.ru Failed
ev.adriver.ru Failed
15 KB
1 yoomoney.ru
yoomoney.ru — Cisco Umbrella Rank: 212110
8 KB
188 29
Domain Requested by
41 mcgrp.ru 2 redirects mcgrp.ru
24 static.criteo.net ads.eu.criteo.com
16 imageproxy.eu.criteo.net ads.eu.criteo.com
15 pagead2.googlesyndication.com mcgrp.ru
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
9 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
9 yastatic.net yandex.ru
translate.yandex.net
8 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
8 mc.yandex.ru 3 redirects yoomoney.ru
cdn.jsdelivr.net
5 csm.eu.criteo.net ads.eu.criteo.com
4 mc.yandex.com 1 redirects yoomoney.ru
mc.yandex.ru
4 accounts.google.com mcgrp.ru
accounts.google.com
3 fonts.gstatic.com
3 cdnjs.cloudflare.com ads.eu.criteo.com
3 secure-gl.imrworldwide.com ads.eu.criteo.com
3 cat.nl3.eu.criteo.com ads.eu.criteo.com
3 ads.eu.criteo.com googleads.g.doubleclick.net
3 fundingchoicesmessages.google.com pagead2.googlesyndication.com
2 rtb.nl3.eu.criteo.com googleads.g.doubleclick.net
2 mc.webvisor.org 1 redirects
2 exchange.buzzoola.com 1 redirects
2 translate.yandex.net mcgrp.ru
translate.yandex.net
2 ws.mcgrp.ru mcgrp.ru
2 matchid.adfox.yandex.ru yandex.ru
2 www.googletagmanager.com mcgrp.ru
www.googletagmanager.com
2 yandex.ru mcgrp.ru
1 ya.ru yastatic.net
1 rtb.fr3.eu.criteo.com googleads.g.doubleclick.net
1 lh3.googleusercontent.com
1 fonts.googleapis.com
1 www.google.com tpc.googlesyndication.com
1 region1.google-analytics.com www.googletagmanager.com
1 cdn.jsdelivr.net mcgrp.ru
1 mediatoday.ru yandex.ru
1 pbs.alfasense.com yandex.ru
1 relap.io yandex.ru
1 ad.mail.ru yandex.ru
1 ssp-rtb.sape.ru yandex.ru
1 ads.betweendigital.com yandex.ru
1 content.adriver.ru mcgrp.ru
1 apis.google.com mcgrp.ru
1 yoomoney.ru mcgrp.ru
0 ev.adriver.ru Failed content.adriver.ru
0 pb.adriver.ru Failed yandex.ru
188 43

This site contains links to these domains. Also see Links.

Domain
translate.yandex.ru
vk.com
Subject Issuer Validity Valid
mcgrp.ru
GTS CA 1P5		 2024-01-31 -
2024-04-30		 3 months crt.sh
*.yoomoney.ru
GlobalSign GCC R3 DV TLS CA 2020		 2023-09-07 -
2024-10-08		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.xn--d1acpjx3f.xn--p1ai
GlobalSign ECC OV SSL CA 2018		 2023-10-26 -
2024-04-24		 6 months crt.sh
*.adriver.ru
GlobalSign GCC R3 DV TLS CA 2020		 2023-03-07 -
2024-04-07		 a year crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-12-26 -
2024-06-05		 5 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
matchid.adfox.yandex.ru
GlobalSign RSA OV SSL CA 2018		 2023-11-11 -
2024-05-05		 6 months crt.sh
*.yastatic-net.ru
GlobalSign ECC OV SSL CA 2018		 2023-12-13 -
2024-06-11		 6 months crt.sh
translate.yandex.net
GlobalSign RSA OV SSL CA 2018		 2023-11-29 -
2024-05-04		 5 months crt.sh
*.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2024-02-07 -
2025-02-12		 a year crt.sh
*.sape.ru
R3		 2024-02-10 -
2024-05-10		 3 months crt.sh
*.mail.ru
GlobalSign ECC OV SSL CA 2018		 2023-10-06 -
2024-11-06		 a year crt.sh
*.relap.io
GlobalSign RSA OV SSL CA 2018		 2023-09-04 -
2024-10-05		 a year crt.sh
*.alfasense.com
AlphaSSL CA - SHA256 - G4		 2023-12-27 -
2025-01-27		 a year crt.sh
mediatoday.ru
R3		 2023-11-24 -
2024-02-22		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-08 -
2024-05-06		 3 months crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-06 -
2024-05-03		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.fr3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-10 -
2024-05-05		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-15 -
2024-03-10		 3 months crt.sh
*.imrworldwide.com
GlobalSign RSA OV SSL CA 2018		 2024-01-02 -
2025-02-02		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-27 -
2024-03-21		 3 months crt.sh

This page contains 15 frames:

Primary Page: https://mcgrp.ru/files/viewer/483184/8
Frame ID: A4625B931556B2A00C8BF5E4515B68D4
Requests: 92 HTTP requests in this frame

Frame: https://yoomoney.ru/quickpay/fundraise/button?billNumber=rtyVfgHoIkw.230121&
Frame ID: B3DD5BB387A9532969BC09F507DDEAF9
Requests: 4 HTTP requests in this frame

Frame: https://mcgrp.ru/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js
Frame ID: 2D232DAD37E9C318F7AB3ECC9DED3704
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20190131/zrt_lookup_fy2021.html
Frame ID: 231E27C4BA7B1306E2F9C594F9652B74
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0284526850426670&output=html&adk=1812271804&adf=3025194257&lmt=1707743813&plat=2%3A16777216%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x810_l&format=0x0&url=https%3A%2F%2Fmcgrp.ru%2Ffiles%2Fviewer%2F483184%2F8&pra=5&wgl=1&easpi=1&asro=0&aslmt=0.4&asamt=-1&aseiel=1~2~4~6~11&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707743813294&bpp=3&bdt=672&idt=207&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3827437176928&frm=20&pv=2&ga_vid=1930442151.1707743814&ga_sid=1707743814&ga_hid=931466232&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31080780%2C31080795%2C31080820%2C42532523%2C44795922%2C95324581%2C31080932%2C95322183%2C95320869%2C95321867%2C95324155%2C95324160%2C95324260&oid=2&pvsid=4394020649198614&tmod=591409428&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=223
Frame ID: D6B5510B03250B33EC206386BF77BBCB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0284526850426670&output=html&h=120&slotname=7075887982&adk=1445471990&adf=1833537791&pi=t.ma~as.7075887982&w=1042&lmt=1707743813&rafmt=12&format=1042x120&url=https%3A%2F%2Fmcgrp.ru%2Ffiles%2Fviewer%2F483184%2F8&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707743813298&bpp=6&bdt=677&idt=225&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3827437176928&frm=20&pv=1&ga_vid=1930442151.1707743814&ga_sid=1707743814&ga_hid=931466232&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=164&ady=299&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31080780%2C31080795%2C31080820%2C42532523%2C44795922%2C95324581%2C31080932%2C95322183%2C95320869%2C95321867%2C95324155%2C95324160%2C95324260&oid=2&pvsid=4394020649198614&tmod=591409428&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=228
Frame ID: 6A8E60346675B6DD36B2007A9D7F92D5
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0284526850426670&output=html&h=600&slotname=4270730789&adk=3152841301&adf=796716709&pi=t.ma~as.4270730789&w=210&fwrn=4&fwrnh=100&lmt=1707743813&rafmt=1&format=210x600&url=https%3A%2F%2Fmcgrp.ru%2Ffiles%2Fviewer%2F483184%2F8&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707743813304&bpp=1&bdt=683&idt=233&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1042x120&nras=1&correlator=3827437176928&frm=20&pv=1&ga_vid=1930442151.1707743814&ga_sid=1707743814&ga_hid=931466232&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1226&ady=343&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31080780%2C31080795%2C31080820%2C42532523%2C44795922%2C95324581%2C31080932%2C95322183%2C95320869%2C95321867%2C95324155%2C95324160%2C95324260&oid=2&pvsid=4394020649198614&tmod=591409428&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=234
Frame ID: 5064F1A833663A0DDFE5CC3359510014
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0284526850426670&output=html&h=280&slotname=4270730789&adk=3973889957&adf=2492449528&pi=t.ma~as.4270730789&w=1200&fwrn=4&fwrnh=100&lmt=1707743813&rafmt=1&format=1200x280&url=https%3A%2F%2Fmcgrp.ru%2Ffiles%2Fviewer%2F483184%2F8&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707743813305&bpp=1&bdt=684&idt=268&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1042x120%2C210x600&nras=1&correlator=3827437176928&frm=20&pv=1&ga_vid=1930442151.1707743814&ga_sid=1707743814&ga_hid=931466232&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2354&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31080780%2C31080795%2C31080820%2C42532523%2C44795922%2C95324581%2C31080932%2C95322183%2C95320869%2C95321867%2C95324155%2C95324160%2C95324260&oid=2&pvsid=4394020649198614&tmod=591409428&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=269
Frame ID: 9386C637383AC975BAD4DBED6BBBE71B
Requests: 7 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: 9EE53C832279394A553BD81ACC05BE80
Requests: 1 HTTP requests in this frame

Frame: https://mc.yandex.ru/metrika/metrika_match.html
Frame ID: D6CF330D50BBC4D17CBFD346BD90C3FE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4AFE86A9527D59020A24E0EFB545D16E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C5C8DEB0F9B16DD516D39697D357B333
Requests: 2 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZcoaRQAJW70GdhTpAAlrJ7qKheT065jiKR-rJA&u=%7CxgT5wVfWBNkdybP8YlnbF0vIHz57nZkXdYKInsBR6Kc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUp_kgY2lobi95-175ZKt_5UzcMHe7YrAwQYHt4rpqiT2V12qKPLdjZkINkGqQ_0-tepSBSQ3gD4cacA7Rkr72xAgYIpzB7A5NFqCVscptVbiMwwJv3rTZmcYcjoaToq0ZFVqVCkCltUAIVViBW71ef-hhNYDlgOwTfNRAwAesZASz8lWLzjAjnI7_vVoztpaZBPvhS1WlIWBd_OcIDTpgEb5e6kKSCfkIatucpeqfeKFBpMsNVg4x1lBrwJTGR1jzJWwHLLR6CFq22MzxLDZ1mL1Gv6NzkYGp8DmsaKUioJTeSGEot-pjiaR2CLq-9f_TfN-ItNViLqhkOrm-1XaX63GzDGU0ZGHggCGFU4LiFhVpULHpX5z-INLmq_edNqVYSTkij84kJowhn7os3LEqfTmRItse_ua_LD2Q-MBly8n7taty5qBXTDCKwCM_Llmieo8GKO_g8vCGJsM-X27t2An9IPawTcoqqK6n417bQ-5pPwDsorQoiMPajc1spi95xrxvuizavwHdWOmY0RZ2x4Jc2nBUCSi07FltYcboDoHfoTIcuZiGaKF1SU1AZJiCvMWfjfGWrmei2SJ_CrV8E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGKzIRRrKZb23Jemp2OMPp9alsArJntKxXLWY49aTAcCNtwEQASAAYJWSoIKwB4IBF2NhLXB1Yi0wMjg0NTI2ODUwNDI2NjcwyAEJqQJ_H9928xKyPqgDAcgDAqoE-QFP0CFSfV7V_WBTA8OrW1bkf9vp9KiLUjqiae7_dBXM48pJsK218FXNe2OZoD7MYKY8cXpEaZZo-d2JH6vDzKa-kw2X9yS1xXN6urLTzyazx9qxLQem5cGgVJfEDPbkHiBpq8XFfbZ84bsw1PVYzFYOuiUMLFQz2PWx_J-dxmDdpGedbF7qMIEOATpcDcwq0SMYewT1tHLIr7D2WdLY9cEr6f67LzN-QEG69Ik8AYqAUSurE5YRynzh4-17Es2QtAjlXfBT6E1IKZASB9yMwsMyO51a4eqFkUae2cb5QauIJgG_vCeEN8GFW3Ug4uHMGKykhYvMmPI5dveABq_NrZXm2d_l-wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggkCIDhgHAQATIC6wI6CYBAgICEgICECEi9_cE6WOm7_rrxpYQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2iKLWbiuJbFJp5rBen_3Y1yev4Mg%26client%3Dca-pub-0284526850426670%26adurl%3D
Frame ID: EC52673AAD7EDB99C99A8F73F04BC853
Requests: 24 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZcoaRQAKJdoGdgfDAAwZYQq99PYcYx_Nq-S7SQ&u=%7CxgT5wVfWBNmm4D21NoaaY4kd6AgKGQzZpjIVpRsyLWs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSWY8jeVe2k8ObqzjhRY3iWdYxeb0TFq0BsrbBRdJGBvh0dfvto9R4hI0kooYm79qmw7qmgBgT6y2MPJbZ0dSBUMWcYP5NKMiYT7A047vX_nXmm1Pu0GcvFfboO45ARdk0ZjCme0YFlLbYWTIhoKWV4T0vvgnbdshFf1CXEr_s_ChdeY1hYv7zvWj5C0Kz5CGAliiRXds3w9COqT_bwz7u-HwdXVe_kci55rf-SSbyzMqyNmOcC-Yvtng2wIHariAs6KeDFB1xbUT09bjRWK9co9mRzCvR-bs_6pMTkdSCoNqSUiss2SJHVqskYZdxunziRrW6sC85qFUjCr52uEVqyFclkWWHeB7iiOMG6gFzjqx5Ulqaa20xsvgEUULNnejVHPgt4vzD0EsQ6nI8cg18U4g7gGhnbsd9EMrnB3mGdpHDYbJBffLUuNPVgveRCtyHIUJAyILViY8uata4pz7Vx6V0Qp59i2fiktvp27M7D4SgVKo-NpgpyH0YjZjWo_0qDPSIaFpTJHqDySSnp4tweajee4z4AFjbH0wPyaS2dRHrCKKa9EiTctSk5C6iAxgpJjV1zlxMFOrx1Cjo9VzOpb7PGsERFaJQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChqEMRRrKZdrLKMOP2OMP4bKwiATJntKxXMWymPdwwI23ARABIABglZKggrAHggEXY2EtcHViLTAyODQ1MjY4NTA0MjY2NzDIAQmpAnNiPom0EbI-qAMByAMCqgT_AU_QdsrQBEIiQnV4Mt7z7yVb6F9Wp2JJcZIxJvF5Y8N84GnblnJAfCaI5Pet--kpTqXbPnwqZIL-EUwjXTIue8wHBAhsCcPrKu3VkVJbFB7h5wVCywjmov6KVa1gFgr6plR_w5CjQxnc-0OQN9EvTLdvfguRdfUlHzFKoLp3_vA5fUSVem_rR9tN9-cs7SJWQJfx03qRJzKogTt8kf92qNXLBnBn0hULwtUtKYHoNyIEnwLEqBx2p4P76NX265RLxpl1IAswsrq-Z_dsu9LFf7PFTxTde-GG9fKtaIX4JirVnHC7yQ72nf5xNhK5KbtQ6pSmzVtzekiXuy5MY8DZR4AGr82tlebZ3-X7AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCQIgOGAcBABMgLrAjoJgECAgISAgIQISL39wTpY9LKBu_GlhAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0zzDGEml-LK-lQsUqJpUx_FXFFOg%26client%3Dca-pub-0284526850426670%26adurl%3D
Frame ID: CA5E4A2E4960B36CE41037E0D8051A51
Requests: 19 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZcoaRQAJwsIGdgw2AAmiy8KyxItATs6HBoIhHg&u=%7CxgT5wVfWBNlG7SQlZEUDdQOgzmIJj5WP5c3yF9fzxYw%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_TwyvpqAGq0ZdC3ai4cspT3vKmwbXBSN1779wSnj7X3AfLotdCvUamZj5R2Bu5aebxUGTbXxcyiDq4o8ZoS5DeRFOOjKl1D-opNouj72riIusisMlksNW4jxBmyQ-3MhpdYiSAhS40a6sIK41no9ahUOBZ6VT-FzVwwNjWeZ8RpNDVpCLi3HZOS703sdQFst8T05nrU7eXrjMYljdGoqMyYzmasiaFQKkVESSD3jOb0PReb9JM4I3GPrGNNcLiSlgfVtUXx9oDDGmVOPVgO4jSL-3NEnOdhiAELOqYaGnAT-l9FT7qbR_kG90OuXYSWnWZO8IVQAj7S4vfEICODdLwHPUeEF-pm5unYWUYX6rinrO6okWogJ5ZY-sCBVvSQpBD3ZP9uGPxVzDwEGPgy6tq4iNMrULZ0agZx6k-l2UTL4VszoVq2hGa9A49Hs9D-ktPv0iJJvcD_M6yxmOja2HSv5LjY_50crv1O8LCUJINmlKxkgKzcRxCR8WrETosDuThDycnho8RAKjY5ecD0IZ4sdRj7blODC8BZgXD0iRKdFTHGVmHYz32KCtxPodIfbqGap6M0BwKEC_ZN_8UvbAJYY9J_YDgEfyEg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNh6hRRrKZcKFJ7aY2OMPy8Wm4APJntKxXPWR3r6xAcCNtwEQASAAYJWSoIKwB4IBF2NhLXB1Yi0wMjg0NTI2ODUwNDI2NjcwyAEJqQJ_H9928xKyPqgDAcgDAqoE-AFP0O2R8Pps-IXBiWsjLewWtV2sHME4Swa3I1FCnu3lYT_evyR4wKSP3CK_sjwJ0nvacURmwl18CE3DL2eifKTc4WqoK9VvVpSVpMqsC0JWFc9PK2SENSt22G7bbJaihIP3FO3uykyeA7RsLkNHFNPWrfpu0eAlWxrQIzlH-ceKwAO5B0MCdsFyqwNDT3yQGVuXXoDpgzRZVuLBUHNreFpCEX4f8obQzu7dQYC-2rbRwJy82D7HN_cHEfda18bt-135VZ3KNm7ELZuBnuRjCVN-t2I0LDAH4KG7XK0MsNfQrWR2KH1_YXPSU7iRzXGo7NK-eAKiDrZvOYAGr82tlebZ3-X7AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCQIgOGAcBABMgLrAjoJgECAgISAgIQISL39wTpY58n_uvGlhAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3MeMEiJL6tv3eqtk9yeAS28v1vmw%26client%3Dca-pub-0284526850426670%26adurl%3D
Frame ID: 7D5409C9D8805CBA0560FCFD420450D1
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Овен БУСТ2 Инструкция по эксплуатации онлайн [8/43] 402020

Detected technologies

Overall confidence: 100%
Detected patterns
  • <meta[^>]*google-signin-client_id
  • apis\.google\.com/js/platform\.js
  • accounts\.google\.com/gsi/client
Overall confidence: 100%
Detected patterns
  • socket\.io.*\.js
Overall confidence: 100%
Detected patterns
  • (?:adriver\.core\.\d\.js|https?://(?:content|ad|masterh\d)\.adriver\.ru/)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

188
Requests

95 %
HTTPS

76 %
IPv6

29
Domains

43
Subdomains

39
IPs

8
Countries

2882 kB
Transfer

7570 kB
Size

53
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://mcgrp.ru/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://mcgrp.ru/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js
Request Chain 24
  • https://mc.yandex.com/watch/11859880?wmode=7&page-url=https%3A%2F%2Fyoomoney.ru%2Fquickpay%2Ffundraise%2Fbutton%3FbillNumber%3DrtyVfgHoIkw.230121%26&page-ref=https%3A%2F%2Fmcgrp.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Ad7x9vdjtlsnebtmoc6xy5om3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1240%3Acn%3A1%3Adp%3A0%3Als%3A1422500644833%3Ahid%3A717381815%3Az%3A60%3Ai%3A20240212141653%3Aet%3A1707743813%3Ac%3A1%3Arn%3A985762560%3Arqn%3A1%3Au%3A1707743813475525359%3Aw%3A0x0%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C89%2C133%2C1%2C0%2C0%2C%2C7%2C0%2C%2C%2C%2C242%3Aco%3A0%3Acpf%3A1%3Ans%3A1707743812661%3Arqnl%3A1%3Ast%3A1707743813%3At%3A&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)ti(1) HTTP 302
  • https://mc.yandex.com/watch/11859880/1?wmode=7&page-url=https%3A%2F%2Fyoomoney.ru%2Fquickpay%2Ffundraise%2Fbutton%3FbillNumber%3DrtyVfgHoIkw.230121%26&page-ref=https%3A%2F%2Fmcgrp.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Ad7x9vdjtlsnebtmoc6xy5om3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1240%3Acn%3A1%3Adp%3A0%3Als%3A1422500644833%3Ahid%3A717381815%3Az%3A60%3Ai%3A20240212141653%3Aet%3A1707743813%3Ac%3A1%3Arn%3A985762560%3Arqn%3A1%3Au%3A1707743813475525359%3Aw%3A0x0%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C89%2C133%2C1%2C0%2C0%2C%2C7%2C0%2C%2C%2C%2C242%3Aco%3A0%3Acpf%3A1%3Ans%3A1707743812661%3Arqnl%3A1%3Ast%3A1707743813%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29ti%281%29&redirnss=1
Request Chain 39
  • https://mcgrp.ru/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://mcgrp.ru/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js
Request Chain 52
  • https://exchange.buzzoola.com/ssp/adfox HTTP 307
  • https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t
Request Chain 83
  • https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fmcgrp.ru%2Ffiles%2Fviewer%2F483184%2F8&page-ref=&charset=utf-8&browser-info=pv%3A1%3Avf%3Ad7x9vdjtr9ih7uuiwg0sljhb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1240%3Acn%3A2%3Adp%3A0%3Als%3A1490418252867%3Ahid%3A635767003%3Az%3A60%3Ai%3A20240212141653%3Aet%3A1707743814%3Ac%3A1%3Arn%3A125976820%3Arqn%3A1%3Au%3A1707743814815669785%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C2578%2C201%2C9%2C%2C0%2C%2C125%2C7%2C3755%2C3755%2C1%2C3184%3Aco%3A0%3Acpf%3A1%3Ans%3A1707743809514%3Afp%3A3193%3Ast%3A1707743814&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)ti(1) HTTP 302
  • https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fmcgrp.ru%2Ffiles%2Fviewer%2F483184%2F8&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3Ad7x9vdjtr9ih7uuiwg0sljhb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1240%3Acn%3A2%3Adp%3A0%3Als%3A1490418252867%3Ahid%3A635767003%3Az%3A60%3Ai%3A20240212141653%3Aet%3A1707743814%3Ac%3A1%3Arn%3A125976820%3Arqn%3A1%3Au%3A1707743814815669785%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C2578%2C201%2C9%2C%2C0%2C%2C125%2C7%2C3755%2C3755%2C1%2C3184%3Aco%3A0%3Acpf%3A1%3Ans%3A1707743809514%3Afp%3A3193%3Ast%3A1707743814&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29ti%281%29
Request Chain 87
  • https://mc.yandex.ru/watch/19757632?wmode=7&page-url=https%3A%2F%2Fmcgrp.ru%2Ffiles%2Fviewer%2F483184%2F8&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Ad7x9vdjtr9ih7uuiwg0sljhb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1240%3Acn%3A1%3Adp%3A0%3Als%3A1622895434449%3Ahid%3A635767003%3Az%3A60%3Ai%3A20240212141653%3Aet%3A1707743814%3Ac%3A1%3Arn%3A11832499%3Arqn%3A1%3Au%3A1707743814815669785%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C2578%2C201%2C9%2C%2C0%2C%2C125%2C7%2C3755%2C3755%2C1%2C3184%3Aco%3A0%3Acpf%3A1%3Ans%3A1707743809514%3Afp%3A3193%3Arqnl%3A1%3Ast%3A1707743814%3At%3A%D0%9E%D0%B2%D0%B5%D0%BD%20%D0%91%D0%A3%D0%A1%D0%A22%20%D0%98%D0%BD%D1%81%D1%82%D1%80%D1%83%D0%BA%D1%86%D0%B8%D1%8F%20%D0%BF%D0%BE%20%D1%8D%D0%BA%D1%81%D0%BF%D0%BB%D1%83%D0%B0%D1%82%D0%B0%D1%86%D0%B8%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%5B8%2F43%5D%20402020&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)ti(1) HTTP 302
  • https://mc.yandex.ru/watch/19757632/1?wmode=7&page-url=https%3A%2F%2Fmcgrp.ru%2Ffiles%2Fviewer%2F483184%2F8&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Ad7x9vdjtr9ih7uuiwg0sljhb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1240%3Acn%3A1%3Adp%3A0%3Als%3A1622895434449%3Ahid%3A635767003%3Az%3A60%3Ai%3A20240212141653%3Aet%3A1707743814%3Ac%3A1%3Arn%3A11832499%3Arqn%3A1%3Au%3A1707743814815669785%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C2578%2C201%2C9%2C%2C0%2C%2C125%2C7%2C3755%2C3755%2C1%2C3184%3Aco%3A0%3Acpf%3A1%3Ans%3A1707743809514%3Afp%3A3193%3Arqnl%3A1%3Ast%3A1707743814%3At%3A%D0%9E%D0%B2%D0%B5%D0%BD%20%D0%91%D0%A3%D0%A1%D0%A22%20%D0%98%D0%BD%D1%81%D1%82%D1%80%D1%83%D0%BA%D1%86%D0%B8%D1%8F%20%D0%BF%D0%BE%20%D1%8D%D0%BA%D1%81%D0%BF%D0%BB%D1%83%D0%B0%D1%82%D0%B0%D1%86%D0%B8%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%5B8%2F43%5D%20402020&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29ti%281%29
Request Chain 95
  • https://mc.webvisor.org/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=10277.U2zlbwvxM82AE6cU38dkQ8UHxXhEn53GZB2OeuTyA-pZP6Dm-u8IXF-bm5nuu1BH.owR4u3qUoY1ZX63Sw3EwwtKiPew%2C HTTP 302
  • https://mc.webvisor.org/sync_cookie_image_decide?token=10277.DcPhLHNcOZqdV73qsuvUfohpJCZiRUapBnmGgmcFLl6QbkWvOsMHiSm5OAnnJgrQKhhJFUdz08F6RH-eUQxEE5Jum9TyEyx0hRJvbwV1IKSqJ3nFQEQLMyNTLnY2fIpgg6X1og9bJuONWJ777E1O7rxeUKkXopLtdlOM8444DJN36I-eCWnsP1an6Bb6eJjXUxtzDzgLuCOFjMUZ2I8Ubev7aj2Kwiy7MwO06aw3X2g%2C.B7u_SJe_pRHVWPEQct3gx8RMHuc%2C

188 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 8
mcgrp.ru/files/viewer/483184/ 		118 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mcgrp.ru/files/viewer/483184/8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c3bf9c44025b720ba797024dc09741954a4b2ee69121fb8e884cc2b12f895ef

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
85451bcb4dd33731-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 12 Feb 2024 13:16:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HJpt10I5euIsCMhsbITkdj5gBAGvNirPywCN3%2BTm5FvEpwRK3Io6Ckmu5AH%2FIMoPdpG71OwzkYuuUGgdRTX8NZKbm5NA4kVHxgN8t%2BxwoPaVpYBCh5ctEittc8uqHS5u2zDI0XTb"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-proxy-cache
MISS
app.css
mcgrp.ru/css/ 		76 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mcgrp.ru/css/app.css?id=5c63914be44d5cd9228e48d8874ea549
Requested by
Host: mcgrp.ru
URL: https://mcgrp.ru/files/viewer/483184/8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa7c882ddf3c6e95cfcdf60802160f9f6934e5d9e2a73fc7ee4701fd1393b4f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcgrp.ru/files/viewer/483184/8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
622828
cf-bgj
minify
last-modified
Wed, 01 Nov 2023 05:11:01 GMT
server
cloudflare
etag
W/"6541dde5-12eef"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bN3PRkU50tXAQHx1U2h2wRf94i76ucahKPj2%2BCKu9QHDq317VDyOIR%2B5Y%2FGUszNZRfAAcKwAu5%2Bo3UA%2FDg5zTLqvIALb%2BFmn%2F8V9qeSKK%2BgzPh3cDYYupKGysexiXiao1RFGJStv"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=315360000
cf-ray
85451bccefc93731-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
viewer.css
mcgrp.ru/css/ 		2 KB
950 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mcgrp.ru/css/viewer.css?id=18980404118149ef78c558ee6f1398a9
Requested by
Host: mcgrp.ru
URL: https://mcgrp.ru/files/viewer/483184/8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b41ec88763865a0363a4b8610b98ea6e1ecbcfff2013e3f6606ae13edbf2946

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcgrp.ru/files/viewer/483184/8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
622828
cf-polished
origSize=1872
cf-bgj
minify
last-modified
Thu, 26 Jan 2023 15:28:34 GMT
server
cloudflare
etag
W/"63d29c22-750"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XXE8PWMeFeBm1AFRAbsMj0T1Kg7pXA7T5JUxoT%2BBpx37%2Bf9G6HF8CTIvSS5yqfmyWXJVe0isABaeQM%2B%2FxrCSVU1xKaNHLE5Z0xOdNX6hNwCkaPYVvs%2BrPDWs7lT0gas3xBeThwF8"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=315360000
cf-ray
85451bccefcd3731-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
rocket-loader.min.js
mcgrp.ru/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mcgrp.ru/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: mcgrp.ru
URL: https://mcgrp.ru/files/viewer/483184/8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcgrp.ru/files/viewer/483184/8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 07 Feb 2024 16:52:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65c3b54b-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aJdnIwa4hpANm8%2Bwx400L9lKveK5FztLXDawfvL6TkYHs%2FLg%2BZfflXn6JCS3HK4Ow2OctAJHIjKx%2FYDqCXOOpZL5oA5vP7lJ3g5IB20IorIoHbA2gZD4AgSKqCrkm3ONfs%2FmKgEY"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
85451bccefd03731-FRA
expires
Wed, 14 Feb 2024 13:16:52 GMT
button
yoomoney.ru/quickpay/fundraise/ Frame B3DD 		42 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://yoomoney.ru/quickpay/fundraise/button?billNumber=rtyVfgHoIkw.230121&
Requested by
Host: mcgrp.ru
URL: https://mcgrp.ru/files/viewer/483184/8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.235.165.222 , Russian Federation, ASN43247 (YOOMONEY-AS, RU),
Reverse DNS
ip-109-235-165-222.yoomoney.ru
Software
nginx /
Resource Hash
160ee3f3009daf2d30f1e101ae9522355a25c6a5f7e63e5875f96e2f2e80f004
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mcgrp.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
content-encoding
gzip
content-security-policy-report-only
script-src 'unsafe-eval' 'unsafe-inline' https: 'nonce-4w4hOfwFx5W19H/gEvKkSA==' 'strict-dynamic' 'report-sample';object-src 'none';base-uri 'none';report-uri /transfer/platform/report-csp;
content-type
text/html; charset=utf-8
date
Mon, 12 Feb 2024 13:16:52 GMT
etag
W/"a795-/txRUqKvT0qBpfd82xG9ujqIbbM"
expect-ct
max-age=0
referrer-policy
same-origin
server
nginx
strict-transport-security
max-age=15552000; includeSubDomains max-age=15768000
vary
Accept-Encoding Origin
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-robots-tag
noindex
x-xss-protection
0
Manrope-Medium.woff2
mcgrp.ru/fonts/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mcgrp.ru/fonts/Manrope-Medium.woff2
Requested by
Host: mcgrp.ru
URL: https://mcgrp.ru/css/app.css?id=5c63914be44d5cd9228e48d8874ea549
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c7bdddff28df3aff62d8de722d3ad82c61853c52c68a174c2246275c4f88d44

Request headers

Referer
https://mcgrp.ru/css/app.css?id=5c63914be44d5cd9228e48d8874ea549
Origin
https://mcgrp.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
622827
content-length
30416
last-modified
Sun, 22 Jan 2023 13:59:52 GMT
server
cloudflare
etag
"63cd4158-76d0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JQtzD8JMh3Y9cb7zbacjQbCqG1WPjZDHO9F78P5c4z6kwbtY6paD4hDgym6hFrGBa6T8gcyLYJCwf7C%2By6dAL5nJqd20dhNCtDq8sD6F%2FeZ%2FYeP0OOTlKdkhH%2FNvW8GlkWCsXRqk"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
85451bcd482b3731-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
Manrope-Regular.woff2
mcgrp.ru/fonts/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mcgrp.ru/fonts/Manrope-Regular.woff2
Requested by
Host: mcgrp.ru
URL: https://mcgrp.ru/css/app.css?id=5c63914be44d5cd9228e48d8874ea549
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ec35503ffa56830497229a0a0c1b04b8bf6dc155a17f26c34f92e18b05cb76b

Request headers

Referer
https://mcgrp.ru/css/app.css?id=5c63914be44d5cd9228e48d8874ea549
Origin
https://mcgrp.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
622827
content-length
30812
last-modified
Sun, 22 Jan 2023 13:59:52 GMT
server
cloudflare
etag
"63cd4158-785c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PcjBs0YFc1aA0%2BQoX4%2BbI8maGlSaFKfeAm%2BJ3nX6Teky6RA20WDTKcCYMxJM1jRPZDTycFF42%2F2VhrgqkGQcPI5HfZxNfSbA%2F6eY0b7UlSGwyKe%2FVbJOtZAa2Kc2csINJMrPW041"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
85451bcd482d3731-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
Manrope-SemiBold.woff2
mcgrp.ru/fonts/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mcgrp.ru/fonts/Manrope-SemiBold.woff2
Requested by
Host: mcgrp.ru
URL: https://mcgrp.ru/css/app.css?id=5c63914be44d5cd9228e48d8874ea549
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50fceda37b763feeea6a5fa6eec161825a5ddae333d4760d973bf824d159e713

Request headers

Referer
https://mcgrp.ru/css/app.css?id=5c63914be44d5cd9228e48d8874ea549
Origin
https://mcgrp.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
622827
content-length
30952
last-modified
Sun, 22 Jan 2023 13:59:52 GMT
server
cloudflare
etag
"63cd4158-78e8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o6k1RNZB9dYfRH0ekacP0D%2FkPpqM0IP%2Fo%2FzLh8t3hU4d2gPAF5QW%2BpPqUeRsl1QijkjaKuzVRNFIqNvx3wI6bbBAwElWiKv6K1Jwm5mc%2BQ8rRt2P54xYxvZOQAlD9Yvxzm6hICUX"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
85451bcd482f3731-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
f2.woff
mcgrp.ru/views2/1483184/page8/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mcgrp.ru/views2/1483184/page8/f2.woff
Requested by
Host: mcgrp.ru
URL: https://mcgrp.ru/files/viewer/483184/8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b9db72d92dd5dad0d12825f37bfeef16d23cc747a0ba5717494b2bdf10d9c54

Request headers

Referer
https://mcgrp.ru/files/viewer/483184/8
Origin
https://mcgrp.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:52 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 10 Jul 2019 15:01:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5d25fdd3-67c8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Utt2uV8vlXFI8SN%2Fx7%2FKCkehKNURrZC9PafwmB5SOMvPYAifiaIFf5z2Cq2BjaILY7%2Fn3uWmNK60ZQKX7PjUpt6dJdVK%2BFw7o5upoGBdc3pKJmb84KJb23p93ibYJ%2FZwBmXtgUry"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=315360000
cf-ray
85451bcd48303731-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
f3.woff
mcgrp.ru/views2/1483184/page8/ 		27 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mcgrp.ru/views2/1483184/page8/f3.woff
Requested by
Host: mcgrp.ru
URL: https://mcgrp.ru/files/viewer/483184/8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb7d53d872de0e886f04ce437cdebac6a0642297d863b8e1e296fc379a362d53

Request headers

Referer
https://mcgrp.ru/files/viewer/483184/8
Origin
https://mcgrp.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:52 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 10 Jul 2019 15:01:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5d25fdd3-6de8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rzd5bTvJ6Z6Pzojh6WtWaEl4RkQJVLdj1FspBBq2KSDnjbmOVwKV4cDesdndtXHq6Rs5XiUCDquPY38FBPyN5aeJMzzFjHHHtJBw0Vz0bc7%2FcsPGSkeY%2FTzqpcLVUJ9i5bxfm0bU"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=315360000
cf-ray
85451bcd48313731-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
f1.woff
mcgrp.ru/views2/1483184/page8/ 		26 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mcgrp.ru/views2/1483184/page8/f1.woff
Requested by
Host: mcgrp.ru
URL: https://mcgrp.ru/files/viewer/483184/8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7aec10442e679e4a9a51781b77226c6aa02f3dbf05a1f378db1e18a87e3a2cd

Request headers

Referer
https://mcgrp.ru/files/viewer/483184/8
Origin
https://mcgrp.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:52 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 10 Jul 2019 15:01:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5d25fdd3-6878"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fCG65WLIXbct2kkpGMoz9sMN9rVv2j7rqURnSk922kSWbzwqVvlgV0DjALS98fpe2Q9opq3XE6HIAHbacM%2FVikMj8d%2BW2ethaIASOBJ1iT2mcB%2BMApWuWBeSLWezHFRFS%2BtmSKJv"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=315360000
cf-ray
85451bcd48333731-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
f4.woff
mcgrp.ru/views2/1483184/page8/ 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mcgrp.ru/views2/1483184/page8/f4.woff
Requested by
Host: mcgrp.ru
URL: https://mcgrp.ru/files/viewer/483184/8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ef0f7bfd62d1f8241ad9cf5eba3c5a8cb32722ba5b60d646452528fb8f62584

Request headers

Referer
https://mcgrp.ru/files/viewer/483184/8
Origin
https://mcgrp.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:52 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 10 Jul 2019 15:01:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5d25fdd3-1270"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hK45JPsxmxYrTEDkvEVguW8%2FOnXkrF3NiKx%2FyxoImuDqcxCVoD3SQaepp7vX8gca4tocnyeUrmgqOfGlS2h9Iz%2Fpr93%2FFEroI1SbWBhYMa69o6qmSQZChwvvCw059WuWElAB%2FqBH"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=315360000
cf-ray
85451bcd48353731-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
Manrope-Bold.woff2
mcgrp.ru/fonts/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mcgrp.ru/fonts/Manrope-Bold.woff2
Requested by
Host: mcgrp.ru
URL: https://mcgrp.ru/css/app.css?id=5c63914be44d5cd9228e48d8874ea549
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28eb0b80f02c59b0d87b0bb25256693504acf4c550b5c9091e986ac04b0e9125

Request headers

Referer
https://mcgrp.ru/css/app.css?id=5c63914be44d5cd9228e48d8874ea549
Origin
https://mcgrp.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
622827
content-length
31136
last-modified
Sun, 22 Jan 2023 13:59:52 GMT
server
cloudflare
etag
"63cd4158-79a0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8oA3VSlRDylh4PCT1NpsyzH4xsuw9XFzydNXRE4EHvMFzX2whlfJIXHnF%2FgatqJ5ksFEAG90hcL4FbtczIVmOqMrRpiRfCY06Wu8wRNVzLQjqxzqWC0y5tj8XB7ap8DLLP6tMHoc"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
85451bcd48363731-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
pdf.webp
mcgrp.ru/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mcgrp.ru/img/pdf.webp
Requested by
Host: mcgrp.ru
URL: https://mcgrp.ru/files/viewer/483184/8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39a352782a754b6fd30e829892cd4cbd882367943c983a44eab51ece7203bda0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcgrp.ru/files/viewer/483184/8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
622827
content-length
1102
last-modified
Sun, 08 Nov 2020 06:02:18 GMT
server
cloudflare
etag
"5fa789ea-44e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j0k%2BjvR7vzEHqUrz5rnaeGyrta67093%2FaFfKkyX%2BcZP2zUGwQ3lZQtreK1Y5KciUkvfHueVhMoaNb3WtWIwXe6TIK2xXAvlNQoE38qXmiBXB%2FHTjwIb2MzMYI%2F4g%2BM98HJhhVdzN"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
85451bcd58483731-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
viewer.js
mcgrp.ru/js/ 		764 KB
228 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mcgrp.ru/js/viewer.js?id=c51cdf55325d5604ed4d3fc32dafd862
Requested by
Host: mcgrp.ru
URL: https://mcgrp.ru/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a410488869d3bf4acddc3f3baee9ddded9bd420d73f4b487dc38a81f1d55cb0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcgrp.ru/files/viewer/483184/8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
622826
cf-polished
origSize=782191
cf-bgj
minify
last-modified
Fri, 19 Jan 2024 19:25:49 GMT
server
cloudflare
etag
W/"65aaccbd-bef6f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wTzxsd%2BFZdw1wGxjGVJ%2BfLiSb9Q8ZR%2FLjggj38mOU%2F1ujP89NmCdHV5vA%2Bch1ZDyg3DOxI0k8bAB8E6%2BNpWz1dBTnCtIBSlp3G%2BdDhLNmd15JGVCNvx1rpdmqaiUQd9GIn99XIoI"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000
cf-ray
85451bcd58553731-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		148 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-0284526850426670
Requested by
Host: mcgrp.ru
URL: https://mcgrp.ru/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
be70d4e975dad77deadb0aebb820a003dec95a75857347ec5483033055fa3efd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mcgrp.ru/
Origin
https://mcgrp.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51529
x-xss-protection
0
server
cafe
etag
16551111118433277451
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Mon, 12 Feb 2024 13:16:52 GMT
client
accounts.google.com/gsi/ 		207 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: mcgrp.ru
URL: https://mcgrp.ru/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::54 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
04b73f9c0e6a03495ed1a6e8c614df487ca6d7671f96ed1f512b2f3383fba7b9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-nrVPzxTKGyBzQtAMVLgAeg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcgrp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:52 GMT
content-security-policy
script-src 'report-sample' 'nonce-nrVPzxTKGyBzQtAMVLgAeg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Mon, 12 Feb 2024 13:16:52 GMT
platform.js
apis.google.com/js/ 		56 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: mcgrp.ru
URL: https://mcgrp.ru/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d6761121e36dada7b2cb2088e9749ddc66c64da9a262386e1e358c8dbbeeeeb
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcgrp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 12 Feb 2024 13:16:52 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21932
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"744e1fa93653e48f"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 12 Feb 2024 13:16:52 GMT
context.js
yandex.ru/ads/system/ 		348 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/system/context.js
Requested by
Host: mcgrp.ru
URL: https://mcgrp.ru/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
2ef289d75a7aaf0ba111182a1a42aea4efe546ce27a7f949970d1afa4a1e987e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcgrp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-encoding
br
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
etag
"5eb0ed05be925d39163a898608191b52-964119"
x-yandex-req-id
1707743812826772-12770264780213376547-balancer-l7leveler-kubr-yp-vla-25-BAL-5011
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Mon, 12 Feb 2024 14:16:52 GMT
header-bidding.js
yandex.ru/ads/system/ 		112 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/system/header-bidding.js
Requested by
Host: mcgrp.ru
URL: https://mcgrp.ru/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
2cf93f506c6bc8136beedb769dd7459ba20d7487709a2bd3bcb75d8d3b2f15dd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcgrp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-encoding
br
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
etag
"55529d21a207b7829332493cab33d2b1-964004"
x-yandex-req-id
1707743812826379-10798551558554265632-balancer-l7leveler-kubr-yp-vla-25-BAL-1887
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Mon, 12 Feb 2024 14:16:52 GMT
AdRiverFPS.js
content.adriver.ru/ 		15 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.adriver.ru/AdRiverFPS.js
Requested by
Host: mcgrp.ru
URL: https://mcgrp.ru/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.96.36 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx /
Resource Hash
0c86343296ea51eaa90b3232df83d675cacb4df038f7397402ce9072f7282ef8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcgrp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:52 GMT
last-modified
Fri, 09 Feb 2024 08:00:04 GMT
server
nginx
etag
"65c5db84-3a0e"
content-type
application/x-javascript
cache-control
max-age=3600
accept-ranges
bytes
content-length
14862
expires
Mon, 12 Feb 2024 14:16:52 GMT
main.js
mcgrp.ru/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/ Frame 2D23
Redirect Chain
  • https://mcgrp.ru/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://mcgrp.ru/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mcgrp.ru/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js
Requested by
Host: mcgrp.ru
URL: https://mcgrp.ru/files/viewer/483184/8
Protocol
H2
Server
2606:4700:20::ac43:47c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
695cf8fda4d090b298f03022d3d5d055bc77373206a29fde0671bf5f7936a1af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:52 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Um198yUjVOZ2Vf47Z1VIpxNVMDjZaZKAhGWwxpAAMCgFexcMHsoEiQvAk%2B9OqYpnRjnZNOtMPWC4LPmBDMbPJlKewOHPapWqcW2WKisLLfGjLuhSN0BHPyDdoDl3wzrVZPaBXAmr"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
85451bcd887e3731-FRA

Redirect headers

date
Mon, 12 Feb 2024 13:16:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yd5emEjToOKr4XrbEluD6i6v0hIhsRAjY7oPdBItcaWV72cS%2BYU2ICUkyRtI8m1hULwHXqJdOkrA98Oo7OT77POajRvUr1ZYJY5WyuP7tujy1e%2FNR%2Fb0RDMwpx2%2B%2BJpaZd1hhor6"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js
cache-control
max-age=300, public
cf-ray
85451bcd68603731-FRA
85451bcb4dd33731
mcgrp.ru/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 2D23 		0
487 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcgrp.ru/cdn-cgi/challenge-platform/h/b/jsd/r/85451bcb4dd33731
Requested by
Host: mcgrp.ru
URL: https://mcgrp.ru/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 12 Feb 2024 13:16:52 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
85451bcdf8ed3731-FRA
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ACq4oP6zP6bQWFGHZ9WC5IMaArIuzxqtFydRQFjejAUSXuVBQ8AtQqp5hlCYzYWgkdmy1poF0%2FAwsL7HfP1%2FM6%2FyS4l78%2BR5HWIwKX9QFCYiq1116FYceLAseK1EU9qpZ2LdNGC"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
tag.js
mc.yandex.ru/metrika/ Frame B3DD 		204 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: yoomoney.ru
URL: https://yoomoney.ru/quickpay/fundraise/button?billNumber=rtyVfgHoIkw.230121&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
1dcb72155edae8fec6f6fa0f8c6d6a5ae62f6c02f4cbe6cb10befe676409f6e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Thu, 08 Feb 2024 09:19:43 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"65c49caf-11832"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
71730
expires
Mon, 12 Feb 2024 14:16:53 GMT
advert.gif
mc.yandex.com/metrika/ Frame B3DD 		43 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: yoomoney.ru
URL: https://yoomoney.ru/quickpay/fundraise/button?billNumber=rtyVfgHoIkw.230121&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 08 Feb 2024 09:19:43 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"65c49caf-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Mon, 12 Feb 2024 14:16:53 GMT
1
mc.yandex.com/watch/11859880/ Frame B3DD
Redirect Chain
  • https://mc.yandex.com/watch/11859880?wmode=7&page-url=https%3A%2F%2Fyoomoney.ru%2Fquickpay%2Ffundraise%2Fbutton%3FbillNumber%3DrtyVfgHoIkw.230121%26&page-ref=https%3A%2F%2Fmcgrp.ru%2F&charset=utf-8...
  • https://mc.yandex.com/watch/11859880/1?wmode=7&page-url=https%3A%2F%2Fyoomoney.ru%2Fquickpay%2Ffundraise%2Fbutton%3FbillNumber%3DrtyVfgHoIkw.230121%26&page-ref=https%3A%2F%2Fmcgrp.ru%2F&charset=utf...
458 B
568 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/11859880/1?wmode=7&page-url=https%3A%2F%2Fyoomoney.ru%2Fquickpay%2Ffundraise%2Fbutton%3FbillNumber%3DrtyVfgHoIkw.230121%26&page-ref=https%3A%2F%2Fmcgrp.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Ad7x9vdjtlsnebtmoc6xy5om3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1240%3Acn%3A1%3Adp%3A0%3Als%3A1422500644833%3Ahid%3A717381815%3Az%3A60%3Ai%3A20240212141653%3Aet%3A1707743813%3Ac%3A1%3Arn%3A985762560%3Arqn%3A1%3Au%3A1707743813475525359%3Aw%3A0x0%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C89%2C133%2C1%2C0%2C0%2C%2C7%2C0%2C%2C%2C%2C242%3Aco%3A0%3Acpf%3A1%3Ans%3A1707743812661%3Arqnl%3A1%3Ast%3A1707743813%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29ti%281%29&redirnss=1
Requested by
Host: yoomoney.ru
URL: https://yoomoney.ru/quickpay/fundraise/button?billNumber=rtyVfgHoIkw.230121&
Protocol
H2
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
a05917ea755c907b34871da881d5db14a8d3c0d8020810cfdcb3cf14ba8f1a89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Feb 2024 13:16:53 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Mon, 12-Feb-2024 13:16:53 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yoomoney.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
458
x-xss-protection
1; mode=block
expires
Mon, 12-Feb-2024 13:16:53 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Feb 2024 13:16:53 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 12-Feb-2024 13:16:53 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/11859880/1?wmode=7&page-url=https%3A%2F%2Fyoomoney.ru%2Fquickpay%2Ffundraise%2Fbutton%3FbillNumber%3DrtyVfgHoIkw.230121%26&page-ref=https%3A%2F%2Fmcgrp.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Ad7x9vdjtlsnebtmoc6xy5om3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1240%3Acn%3A1%3Adp%3A0%3Als%3A1422500644833%3Ahid%3A717381815%3Az%3A60%3Ai%3A20240212141653%3Aet%3A1707743813%3Ac%3A1%3Arn%3A985762560%3Arqn%3A1%3Au%3A1707743813475525359%3Aw%3A0x0%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C89%2C133%2C1%2C0%2C0%2C%2C7%2C0%2C%2C%2C%2C242%3Aco%3A0%3Acpf%3A1%3Ans%3A1707743812661%3Arqnl%3A1%3Ast%3A1707743813%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29ti%281%29&redirnss=1
access-control-allow-origin
https://yoomoney.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Mon, 12-Feb-2024 13:16:53 GMT
gtm.js
www.googletagmanager.com/ 		229 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MJ9C6X7
Requested by
Host: mcgrp.ru
URL: https://mcgrp.ru/files/viewer/483184/8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f910c917fc1de961581592e7e1b3e13f93f8518e39b302c74130d0c58d225e04
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcgrp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80189
x-xss-protection
0
last-modified
Mon, 12 Feb 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 12 Feb 2024 13:16:53 GMT
header-bidding.js
mcgrp.ru/js/ 		28 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mcgrp.ru/js/header-bidding.js?ts=1707743813272
Requested by
Host: mcgrp.ru
URL: https://mcgrp.ru/files/viewer/483184/8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7db7a463468bb62cebae898dee4f70250fb6811a927fd138a14e1da056ff89d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcgrp.ru/files/viewer/483184/8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 05 Feb 2024 08:45:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65c0a023-6e18"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8TJJZTyC%2BIVPxMbINmaqql8OMHO9dimNEk3nQdRxrjguHolVEkGZTKg%2BPXY3zXKlN42Rq2tu1emIm%2BVhDeh76f4hx7h%2BZ6BaxJnEk%2B49iGGi3HvqMQT45CD5OhTUHlKD9EwIhGvv"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000
cf-ray
85451bd0fc093731-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		148 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-0284526850426670
Requested by
Host: mcgrp.ru
URL: https://mcgrp.ru/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a6d65a1998f0d1f33de164915de8f05819e371b65fb52f866b439cc36d6598a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mcgrp.ru/
Origin
https://mcgrp.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51533
x-xss-protection
0
server
cafe
etag
8327258176497221911
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Mon, 12 Feb 2024 13:16:53 GMT
getcookie
matchid.adfox.yandex.ru/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://matchid.adfox.yandex.ru/getcookie
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::16b , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://mcgrp.ru
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
accept, accept-encoding, accept-language, cache-control, content-type, dnt, origin, x-requested-with
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://mcgrp.ru
content-length
0
date
Mon, 12 Feb 2024 13:16:53 GMT
timing-allow-origin
*
x-content-type-options
nosniff
getcookie
matchid.adfox.yandex.ru/ 		240 B
422 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://matchid.adfox.yandex.ru/getcookie
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::16b , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
a62b33b10cab6407b450fa82f70baf663fad7346918d956c2909fe43dfab5029
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://mcgrp.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://mcgrp.ru
date
Mon, 12 Feb 2024 13:16:53 GMT
access-control-allow-credentials
true
x-content-type-options
nosniff
timing-allow-origin
*
content-length
240
content-type
application/json
text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://mcgrp.ru/
Origin
https://mcgrp.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
26004
x-amz-meta-owner
{"role":"admin","login":"4eb0da"}
last-modified
Mon, 25 Apr 2022 14:02:39 GMT
server
nginx/1.17.9
etag
"7f0cdaf91230f9789ca4162aedff612e"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31556952
x-nginx-request-id
5b1355cf35aca7a3
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Feb 2025 19:05:00 GMT
5da7662d85f12ceaca94.js
yastatic.net/partner-code-bundles/964119/ 		60 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/964119/5da7662d85f12ceaca94.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
9f251ab0f186bd1a01e122ce3d37182976d71c3315ec473cb6b6646eb3b92d4d
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://mcgrp.ru/
Origin
https://mcgrp.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
15009
last-modified
Fri, 09 Feb 2024 16:12:51 GMT
server
nginx/1.17.9
etag
"d691f493b3cbc48d4e6f995d2b73b356"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Wed, 11 Feb 2054 19:49:30 GMT
0b72b93747c238ead4e4.js
yastatic.net/partner-code-bundles/964119/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/964119/0b72b93747c238ead4e4.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
6270cd5b97fab37051d414dad9ece7a390041a2616002d4c6567c2ae6d432a44
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://mcgrp.ru/
Origin
https://mcgrp.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
7943
last-modified
Fri, 09 Feb 2024 16:12:50 GMT
server
nginx/1.17.9
etag
"e2b8c4eec4f413c92c5a4b84f7d7679e"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Wed, 11 Feb 2054 19:49:30 GMT
68c94ee5dd5c42ef06c2.js
yastatic.net/partner-code-bundles/964119/ 		574 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/964119/68c94ee5dd5c42ef06c2.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
c120b5ed21655af61863ef9f82249e1f8a8a861225e8d19851f76cdd0f9c1f2a
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://mcgrp.ru/
Origin
https://mcgrp.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
109531
last-modified
Fri, 09 Feb 2024 16:12:51 GMT
server
nginx/1.17.9
etag
"96ab19fb84e311884c1b6092f2db918d"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Wed, 11 Feb 2054 19:49:30 GMT
host.js
yastatic.net/safeframe-bundles/0.83/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/safeframe-bundles/0.83/host.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://mcgrp.ru/
Origin
https://mcgrp.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
8878
last-modified
Wed, 03 Nov 2021 13:42:58 GMT
server
nginx/1.17.9
etag
"f80882bf67cf261aa08d636da095149a"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Wed, 11 Feb 2054 19:51:48 GMT
647aa65c1cc410193d17.js
yastatic.net/partner-code-bundles/964119/ 		118 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/964119/647aa65c1cc410193d17.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
5ec80490b29b0432e2c0c081d7e5c30ec8d5fe56ebf2a0983d999276363cc09a
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://mcgrp.ru/
Origin
https://mcgrp.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
24659
last-modified
Fri, 09 Feb 2024 16:12:51 GMT
server
nginx/1.17.9
etag
"96b43b522d4b4e462837943561fd9fde"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Wed, 11 Feb 2054 19:49:30 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/ 		406 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0284526850426670&plah=mcgrp.ru&aplac=true&bust=31080932
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-0284526850426670
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e1ca993194493444a47f3955bdc5a0df9c40da60a7938d0dd0e6a6d3f42d3478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcgrp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140915
x-xss-protection
0
server
cafe
etag
12048266782847886750
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 12 Feb 2024 13:16:53 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240207/r20190131/ Frame 231E 		9 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240207/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-0284526850426670
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mcgrp.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
35707
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Feb 2024 03:21:46 GMT
etag
3890843268177463596
expires
Mon, 26 Feb 2024 03:21:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
ws.mcgrp.ru/socket.io/ 		104 B
428 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ws.mcgrp.ru:2053/socket.io/?EIO=3&transport=polling&t=OsTTfxJ
Requested by
Host: mcgrp.ru
URL: https://mcgrp.ru/js/viewer.js?id=c51cdf55325d5604ed4d3fc32dafd862
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.217.244.119 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mail.mcgrp.ru
Software
/
Resource Hash
babe86d068fc234b3fc7661e88a59fca26b2a2293b3e6c96cfc6ac82a2b2e01c

Request headers

Accept
*/*
Referer
https://mcgrp.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://mcgrp.ru
Date
Mon, 12 Feb 2024 13:16:53 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
104
Content-Type
text/plain; charset=UTF-8
main.js
mcgrp.ru/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/ Frame 2D23
Redirect Chain
  • https://mcgrp.ru/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://mcgrp.ru/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mcgrp.ru/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js
Protocol
H2
Server
2606:4700:20::ac43:47c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82f711c783a62d38c21fe65c17989882b7de5f6b2f5c8c2378f41e3cc7546b42
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bcmnX9JZvkjh4mnmNf6C706%2F2Bu7KAuQXO5i8hqa8X%2BH2KSLOOrvf9mntUO5hDzbgf1AU7p2QndhSzGnOU2tGhqFybaXhoRIjlDo39ma4lNAHZcsTlYQoB1P2DSKpWUEBRRk2QeT"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
85451bd1bcd83731-FRA

Redirect headers

date
Mon, 12 Feb 2024 13:16:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2xVRQaTse8UBz0%2FBNRACUysybVNvRbrWK5AQYxpRcd2Bwme4acLi%2BfxtH8TRRSLmfr3WoskE0pGFeFdRoMTx1MSgQ%2FkmOXL5RY%2B%2FLcFLtvuJFkUQuJCHBRQXBZqM8koIXFYOmiEk"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js
cache-control
max-age=300, public
cf-ray
85451bd17c8a3731-FRA
widget.js
translate.yandex.net/website-widget/v1/ 		12 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.yandex.net/website-widget/v1/widget.js?widgetId=ytWidget&pageLang=ru&widgetTheme=light&autoMode=false
Requested by
Host: mcgrp.ru
URL: https://mcgrp.ru/js/viewer.js?id=c51cdf55325d5604ed4d3fc32dafd862
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::194 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
91df33a1e9627cc8db44804b653e3b961ba8e800ebca60c76512a8dde465b861

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcgrp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-type
application/javascript; charset=utf-8
date
Mon, 12 Feb 2024 13:16:53 GMT
referrer-policy
no-referrer-when-downgrade
accept-ch
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness
content-length
12565
vary
Accept-Language
content-language
ru
301.59fa961ea28ec2df.js
mcgrp.ru/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mcgrp.ru/js/301.59fa961ea28ec2df.js
Requested by
Host: mcgrp.ru
URL: https://mcgrp.ru/js/viewer.js?id=c51cdf55325d5604ed4d3fc32dafd862
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4d930d30be8fb09c987629d61b34ec7d7b726095c77fefd11a7ae63534396a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcgrp.ru/files/viewer/483184/8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
481180
cf-bgj
minify
last-modified
Thu, 26 Oct 2023 01:02:10 GMT
server
cloudflare
etag
W/"6539ba92-a7d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FPp%2F%2B0dPAkeXzzI%2BWngvnRXqQ4FoICkKL9n7mENDbgKkEKV564jyygKfogHEHoNOoOq1nNIbOQEG3Uio%2BXL7Nm64Vhm2M1oEsPHcddb%2BWi9PG5XDz8c5%2FQPG9TMgeRJZ3U12I4Ca"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000
cf-ray
85451bd18c973731-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
flag_placeholder.png
mcgrp.ru/img/ 		96 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mcgrp.ru/img/flag_placeholder.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdb66bf929c8f1e9830c282f042d9441b73776c02bfaf1bbb8a0fe221b548920

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcgrp.ru/files/viewer/483184/8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
622772
content-length
96
last-modified
Tue, 30 Aug 2022 03:01:13 GMT
server
cloudflare
etag
"630d7d79-60"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BX%2Frb9WLClz08ZLAsf2tZaX5ilk1SkmqpuHCJa1QTblXLsU%2FLmwOLqowoGWqVefJ9TpHv2WUzbons8znr%2BmQ02gMbkjn1JPTUVdi49AeOOhPu0co%2FM7bkFwG3IBNmNmfC1HNS1XX"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
85451bd18c9b3731-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
flags_responsive.png
mcgrp.ru/img/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mcgrp.ru/img/flags_responsive.png
Requested by
Host: mcgrp.ru
URL: https://mcgrp.ru/css/app.css?id=5c63914be44d5cd9228e48d8874ea549
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c74f6f565f14bbdad565468e9278e19f6c4a98fb7a9d962c94145a31c479895c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcgrp.ru/css/app.css?id=5c63914be44d5cd9228e48d8874ea549
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
622772
content-length
55435
last-modified
Tue, 30 Aug 2022 03:01:13 GMT
server
cloudflare
etag
"630d7d79-d88b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dENNhDZVrOHPyVP8XamINl7kalLcbN7Cm9oqf2NtWeRuOcPRl4OdxRIX41tzdsN2uymZO5nu7InBYNDjTBvY%2FZ3W%2Bili7c%2FgRWbxpWp%2BGzxO6k8Zc%2BUf%2BqkD0Sdeml6FghrIYDNF"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
85451bd18c9c3731-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
log
accounts.google.com/gsi/ 		0
23 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/log?client_id=undefined&as=undefined&event=id.init.relativeLoginUri.%2Fajax%2Fgoogleauth
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0c::54 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-63TcJMs_ZYcvp4g735Dggg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://mcgrp.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-63TcJMs_ZYcvp4g735Dggg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST
content-type
text/html; charset=utf-8
access-control-allow-origin
https://mcgrp.ru
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Mon, 01 Jan 1990 00:00:00 GMT
style
accounts.google.com/gsi/ 		533 B
608 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/style
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::54 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-l9qkL10uleLIxVFfMpMX5g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcgrp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
content-security-policy
script-src 'report-sample' 'nonce-l9qkL10uleLIxVFfMpMX5g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
text/css; charset=utf-8
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Mon, 12 Feb 2024 13:16:53 GMT
status
accounts.google.com/gsi/ 		40 B
522 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/status?client_id=731157352750-2hgtsnco3c538qifo2516l5lsjl3i1v2.apps.googleusercontent.com&as=Q8%2FEl7vZBJY29BkD778%2F7Q
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::54 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4965a35a3fbfdc47f81d85692f52c815e557e598ce2a9de6a4dfd8719500fb59
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce--lHTR5jvpwEABUmXPCiIYQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcgrp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce--lHTR5jvpwEABUmXPCiIYQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options
nosniff
content-encoding
gzip
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://mcgrp.ru
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Mon, 01 Jan 1990 00:00:00 GMT
getPanelPages
mcgrp.ru/api/ 		12 KB
877 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcgrp.ru/api/getPanelPages
Requested by
Host: mcgrp.ru
URL: https://mcgrp.ru/js/viewer.js?id=c51cdf55325d5604ed4d3fc32dafd862
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae8939748cf1c028d1604678e88a83a1af816b3f55b9907511a1d8db378789cd

Request headers

Accept
application/json, text-plain, */*
Referer
https://mcgrp.ru/files/viewer/483184/8
X-Requested-With
XMLHttpRequest
X-CSRF-TOKEN
4t3j4VzHKwT4KtLbCLSl3KwI1IIZaVkta8xFHC2q
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-ratelimit-remaining
59
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EXOsE0TRJIxHg7qMWL6ENvBFyvnZAljVajI%2F64wbnDOMcTMhPgx8rWs%2B8slY4FYji%2BVRqwch0vyP2nPQSnWiWJTaKrbLGL%2BMEhcFWqgEVQi9aqGaBvYeS6ceii%2FhJYe4JX5%2BEiJn"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, private
x-ratelimit-limit
60
cf-ray
85451bd1bcd63731-FRA
c03a920daa45271a7ae9.js
yastatic.net/partner-code-bundles/964004/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/964004/c03a920daa45271a7ae9.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
19c8fe653e8a439a1c6d229ad5ce33112bf6a594e755a24749a07460467e933b
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://mcgrp.ru/
Origin
https://mcgrp.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
3557
last-modified
Fri, 09 Feb 2024 14:44:56 GMT
server
nginx/1.17.9
etag
"b0580567105ab1b31723bfc58ed87760"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Wed, 11 Feb 2054 19:49:33 GMT
36af7e3c4728cc4f6a2b.js
yastatic.net/partner-code-bundles/964004/ 		37 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/964004/36af7e3c4728cc4f6a2b.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
bb6254bbd77f007392cddaccdc347c9de9f993a98535e2261b3786e1cb5a66a5
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://mcgrp.ru/
Origin
https://mcgrp.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
10601
last-modified
Fri, 09 Feb 2024 14:44:56 GMT
server
nginx/1.17.9
etag
"b1923d2f2a57d9100716f765ed463e2c"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Wed, 11 Feb 2054 19:49:37 GMT
adjson
ads.betweendigital.com/ 		11 B
890 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=adfox
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.42.34.64 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://mcgrp.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://mcgrp.ru
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
adfoxhb
ssp-rtb.sape.ru/ 		11 B
573 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp-rtb.sape.ru/adfoxhb
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.3.184.211 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software
openresty /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://mcgrp.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 12 Feb 2024 13:16:53 GMT
Server
openresty
X-YaTraceId
b775a59988cf41c2885b1a364f0a1617
X-YaRequestId
6fd215756110432e895efeffdabb82a8
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
https://mcgrp.ru
X-YaSpanId
f38c9a152daca253
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
11
adfox
exchange.buzzoola.com/ssp/
Redirect Chain
  • https://exchange.buzzoola.com/ssp/adfox
  • https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t
11 B
511 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t
Protocol
H2
Server
138.201.34.239 Papenburg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.239.34.201.138.clients.your-server.de
Software
nginx /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcgrp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
server
nginx
serverid
TODO
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://mcgrp.ru
access-control-expose-headers
Set-Cookie, Etag
access-control-allow-credentials
true
access-control-allow-headers
Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, X-Aidata-FP, If-None-Match
content-length
11

Redirect headers

date
Mon, 12 Feb 2024 13:16:53 GMT
server
nginx
serverid
TODO
access-control-allow-origin
https://mcgrp.ru
location
/ssp/adfox?set_buzzoola_cookie=t
access-control-expose-headers
Set-Cookie, Etag
access-control-allow-credentials
true
access-control-allow-headers
Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, X-Aidata-FP, If-None-Match
content-length
0
/
ad.mail.ru/hbid_yandex/ 		11 B
331 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/hbid_yandex/
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://mcgrp.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 12 Feb 2024 13:16:53 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://mcgrp.ru
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
bid.cgi
pb.adriver.ru/cgi-bin/ 		0
0
bid
relap.io/hb/adfox/ 		11 B
982 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://relap.io/hb/adfox/bid
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.43.46 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Referer
https://mcgrp.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
strict-transport-security
max-age=5184000; includeSubdomains;
x-content-type-options
nosniff
server
nginx
vary
Origin
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://mcgrp.ru
access-control-max-age
1728000
x-server
back23
access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie,X-Relap-UUID
content-length
11
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
auction
pbs.alfasense.com/yandex/ 		11 B
870 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbs.alfasense.com/yandex/auction
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.111.119.60 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://mcgrp.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 12 Feb 2024 13:16:54 GMT
x-dsp-24__status
204
x-dsp-8__status
204
X-Host
23.111.119.60
Connection
keep-alive
uuid
820aa96e-f4f2-4a4c-bc43-b3dc62afaa6b
Content-Length
11
x-dsp-4__status
204
x-geo-cityid
4000000020
pragma
no-cache
x-dsp-38__status
204
access-control-max-age
0
Content-Type
application/json, text/xml
x-dsp-24__x-reason
{"status":"noad","description":"no ad found"}
Access-Control-Allow-Origin
https://mcgrp.ru
cache-control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, HEAD, POST, OPTIONS, PUT, DELETE
Accept-Ranges
bytes
x-dsp-28__status
204
x-dsp-22__status
204
Access-Control-Allow-Headers
Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
expires
0
bid
mediatoday.ru/core/rtb/hb/ 		11 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mediatoday.ru/core/rtb/hb/bid
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:2d8:0:1025::20 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://mcgrp.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Feb 2024 13:16:53 GMT
server
nginx/1.24.0
p3p
policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
content-type
application/json
access-control-allow-origin
https://mcgrp.ru
cache-control
no-cache, max-age=0, must-revalidate, no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
11
expires
Thursday, 01-Jan-1970 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		239 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-L7NZY3C6R9&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJ9C6X7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
08ccab9262c6827f33ae4f37c5306e4f3da37774034431062b3f6f20902de66d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcgrp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85016
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 12 Feb 2024 13:16:53 GMT
tag.js
cdn.jsdelivr.net/npm/yandex-metrica-watch/ 		219 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
Requested by
Host: mcgrp.ru
URL: https://mcgrp.ru/files/viewer/483184/8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44f5ec24ee220e0e00bec5b1ade741fac438891d806faff7b2802acf2383f1ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcgrp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
30838
x-jsd-version
1.312.0
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230100-FRA, cache-lga21963-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"36a63-9+MFGDNsTKKRfSt8O7wvDzd96c0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oOJbqq0XXLPva7FgFycMj0KGgQtSO66AMFGX8sjCdL8fUPqgvKvKKkCTv4zm5qFWPMGrIqGTaEPHyuMem4%2BVMEloi5prxNQwMsaNnSlptH6631gsL7JZtBzZUNu1%2BylhC5Mpnmh98wY9mgG0FNo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
85451bd20abd9208-FRA
/
ws.mcgrp.ru/socket.io/ 		3 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ws.mcgrp.ru:2053/socket.io/?EIO=3&transport=polling&t=OsTTfyt&sid=9NlDfFdcuUvxKMx7AByw
Requested by
Host: mcgrp.ru
URL: https://mcgrp.ru/js/viewer.js?id=c51cdf55325d5604ed4d3fc32dafd862
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.217.244.119 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mail.mcgrp.ru
Software
/
Resource Hash
62325dfc1fc675255519674da6e2c4aad5f51cc6c3217ed3c6fbf6cabe0d86b0

Request headers

Accept
*/*
Referer
https://mcgrp.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://mcgrp.ru
Date
Mon, 12 Feb 2024 13:16:53 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
3
Content-Type
text/plain; charset=UTF-8
85451bcb4dd33731
mcgrp.ru/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 2D23 		0
542 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcgrp.ru/cdn-cgi/challenge-platform/h/b/jsd/r/85451bcb4dd33731
Requested by
Host: mcgrp.ru
URL: https://mcgrp.ru/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
85451bd25d6d3731-FRA
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2QUYed%2F4YwdT2xRGwIVrNvkBUJNQ2cJketDsMO8Ia7bUlaUhsVVxvFfX2sARXznhCtrMBFnQ4b6b8dzQ82h%2FIt3c4LPjsJadvymObn3td1beHNmm8svxitTVYrek46lUy89FaGQ1"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
ads
googleads.g.doubleclick.net/pagead/ Frame D6B5 		10 KB
868 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0284526850426670&output=html&adk=1812271804&adf=3025194257&lmt=1707743813&plat=2%3A16777216%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x810_l&format=0x0&url=https%3A%2F%2Fmcgrp.ru%2Ffiles%2Fviewer%2F483184%2F8&pra=5&wgl=1&easpi=1&asro=0&aslmt=0.4&asamt=-1&aseiel=1~2~4~6~11&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707743813294&bpp=3&bdt=672&idt=207&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3827437176928&frm=20&pv=2&ga_vid=1930442151.1707743814&ga_sid=1707743814&ga_hid=931466232&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31080780%2C31080795%2C31080820%2C42532523%2C44795922%2C95324581%2C31080932%2C95322183%2C95320869%2C95321867%2C95324155%2C95324160%2C95324260&oid=2&pvsid=4394020649198614&tmod=591409428&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=223
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0284526850426670&plah=mcgrp.ru&aplac=true&bust=31080932
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5c08ee901e63fe4693fe58034adae1a859d7c9e07031f7e2dfd68620811ece03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mcgrp.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
802
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Feb 2024 13:16:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=HEADER&id=header&cls=header%20bg-gray-900%20fixed%20top-0%20left-1%2F2%20%20-translate-x-1%2F2%20w-full&ign=false&pw=1600&ph=1200&x=0&y=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcgrp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Feb 2024 13:16:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0284526850426670&plah=mcgrp.ru&aplac=true&bust=31080932
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
21d4aa83528f8e8b3b51b7f376fff9567108e2d2922d54e3704914fdea894bfd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcgrp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12381
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6A8E 		37 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0284526850426670&output=html&h=120&slotname=7075887982&adk=1445471990&adf=1833537791&pi=t.ma~as.7075887982&w=1042&lmt=1707743813&rafmt=12&format=1042x120&url=https%3A%2F%2Fmcgrp.ru%2Ffiles%2Fviewer%2F483184%2F8&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707743813298&bpp=6&bdt=677&idt=225&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3827437176928&frm=20&pv=1&ga_vid=1930442151.1707743814&ga_sid=1707743814&ga_hid=931466232&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=164&ady=299&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31080780%2C31080795%2C31080820%2C42532523%2C44795922%2C95324581%2C31080932%2C95322183%2C95320869%2C95321867%2C95324155%2C95324160%2C95324260&oid=2&pvsid=4394020649198614&tmod=591409428&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=228
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0284526850426670&plah=mcgrp.ru&aplac=true&bust=31080932
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65a01de1a60e7ec3e72121d01a231185a9c1ad08ba93acdd2f5283ce97e74a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mcgrp.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
15150
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Feb 2024 13:16:53 GMT
expires
Mon, 12 Feb 2024 13:16:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 5064 		37 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0284526850426670&output=html&h=600&slotname=4270730789&adk=3152841301&adf=796716709&pi=t.ma~as.4270730789&w=210&fwrn=4&fwrnh=100&lmt=1707743813&rafmt=1&format=210x600&url=https%3A%2F%2Fmcgrp.ru%2Ffiles%2Fviewer%2F483184%2F8&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707743813304&bpp=1&bdt=683&idt=233&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1042x120&nras=1&correlator=3827437176928&frm=20&pv=1&ga_vid=1930442151.1707743814&ga_sid=1707743814&ga_hid=931466232&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1226&ady=343&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31080780%2C31080795%2C31080820%2C42532523%2C44795922%2C95324581%2C31080932%2C95322183%2C95320869%2C95321867%2C95324155%2C95324160%2C95324260&oid=2&pvsid=4394020649198614&tmod=591409428&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=234
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0284526850426670&plah=mcgrp.ru&aplac=true&bust=31080932
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fcfd3365c191d241998142d54f37e1e14ad1a7ca1ba6c1cc07e50eb46a3e87b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mcgrp.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
15149
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Feb 2024 13:16:53 GMT
expires
Mon, 12 Feb 2024 13:16:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
p_page-1.webp
mcgrp.ru//views2/1483184/ 		876 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mcgrp.ru//views2/1483184/p_page-1.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
405dbb71a83a656dc7949de95212934a7420a2af2cb6a0b580061412cbb4b7d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcgrp.ru/files/viewer/483184/8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
cf-cache-status
MISS
last-modified
Wed, 19 May 2021 00:26:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"60a45b4a-36c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KIXwYUf57MZficV3Lj8XPy9DxwhNAZy832VkjF%2B2anr2BvRDtp%2BqSLakjOc%2BcRL%2FT1bOwoP4YVJWCCh8qWHWmD5%2FK%2FnKohm0a4E%2FaIJ%2FnfmAPa0nKzxea6ITs3adobkC%2BdIEmWw5"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
85451bd2add43731-FRA
content-length
876
expires
Thu, 31 Dec 2037 23:55:55 GMT
p_page-2.webp
mcgrp.ru//views2/1483184/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mcgrp.ru//views2/1483184/p_page-2.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77b2bfa4a5d0971882d9178cfe950dafd440dd2a1ce5d020fbf294bed6581ab0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcgrp.ru/files/viewer/483184/8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
cf-cache-status
MISS
last-modified
Wed, 19 May 2021 00:26:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"60a45b4b-724"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nYN%2B8%2BA6Qf3GIBbf0pKwYswbbrqtvOCzcYSrIOqk9M58XBdp0XZuQRQJpyUdyw7jYkiiFWYLzpeK8KD8blHH3wlyvu9m6BjUoBOo2ap2YorOY3K6asQwnmVWhBt5%2B0cZs5aDDN8b"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
85451bd2add63731-FRA
content-length
1828
expires
Thu, 31 Dec 2037 23:55:55 GMT
p_page-3.webp
mcgrp.ru//views2/1483184/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mcgrp.ru//views2/1483184/p_page-3.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1273351c6f163c4ec7a3cd6b29fa34a5f828da0b7f6c6630d39c9f6f4ddf14a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcgrp.ru/files/viewer/483184/8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
cf-cache-status
MISS
last-modified
Wed, 19 May 2021 00:26:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"60a45b4c-52c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1xZuSdSYnHVTdQvVVBdYKOy%2Bg8pUqUspPLRq86ZuaclPNZrSsW4Zpv0ehAPGQ4ZaXJpa%2FBsCj7zYeGP2JlC8fPzIG%2FYkTZixIkyorLq8rcGrfJVDotFmSkGrrI4txYI43F31R7cm"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
85451bd2add73731-FRA
content-length
1324
expires
Thu, 31 Dec 2037 23:55:55 GMT
p_page-4.webp
mcgrp.ru//views2/1483184/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mcgrp.ru//views2/1483184/p_page-4.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e20b03734720291d35016704ae8ece368144653179ebd1f44a41d97e98472606

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcgrp.ru/files/viewer/483184/8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
cf-cache-status
MISS
last-modified
Wed, 19 May 2021 00:26:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"60a45b4d-6f0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cOR71kKYe0FUnlmrJuudvQ9sCfd6G3VoaUYF6wnWGBU5BMwZrtpPfXCvCd%2F0pXq36g1nJ7dNelJI9gLmczg7z0%2FWM6yMv%2FXTBtzqnZwsGKqYmC6FE4ueY6lDkFX8liO5m13HQgvy"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
85451bd2add93731-FRA
content-length
1776
expires
Thu, 31 Dec 2037 23:55:55 GMT
p_page-5.webp
mcgrp.ru//views2/1483184/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mcgrp.ru//views2/1483184/p_page-5.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64d5d64f7ba87ef4afcd3eec76201089e349099f04f1087a6b599b0f5d01b4cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcgrp.ru/files/viewer/483184/8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
cf-cache-status
MISS
last-modified
Wed, 19 May 2021 00:26:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"60a45b4e-730"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MhjGg4ZxN97512wSxHftvG29aSWXDIyhvu%2F0yFhpeSO7Fp8NAA4eieQo3peMSMUiO0fiKiOwKcISnlwh9lZ3ESQvc%2FOgRudJ8tYLGrAahzCsjqpDDkZajk4%2FZnli%2Fnp%2FspXzhgVG"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
85451bd2addb3731-FRA
content-length
1840
expires
Thu, 31 Dec 2037 23:55:55 GMT
p_page-6.webp
mcgrp.ru//views2/1483184/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mcgrp.ru//views2/1483184/p_page-6.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a483d90c8f4ecfed3189a6301d18b249424888d11283fe4bbfed62f352616497

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcgrp.ru/files/viewer/483184/8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
cf-cache-status
MISS
last-modified
Wed, 19 May 2021 00:26:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"60a45b4f-88a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iya8CbBfQokMNrfRYbvwzaBPYf%2BypdLuStgPxQoxbOfv8%2BFiVrFNB2pPOTRSRNGErn2bIBcckXldeKnkn7frateRlYs3IdckNKozntokz0KdtZx97sMV0AWNMLdsbZhfGtG4l9RD"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
85451bd2addc3731-FRA
content-length
2186
expires
Thu, 31 Dec 2037 23:55:55 GMT
p_page-7.webp
mcgrp.ru//views2/1483184/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mcgrp.ru//views2/1483184/p_page-7.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
956cf54ea73a4cdb4225c0250b0dec1561cc495bba8488b035dc9ebc28262e63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcgrp.ru/files/viewer/483184/8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
cf-cache-status
MISS
last-modified
Wed, 19 May 2021 00:26:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"60a45b50-5c8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FWTYgsrxEWTwMgK%2FjIEzh%2BsZMeosO8012b6x8gBN9U%2BqgnC%2Bpa9xGuOfEcpI1%2FxCIeuKujcfFoF2oFoBw8EDocNKJzoJgcVHkQj6ERvD2lOHZMBcxCm013dOJQBOgHDAAgtI%2Fwzz"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
85451bd2addd3731-FRA
content-length
1480
expires
Thu, 31 Dec 2037 23:55:55 GMT
p_page-8.webp
mcgrp.ru//views2/1483184/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mcgrp.ru//views2/1483184/p_page-8.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48200eb9ff710781b0fb5c936fdf85bc3275f391e84ccf3c51bea57343aa3b6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcgrp.ru/files/viewer/483184/8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
cf-cache-status
MISS
last-modified
Wed, 19 May 2021 00:26:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"60a45b51-6a4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FY8cj6epHpuFZuhMQ9QUd3c9cPfBe%2BeZbLMbDBAXJA3J%2FLOL505H8cHL2FG2acPD%2F6HR1zYlj%2FUrNOx6HLMbwUsM%2FHbMnvHV%2B0XYkf1AbH9pYTVM8%2FcG2n21GJWSP7FswH%2F5GeIv"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
85451bd2addf3731-FRA
content-length
1700
expires
Thu, 31 Dec 2037 23:55:55 GMT
p_page-9.webp
mcgrp.ru//views2/1483184/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mcgrp.ru//views2/1483184/p_page-9.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e968eadc6c40579d68693cffdbe2c01f0d1c4dd04d49052c7bb313b19c1a983

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcgrp.ru/files/viewer/483184/8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
cf-cache-status
MISS
last-modified
Wed, 19 May 2021 00:26:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"60a45b52-4c0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JAFezAIqNNi6s8g2EceeyooA4gdl%2BBBCdT3ZyeZatD9EkIam3T3HchWsGVdna6I2%2BYVdr20sBR3WioVJE%2F4Z%2FMnRphxxTbIRKQgzXXFwaHbWESNSKMA8bkHcMw7sg8Y%2BSnRxbEqN"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
85451bd2ade13731-FRA
content-length
1216
expires
Thu, 31 Dec 2037 23:55:55 GMT
p_page-10.webp
mcgrp.ru//views2/1483184/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mcgrp.ru//views2/1483184/p_page-10.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7105b8d155586113fcefe8300778fe9ebc8eee28b521120fb9e00dbcf61c09b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcgrp.ru/files/viewer/483184/8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
cf-cache-status
MISS
last-modified
Wed, 19 May 2021 00:26:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"60a45b53-6a4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gB%2FywMIgHUWpfN3l0OAq%2BlezcbnLh8evB7fBOrRgKDGS%2Ffum5FsPg7xpKZ5dZ14v3VZbSGcytj1DPAdxH%2B53gfg4W2GDYXSSUC6BKG4SbHiS86994enFJEd%2BDxKIMxTo5BSLnh8I"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
85451bd2ade33731-FRA
content-length
1700
expires
Thu, 31 Dec 2037 23:55:55 GMT
p_page-11.webp
mcgrp.ru//views2/1483184/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mcgrp.ru//views2/1483184/p_page-11.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b89d2f3d53c1cb03290de74de114b12f55f8556e6b1f73b0bb611603cfe5cf70

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcgrp.ru/files/viewer/483184/8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
cf-cache-status
MISS
last-modified
Wed, 19 May 2021 00:27:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"60a45b55-6e2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jbPZFlp18qhFv0BVqnyvD1L6CsAIkMj4uzRrdjRKuC0lJVLsBIhRfJVIRmPyrtxgALpQ2mw8J2gJh01ohjEBtRnBdavTIM2C24yPKvAtuRDMkpv6go0bMPCsnGXrFmS1LkAJdKN%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
85451bd2ade53731-FRA
content-length
1762
expires
Thu, 31 Dec 2037 23:55:55 GMT
p_page-12.webp
mcgrp.ru//views2/1483184/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mcgrp.ru//views2/1483184/p_page-12.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6296cbe3862a1be8c43ef2259b89e22d280f1a1b398247a751999166b8f8eca6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcgrp.ru/files/viewer/483184/8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
cf-cache-status
MISS
last-modified
Wed, 19 May 2021 00:27:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"60a45b56-554"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2lVIE0sDqzG3hZ3NAhU%2BLbGpkB0CDkWJSCfe3pTAl%2BkNRrxWbK3gBZNEXuNsh6ZYeSrdKKu02hE%2FZSHTmuxbwqFtCOutfEsok9A8tKNV28UOjTN6UWJKgl5sl33M5vNvnZxlS7nS"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
85451bd2ade63731-FRA
content-length
1364
expires
Thu, 31 Dec 2037 23:55:55 GMT
p_page-13.webp
mcgrp.ru//views2/1483184/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mcgrp.ru//views2/1483184/p_page-13.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a441364fb8e96fdbaa964e3a621cacd98e24f19484d18cda7fe8f973e02bede

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcgrp.ru/files/viewer/483184/8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
cf-cache-status
MISS
last-modified
Wed, 19 May 2021 00:27:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"60a45b57-8e6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qToL9dpO34ZvR8%2FpsDBp%2FUTpJGxyUF1ESeJxTPQtdjbZT8Z%2FrAJdCGiqCd7d2XwzjklS21lo3NzR7UO4X5Dg4O8JX4om3GdYAhWuttv5Kz%2FQiFmdGAJrtYeexRMo9G3u0Y6YmvSu"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
85451bd2ade83731-FRA
content-length
2278
expires
Thu, 31 Dec 2037 23:55:55 GMT
p_page-14.webp
mcgrp.ru//views2/1483184/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mcgrp.ru//views2/1483184/p_page-14.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1e71f3f659fa81ea0259cd3d25bdaff8e50f33843c90cca83a20a183e23f87f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcgrp.ru/files/viewer/483184/8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
cf-cache-status
MISS
last-modified
Wed, 19 May 2021 00:27:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"60a45b58-8f8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2Bp2XIT6ij67AviKVXrT62k3qfOMdcCtnjPpeoncjX1FR9%2F1fXf0dAlYWPgcOCpWW64BB0pFz1rTU5I98g4zpdpluyFuMTIwjcnWm7uEehbPGQyfnWOUSshrrpTpC03t16YqIiyq"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
85451bd2adea3731-FRA
content-length
2296
expires
Thu, 31 Dec 2037 23:55:55 GMT
p_page-15.webp
mcgrp.ru//views2/1483184/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mcgrp.ru//views2/1483184/p_page-15.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
095f5b9353bfe1361858fec013c053cf3145126a9b8248b0a468881f4c03211d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcgrp.ru/files/viewer/483184/8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
cf-cache-status
MISS
last-modified
Wed, 19 May 2021 00:27:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"60a45b59-7d8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gn8x%2BXcXPZSqeHeUxZd4FoRXWrzfFpefZhJQBb36GbA%2BCEYWM5%2BEn9zOJWmHD89aVPwTcNkf7SeUwW1T5bTE7cmo9frBpp7nR56L3t2wCSrCQXrNH2bJESgPwZbtH6GHk%2FIZTgtF"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
85451bd2adeb3731-FRA
content-length
2008
expires
Thu, 31 Dec 2037 23:55:55 GMT
p_page-16.webp
mcgrp.ru//views2/1483184/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mcgrp.ru//views2/1483184/p_page-16.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe767d8767d94fff39ded94c37077f587734643de662ffd050dacb08e691080d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcgrp.ru/files/viewer/483184/8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
cf-cache-status
MISS
last-modified
Wed, 19 May 2021 00:27:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"60a45b5a-4ba"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sLbNn6JG%2FAKoIdAWKhWOpWOHmmi7vLv%2FMAkER6xHm8bkS1iTWO2DrdD2u6X9Su87pyG1qxGvcnmHV5Ze2LbdeyhOqlXMShT2SCAzlldT1ut01lAIwgRflrvxOh6nfBWyyvqhN7cL"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
85451bd2adec3731-FRA
content-length
1210
expires
Thu, 31 Dec 2037 23:55:55 GMT
1
mc.yandex.ru/watch/3/
Redirect Chain
  • https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fmcgrp.ru%2Ffiles%2Fviewer%2F483184%2F8&page-ref=&charset=utf-8&browser-info=pv%3A1%3Avf%3Ad7x9vdjtr9ih7uuiwg0sljhb%3Afu%3A0%3Aen%3Autf-8%...
  • https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fmcgrp.ru%2Ffiles%2Fviewer%2F483184%2F8&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3Ad7x9vdjtr9ih7uuiwg0sljhb%3Afu%3A0%3Aen%3Autf-8...
286 B
336 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fmcgrp.ru%2Ffiles%2Fviewer%2F483184%2F8&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3Ad7x9vdjtr9ih7uuiwg0sljhb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1240%3Acn%3A2%3Adp%3A0%3Als%3A1490418252867%3Ahid%3A635767003%3Az%3A60%3Ai%3A20240212141653%3Aet%3A1707743814%3Ac%3A1%3Arn%3A125976820%3Arqn%3A1%3Au%3A1707743814815669785%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C2578%2C201%2C9%2C%2C0%2C%2C125%2C7%2C3755%2C3755%2C1%2C3184%3Aco%3A0%3Acpf%3A1%3Ans%3A1707743809514%3Afp%3A3193%3Ast%3A1707743814&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29ti%281%29
Protocol
H2
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
f665e1a40d9a0e3d2f8b0ba07d0f0fd1bb89dc62e02f96d63df94827a4446d24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcgrp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Feb 2024 13:16:53 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Mon, 12-Feb-2024 13:16:53 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://mcgrp.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
286
x-xss-protection
1; mode=block
expires
Mon, 12-Feb-2024 13:16:53 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Feb 2024 13:16:53 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 12-Feb-2024 13:16:53 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/3/1?wmode=7&page-url=https%3A%2F%2Fmcgrp.ru%2Ffiles%2Fviewer%2F483184%2F8&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3Ad7x9vdjtr9ih7uuiwg0sljhb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1240%3Acn%3A2%3Adp%3A0%3Als%3A1490418252867%3Ahid%3A635767003%3Az%3A60%3Ai%3A20240212141653%3Aet%3A1707743814%3Ac%3A1%3Arn%3A125976820%3Arqn%3A1%3Au%3A1707743814815669785%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C2578%2C201%2C9%2C%2C0%2C%2C125%2C7%2C3755%2C3755%2C1%2C3184%3Aco%3A0%3Acpf%3A1%3Ans%3A1707743809514%3Afp%3A3193%3Ast%3A1707743814&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29ti%281%29
access-control-allow-origin
https://mcgrp.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Mon, 12-Feb-2024 13:16:53 GMT
collect
region1.google-analytics.com/g/ 		0
249 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-L7NZY3C6R9&gtm=45je4270v9116155629z879776876za200&_p=1707743813270&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=1930442151.1707743814&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1707743813&sct=1&seg=0&dl=https%3A%2F%2Fmcgrp.ru%2Ffiles%2Fviewer%2F483184%2F8&dt=%D0%9E%D0%B2%D0%B5%D0%BD%20%D0%91%D0%A3%D0%A1%D0%A22%20%D0%98%D0%BD%D1%81%D1%82%D1%80%D1%83%D0%BA%D1%86%D0%B8%D1%8F%20%D0%BF%D0%BE%20%D1%8D%D0%BA%D1%81%D0%BF%D0%BB%D1%83%D0%B0%D1%82%D0%B0%D1%86%D0%B8%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%5B8%2F43%5D%20402020&en=page_view&_fv=1&_ss=1&tfd=4058
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L7NZY3C6R9&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcgrp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Feb 2024 13:16:53 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://mcgrp.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 9386 		37 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0284526850426670&output=html&h=280&slotname=4270730789&adk=3973889957&adf=2492449528&pi=t.ma~as.4270730789&w=1200&fwrn=4&fwrnh=100&lmt=1707743813&rafmt=1&format=1200x280&url=https%3A%2F%2Fmcgrp.ru%2Ffiles%2Fviewer%2F483184%2F8&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707743813305&bpp=1&bdt=684&idt=268&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1042x120%2C210x600&nras=1&correlator=3827437176928&frm=20&pv=1&ga_vid=1930442151.1707743814&ga_sid=1707743814&ga_hid=931466232&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2354&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31080780%2C31080795%2C31080820%2C42532523%2C44795922%2C95324581%2C31080932%2C95322183%2C95320869%2C95321867%2C95324155%2C95324160%2C95324260&oid=2&pvsid=4394020649198614&tmod=591409428&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=269
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0284526850426670&plah=mcgrp.ru&aplac=true&bust=31080932
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e12d47c233fa13f56a6da5b6c14f9d1073c8da59c22111b381b16dc8ebc76a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mcgrp.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
15167
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Feb 2024 13:16:53 GMT
expires
Mon, 12 Feb 2024 13:16:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
advert.gif
mc.yandex.ru/metrika/ 		43 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcgrp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 08 Feb 2024 09:19:43 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"65c49caf-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Mon, 12 Feb 2024 14:16:53 GMT
1
mc.yandex.ru/watch/19757632/
Redirect Chain
  • https://mc.yandex.ru/watch/19757632?wmode=7&page-url=https%3A%2F%2Fmcgrp.ru%2Ffiles%2Fviewer%2F483184%2F8&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Ad7x9vdjtr9ih7uuiwg0sljhb%3Afu%3A0%3...
  • https://mc.yandex.ru/watch/19757632/1?wmode=7&page-url=https%3A%2F%2Fmcgrp.ru%2Ffiles%2Fviewer%2F483184%2F8&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Ad7x9vdjtr9ih7uuiwg0sljhb%3Afu%3A0...
504 B
587 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/19757632/1?wmode=7&page-url=https%3A%2F%2Fmcgrp.ru%2Ffiles%2Fviewer%2F483184%2F8&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Ad7x9vdjtr9ih7uuiwg0sljhb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1240%3Acn%3A1%3Adp%3A0%3Als%3A1622895434449%3Ahid%3A635767003%3Az%3A60%3Ai%3A20240212141653%3Aet%3A1707743814%3Ac%3A1%3Arn%3A11832499%3Arqn%3A1%3Au%3A1707743814815669785%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C2578%2C201%2C9%2C%2C0%2C%2C125%2C7%2C3755%2C3755%2C1%2C3184%3Aco%3A0%3Acpf%3A1%3Ans%3A1707743809514%3Afp%3A3193%3Arqnl%3A1%3Ast%3A1707743814%3At%3A%D0%9E%D0%B2%D0%B5%D0%BD%20%D0%91%D0%A3%D0%A1%D0%A22%20%D0%98%D0%BD%D1%81%D1%82%D1%80%D1%83%D0%BA%D1%86%D0%B8%D1%8F%20%D0%BF%D0%BE%20%D1%8D%D0%BA%D1%81%D0%BF%D0%BB%D1%83%D0%B0%D1%82%D0%B0%D1%86%D0%B8%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%5B8%2F43%5D%20402020&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29ti%281%29
Protocol
H2
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
0552ad8ae81d6e80de4a9d18525ed19742b8aa084e468294ece6075e099f734c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcgrp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Feb 2024 13:16:53 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Mon, 12-Feb-2024 13:16:53 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://mcgrp.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
504
x-xss-protection
1; mode=block
expires
Mon, 12-Feb-2024 13:16:53 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Feb 2024 13:16:53 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 12-Feb-2024 13:16:53 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/19757632/1?wmode=7&page-url=https%3A%2F%2Fmcgrp.ru%2Ffiles%2Fviewer%2F483184%2F8&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Ad7x9vdjtr9ih7uuiwg0sljhb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1240%3Acn%3A1%3Adp%3A0%3Als%3A1622895434449%3Ahid%3A635767003%3Az%3A60%3Ai%3A20240212141653%3Aet%3A1707743814%3Ac%3A1%3Arn%3A11832499%3Arqn%3A1%3Au%3A1707743814815669785%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C2578%2C201%2C9%2C%2C0%2C%2C125%2C7%2C3755%2C3755%2C1%2C3184%3Aco%3A0%3Acpf%3A1%3Ans%3A1707743809514%3Afp%3A3193%3Arqnl%3A1%3Ast%3A1707743814%3At%3A%D0%9E%D0%B2%D0%B5%D0%BD%20%D0%91%D0%A3%D0%A1%D0%A22%20%D0%98%D0%BD%D1%81%D1%82%D1%80%D1%83%D0%BA%D1%86%D0%B8%D1%8F%20%D0%BF%D0%BE%20%D1%8D%D0%BA%D1%81%D0%BF%D0%BB%D1%83%D0%B0%D1%82%D0%B0%D1%86%D0%B8%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%5B8%2F43%5D%20402020&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29ti%281%29
access-control-allow-origin
https://mcgrp.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Mon, 12-Feb-2024 13:16:53 GMT
json.cgi
ev.adriver.ru/cgi-bin/ 		0
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0284526850426670&plah=mcgrp.ru&aplac=true&bust=31080932
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcgrp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 12 Feb 2024 13:16:53 GMT
metrika_match.html
mc.yandex.com/metrika/ Frame 9EE5 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/metrika/metrika_match.html
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
482625f9d55feac9a3187b21e5a8ac098bdfaa328a094f7b4dd2d24ba59056e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin
*
cache-control
max-age=3600
content-encoding
br
content-length
862
content-type
text/html
date
Mon, 12 Feb 2024 13:16:53 GMT
etag
"65c49caf-35e"
expires
Mon, 12 Feb 2024 14:16:53 GMT
last-modified
Thu, 08 Feb 2024 09:19:43 GMT
strict-transport-security
max-age=31536000
timing-allow-origin
*
tr_page.js
yastatic.net/s3/translate/v132.3/dist/scripts/addons/ 		222 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/s3/translate/v132.3/dist/scripts/addons/tr_page.js
Requested by
Host: translate.yandex.net
URL: https://translate.yandex.net/website-widget/v1/widget.js?widgetId=ytWidget&pageLang=ru&widgetTheme=light&autoMode=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
440f1dc57031c8a5d051f2f407091b90b17683d36ccc092cbd28583e419f58d9
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcgrp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
last-modified
Fri, 09 Feb 2024 18:09:44 GMT
server
nginx/1.17.9
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
etag
W/"8e9c53eaaa80279dbed204f7f2085593"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556952
x-nginx-request-id
012cb2a99adce0cf
timing-allow-origin
*
expires
Tue, 11 Feb 2025 19:02:06 GMT
metrika_match.html
mc.yandex.ru/metrika/ Frame D6CF 		2 KB
893 B 		Document
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/metrika_match.html
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
482625f9d55feac9a3187b21e5a8ac098bdfaa328a094f7b4dd2d24ba59056e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://mcgrp.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin
*
cache-control
max-age=3600
content-encoding
br
content-length
862
content-type
text/html
date
Mon, 12 Feb 2024 13:16:53 GMT
etag
"65c49caf-35e"
expires
Mon, 12 Feb 2024 14:16:53 GMT
last-modified
Thu, 08 Feb 2024 09:19:43 GMT
strict-transport-security
max-age=31536000
timing-allow-origin
*
ca-pub-0284526850426670
fundingchoicesmessages.google.com/i/ 		182 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-0284526850426670?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0284526850426670&plah=mcgrp.ru&aplac=true&bust=31080932
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ded65898a773a5f57157e9f69052c5558115b01677a90f5bd343806ad8543b11
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-aC7p8QobyLvTFELa-M5-BQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcgrp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
content-security-policy
script-src 'report-sample' 'nonce-aC7p8QobyLvTFELa-M5-BQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjWsKoxSXF4K8hxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ycTx9SWTBBCrAfE7yVdM34B4h48Hy5vw6axsEdNZ4-qms-YAMd-66aya66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYAIP6cOYP1NxD71M9gjQJiIR6Oo1tWrGMT-DDj6CxmACuESkw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
slotcar_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/ 		91 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/slotcar_library_fy2021.js?bust=31080932
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-0284526850426670
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4679006146f2c54b1b10a2fd61418bd0225805c2eedb0594645f57cbeb998bc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcgrp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32194
x-xss-protection
0
server
cafe
etag
11203903054465914688
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Feb 2024 13:16:53 GMT
sync_cookie_image_decide
mc.webvisor.org/
Redirect Chain
  • https://mc.webvisor.org/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=10277.U2zlbwvxM82AE6cU38dkQ8UHxXhEn53GZB2OeuTyA-pZP6Dm-u8IXF-bm5nuu1BH.owR4u3qUoY1ZX63Sw3EwwtKiPew%2C
  • https://mc.webvisor.org/sync_cookie_image_decide?token=10277.DcPhLHNcOZqdV73qsuvUfohpJCZiRUapBnmGgmcFLl6QbkWvOsMHiSm5OAnnJgrQKhhJFUdz08F6RH-eUQxEE5Jum9TyEyx0hRJvbwV1IKSqJ3nFQEQLMyNTLnY2fIpgg6X1og9b...
43 B
531 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.webvisor.org/sync_cookie_image_decide?token=10277.DcPhLHNcOZqdV73qsuvUfohpJCZiRUapBnmGgmcFLl6QbkWvOsMHiSm5OAnnJgrQKhhJFUdz08F6RH-eUQxEE5Jum9TyEyx0hRJvbwV1IKSqJ3nFQEQLMyNTLnY2fIpgg6X1og9bJuONWJ777E1O7rxeUKkXopLtdlOM8444DJN36I-eCWnsP1an6Bb6eJjXUxtzDzgLuCOFjMUZ2I8Ubev7aj2Kwiy7MwO06aw3X2g%2C.B7u_SJe_pRHVWPEQct3gx8RMHuc%2C
Protocol
H2
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcgrp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:54 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.webvisor.org/sync_cookie_image_decide?token=10277.DcPhLHNcOZqdV73qsuvUfohpJCZiRUapBnmGgmcFLl6QbkWvOsMHiSm5OAnnJgrQKhhJFUdz08F6RH-eUQxEE5Jum9TyEyx0hRJvbwV1IKSqJ3nFQEQLMyNTLnY2fIpgg6X1og9bJuONWJ777E1O7rxeUKkXopLtdlOM8444DJN36I-eCWnsP1an6Bb6eJjXUxtzDzgLuCOFjMUZ2I8Ubev7aj2Kwiy7MwO06aw3X2g%2C.B7u_SJe_pRHVWPEQct3gx8RMHuc%2C
date
Mon, 12 Feb 2024 13:16:54 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4AFE 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mcgrp.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
296
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Feb 2024 13:11:57 GMT
expires
Tue, 11 Feb 2025 13:11:57 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C5C8 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6ffe105b7b642759e05a3910670f1d68e37fe3817a6325671bc1d4e589eb51e6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9jlb1GJQTRSgt8KUbhQxtQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mcgrp.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-9jlb1GJQTRSgt8KUbhQxtQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 12 Feb 2024 13:16:53 GMT
expires
Mon, 12 Feb 2024 13:16:53 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js
pagead2.googlesyndication.com/bg/ Frame 4AFE 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 12:27:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
2976
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15173
x-xss-protection
0
last-modified
Mon, 05 Feb 2024 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 11 Feb 2025 12:27:17 GMT
AGSKWxWmR_p3QTR4r1PkDyInpZCZYNfptiEmBVKYsuy3rUlr2RmyJf5lWPdmHo6eXT-Ck_iGPHQ7SeQRVf_IQmmV9JNDoTFmNRvvEFYd5W80CnSmLf_G_LL5-QEcPnEVv5fLSy7lJaRW3w==
fundingchoicesmessages.google.com/f/ 		368 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWmR_p3QTR4r1PkDyInpZCZYNfptiEmBVKYsuy3rUlr2RmyJf5lWPdmHo6eXT-Ck_iGPHQ7SeQRVf_IQmmV9JNDoTFmNRvvEFYd5W80CnSmLf_G_LL5-QEcPnEVv5fLSy7lJaRW3w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA3NzQzODEzLDkxMDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9tY2dycC5ydS9maWxlcy92aWV3ZXIvNDgzMTg0LzgiLG51bGwsW1s4LCJNMFpnZGFtT05OcyJdLFs5LCJkZSJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.M0ZgdamONNs.es5.O/am=wA/d=1/rs=AJlcJMxdLTz2qXDoSDjoP5G-9Wfg5kG_5A/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f2e4261a93fa36d50fcb77e42e487fb7073d6a633b3c981bffca36492b638d1c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-C8lwt0JPLmz99P4EsDYU9g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcgrp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:54 GMT
content-security-policy
script-src 'report-sample' 'nonce-C8lwt0JPLmz99P4EsDYU9g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjWsKoxSXF4K8hxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ycTx9SWTBBCrAfE7yVdM34B4h48Hy5vw6axsEdNZ4-qms-YAMd-66aya66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYAIP6cOYP1NxD71M9gjQJiIS6OY1tWrGMTePEkDgCW7EmL"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame C5C8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240207&jk=4394020649198614&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 4AFE 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?1HOCmw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
widget.html
translate.yandex.net/website-widget/v1/ 		44 KB
45 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://translate.yandex.net/website-widget/v1/widget.html
Requested by
Host: translate.yandex.net
URL: https://translate.yandex.net/website-widget/v1/widget.js?widgetId=ytWidget&pageLang=ru&widgetTheme=light&autoMode=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::194 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
2e8cb4ce06155570e401df1c87a06b3a58f4b2cbbde3741f5c0d879df6df1ed2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcgrp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:54 GMT
referrer-policy
no-referrer-when-downgrade
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness
vary
Accept-Language
content-language
ru
access-control-allow-origin
https://mcgrp.ru
content-type
text/html
permissions-policy
microphone=(self), execution-while-out-of-viewport=(self), execution-while-not-rendered=(self)
content-length
45063
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 6A8E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0284526850426670&output=html&h=120&slotname=7075887982&adk=1445471990&adf=1833537791&pi=t.ma~as.7075887982&w=1042&lmt=1707743813&rafmt=12&format=1042x120&url=https%3A%2F%2Fmcgrp.ru%2Ffiles%2Fviewer%2F483184%2F8&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707743813298&bpp=6&bdt=677&idt=225&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3827437176928&frm=20&pv=1&ga_vid=1930442151.1707743814&ga_sid=1707743814&ga_hid=931466232&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=164&ady=299&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31080780%2C31080795%2C31080820%2C42532523%2C44795922%2C95324581%2C31080932%2C95322183%2C95320869%2C95321867%2C95324155%2C95324160%2C95324260&oid=2&pvsid=4394020649198614&tmod=591409428&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=228
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 12:27:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
2979
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Feb 2024 12:27:14 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 6A8E 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0284526850426670&output=html&h=120&slotname=7075887982&adk=1445471990&adf=1833537791&pi=t.ma~as.7075887982&w=1042&lmt=1707743813&rafmt=12&format=1042x120&url=https%3A%2F%2Fmcgrp.ru%2Ffiles%2Fviewer%2F483184%2F8&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707743813298&bpp=6&bdt=677&idt=225&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3827437176928&frm=20&pv=1&ga_vid=1930442151.1707743814&ga_sid=1707743814&ga_hid=931466232&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=164&ady=299&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31080780%2C31080795%2C31080820%2C42532523%2C44795922%2C95324581%2C31080932%2C95322183%2C95320869%2C95321867%2C95324155%2C95324160%2C95324260&oid=2&pvsid=4394020649198614&tmod=591409428&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=228
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 22:58:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
51514
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8501
x-xss-protection
0
server
cafe
etag
9351358253902147912
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 25 Feb 2024 22:58:19 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 6A8E 		203 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0284526850426670&output=html&h=120&slotname=7075887982&adk=1445471990&adf=1833537791&pi=t.ma~as.7075887982&w=1042&lmt=1707743813&rafmt=12&format=1042x120&url=https%3A%2F%2Fmcgrp.ru%2Ffiles%2Fviewer%2F483184%2F8&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707743813298&bpp=6&bdt=677&idt=225&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3827437176928&frm=20&pv=1&ga_vid=1930442151.1707743814&ga_sid=1707743814&ga_hid=931466232&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=164&ady=299&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31080780%2C31080795%2C31080820%2C42532523%2C44795922%2C95324581%2C31080932%2C95322183%2C95320869%2C95321867%2C95324155%2C95324160%2C95324260&oid=2&pvsid=4394020649198614&tmod=591409428&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=228
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
23d11567502488b4905a85c8ce6a03d6ce539620fa559b8f24a2a95b292a2c6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 12:27:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
2971
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62553
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 12 Feb 2024 13:27:22 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame EC52 		190 KB
59 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZcoaRQAJW70GdhTpAAlrJ7qKheT065jiKR-rJA&u=%7CxgT5wVfWBNkdybP8YlnbF0vIHz57nZkXdYKInsBR6Kc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUp_kgY2lobi95-175ZKt_5UzcMHe7YrAwQYHt4rpqiT2V12qKPLdjZkINkGqQ_0-tepSBSQ3gD4cacA7Rkr72xAgYIpzB7A5NFqCVscptVbiMwwJv3rTZmcYcjoaToq0ZFVqVCkCltUAIVViBW71ef-hhNYDlgOwTfNRAwAesZASz8lWLzjAjnI7_vVoztpaZBPvhS1WlIWBd_OcIDTpgEb5e6kKSCfkIatucpeqfeKFBpMsNVg4x1lBrwJTGR1jzJWwHLLR6CFq22MzxLDZ1mL1Gv6NzkYGp8DmsaKUioJTeSGEot-pjiaR2CLq-9f_TfN-ItNViLqhkOrm-1XaX63GzDGU0ZGHggCGFU4LiFhVpULHpX5z-INLmq_edNqVYSTkij84kJowhn7os3LEqfTmRItse_ua_LD2Q-MBly8n7taty5qBXTDCKwCM_Llmieo8GKO_g8vCGJsM-X27t2An9IPawTcoqqK6n417bQ-5pPwDsorQoiMPajc1spi95xrxvuizavwHdWOmY0RZ2x4Jc2nBUCSi07FltYcboDoHfoTIcuZiGaKF1SU1AZJiCvMWfjfGWrmei2SJ_CrV8E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGKzIRRrKZb23Jemp2OMPp9alsArJntKxXLWY49aTAcCNtwEQASAAYJWSoIKwB4IBF2NhLXB1Yi0wMjg0NTI2ODUwNDI2NjcwyAEJqQJ_H9928xKyPqgDAcgDAqoE-QFP0CFSfV7V_WBTA8OrW1bkf9vp9KiLUjqiae7_dBXM48pJsK218FXNe2OZoD7MYKY8cXpEaZZo-d2JH6vDzKa-kw2X9yS1xXN6urLTzyazx9qxLQem5cGgVJfEDPbkHiBpq8XFfbZ84bsw1PVYzFYOuiUMLFQz2PWx_J-dxmDdpGedbF7qMIEOATpcDcwq0SMYewT1tHLIr7D2WdLY9cEr6f67LzN-QEG69Ik8AYqAUSurE5YRynzh4-17Es2QtAjlXfBT6E1IKZASB9yMwsMyO51a4eqFkUae2cb5QauIJgG_vCeEN8GFW3Ug4uHMGKykhYvMmPI5dveABq_NrZXm2d_l-wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggkCIDhgHAQATIC6wI6CYBAgICEgICECEi9_cE6WOm7_rrxpYQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2iKLWbiuJbFJp5rBen_3Y1yev4Mg%26client%3Dca-pub-0284526850426670%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0284526850426670&output=html&h=120&slotname=7075887982&adk=1445471990&adf=1833537791&pi=t.ma~as.7075887982&w=1042&lmt=1707743813&rafmt=12&format=1042x120&url=https%3A%2F%2Fmcgrp.ru%2Ffiles%2Fviewer%2F483184%2F8&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707743813298&bpp=6&bdt=677&idt=225&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3827437176928&frm=20&pv=1&ga_vid=1930442151.1707743814&ga_sid=1707743814&ga_hid=931466232&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=164&ady=299&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31080780%2C31080795%2C31080820%2C42532523%2C44795922%2C95324581%2C31080932%2C95322183%2C95320869%2C95321867%2C95324155%2C95324160%2C95324260&oid=2&pvsid=4394020649198614&tmod=591409428&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=228
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
0bf1fa2053c94c7a619ba3adbda3438536a27cf1deb4efb868cce4e6f3ee8aca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Mon, 12 Feb 2024 13:16:53 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=7fgRty0FHlsTHk8dy-Ngg3ZEhSZtz3bZuPhGqnVLtZhZqY4MA2K8JlEWG0feNko8j1XQEq75mMvH6kAJLngpQqw3wqfW0WtM6itbGBiyADmZ0S11OOxsXe9N2Ap1_Lw_egKJbjw8dutI0RAp9r8Je6VoHk7qOXRygRb7B_6szSSFIkjB9nbPlwXEmy1NWK5Tnv9Elr1IcC4-iLNVO7QdipSOyM90r9p9bT6KuJdeo-2pp1y8-qJTh5DhVVgb6Kwy8uUI2w"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
43936663
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 9386 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0284526850426670&output=html&h=280&slotname=4270730789&adk=3973889957&adf=2492449528&pi=t.ma~as.4270730789&w=1200&fwrn=4&fwrnh=100&lmt=1707743813&rafmt=1&format=1200x280&url=https%3A%2F%2Fmcgrp.ru%2Ffiles%2Fviewer%2F483184%2F8&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707743813305&bpp=1&bdt=684&idt=268&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1042x120%2C210x600&nras=1&correlator=3827437176928&frm=20&pv=1&ga_vid=1930442151.1707743814&ga_sid=1707743814&ga_hid=931466232&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2354&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31080780%2C31080795%2C31080820%2C42532523%2C44795922%2C95324581%2C31080932%2C95322183%2C95320869%2C95321867%2C95324155%2C95324160%2C95324260&oid=2&pvsid=4394020649198614&tmod=591409428&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=269
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 12:27:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
2979
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Feb 2024 12:27:14 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 9386 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0284526850426670&output=html&h=280&slotname=4270730789&adk=3973889957&adf=2492449528&pi=t.ma~as.4270730789&w=1200&fwrn=4&fwrnh=100&lmt=1707743813&rafmt=1&format=1200x280&url=https%3A%2F%2Fmcgrp.ru%2Ffiles%2Fviewer%2F483184%2F8&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707743813305&bpp=1&bdt=684&idt=268&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1042x120%2C210x600&nras=1&correlator=3827437176928&frm=20&pv=1&ga_vid=1930442151.1707743814&ga_sid=1707743814&ga_hid=931466232&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2354&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31080780%2C31080795%2C31080820%2C42532523%2C44795922%2C95324581%2C31080932%2C95322183%2C95320869%2C95321867%2C95324155%2C95324160%2C95324260&oid=2&pvsid=4394020649198614&tmod=591409428&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=269
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 22:58:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
51514
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8501
x-xss-protection
0
server
cafe
etag
9351358253902147912
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 25 Feb 2024 22:58:19 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 9386 		203 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0284526850426670&output=html&h=280&slotname=4270730789&adk=3973889957&adf=2492449528&pi=t.ma~as.4270730789&w=1200&fwrn=4&fwrnh=100&lmt=1707743813&rafmt=1&format=1200x280&url=https%3A%2F%2Fmcgrp.ru%2Ffiles%2Fviewer%2F483184%2F8&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707743813305&bpp=1&bdt=684&idt=268&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1042x120%2C210x600&nras=1&correlator=3827437176928&frm=20&pv=1&ga_vid=1930442151.1707743814&ga_sid=1707743814&ga_hid=931466232&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2354&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31080780%2C31080795%2C31080820%2C42532523%2C44795922%2C95324581%2C31080932%2C95322183%2C95320869%2C95321867%2C95324155%2C95324160%2C95324260&oid=2&pvsid=4394020649198614&tmod=591409428&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=269
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
23d11567502488b4905a85c8ce6a03d6ce539620fa559b8f24a2a95b292a2c6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 12:27:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
2971
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62553
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 12 Feb 2024 13:27:22 GMT
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-0284526850426670
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://mcgrp.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 5064 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0284526850426670&output=html&h=600&slotname=4270730789&adk=3152841301&adf=796716709&pi=t.ma~as.4270730789&w=210&fwrn=4&fwrnh=100&lmt=1707743813&rafmt=1&format=210x600&url=https%3A%2F%2Fmcgrp.ru%2Ffiles%2Fviewer%2F483184%2F8&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707743813304&bpp=1&bdt=683&idt=233&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1042x120&nras=1&correlator=3827437176928&frm=20&pv=1&ga_vid=1930442151.1707743814&ga_sid=1707743814&ga_hid=931466232&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1226&ady=343&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31080780%2C31080795%2C31080820%2C42532523%2C44795922%2C95324581%2C31080932%2C95322183%2C95320869%2C95321867%2C95324155%2C95324160%2C95324260&oid=2&pvsid=4394020649198614&tmod=591409428&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=234
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 12:27:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
2979
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Feb 2024 12:27:14 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 5064 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0284526850426670&output=html&h=600&slotname=4270730789&adk=3152841301&adf=796716709&pi=t.ma~as.4270730789&w=210&fwrn=4&fwrnh=100&lmt=1707743813&rafmt=1&format=210x600&url=https%3A%2F%2Fmcgrp.ru%2Ffiles%2Fviewer%2F483184%2F8&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707743813304&bpp=1&bdt=683&idt=233&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1042x120&nras=1&correlator=3827437176928&frm=20&pv=1&ga_vid=1930442151.1707743814&ga_sid=1707743814&ga_hid=931466232&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1226&ady=343&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31080780%2C31080795%2C31080820%2C42532523%2C44795922%2C95324581%2C31080932%2C95322183%2C95320869%2C95321867%2C95324155%2C95324160%2C95324260&oid=2&pvsid=4394020649198614&tmod=591409428&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=234
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 22:58:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
51514
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8501
x-xss-protection
0
server
cafe
etag
9351358253902147912
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 25 Feb 2024 22:58:19 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 5064 		203 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0284526850426670&output=html&h=600&slotname=4270730789&adk=3152841301&adf=796716709&pi=t.ma~as.4270730789&w=210&fwrn=4&fwrnh=100&lmt=1707743813&rafmt=1&format=210x600&url=https%3A%2F%2Fmcgrp.ru%2Ffiles%2Fviewer%2F483184%2F8&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707743813304&bpp=1&bdt=683&idt=233&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1042x120&nras=1&correlator=3827437176928&frm=20&pv=1&ga_vid=1930442151.1707743814&ga_sid=1707743814&ga_hid=931466232&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1226&ady=343&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31080780%2C31080795%2C31080820%2C42532523%2C44795922%2C95324581%2C31080932%2C95322183%2C95320869%2C95321867%2C95324155%2C95324160%2C95324260&oid=2&pvsid=4394020649198614&tmod=591409428&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=234
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
23d11567502488b4905a85c8ce6a03d6ce539620fa559b8f24a2a95b292a2c6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 12:27:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
2971
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62553
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 12 Feb 2024 13:27:22 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame CA5E 		145 KB
50 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZcoaRQAKJdoGdgfDAAwZYQq99PYcYx_Nq-S7SQ&u=%7CxgT5wVfWBNmm4D21NoaaY4kd6AgKGQzZpjIVpRsyLWs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSWY8jeVe2k8ObqzjhRY3iWdYxeb0TFq0BsrbBRdJGBvh0dfvto9R4hI0kooYm79qmw7qmgBgT6y2MPJbZ0dSBUMWcYP5NKMiYT7A047vX_nXmm1Pu0GcvFfboO45ARdk0ZjCme0YFlLbYWTIhoKWV4T0vvgnbdshFf1CXEr_s_ChdeY1hYv7zvWj5C0Kz5CGAliiRXds3w9COqT_bwz7u-HwdXVe_kci55rf-SSbyzMqyNmOcC-Yvtng2wIHariAs6KeDFB1xbUT09bjRWK9co9mRzCvR-bs_6pMTkdSCoNqSUiss2SJHVqskYZdxunziRrW6sC85qFUjCr52uEVqyFclkWWHeB7iiOMG6gFzjqx5Ulqaa20xsvgEUULNnejVHPgt4vzD0EsQ6nI8cg18U4g7gGhnbsd9EMrnB3mGdpHDYbJBffLUuNPVgveRCtyHIUJAyILViY8uata4pz7Vx6V0Qp59i2fiktvp27M7D4SgVKo-NpgpyH0YjZjWo_0qDPSIaFpTJHqDySSnp4tweajee4z4AFjbH0wPyaS2dRHrCKKa9EiTctSk5C6iAxgpJjV1zlxMFOrx1Cjo9VzOpb7PGsERFaJQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChqEMRRrKZdrLKMOP2OMP4bKwiATJntKxXMWymPdwwI23ARABIABglZKggrAHggEXY2EtcHViLTAyODQ1MjY4NTA0MjY2NzDIAQmpAnNiPom0EbI-qAMByAMCqgT_AU_QdsrQBEIiQnV4Mt7z7yVb6F9Wp2JJcZIxJvF5Y8N84GnblnJAfCaI5Pet--kpTqXbPnwqZIL-EUwjXTIue8wHBAhsCcPrKu3VkVJbFB7h5wVCywjmov6KVa1gFgr6plR_w5CjQxnc-0OQN9EvTLdvfguRdfUlHzFKoLp3_vA5fUSVem_rR9tN9-cs7SJWQJfx03qRJzKogTt8kf92qNXLBnBn0hULwtUtKYHoNyIEnwLEqBx2p4P76NX265RLxpl1IAswsrq-Z_dsu9LFf7PFTxTde-GG9fKtaIX4JirVnHC7yQ72nf5xNhK5KbtQ6pSmzVtzekiXuy5MY8DZR4AGr82tlebZ3-X7AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCQIgOGAcBABMgLrAjoJgECAgISAgIQISL39wTpY9LKBu_GlhAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0zzDGEml-LK-lQsUqJpUx_FXFFOg%26client%3Dca-pub-0284526850426670%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0284526850426670&output=html&h=280&slotname=4270730789&adk=3973889957&adf=2492449528&pi=t.ma~as.4270730789&w=1200&fwrn=4&fwrnh=100&lmt=1707743813&rafmt=1&format=1200x280&url=https%3A%2F%2Fmcgrp.ru%2Ffiles%2Fviewer%2F483184%2F8&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707743813305&bpp=1&bdt=684&idt=268&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1042x120%2C210x600&nras=1&correlator=3827437176928&frm=20&pv=1&ga_vid=1930442151.1707743814&ga_sid=1707743814&ga_hid=931466232&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2354&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31080780%2C31080795%2C31080820%2C42532523%2C44795922%2C95324581%2C31080932%2C95322183%2C95320869%2C95321867%2C95324155%2C95324160%2C95324260&oid=2&pvsid=4394020649198614&tmod=591409428&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=269
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
8458b919505e2fa64747cfde0c322aedd97fd7bd3ae71e05f229f3188b7288c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Mon, 12 Feb 2024 13:16:53 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=6CEtSi0FHlsTHk8dHN2GFi5IUq0iZAomeMef7b82kYV5RWoJEpc2hQJeQziDw2zabnEcto2p-gBe6JkOJJGQyP6zYZcedAjCOj1W3b_jCpZTDAYL9CZO1viU-TqAAz7wu2uU8fELrqAleOFTGphsw7TSNdEXqEgotxwk3-IIRubMqGD6Z9xPf4s7VVDPI813it3vYByNwHR32oyKRed89N0GzkRqnLqFq_Lvi-dtK9Xhdy3-95Qa8VNCpxWEqxhN8vvxfw"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
51492992
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
afr.php
ads.eu.criteo.com/delivery/r/ Frame 7D54 		182 KB
58 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZcoaRQAJwsIGdgw2AAmiy8KyxItATs6HBoIhHg&u=%7CxgT5wVfWBNlG7SQlZEUDdQOgzmIJj5WP5c3yF9fzxYw%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_TwyvpqAGq0ZdC3ai4cspT3vKmwbXBSN1779wSnj7X3AfLotdCvUamZj5R2Bu5aebxUGTbXxcyiDq4o8ZoS5DeRFOOjKl1D-opNouj72riIusisMlksNW4jxBmyQ-3MhpdYiSAhS40a6sIK41no9ahUOBZ6VT-FzVwwNjWeZ8RpNDVpCLi3HZOS703sdQFst8T05nrU7eXrjMYljdGoqMyYzmasiaFQKkVESSD3jOb0PReb9JM4I3GPrGNNcLiSlgfVtUXx9oDDGmVOPVgO4jSL-3NEnOdhiAELOqYaGnAT-l9FT7qbR_kG90OuXYSWnWZO8IVQAj7S4vfEICODdLwHPUeEF-pm5unYWUYX6rinrO6okWogJ5ZY-sCBVvSQpBD3ZP9uGPxVzDwEGPgy6tq4iNMrULZ0agZx6k-l2UTL4VszoVq2hGa9A49Hs9D-ktPv0iJJvcD_M6yxmOja2HSv5LjY_50crv1O8LCUJINmlKxkgKzcRxCR8WrETosDuThDycnho8RAKjY5ecD0IZ4sdRj7blODC8BZgXD0iRKdFTHGVmHYz32KCtxPodIfbqGap6M0BwKEC_ZN_8UvbAJYY9J_YDgEfyEg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNh6hRRrKZcKFJ7aY2OMPy8Wm4APJntKxXPWR3r6xAcCNtwEQASAAYJWSoIKwB4IBF2NhLXB1Yi0wMjg0NTI2ODUwNDI2NjcwyAEJqQJ_H9928xKyPqgDAcgDAqoE-AFP0O2R8Pps-IXBiWsjLewWtV2sHME4Swa3I1FCnu3lYT_evyR4wKSP3CK_sjwJ0nvacURmwl18CE3DL2eifKTc4WqoK9VvVpSVpMqsC0JWFc9PK2SENSt22G7bbJaihIP3FO3uykyeA7RsLkNHFNPWrfpu0eAlWxrQIzlH-ceKwAO5B0MCdsFyqwNDT3yQGVuXXoDpgzRZVuLBUHNreFpCEX4f8obQzu7dQYC-2rbRwJy82D7HN_cHEfda18bt-135VZ3KNm7ELZuBnuRjCVN-t2I0LDAH4KG7XK0MsNfQrWR2KH1_YXPSU7iRzXGo7NK-eAKiDrZvOYAGr82tlebZ3-X7AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCQIgOGAcBABMgLrAjoJgECAgISAgIQISL39wTpY58n_uvGlhAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3MeMEiJL6tv3eqtk9yeAS28v1vmw%26client%3Dca-pub-0284526850426670%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0284526850426670&output=html&h=600&slotname=4270730789&adk=3152841301&adf=796716709&pi=t.ma~as.4270730789&w=210&fwrn=4&fwrnh=100&lmt=1707743813&rafmt=1&format=210x600&url=https%3A%2F%2Fmcgrp.ru%2Ffiles%2Fviewer%2F483184%2F8&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707743813304&bpp=1&bdt=683&idt=233&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1042x120&nras=1&correlator=3827437176928&frm=20&pv=1&ga_vid=1930442151.1707743814&ga_sid=1707743814&ga_hid=931466232&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1226&ady=343&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31080780%2C31080795%2C31080820%2C42532523%2C44795922%2C95324581%2C31080932%2C95322183%2C95320869%2C95321867%2C95324155%2C95324160%2C95324260&oid=2&pvsid=4394020649198614&tmod=591409428&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
11ff7be03a525aa696ae2ca10539b2301099fdbaef0ff8d8b78f07dfe16f6143
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Mon, 12 Feb 2024 13:16:53 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=TFE7Ny0FHlsTHk8dzQ4EDfPJF71uSEV3dI1RPy0s5vHT8plXMlCD0itTN_nzlQia1wEyG_RtgYQzAPVG4Ht1wZf-5v_u4I_RL_ZFi3AXnTpSbg-UIKILL2MI2VCxh9LL3ssUAjNTlXpy8qe6DzsZUxKi2DgwRqpiia-tevJWkqgxabcFZf-yXFKdhng8qMwldGiPdfmJHbTb9nZdyyRKW-hTZpYdDSefHm9JK44qytdWRBo5sSl8haklzIFIi2phTkqBeg"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
51196021
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
truncated
/ Frame 6A8E 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d29dfa9e141ae6f30a7544da06aa7193888b3d308ae3f9d43e537e75a79d1a54

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame 6A8E 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CPJm5RRrKZb23Jemp2OMPp9alsArJntKxXLWY49aTAcCNtwEQASAAYJWSoIKwB4IBF2NhLXB1Yi0wMjg0NTI2ODUwNDI2NjcwyAEJqQJ_H9928xKyPqgDAcgDAqoE9gFP0CFSfV7V_WBTA8OrW1bkf9vp9KiLUjqiae7_dBXM48pJsK218FXNe2OZoD7MYKY8cXpEaZZo-d2JH6vDzKa-kw2X9yS1xXN6urLTzyazx9qxLQem5cGgVJfEDPbkHiBpq8XFfbZ84bsw1PVYzFYOuiUMLFQz2PWx_J-dxmDdpGedbF7qMIEOATpcDcwq0SMYewT1tHLIr7D2WdLY9cEr6f67LzN-QEG69Ik8AYqAUSurE5YRynzh4-17Es2QtAjlXfBT6E1IKZASB9yMwsMyeZ97c2oWQXs4CeEjzYthgg-YtpGOGdkH770dRBNzBoC8HUFYuBuABq_NrZXm2d_l-wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggkCIDhgHAQATIC6wI6CYBAgICEgICECEi9_cE6WOm7_rrxpYQDgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTAyODQ1MjY4NTA0MjY2NzAYAA&sigh=yYw6gRlgqjU&uach_m=%5BUACH%5D&cid=CAQSTgAvHhf_blfbEufsgDheiTPk2EzrXFcHlQ1_rp4ndhD9uXNCP2tK-MS-RqWuvehWQs0pBbDBzYYk6vf1teLmJkQCBsM83DnIhN_EgD7I-hgB&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0284526850426670&output=html&h=120&slotname=7075887982&adk=1445471990&adf=1833537791&pi=t.ma~as.7075887982&w=1042&lmt=1707743813&rafmt=12&format=1042x120&url=https%3A%2F%2Fmcgrp.ru%2Ffiles%2Fviewer%2F483184%2F8&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707743813298&bpp=6&bdt=677&idt=225&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3827437176928&frm=20&pv=1&ga_vid=1930442151.1707743814&ga_sid=1707743814&ga_hid=931466232&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=164&ady=299&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31080780%2C31080795%2C31080820%2C42532523%2C44795922%2C95324581%2C31080932%2C95322183%2C95320869%2C95321867%2C95324155%2C95324160%2C95324260&oid=2&pvsid=4394020649198614&tmod=591409428&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=228
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0284526850426670&output=html&h=120&slotname=7075887982&adk=1445471990&adf=1833537791&pi=t.ma~as.7075887982&w=1042&lmt=1707743813&rafmt=12&format=1042x120&url=https%3A%2F%2Fmcgrp.ru%2Ffiles%2Fviewer%2F483184%2F8&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707743813298&bpp=6&bdt=677&idt=225&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3827437176928&frm=20&pv=1&ga_vid=1930442151.1707743814&ga_sid=1707743814&ga_hid=931466232&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=164&ady=299&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31080780%2C31080795%2C31080820%2C42532523%2C44795922%2C95324581%2C31080932%2C95322183%2C95320869%2C95321867%2C95324155%2C95324160%2C95324260&oid=2&pvsid=4394020649198614&tmod=591409428&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=228
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 12 Feb 2024 13:16:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 12 Feb 2024 13:16:54 GMT
notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 6A8E 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=k5XPF8z6RJIIeJ2DYgICAAAA2YnGUd0nWMb1u6RWKv8xFRBFGsplzpvQ0wNTQnmjMAAAEgAACgpBUVVCQVFFQkFR&wp=ZcoaRQAJW70GdhTpAAlrJ7qKheT065jiKR-rJA&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0284526850426670&output=html&h=120&slotname=7075887982&adk=1445471990&adf=1833537791&pi=t.ma~as.7075887982&w=1042&lmt=1707743813&rafmt=12&format=1042x120&url=https%3A%2F%2Fmcgrp.ru%2Ffiles%2Fviewer%2F483184%2F8&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707743813298&bpp=6&bdt=677&idt=225&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3827437176928&frm=20&pv=1&ga_vid=1930442151.1707743814&ga_sid=1707743814&ga_hid=931466232&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=164&ady=299&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31080780%2C31080795%2C31080820%2C42532523%2C44795922%2C95324581%2C31080932%2C95322183%2C95320869%2C95321867%2C95324155%2C95324160%2C95324260&oid=2&pvsid=4394020649198614&tmod=591409428&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=228
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
154740
server
Kestrel
content-length
0
truncated
/ Frame 9386 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
15d41751c9cb3bb2bc7d74a041f1ccd0c7b985b2c43f98a4d45923629d309f5f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame 9386 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CX4QZRRrKZdrLKMOP2OMP4bKwiATJntKxXMWymPdwwI23ARABIABglZKggrAHggEXY2EtcHViLTAyODQ1MjY4NTA0MjY2NzDIAQmpAnNiPom0EbI-qAMByAMCqgT8AU_QdsrQBEIiQnV4Mt7z7yVb6F9Wp2JJcZIxJvF5Y8N84GnblnJAfCaI5Pet--kpTqXbPnwqZIL-EUwjXTIue8wHBAhsCcPrKu3VkVJbFB7h5wVCywjmov6KVa1gFgr6plR_w5CjQxnc-0OQN9EvTLdvfguRdfUlHzFKoLp3_vA5fUSVem_rR9tN9-cs7SJWQJfx03qRJzKogTt8kf92qNXLBnBn0hULwtUtKYHoNyIEnwLEqBx2p4P76NX265RLxpl1IAswsrq-Z_dsu9LFf7PFTxTde-HE99M_6BYoG4wFu6o36edSk9l7gBiXMTnkIqkAP-RtVlAPcbpsioAGr82tlebZ3-X7AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCQIgOGAcBABMgLrAjoJgECAgISAgIQISL39wTpY9LKBu_GlhAOACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMDI4NDUyNjg1MDQyNjY3MBgA&sigh=LZQ1PyLN8_g&uach_m=%5BUACH%5D&cid=CAQSTgAvHhf_hZ2ImdLfifJKHw7ew-gBCJTKhbBNDReDNXK2nIY1kQ5wGt4Yksx0YeMLA_KDKNPZTbJCwbGvYfowCw31J-hX44VHgY2A8g7ObxgB&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0284526850426670&output=html&h=280&slotname=4270730789&adk=3973889957&adf=2492449528&pi=t.ma~as.4270730789&w=1200&fwrn=4&fwrnh=100&lmt=1707743813&rafmt=1&format=1200x280&url=https%3A%2F%2Fmcgrp.ru%2Ffiles%2Fviewer%2F483184%2F8&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707743813305&bpp=1&bdt=684&idt=268&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1042x120%2C210x600&nras=1&correlator=3827437176928&frm=20&pv=1&ga_vid=1930442151.1707743814&ga_sid=1707743814&ga_hid=931466232&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2354&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31080780%2C31080795%2C31080820%2C42532523%2C44795922%2C95324581%2C31080932%2C95322183%2C95320869%2C95321867%2C95324155%2C95324160%2C95324260&oid=2&pvsid=4394020649198614&tmod=591409428&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=269
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0284526850426670&output=html&h=280&slotname=4270730789&adk=3973889957&adf=2492449528&pi=t.ma~as.4270730789&w=1200&fwrn=4&fwrnh=100&lmt=1707743813&rafmt=1&format=1200x280&url=https%3A%2F%2Fmcgrp.ru%2Ffiles%2Fviewer%2F483184%2F8&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707743813305&bpp=1&bdt=684&idt=268&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1042x120%2C210x600&nras=1&correlator=3827437176928&frm=20&pv=1&ga_vid=1930442151.1707743814&ga_sid=1707743814&ga_hid=931466232&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2354&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31080780%2C31080795%2C31080820%2C42532523%2C44795922%2C95324581%2C31080932%2C95322183%2C95320869%2C95321867%2C95324155%2C95324160%2C95324260&oid=2&pvsid=4394020649198614&tmod=591409428&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=269
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 12 Feb 2024 13:16:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 12 Feb 2024 13:16:54 GMT
notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 9386 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=k5XPF8z6RLAJmAKdg2ICAgAAAIGntGH6_uZe9bukVir_MRUQRRrKZTC-uZ0qlONkty4AABIAAAoKQVFVQkFRRUJBUQ&wp=ZcoaRQAKJdoGdgfDAAwZYQq99PYcYx_Nq-S7SQ&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0284526850426670&output=html&h=280&slotname=4270730789&adk=3973889957&adf=2492449528&pi=t.ma~as.4270730789&w=1200&fwrn=4&fwrnh=100&lmt=1707743813&rafmt=1&format=1200x280&url=https%3A%2F%2Fmcgrp.ru%2Ffiles%2Fviewer%2F483184%2F8&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707743813305&bpp=1&bdt=684&idt=268&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1042x120%2C210x600&nras=1&correlator=3827437176928&frm=20&pv=1&ga_vid=1930442151.1707743814&ga_sid=1707743814&ga_hid=931466232&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2354&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31080780%2C31080795%2C31080820%2C42532523%2C44795922%2C95324581%2C31080932%2C95322183%2C95320869%2C95321867%2C95324155%2C95324160%2C95324260&oid=2&pvsid=4394020649198614&tmod=591409428&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=269
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
120195
server
Kestrel
content-length
0
truncated
/ Frame 5064 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f5e6453e0475c9ba80f106e4afa8098dcb23ebb0e6640e2f0874d6626af6181

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ 		107 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.M0ZgdamONNs.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMyE3UapaKQU2CxqIS_ZLb834q8VDw/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
971fe9c7a0d3d03475b76cbb6ad43b41a4fc297c9facf41f6f04d5274c2e2804
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcgrp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 12 Feb 2024 13:16:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 12 Feb 2024 13:16:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 12 Feb 2024 13:16:54 GMT
FByS7vfpJSOK3BLVNMhZA2fqKEMTYeCUbi8bUsN1RwdGuVGz-3ZBO-AJR2o4ih6-uLJM_zPYN8hjpBkXLHbyFPSvT-dG-tdTvImamlf_A_DIVIMwRR38mw=h60
lh3.googleusercontent.com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/FByS7vfpJSOK3BLVNMhZA2fqKEMTYeCUbi8bUsN1RwdGuVGz-3ZBO-AJR2o4ih6-uLJM_zPYN8hjpBkXLHbyFPSvT-dG-tdTvImamlf_A_DIVIMwRR38mw=h60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
ef8b5675b39ee559e8533101ab53a1a7f819f8977817e4c5ef4906477f2a9f9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcgrp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 09:29:45 GMT
x-content-type-options
nosniff
age
13629
content-disposition
inline;filename="unnamed.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4038
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 13 Feb 2024 09:29:45 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 5064 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=ChlA3RRrKZcKFJ7aY2OMPy8Wm4APJntKxXPWR3r6xAcCNtwEQASAAYJWSoIKwB4IBF2NhLXB1Yi0wMjg0NTI2ODUwNDI2NjcwyAEJqQJ_H9928xKyPqgDAcgDAqoE9QFP0O2R8Pps-IXBiWsjLewWtV2sHME4Swa3I1FCnu3lYT_evyR4wKSP3CK_sjwJ0nvacURmwl18CE3DL2eifKTc4WqoK9VvVpSVpMqsC0JWFc9PK2SENSt22G7bbJaihIP3FO3uykyeA7RsLkNHFNPWrfpu0eAlWxrQIzlH-ceKwAO5B0MCdsFyqwNDT3yQGVuXXoDpgzRZVuLBUHNreFpCEX4f8obQzu7dQYC-2rbRwJy82D7HN_cHEfda18bt-135VZ3KNm7ELZuBnuRjCVM8tUOmrKPX3Qdre3eAkD50o0N8nndRefFmm4U3P862wMomspaC54AGr82tlebZ3-X7AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCQIgOGAcBABMgLrAjoJgECAgISAgIQISL39wTpY58n_uvGlhAOACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMDI4NDUyNjg1MDQyNjY3MBgA&sigh=c6X10Oe4UJI&uach_m=%5BUACH%5D&cid=CAQSTgAvHhf_-w14KO9igZQwpYg5KqSKRE9Cs38hiEGJK5XCvhHTjfE2E79Be2NcTPjK7J8S0nVH7Pp8HTd9y0jA7YO8tP4bVVb5dKuTj9x2PRgB&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0284526850426670&output=html&h=600&slotname=4270730789&adk=3152841301&adf=796716709&pi=t.ma~as.4270730789&w=210&fwrn=4&fwrnh=100&lmt=1707743813&rafmt=1&format=210x600&url=https%3A%2F%2Fmcgrp.ru%2Ffiles%2Fviewer%2F483184%2F8&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707743813304&bpp=1&bdt=683&idt=233&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1042x120&nras=1&correlator=3827437176928&frm=20&pv=1&ga_vid=1930442151.1707743814&ga_sid=1707743814&ga_hid=931466232&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1226&ady=343&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31080780%2C31080795%2C31080820%2C42532523%2C44795922%2C95324581%2C31080932%2C95322183%2C95320869%2C95321867%2C95324155%2C95324160%2C95324260&oid=2&pvsid=4394020649198614&tmod=591409428&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=234
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0284526850426670&output=html&h=600&slotname=4270730789&adk=3152841301&adf=796716709&pi=t.ma~as.4270730789&w=210&fwrn=4&fwrnh=100&lmt=1707743813&rafmt=1&format=210x600&url=https%3A%2F%2Fmcgrp.ru%2Ffiles%2Fviewer%2F483184%2F8&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707743813304&bpp=1&bdt=683&idt=233&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1042x120&nras=1&correlator=3827437176928&frm=20&pv=1&ga_vid=1930442151.1707743814&ga_sid=1707743814&ga_hid=931466232&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1226&ady=343&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31080780%2C31080795%2C31080820%2C42532523%2C44795922%2C95324581%2C31080932%2C95322183%2C95320869%2C95321867%2C95324155%2C95324160%2C95324260&oid=2&pvsid=4394020649198614&tmod=591409428&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=234
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 12 Feb 2024 13:16:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 5064 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=k5XPF8z6RNIB2ASdg2ICAgAAAIGntGH6_uZe9bukVir_MRUQRRrKZWP7rDi0MgKdBfMAABIAAAoKQVFVRER3RUJEdw&wp=ZcoaRQAJwsIGdgw2AAmiy8KyxItATs6HBoIhHg&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0284526850426670&output=html&h=600&slotname=4270730789&adk=3152841301&adf=796716709&pi=t.ma~as.4270730789&w=210&fwrn=4&fwrnh=100&lmt=1707743813&rafmt=1&format=210x600&url=https%3A%2F%2Fmcgrp.ru%2Ffiles%2Fviewer%2F483184%2F8&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707743813304&bpp=1&bdt=683&idt=233&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1042x120&nras=1&correlator=3827437176928&frm=20&pv=1&ga_vid=1930442151.1707743814&ga_sid=1707743814&ga_hid=931466232&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1226&ady=343&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31080780%2C31080795%2C31080820%2C42532523%2C44795922%2C95324581%2C31080932%2C95322183%2C95320869%2C95321867%2C95324155%2C95324160%2C95324260&oid=2&pvsid=4394020649198614&tmod=591409428&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
148369
server
Kestrel
content-length
0
privacy_small.svg
static.criteo.net/flash/icon/ Frame EC52 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZcoaRQAJW70GdhTpAAlrJ7qKheT065jiKR-rJA&u=%7CxgT5wVfWBNkdybP8YlnbF0vIHz57nZkXdYKInsBR6Kc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUp_kgY2lobi95-175ZKt_5UzcMHe7YrAwQYHt4rpqiT2V12qKPLdjZkINkGqQ_0-tepSBSQ3gD4cacA7Rkr72xAgYIpzB7A5NFqCVscptVbiMwwJv3rTZmcYcjoaToq0ZFVqVCkCltUAIVViBW71ef-hhNYDlgOwTfNRAwAesZASz8lWLzjAjnI7_vVoztpaZBPvhS1WlIWBd_OcIDTpgEb5e6kKSCfkIatucpeqfeKFBpMsNVg4x1lBrwJTGR1jzJWwHLLR6CFq22MzxLDZ1mL1Gv6NzkYGp8DmsaKUioJTeSGEot-pjiaR2CLq-9f_TfN-ItNViLqhkOrm-1XaX63GzDGU0ZGHggCGFU4LiFhVpULHpX5z-INLmq_edNqVYSTkij84kJowhn7os3LEqfTmRItse_ua_LD2Q-MBly8n7taty5qBXTDCKwCM_Llmieo8GKO_g8vCGJsM-X27t2An9IPawTcoqqK6n417bQ-5pPwDsorQoiMPajc1spi95xrxvuizavwHdWOmY0RZ2x4Jc2nBUCSi07FltYcboDoHfoTIcuZiGaKF1SU1AZJiCvMWfjfGWrmei2SJ_CrV8E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGKzIRRrKZb23Jemp2OMPp9alsArJntKxXLWY49aTAcCNtwEQASAAYJWSoIKwB4IBF2NhLXB1Yi0wMjg0NTI2ODUwNDI2NjcwyAEJqQJ_H9928xKyPqgDAcgDAqoE-QFP0CFSfV7V_WBTA8OrW1bkf9vp9KiLUjqiae7_dBXM48pJsK218FXNe2OZoD7MYKY8cXpEaZZo-d2JH6vDzKa-kw2X9yS1xXN6urLTzyazx9qxLQem5cGgVJfEDPbkHiBpq8XFfbZ84bsw1PVYzFYOuiUMLFQz2PWx_J-dxmDdpGedbF7qMIEOATpcDcwq0SMYewT1tHLIr7D2WdLY9cEr6f67LzN-QEG69Ik8AYqAUSurE5YRynzh4-17Es2QtAjlXfBT6E1IKZASB9yMwsMyO51a4eqFkUae2cb5QauIJgG_vCeEN8GFW3Ug4uHMGKykhYvMmPI5dveABq_NrZXm2d_l-wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggkCIDhgHAQATIC6wI6CYBAgICEgICECEi9_cE6WOm7_rrxpYQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2iKLWbiuJbFJp5rBen_3Y1yev4Mg%26client%3Dca-pub-0284526850426670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 06 Feb 2025 13:16:54 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame EC52 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZcoaRQAJW70GdhTpAAlrJ7qKheT065jiKR-rJA&u=%7CxgT5wVfWBNkdybP8YlnbF0vIHz57nZkXdYKInsBR6Kc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUp_kgY2lobi95-175ZKt_5UzcMHe7YrAwQYHt4rpqiT2V12qKPLdjZkINkGqQ_0-tepSBSQ3gD4cacA7Rkr72xAgYIpzB7A5NFqCVscptVbiMwwJv3rTZmcYcjoaToq0ZFVqVCkCltUAIVViBW71ef-hhNYDlgOwTfNRAwAesZASz8lWLzjAjnI7_vVoztpaZBPvhS1WlIWBd_OcIDTpgEb5e6kKSCfkIatucpeqfeKFBpMsNVg4x1lBrwJTGR1jzJWwHLLR6CFq22MzxLDZ1mL1Gv6NzkYGp8DmsaKUioJTeSGEot-pjiaR2CLq-9f_TfN-ItNViLqhkOrm-1XaX63GzDGU0ZGHggCGFU4LiFhVpULHpX5z-INLmq_edNqVYSTkij84kJowhn7os3LEqfTmRItse_ua_LD2Q-MBly8n7taty5qBXTDCKwCM_Llmieo8GKO_g8vCGJsM-X27t2An9IPawTcoqqK6n417bQ-5pPwDsorQoiMPajc1spi95xrxvuizavwHdWOmY0RZ2x4Jc2nBUCSi07FltYcboDoHfoTIcuZiGaKF1SU1AZJiCvMWfjfGWrmei2SJ_CrV8E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGKzIRRrKZb23Jemp2OMPp9alsArJntKxXLWY49aTAcCNtwEQASAAYJWSoIKwB4IBF2NhLXB1Yi0wMjg0NTI2ODUwNDI2NjcwyAEJqQJ_H9928xKyPqgDAcgDAqoE-QFP0CFSfV7V_WBTA8OrW1bkf9vp9KiLUjqiae7_dBXM48pJsK218FXNe2OZoD7MYKY8cXpEaZZo-d2JH6vDzKa-kw2X9yS1xXN6urLTzyazx9qxLQem5cGgVJfEDPbkHiBpq8XFfbZ84bsw1PVYzFYOuiUMLFQz2PWx_J-dxmDdpGedbF7qMIEOATpcDcwq0SMYewT1tHLIr7D2WdLY9cEr6f67LzN-QEG69Ik8AYqAUSurE5YRynzh4-17Es2QtAjlXfBT6E1IKZASB9yMwsMyO51a4eqFkUae2cb5QauIJgG_vCeEN8GFW3Ug4uHMGKykhYvMmPI5dveABq_NrZXm2d_l-wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggkCIDhgHAQATIC6wI6CYBAgICEgICECEi9_cE6WOm7_rrxpYQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2iKLWbiuJbFJp5rBen_3Y1yev4Mg%26client%3Dca-pub-0284526850426670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 06 Feb 2025 13:16:54 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame EC52 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZcoaRQAJW70GdhTpAAlrJ7qKheT065jiKR-rJA&u=%7CxgT5wVfWBNkdybP8YlnbF0vIHz57nZkXdYKInsBR6Kc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUp_kgY2lobi95-175ZKt_5UzcMHe7YrAwQYHt4rpqiT2V12qKPLdjZkINkGqQ_0-tepSBSQ3gD4cacA7Rkr72xAgYIpzB7A5NFqCVscptVbiMwwJv3rTZmcYcjoaToq0ZFVqVCkCltUAIVViBW71ef-hhNYDlgOwTfNRAwAesZASz8lWLzjAjnI7_vVoztpaZBPvhS1WlIWBd_OcIDTpgEb5e6kKSCfkIatucpeqfeKFBpMsNVg4x1lBrwJTGR1jzJWwHLLR6CFq22MzxLDZ1mL1Gv6NzkYGp8DmsaKUioJTeSGEot-pjiaR2CLq-9f_TfN-ItNViLqhkOrm-1XaX63GzDGU0ZGHggCGFU4LiFhVpULHpX5z-INLmq_edNqVYSTkij84kJowhn7os3LEqfTmRItse_ua_LD2Q-MBly8n7taty5qBXTDCKwCM_Llmieo8GKO_g8vCGJsM-X27t2An9IPawTcoqqK6n417bQ-5pPwDsorQoiMPajc1spi95xrxvuizavwHdWOmY0RZ2x4Jc2nBUCSi07FltYcboDoHfoTIcuZiGaKF1SU1AZJiCvMWfjfGWrmei2SJ_CrV8E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGKzIRRrKZb23Jemp2OMPp9alsArJntKxXLWY49aTAcCNtwEQASAAYJWSoIKwB4IBF2NhLXB1Yi0wMjg0NTI2ODUwNDI2NjcwyAEJqQJ_H9928xKyPqgDAcgDAqoE-QFP0CFSfV7V_WBTA8OrW1bkf9vp9KiLUjqiae7_dBXM48pJsK218FXNe2OZoD7MYKY8cXpEaZZo-d2JH6vDzKa-kw2X9yS1xXN6urLTzyazx9qxLQem5cGgVJfEDPbkHiBpq8XFfbZ84bsw1PVYzFYOuiUMLFQz2PWx_J-dxmDdpGedbF7qMIEOATpcDcwq0SMYewT1tHLIr7D2WdLY9cEr6f67LzN-QEG69Ik8AYqAUSurE5YRynzh4-17Es2QtAjlXfBT6E1IKZASB9yMwsMyO51a4eqFkUae2cb5QauIJgG_vCeEN8GFW3Ug4uHMGKykhYvMmPI5dveABq_NrZXm2d_l-wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggkCIDhgHAQATIC6wI6CYBAgICEgICECEi9_cE6WOm7_rrxpYQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2iKLWbiuJbFJp5rBen_3Y1yev4Mg%26client%3Dca-pub-0284526850426670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:54 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 06 Feb 2025 13:16:54 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame EC52 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZcoaRQAJW70GdhTpAAlrJ7qKheT065jiKR-rJA&u=%7CxgT5wVfWBNkdybP8YlnbF0vIHz57nZkXdYKInsBR6Kc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUp_kgY2lobi95-175ZKt_5UzcMHe7YrAwQYHt4rpqiT2V12qKPLdjZkINkGqQ_0-tepSBSQ3gD4cacA7Rkr72xAgYIpzB7A5NFqCVscptVbiMwwJv3rTZmcYcjoaToq0ZFVqVCkCltUAIVViBW71ef-hhNYDlgOwTfNRAwAesZASz8lWLzjAjnI7_vVoztpaZBPvhS1WlIWBd_OcIDTpgEb5e6kKSCfkIatucpeqfeKFBpMsNVg4x1lBrwJTGR1jzJWwHLLR6CFq22MzxLDZ1mL1Gv6NzkYGp8DmsaKUioJTeSGEot-pjiaR2CLq-9f_TfN-ItNViLqhkOrm-1XaX63GzDGU0ZGHggCGFU4LiFhVpULHpX5z-INLmq_edNqVYSTkij84kJowhn7os3LEqfTmRItse_ua_LD2Q-MBly8n7taty5qBXTDCKwCM_Llmieo8GKO_g8vCGJsM-X27t2An9IPawTcoqqK6n417bQ-5pPwDsorQoiMPajc1spi95xrxvuizavwHdWOmY0RZ2x4Jc2nBUCSi07FltYcboDoHfoTIcuZiGaKF1SU1AZJiCvMWfjfGWrmei2SJ_CrV8E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGKzIRRrKZb23Jemp2OMPp9alsArJntKxXLWY49aTAcCNtwEQASAAYJWSoIKwB4IBF2NhLXB1Yi0wMjg0NTI2ODUwNDI2NjcwyAEJqQJ_H9928xKyPqgDAcgDAqoE-QFP0CFSfV7V_WBTA8OrW1bkf9vp9KiLUjqiae7_dBXM48pJsK218FXNe2OZoD7MYKY8cXpEaZZo-d2JH6vDzKa-kw2X9yS1xXN6urLTzyazx9qxLQem5cGgVJfEDPbkHiBpq8XFfbZ84bsw1PVYzFYOuiUMLFQz2PWx_J-dxmDdpGedbF7qMIEOATpcDcwq0SMYewT1tHLIr7D2WdLY9cEr6f67LzN-QEG69Ik8AYqAUSurE5YRynzh4-17Es2QtAjlXfBT6E1IKZASB9yMwsMyO51a4eqFkUae2cb5QauIJgG_vCeEN8GFW3Ug4uHMGKykhYvMmPI5dveABq_NrZXm2d_l-wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggkCIDhgHAQATIC6wI6CYBAgICEgICECEi9_cE6WOm7_rrxpYQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2iKLWbiuJbFJp5rBen_3Y1yev4Mg%26client%3Dca-pub-0284526850426670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:54 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Thu, 06 Feb 2025 13:16:54 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame EC52 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=qoHHtLs5ug1UTuLjI8t-BsNdh4B0phuKjLTEQ45LaswkH4QLTzkk2a1OFw1egTY-9vFo4BJexP5xzPVy7kLdJ7LLODsCaVv0kWlgNinDrDXDlYV31rdw9hXwGOgS8C9Tj_nalBI0qHaDSBaU13dEVhHoY5sk2kMYPM8DM0jPOiFgplkMoyszerWx5yAReYQ--ArwuHqDFTEA7_U1o77LPgAJDXPvyD18pzfc7hD8Se_Wj68T8AErl5-iSj9CyXp6ghz1Ah1F7TnogjkW5tl2Y-u5d1jrXiqyt-re4i2nqzfIIV8SnpGU7QoL3-0AdVfT--FAWifd6odyDlHxctZ2iCy2kYnOspU-ouH0L3Ipu_FVkFuqB1y_QyuIIqMf2TEhUL0F_MXKa-pBGjprK2Mt5xOL5t02rDS8kxopQGTJcEULbLI4
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZcoaRQAJW70GdhTpAAlrJ7qKheT065jiKR-rJA&u=%7CxgT5wVfWBNkdybP8YlnbF0vIHz57nZkXdYKInsBR6Kc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUp_kgY2lobi95-175ZKt_5UzcMHe7YrAwQYHt4rpqiT2V12qKPLdjZkINkGqQ_0-tepSBSQ3gD4cacA7Rkr72xAgYIpzB7A5NFqCVscptVbiMwwJv3rTZmcYcjoaToq0ZFVqVCkCltUAIVViBW71ef-hhNYDlgOwTfNRAwAesZASz8lWLzjAjnI7_vVoztpaZBPvhS1WlIWBd_OcIDTpgEb5e6kKSCfkIatucpeqfeKFBpMsNVg4x1lBrwJTGR1jzJWwHLLR6CFq22MzxLDZ1mL1Gv6NzkYGp8DmsaKUioJTeSGEot-pjiaR2CLq-9f_TfN-ItNViLqhkOrm-1XaX63GzDGU0ZGHggCGFU4LiFhVpULHpX5z-INLmq_edNqVYSTkij84kJowhn7os3LEqfTmRItse_ua_LD2Q-MBly8n7taty5qBXTDCKwCM_Llmieo8GKO_g8vCGJsM-X27t2An9IPawTcoqqK6n417bQ-5pPwDsorQoiMPajc1spi95xrxvuizavwHdWOmY0RZ2x4Jc2nBUCSi07FltYcboDoHfoTIcuZiGaKF1SU1AZJiCvMWfjfGWrmei2SJ_CrV8E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGKzIRRrKZb23Jemp2OMPp9alsArJntKxXLWY49aTAcCNtwEQASAAYJWSoIKwB4IBF2NhLXB1Yi0wMjg0NTI2ODUwNDI2NjcwyAEJqQJ_H9928xKyPqgDAcgDAqoE-QFP0CFSfV7V_WBTA8OrW1bkf9vp9KiLUjqiae7_dBXM48pJsK218FXNe2OZoD7MYKY8cXpEaZZo-d2JH6vDzKa-kw2X9yS1xXN6urLTzyazx9qxLQem5cGgVJfEDPbkHiBpq8XFfbZ84bsw1PVYzFYOuiUMLFQz2PWx_J-dxmDdpGedbF7qMIEOATpcDcwq0SMYewT1tHLIr7D2WdLY9cEr6f67LzN-QEG69Ik8AYqAUSurE5YRynzh4-17Es2QtAjlXfBT6E1IKZASB9yMwsMyO51a4eqFkUae2cb5QauIJgG_vCeEN8GFW3Ug4uHMGKykhYvMmPI5dveABq_NrZXm2d_l-wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggkCIDhgHAQATIC6wI6CYBAgICEgICECEi9_cE6WOm7_rrxpYQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2iKLWbiuJbFJp5rBen_3Y1yev4Mg%26client%3Dca-pub-0284526850426670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Feb 2024 13:16:53 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2046923
expires
Mon, 26 Jul 1997 05:00:00 GMT
m
secure-gl.imrworldwide.com/cgi-bin/ Frame EC52 		44 B
582 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1707743813
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZcoaRQAJW70GdhTpAAlrJ7qKheT065jiKR-rJA&u=%7CxgT5wVfWBNkdybP8YlnbF0vIHz57nZkXdYKInsBR6Kc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUp_kgY2lobi95-175ZKt_5UzcMHe7YrAwQYHt4rpqiT2V12qKPLdjZkINkGqQ_0-tepSBSQ3gD4cacA7Rkr72xAgYIpzB7A5NFqCVscptVbiMwwJv3rTZmcYcjoaToq0ZFVqVCkCltUAIVViBW71ef-hhNYDlgOwTfNRAwAesZASz8lWLzjAjnI7_vVoztpaZBPvhS1WlIWBd_OcIDTpgEb5e6kKSCfkIatucpeqfeKFBpMsNVg4x1lBrwJTGR1jzJWwHLLR6CFq22MzxLDZ1mL1Gv6NzkYGp8DmsaKUioJTeSGEot-pjiaR2CLq-9f_TfN-ItNViLqhkOrm-1XaX63GzDGU0ZGHggCGFU4LiFhVpULHpX5z-INLmq_edNqVYSTkij84kJowhn7os3LEqfTmRItse_ua_LD2Q-MBly8n7taty5qBXTDCKwCM_Llmieo8GKO_g8vCGJsM-X27t2An9IPawTcoqqK6n417bQ-5pPwDsorQoiMPajc1spi95xrxvuizavwHdWOmY0RZ2x4Jc2nBUCSi07FltYcboDoHfoTIcuZiGaKF1SU1AZJiCvMWfjfGWrmei2SJ_CrV8E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGKzIRRrKZb23Jemp2OMPp9alsArJntKxXLWY49aTAcCNtwEQASAAYJWSoIKwB4IBF2NhLXB1Yi0wMjg0NTI2ODUwNDI2NjcwyAEJqQJ_H9928xKyPqgDAcgDAqoE-QFP0CFSfV7V_WBTA8OrW1bkf9vp9KiLUjqiae7_dBXM48pJsK218FXNe2OZoD7MYKY8cXpEaZZo-d2JH6vDzKa-kw2X9yS1xXN6urLTzyazx9qxLQem5cGgVJfEDPbkHiBpq8XFfbZ84bsw1PVYzFYOuiUMLFQz2PWx_J-dxmDdpGedbF7qMIEOATpcDcwq0SMYewT1tHLIr7D2WdLY9cEr6f67LzN-QEG69Ik8AYqAUSurE5YRynzh4-17Es2QtAjlXfBT6E1IKZASB9yMwsMyO51a4eqFkUae2cb5QauIJgG_vCeEN8GFW3Ug4uHMGKykhYvMmPI5dveABq_NrZXm2d_l-wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggkCIDhgHAQATIC6wI6CYBAgICEgICECEi9_cE6WOm7_rrxpYQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2iKLWbiuJbFJp5rBen_3Y1yev4Mg%26client%3Dca-pub-0284526850426670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:5a00:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:54 GMT
via
1.1 3f48626dd8757a1af3c75efd40b72542.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
x-cache
Miss from cloudfront
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy
cross-origin
content-length
44
pragma
no-cache
server
nginx
accept-ch
Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
access-control-allow-methods
POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
axVB42dN5VAVMbmRM1ZnVDyvmkaO7EXoySPY67Zi7BQTrXgQBpemeg==
expires
Thu, 01 Dec 1994 16:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame EC52 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZcoaRQAJW70GdhTpAAlrJ7qKheT065jiKR-rJA&u=%7CxgT5wVfWBNkdybP8YlnbF0vIHz57nZkXdYKInsBR6Kc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUp_kgY2lobi95-175ZKt_5UzcMHe7YrAwQYHt4rpqiT2V12qKPLdjZkINkGqQ_0-tepSBSQ3gD4cacA7Rkr72xAgYIpzB7A5NFqCVscptVbiMwwJv3rTZmcYcjoaToq0ZFVqVCkCltUAIVViBW71ef-hhNYDlgOwTfNRAwAesZASz8lWLzjAjnI7_vVoztpaZBPvhS1WlIWBd_OcIDTpgEb5e6kKSCfkIatucpeqfeKFBpMsNVg4x1lBrwJTGR1jzJWwHLLR6CFq22MzxLDZ1mL1Gv6NzkYGp8DmsaKUioJTeSGEot-pjiaR2CLq-9f_TfN-ItNViLqhkOrm-1XaX63GzDGU0ZGHggCGFU4LiFhVpULHpX5z-INLmq_edNqVYSTkij84kJowhn7os3LEqfTmRItse_ua_LD2Q-MBly8n7taty5qBXTDCKwCM_Llmieo8GKO_g8vCGJsM-X27t2An9IPawTcoqqK6n417bQ-5pPwDsorQoiMPajc1spi95xrxvuizavwHdWOmY0RZ2x4Jc2nBUCSi07FltYcboDoHfoTIcuZiGaKF1SU1AZJiCvMWfjfGWrmei2SJ_CrV8E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGKzIRRrKZb23Jemp2OMPp9alsArJntKxXLWY49aTAcCNtwEQASAAYJWSoIKwB4IBF2NhLXB1Yi0wMjg0NTI2ODUwNDI2NjcwyAEJqQJ_H9928xKyPqgDAcgDAqoE-QFP0CFSfV7V_WBTA8OrW1bkf9vp9KiLUjqiae7_dBXM48pJsK218FXNe2OZoD7MYKY8cXpEaZZo-d2JH6vDzKa-kw2X9yS1xXN6urLTzyazx9qxLQem5cGgVJfEDPbkHiBpq8XFfbZ84bsw1PVYzFYOuiUMLFQz2PWx_J-dxmDdpGedbF7qMIEOATpcDcwq0SMYewT1tHLIr7D2WdLY9cEr6f67LzN-QEG69Ik8AYqAUSurE5YRynzh4-17Es2QtAjlXfBT6E1IKZASB9yMwsMyO51a4eqFkUae2cb5QauIJgG_vCeEN8GFW3Ug4uHMGKykhYvMmPI5dveABq_NrZXm2d_l-wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggkCIDhgHAQATIC6wI6CYBAgICEgICECEi9_cE6WOm7_rrxpYQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2iKLWbiuJbFJp5rBen_3Y1yev4Mg%26client%3Dca-pub-0284526850426670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1104153
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s622hVzYObGXN5RyBrgpDBXdHneiiKZvOQSuTjamZC0jdvbRW8o1HOAE5x2sbK%2BNFjqN9SiZonBEGywCXuQ1bRqjk5RF%2FgZF%2FAHNZNgSGtADNbWyujFnjyfoQvzeDHfn6gSDtUdR%2FoVyM1wMyIQ48OSL"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
85451bd63d4ebb7a-FRA
expires
Sat, 01 Feb 2025 13:16:54 GMT
f9d5f193fe704d30bc6e97384f41c8fe_relative-bold-pro.woff
static.criteo.net/design/dt/ Frame EC52 		57 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/f9d5f193fe704d30bc6e97384f41c8fe_relative-bold-pro.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZcoaRQAJW70GdhTpAAlrJ7qKheT065jiKR-rJA&u=%7CxgT5wVfWBNkdybP8YlnbF0vIHz57nZkXdYKInsBR6Kc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUp_kgY2lobi95-175ZKt_5UzcMHe7YrAwQYHt4rpqiT2V12qKPLdjZkINkGqQ_0-tepSBSQ3gD4cacA7Rkr72xAgYIpzB7A5NFqCVscptVbiMwwJv3rTZmcYcjoaToq0ZFVqVCkCltUAIVViBW71ef-hhNYDlgOwTfNRAwAesZASz8lWLzjAjnI7_vVoztpaZBPvhS1WlIWBd_OcIDTpgEb5e6kKSCfkIatucpeqfeKFBpMsNVg4x1lBrwJTGR1jzJWwHLLR6CFq22MzxLDZ1mL1Gv6NzkYGp8DmsaKUioJTeSGEot-pjiaR2CLq-9f_TfN-ItNViLqhkOrm-1XaX63GzDGU0ZGHggCGFU4LiFhVpULHpX5z-INLmq_edNqVYSTkij84kJowhn7os3LEqfTmRItse_ua_LD2Q-MBly8n7taty5qBXTDCKwCM_Llmieo8GKO_g8vCGJsM-X27t2An9IPawTcoqqK6n417bQ-5pPwDsorQoiMPajc1spi95xrxvuizavwHdWOmY0RZ2x4Jc2nBUCSi07FltYcboDoHfoTIcuZiGaKF1SU1AZJiCvMWfjfGWrmei2SJ_CrV8E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGKzIRRrKZb23Jemp2OMPp9alsArJntKxXLWY49aTAcCNtwEQASAAYJWSoIKwB4IBF2NhLXB1Yi0wMjg0NTI2ODUwNDI2NjcwyAEJqQJ_H9928xKyPqgDAcgDAqoE-QFP0CFSfV7V_WBTA8OrW1bkf9vp9KiLUjqiae7_dBXM48pJsK218FXNe2OZoD7MYKY8cXpEaZZo-d2JH6vDzKa-kw2X9yS1xXN6urLTzyazx9qxLQem5cGgVJfEDPbkHiBpq8XFfbZ84bsw1PVYzFYOuiUMLFQz2PWx_J-dxmDdpGedbF7qMIEOATpcDcwq0SMYewT1tHLIr7D2WdLY9cEr6f67LzN-QEG69Ik8AYqAUSurE5YRynzh4-17Es2QtAjlXfBT6E1IKZASB9yMwsMyO51a4eqFkUae2cb5QauIJgG_vCeEN8GFW3Ug4uHMGKykhYvMmPI5dveABq_NrZXm2d_l-wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggkCIDhgHAQATIC6wI6CYBAgICEgICECEi9_cE6WOm7_rrxpYQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2iKLWbiuJbFJp5rBen_3Y1yev4Mg%26client%3Dca-pub-0284526850426670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
fd8826f91fb323bf7b87cfd12679567bc1764700503b8cbebca918006642f2ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 20 Apr 2023 14:26:14 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"64414b86-e41c"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 06 Feb 2025 13:16:54 GMT
animejs.js
static.criteo.net/animejs/ Frame EC52 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZcoaRQAJW70GdhTpAAlrJ7qKheT065jiKR-rJA&u=%7CxgT5wVfWBNkdybP8YlnbF0vIHz57nZkXdYKInsBR6Kc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUp_kgY2lobi95-175ZKt_5UzcMHe7YrAwQYHt4rpqiT2V12qKPLdjZkINkGqQ_0-tepSBSQ3gD4cacA7Rkr72xAgYIpzB7A5NFqCVscptVbiMwwJv3rTZmcYcjoaToq0ZFVqVCkCltUAIVViBW71ef-hhNYDlgOwTfNRAwAesZASz8lWLzjAjnI7_vVoztpaZBPvhS1WlIWBd_OcIDTpgEb5e6kKSCfkIatucpeqfeKFBpMsNVg4x1lBrwJTGR1jzJWwHLLR6CFq22MzxLDZ1mL1Gv6NzkYGp8DmsaKUioJTeSGEot-pjiaR2CLq-9f_TfN-ItNViLqhkOrm-1XaX63GzDGU0ZGHggCGFU4LiFhVpULHpX5z-INLmq_edNqVYSTkij84kJowhn7os3LEqfTmRItse_ua_LD2Q-MBly8n7taty5qBXTDCKwCM_Llmieo8GKO_g8vCGJsM-X27t2An9IPawTcoqqK6n417bQ-5pPwDsorQoiMPajc1spi95xrxvuizavwHdWOmY0RZ2x4Jc2nBUCSi07FltYcboDoHfoTIcuZiGaKF1SU1AZJiCvMWfjfGWrmei2SJ_CrV8E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGKzIRRrKZb23Jemp2OMPp9alsArJntKxXLWY49aTAcCNtwEQASAAYJWSoIKwB4IBF2NhLXB1Yi0wMjg0NTI2ODUwNDI2NjcwyAEJqQJ_H9928xKyPqgDAcgDAqoE-QFP0CFSfV7V_WBTA8OrW1bkf9vp9KiLUjqiae7_dBXM48pJsK218FXNe2OZoD7MYKY8cXpEaZZo-d2JH6vDzKa-kw2X9yS1xXN6urLTzyazx9qxLQem5cGgVJfEDPbkHiBpq8XFfbZ84bsw1PVYzFYOuiUMLFQz2PWx_J-dxmDdpGedbF7qMIEOATpcDcwq0SMYewT1tHLIr7D2WdLY9cEr6f67LzN-QEG69Ik8AYqAUSurE5YRynzh4-17Es2QtAjlXfBT6E1IKZASB9yMwsMyO51a4eqFkUae2cb5QauIJgG_vCeEN8GFW3Ug4uHMGKykhYvMmPI5dveABq_NrZXm2d_l-wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggkCIDhgHAQATIC6wI6CYBAgICEgICECEi9_cE6WOm7_rrxpYQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2iKLWbiuJbFJp5rBen_3Y1yev4Mg%26client%3Dca-pub-0284526850426670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 06 Feb 2025 13:16:54 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 7D54 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZcoaRQAJwsIGdgw2AAmiy8KyxItATs6HBoIhHg&u=%7CxgT5wVfWBNlG7SQlZEUDdQOgzmIJj5WP5c3yF9fzxYw%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_TwyvpqAGq0ZdC3ai4cspT3vKmwbXBSN1779wSnj7X3AfLotdCvUamZj5R2Bu5aebxUGTbXxcyiDq4o8ZoS5DeRFOOjKl1D-opNouj72riIusisMlksNW4jxBmyQ-3MhpdYiSAhS40a6sIK41no9ahUOBZ6VT-FzVwwNjWeZ8RpNDVpCLi3HZOS703sdQFst8T05nrU7eXrjMYljdGoqMyYzmasiaFQKkVESSD3jOb0PReb9JM4I3GPrGNNcLiSlgfVtUXx9oDDGmVOPVgO4jSL-3NEnOdhiAELOqYaGnAT-l9FT7qbR_kG90OuXYSWnWZO8IVQAj7S4vfEICODdLwHPUeEF-pm5unYWUYX6rinrO6okWogJ5ZY-sCBVvSQpBD3ZP9uGPxVzDwEGPgy6tq4iNMrULZ0agZx6k-l2UTL4VszoVq2hGa9A49Hs9D-ktPv0iJJvcD_M6yxmOja2HSv5LjY_50crv1O8LCUJINmlKxkgKzcRxCR8WrETosDuThDycnho8RAKjY5ecD0IZ4sdRj7blODC8BZgXD0iRKdFTHGVmHYz32KCtxPodIfbqGap6M0BwKEC_ZN_8UvbAJYY9J_YDgEfyEg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNh6hRRrKZcKFJ7aY2OMPy8Wm4APJntKxXPWR3r6xAcCNtwEQASAAYJWSoIKwB4IBF2NhLXB1Yi0wMjg0NTI2ODUwNDI2NjcwyAEJqQJ_H9928xKyPqgDAcgDAqoE-AFP0O2R8Pps-IXBiWsjLewWtV2sHME4Swa3I1FCnu3lYT_evyR4wKSP3CK_sjwJ0nvacURmwl18CE3DL2eifKTc4WqoK9VvVpSVpMqsC0JWFc9PK2SENSt22G7bbJaihIP3FO3uykyeA7RsLkNHFNPWrfpu0eAlWxrQIzlH-ceKwAO5B0MCdsFyqwNDT3yQGVuXXoDpgzRZVuLBUHNreFpCEX4f8obQzu7dQYC-2rbRwJy82D7HN_cHEfda18bt-135VZ3KNm7ELZuBnuRjCVN-t2I0LDAH4KG7XK0MsNfQrWR2KH1_YXPSU7iRzXGo7NK-eAKiDrZvOYAGr82tlebZ3-X7AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCQIgOGAcBABMgLrAjoJgECAgISAgIQISL39wTpY58n_uvGlhAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3MeMEiJL6tv3eqtk9yeAS28v1vmw%26client%3Dca-pub-0284526850426670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 06 Feb 2025 13:16:54 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 7D54 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZcoaRQAJwsIGdgw2AAmiy8KyxItATs6HBoIhHg&u=%7CxgT5wVfWBNlG7SQlZEUDdQOgzmIJj5WP5c3yF9fzxYw%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_TwyvpqAGq0ZdC3ai4cspT3vKmwbXBSN1779wSnj7X3AfLotdCvUamZj5R2Bu5aebxUGTbXxcyiDq4o8ZoS5DeRFOOjKl1D-opNouj72riIusisMlksNW4jxBmyQ-3MhpdYiSAhS40a6sIK41no9ahUOBZ6VT-FzVwwNjWeZ8RpNDVpCLi3HZOS703sdQFst8T05nrU7eXrjMYljdGoqMyYzmasiaFQKkVESSD3jOb0PReb9JM4I3GPrGNNcLiSlgfVtUXx9oDDGmVOPVgO4jSL-3NEnOdhiAELOqYaGnAT-l9FT7qbR_kG90OuXYSWnWZO8IVQAj7S4vfEICODdLwHPUeEF-pm5unYWUYX6rinrO6okWogJ5ZY-sCBVvSQpBD3ZP9uGPxVzDwEGPgy6tq4iNMrULZ0agZx6k-l2UTL4VszoVq2hGa9A49Hs9D-ktPv0iJJvcD_M6yxmOja2HSv5LjY_50crv1O8LCUJINmlKxkgKzcRxCR8WrETosDuThDycnho8RAKjY5ecD0IZ4sdRj7blODC8BZgXD0iRKdFTHGVmHYz32KCtxPodIfbqGap6M0BwKEC_ZN_8UvbAJYY9J_YDgEfyEg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNh6hRRrKZcKFJ7aY2OMPy8Wm4APJntKxXPWR3r6xAcCNtwEQASAAYJWSoIKwB4IBF2NhLXB1Yi0wMjg0NTI2ODUwNDI2NjcwyAEJqQJ_H9928xKyPqgDAcgDAqoE-AFP0O2R8Pps-IXBiWsjLewWtV2sHME4Swa3I1FCnu3lYT_evyR4wKSP3CK_sjwJ0nvacURmwl18CE3DL2eifKTc4WqoK9VvVpSVpMqsC0JWFc9PK2SENSt22G7bbJaihIP3FO3uykyeA7RsLkNHFNPWrfpu0eAlWxrQIzlH-ceKwAO5B0MCdsFyqwNDT3yQGVuXXoDpgzRZVuLBUHNreFpCEX4f8obQzu7dQYC-2rbRwJy82D7HN_cHEfda18bt-135VZ3KNm7ELZuBnuRjCVN-t2I0LDAH4KG7XK0MsNfQrWR2KH1_YXPSU7iRzXGo7NK-eAKiDrZvOYAGr82tlebZ3-X7AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCQIgOGAcBABMgLrAjoJgECAgISAgIQISL39wTpY58n_uvGlhAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3MeMEiJL6tv3eqtk9yeAS28v1vmw%26client%3Dca-pub-0284526850426670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 06 Feb 2025 13:16:54 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 7D54 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZcoaRQAJwsIGdgw2AAmiy8KyxItATs6HBoIhHg&u=%7CxgT5wVfWBNlG7SQlZEUDdQOgzmIJj5WP5c3yF9fzxYw%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_TwyvpqAGq0ZdC3ai4cspT3vKmwbXBSN1779wSnj7X3AfLotdCvUamZj5R2Bu5aebxUGTbXxcyiDq4o8ZoS5DeRFOOjKl1D-opNouj72riIusisMlksNW4jxBmyQ-3MhpdYiSAhS40a6sIK41no9ahUOBZ6VT-FzVwwNjWeZ8RpNDVpCLi3HZOS703sdQFst8T05nrU7eXrjMYljdGoqMyYzmasiaFQKkVESSD3jOb0PReb9JM4I3GPrGNNcLiSlgfVtUXx9oDDGmVOPVgO4jSL-3NEnOdhiAELOqYaGnAT-l9FT7qbR_kG90OuXYSWnWZO8IVQAj7S4vfEICODdLwHPUeEF-pm5unYWUYX6rinrO6okWogJ5ZY-sCBVvSQpBD3ZP9uGPxVzDwEGPgy6tq4iNMrULZ0agZx6k-l2UTL4VszoVq2hGa9A49Hs9D-ktPv0iJJvcD_M6yxmOja2HSv5LjY_50crv1O8LCUJINmlKxkgKzcRxCR8WrETosDuThDycnho8RAKjY5ecD0IZ4sdRj7blODC8BZgXD0iRKdFTHGVmHYz32KCtxPodIfbqGap6M0BwKEC_ZN_8UvbAJYY9J_YDgEfyEg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNh6hRRrKZcKFJ7aY2OMPy8Wm4APJntKxXPWR3r6xAcCNtwEQASAAYJWSoIKwB4IBF2NhLXB1Yi0wMjg0NTI2ODUwNDI2NjcwyAEJqQJ_H9928xKyPqgDAcgDAqoE-AFP0O2R8Pps-IXBiWsjLewWtV2sHME4Swa3I1FCnu3lYT_evyR4wKSP3CK_sjwJ0nvacURmwl18CE3DL2eifKTc4WqoK9VvVpSVpMqsC0JWFc9PK2SENSt22G7bbJaihIP3FO3uykyeA7RsLkNHFNPWrfpu0eAlWxrQIzlH-ceKwAO5B0MCdsFyqwNDT3yQGVuXXoDpgzRZVuLBUHNreFpCEX4f8obQzu7dQYC-2rbRwJy82D7HN_cHEfda18bt-135VZ3KNm7ELZuBnuRjCVN-t2I0LDAH4KG7XK0MsNfQrWR2KH1_YXPSU7iRzXGo7NK-eAKiDrZvOYAGr82tlebZ3-X7AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCQIgOGAcBABMgLrAjoJgECAgISAgIQISL39wTpY58n_uvGlhAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3MeMEiJL6tv3eqtk9yeAS28v1vmw%26client%3Dca-pub-0284526850426670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:54 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 06 Feb 2025 13:16:54 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 7D54 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZcoaRQAJwsIGdgw2AAmiy8KyxItATs6HBoIhHg&u=%7CxgT5wVfWBNlG7SQlZEUDdQOgzmIJj5WP5c3yF9fzxYw%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_TwyvpqAGq0ZdC3ai4cspT3vKmwbXBSN1779wSnj7X3AfLotdCvUamZj5R2Bu5aebxUGTbXxcyiDq4o8ZoS5DeRFOOjKl1D-opNouj72riIusisMlksNW4jxBmyQ-3MhpdYiSAhS40a6sIK41no9ahUOBZ6VT-FzVwwNjWeZ8RpNDVpCLi3HZOS703sdQFst8T05nrU7eXrjMYljdGoqMyYzmasiaFQKkVESSD3jOb0PReb9JM4I3GPrGNNcLiSlgfVtUXx9oDDGmVOPVgO4jSL-3NEnOdhiAELOqYaGnAT-l9FT7qbR_kG90OuXYSWnWZO8IVQAj7S4vfEICODdLwHPUeEF-pm5unYWUYX6rinrO6okWogJ5ZY-sCBVvSQpBD3ZP9uGPxVzDwEGPgy6tq4iNMrULZ0agZx6k-l2UTL4VszoVq2hGa9A49Hs9D-ktPv0iJJvcD_M6yxmOja2HSv5LjY_50crv1O8LCUJINmlKxkgKzcRxCR8WrETosDuThDycnho8RAKjY5ecD0IZ4sdRj7blODC8BZgXD0iRKdFTHGVmHYz32KCtxPodIfbqGap6M0BwKEC_ZN_8UvbAJYY9J_YDgEfyEg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNh6hRRrKZcKFJ7aY2OMPy8Wm4APJntKxXPWR3r6xAcCNtwEQASAAYJWSoIKwB4IBF2NhLXB1Yi0wMjg0NTI2ODUwNDI2NjcwyAEJqQJ_H9928xKyPqgDAcgDAqoE-AFP0O2R8Pps-IXBiWsjLewWtV2sHME4Swa3I1FCnu3lYT_evyR4wKSP3CK_sjwJ0nvacURmwl18CE3DL2eifKTc4WqoK9VvVpSVpMqsC0JWFc9PK2SENSt22G7bbJaihIP3FO3uykyeA7RsLkNHFNPWrfpu0eAlWxrQIzlH-ceKwAO5B0MCdsFyqwNDT3yQGVuXXoDpgzRZVuLBUHNreFpCEX4f8obQzu7dQYC-2rbRwJy82D7HN_cHEfda18bt-135VZ3KNm7ELZuBnuRjCVN-t2I0LDAH4KG7XK0MsNfQrWR2KH1_YXPSU7iRzXGo7NK-eAKiDrZvOYAGr82tlebZ3-X7AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCQIgOGAcBABMgLrAjoJgECAgISAgIQISL39wTpY58n_uvGlhAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3MeMEiJL6tv3eqtk9yeAS28v1vmw%26client%3Dca-pub-0284526850426670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:54 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Thu, 06 Feb 2025 13:16:54 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 7D54 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=anbN_FM5f0MUAg_BvTGjTYK_zXA37oBCTdeOjBKr356-YNjrGTCfZpLHmH-hAdZetgH_kmaZhybll9W9d4XO7tD4Y2YbLPMApf5vT1cNkYGF4QCL2fHBsDs2OPdi-vtrMjpryH_HcHPxn9WLKrYKk_1p4w6hhl-lwPquWpWEN9vrSfMhf-kr2xNJKu6SaDzmzP5WZb46Rt6Zrq68FYemP2PYcZXbLYKFYYWc1jh9Pyg6M1cVanO6SDnnwTOn9sdsHzv4E1sT6yzbAdTPwuv1Lt8wd9zGWchkM6LNEpv-u6m4lqMsrkk3YKy_tzyxlRSTAES-LudntNvjt8PkRIyrcHGGTkvlMK_k1Sn90KsILhjx6OYO5VJJ8AZ0vhSXNvzHZBSlyppz1SVIzkNnhdn3GV4yIKppc4p1d23rjQT__DZmrmroYH65fob20WicC8HpKxgI6Q
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZcoaRQAJwsIGdgw2AAmiy8KyxItATs6HBoIhHg&u=%7CxgT5wVfWBNlG7SQlZEUDdQOgzmIJj5WP5c3yF9fzxYw%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_TwyvpqAGq0ZdC3ai4cspT3vKmwbXBSN1779wSnj7X3AfLotdCvUamZj5R2Bu5aebxUGTbXxcyiDq4o8ZoS5DeRFOOjKl1D-opNouj72riIusisMlksNW4jxBmyQ-3MhpdYiSAhS40a6sIK41no9ahUOBZ6VT-FzVwwNjWeZ8RpNDVpCLi3HZOS703sdQFst8T05nrU7eXrjMYljdGoqMyYzmasiaFQKkVESSD3jOb0PReb9JM4I3GPrGNNcLiSlgfVtUXx9oDDGmVOPVgO4jSL-3NEnOdhiAELOqYaGnAT-l9FT7qbR_kG90OuXYSWnWZO8IVQAj7S4vfEICODdLwHPUeEF-pm5unYWUYX6rinrO6okWogJ5ZY-sCBVvSQpBD3ZP9uGPxVzDwEGPgy6tq4iNMrULZ0agZx6k-l2UTL4VszoVq2hGa9A49Hs9D-ktPv0iJJvcD_M6yxmOja2HSv5LjY_50crv1O8LCUJINmlKxkgKzcRxCR8WrETosDuThDycnho8RAKjY5ecD0IZ4sdRj7blODC8BZgXD0iRKdFTHGVmHYz32KCtxPodIfbqGap6M0BwKEC_ZN_8UvbAJYY9J_YDgEfyEg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNh6hRRrKZcKFJ7aY2OMPy8Wm4APJntKxXPWR3r6xAcCNtwEQASAAYJWSoIKwB4IBF2NhLXB1Yi0wMjg0NTI2ODUwNDI2NjcwyAEJqQJ_H9928xKyPqgDAcgDAqoE-AFP0O2R8Pps-IXBiWsjLewWtV2sHME4Swa3I1FCnu3lYT_evyR4wKSP3CK_sjwJ0nvacURmwl18CE3DL2eifKTc4WqoK9VvVpSVpMqsC0JWFc9PK2SENSt22G7bbJaihIP3FO3uykyeA7RsLkNHFNPWrfpu0eAlWxrQIzlH-ceKwAO5B0MCdsFyqwNDT3yQGVuXXoDpgzRZVuLBUHNreFpCEX4f8obQzu7dQYC-2rbRwJy82D7HN_cHEfda18bt-135VZ3KNm7ELZuBnuRjCVN-t2I0LDAH4KG7XK0MsNfQrWR2KH1_YXPSU7iRzXGo7NK-eAKiDrZvOYAGr82tlebZ3-X7AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCQIgOGAcBABMgLrAjoJgECAgISAgIQISL39wTpY58n_uvGlhAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3MeMEiJL6tv3eqtk9yeAS28v1vmw%26client%3Dca-pub-0284526850426670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Feb 2024 13:16:54 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1964235
expires
Mon, 26 Jul 1997 05:00:00 GMT
m
secure-gl.imrworldwide.com/cgi-bin/ Frame 7D54 		44 B
580 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1707743813
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZcoaRQAJwsIGdgw2AAmiy8KyxItATs6HBoIhHg&u=%7CxgT5wVfWBNlG7SQlZEUDdQOgzmIJj5WP5c3yF9fzxYw%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_TwyvpqAGq0ZdC3ai4cspT3vKmwbXBSN1779wSnj7X3AfLotdCvUamZj5R2Bu5aebxUGTbXxcyiDq4o8ZoS5DeRFOOjKl1D-opNouj72riIusisMlksNW4jxBmyQ-3MhpdYiSAhS40a6sIK41no9ahUOBZ6VT-FzVwwNjWeZ8RpNDVpCLi3HZOS703sdQFst8T05nrU7eXrjMYljdGoqMyYzmasiaFQKkVESSD3jOb0PReb9JM4I3GPrGNNcLiSlgfVtUXx9oDDGmVOPVgO4jSL-3NEnOdhiAELOqYaGnAT-l9FT7qbR_kG90OuXYSWnWZO8IVQAj7S4vfEICODdLwHPUeEF-pm5unYWUYX6rinrO6okWogJ5ZY-sCBVvSQpBD3ZP9uGPxVzDwEGPgy6tq4iNMrULZ0agZx6k-l2UTL4VszoVq2hGa9A49Hs9D-ktPv0iJJvcD_M6yxmOja2HSv5LjY_50crv1O8LCUJINmlKxkgKzcRxCR8WrETosDuThDycnho8RAKjY5ecD0IZ4sdRj7blODC8BZgXD0iRKdFTHGVmHYz32KCtxPodIfbqGap6M0BwKEC_ZN_8UvbAJYY9J_YDgEfyEg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNh6hRRrKZcKFJ7aY2OMPy8Wm4APJntKxXPWR3r6xAcCNtwEQASAAYJWSoIKwB4IBF2NhLXB1Yi0wMjg0NTI2ODUwNDI2NjcwyAEJqQJ_H9928xKyPqgDAcgDAqoE-AFP0O2R8Pps-IXBiWsjLewWtV2sHME4Swa3I1FCnu3lYT_evyR4wKSP3CK_sjwJ0nvacURmwl18CE3DL2eifKTc4WqoK9VvVpSVpMqsC0JWFc9PK2SENSt22G7bbJaihIP3FO3uykyeA7RsLkNHFNPWrfpu0eAlWxrQIzlH-ceKwAO5B0MCdsFyqwNDT3yQGVuXXoDpgzRZVuLBUHNreFpCEX4f8obQzu7dQYC-2rbRwJy82D7HN_cHEfda18bt-135VZ3KNm7ELZuBnuRjCVN-t2I0LDAH4KG7XK0MsNfQrWR2KH1_YXPSU7iRzXGo7NK-eAKiDrZvOYAGr82tlebZ3-X7AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCQIgOGAcBABMgLrAjoJgECAgISAgIQISL39wTpY58n_uvGlhAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3MeMEiJL6tv3eqtk9yeAS28v1vmw%26client%3Dca-pub-0284526850426670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:5a00:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:54 GMT
via
1.1 3f48626dd8757a1af3c75efd40b72542.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
x-cache
Miss from cloudfront
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy
cross-origin
content-length
44
pragma
no-cache
server
nginx
accept-ch
Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
access-control-allow-methods
POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
nWUTgMsJwwiAr6GA1jgukiCzjfrRjNP0DI0odNFCkfWFx7cmaaOZYg==
expires
Thu, 01 Dec 1994 16:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame CA5E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZcoaRQAKJdoGdgfDAAwZYQq99PYcYx_Nq-S7SQ&u=%7CxgT5wVfWBNmm4D21NoaaY4kd6AgKGQzZpjIVpRsyLWs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSWY8jeVe2k8ObqzjhRY3iWdYxeb0TFq0BsrbBRdJGBvh0dfvto9R4hI0kooYm79qmw7qmgBgT6y2MPJbZ0dSBUMWcYP5NKMiYT7A047vX_nXmm1Pu0GcvFfboO45ARdk0ZjCme0YFlLbYWTIhoKWV4T0vvgnbdshFf1CXEr_s_ChdeY1hYv7zvWj5C0Kz5CGAliiRXds3w9COqT_bwz7u-HwdXVe_kci55rf-SSbyzMqyNmOcC-Yvtng2wIHariAs6KeDFB1xbUT09bjRWK9co9mRzCvR-bs_6pMTkdSCoNqSUiss2SJHVqskYZdxunziRrW6sC85qFUjCr52uEVqyFclkWWHeB7iiOMG6gFzjqx5Ulqaa20xsvgEUULNnejVHPgt4vzD0EsQ6nI8cg18U4g7gGhnbsd9EMrnB3mGdpHDYbJBffLUuNPVgveRCtyHIUJAyILViY8uata4pz7Vx6V0Qp59i2fiktvp27M7D4SgVKo-NpgpyH0YjZjWo_0qDPSIaFpTJHqDySSnp4tweajee4z4AFjbH0wPyaS2dRHrCKKa9EiTctSk5C6iAxgpJjV1zlxMFOrx1Cjo9VzOpb7PGsERFaJQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChqEMRRrKZdrLKMOP2OMP4bKwiATJntKxXMWymPdwwI23ARABIABglZKggrAHggEXY2EtcHViLTAyODQ1MjY4NTA0MjY2NzDIAQmpAnNiPom0EbI-qAMByAMCqgT_AU_QdsrQBEIiQnV4Mt7z7yVb6F9Wp2JJcZIxJvF5Y8N84GnblnJAfCaI5Pet--kpTqXbPnwqZIL-EUwjXTIue8wHBAhsCcPrKu3VkVJbFB7h5wVCywjmov6KVa1gFgr6plR_w5CjQxnc-0OQN9EvTLdvfguRdfUlHzFKoLp3_vA5fUSVem_rR9tN9-cs7SJWQJfx03qRJzKogTt8kf92qNXLBnBn0hULwtUtKYHoNyIEnwLEqBx2p4P76NX265RLxpl1IAswsrq-Z_dsu9LFf7PFTxTde-GG9fKtaIX4JirVnHC7yQ72nf5xNhK5KbtQ6pSmzVtzekiXuy5MY8DZR4AGr82tlebZ3-X7AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCQIgOGAcBABMgLrAjoJgECAgISAgIQISL39wTpY9LKBu_GlhAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0zzDGEml-LK-lQsUqJpUx_FXFFOg%26client%3Dca-pub-0284526850426670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 06 Feb 2025 13:16:54 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame CA5E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZcoaRQAKJdoGdgfDAAwZYQq99PYcYx_Nq-S7SQ&u=%7CxgT5wVfWBNmm4D21NoaaY4kd6AgKGQzZpjIVpRsyLWs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSWY8jeVe2k8ObqzjhRY3iWdYxeb0TFq0BsrbBRdJGBvh0dfvto9R4hI0kooYm79qmw7qmgBgT6y2MPJbZ0dSBUMWcYP5NKMiYT7A047vX_nXmm1Pu0GcvFfboO45ARdk0ZjCme0YFlLbYWTIhoKWV4T0vvgnbdshFf1CXEr_s_ChdeY1hYv7zvWj5C0Kz5CGAliiRXds3w9COqT_bwz7u-HwdXVe_kci55rf-SSbyzMqyNmOcC-Yvtng2wIHariAs6KeDFB1xbUT09bjRWK9co9mRzCvR-bs_6pMTkdSCoNqSUiss2SJHVqskYZdxunziRrW6sC85qFUjCr52uEVqyFclkWWHeB7iiOMG6gFzjqx5Ulqaa20xsvgEUULNnejVHPgt4vzD0EsQ6nI8cg18U4g7gGhnbsd9EMrnB3mGdpHDYbJBffLUuNPVgveRCtyHIUJAyILViY8uata4pz7Vx6V0Qp59i2fiktvp27M7D4SgVKo-NpgpyH0YjZjWo_0qDPSIaFpTJHqDySSnp4tweajee4z4AFjbH0wPyaS2dRHrCKKa9EiTctSk5C6iAxgpJjV1zlxMFOrx1Cjo9VzOpb7PGsERFaJQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChqEMRRrKZdrLKMOP2OMP4bKwiATJntKxXMWymPdwwI23ARABIABglZKggrAHggEXY2EtcHViLTAyODQ1MjY4NTA0MjY2NzDIAQmpAnNiPom0EbI-qAMByAMCqgT_AU_QdsrQBEIiQnV4Mt7z7yVb6F9Wp2JJcZIxJvF5Y8N84GnblnJAfCaI5Pet--kpTqXbPnwqZIL-EUwjXTIue8wHBAhsCcPrKu3VkVJbFB7h5wVCywjmov6KVa1gFgr6plR_w5CjQxnc-0OQN9EvTLdvfguRdfUlHzFKoLp3_vA5fUSVem_rR9tN9-cs7SJWQJfx03qRJzKogTt8kf92qNXLBnBn0hULwtUtKYHoNyIEnwLEqBx2p4P76NX265RLxpl1IAswsrq-Z_dsu9LFf7PFTxTde-GG9fKtaIX4JirVnHC7yQ72nf5xNhK5KbtQ6pSmzVtzekiXuy5MY8DZR4AGr82tlebZ3-X7AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCQIgOGAcBABMgLrAjoJgECAgISAgIQISL39wTpY9LKBu_GlhAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0zzDGEml-LK-lQsUqJpUx_FXFFOg%26client%3Dca-pub-0284526850426670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 06 Feb 2025 13:16:54 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame CA5E 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZcoaRQAKJdoGdgfDAAwZYQq99PYcYx_Nq-S7SQ&u=%7CxgT5wVfWBNmm4D21NoaaY4kd6AgKGQzZpjIVpRsyLWs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSWY8jeVe2k8ObqzjhRY3iWdYxeb0TFq0BsrbBRdJGBvh0dfvto9R4hI0kooYm79qmw7qmgBgT6y2MPJbZ0dSBUMWcYP5NKMiYT7A047vX_nXmm1Pu0GcvFfboO45ARdk0ZjCme0YFlLbYWTIhoKWV4T0vvgnbdshFf1CXEr_s_ChdeY1hYv7zvWj5C0Kz5CGAliiRXds3w9COqT_bwz7u-HwdXVe_kci55rf-SSbyzMqyNmOcC-Yvtng2wIHariAs6KeDFB1xbUT09bjRWK9co9mRzCvR-bs_6pMTkdSCoNqSUiss2SJHVqskYZdxunziRrW6sC85qFUjCr52uEVqyFclkWWHeB7iiOMG6gFzjqx5Ulqaa20xsvgEUULNnejVHPgt4vzD0EsQ6nI8cg18U4g7gGhnbsd9EMrnB3mGdpHDYbJBffLUuNPVgveRCtyHIUJAyILViY8uata4pz7Vx6V0Qp59i2fiktvp27M7D4SgVKo-NpgpyH0YjZjWo_0qDPSIaFpTJHqDySSnp4tweajee4z4AFjbH0wPyaS2dRHrCKKa9EiTctSk5C6iAxgpJjV1zlxMFOrx1Cjo9VzOpb7PGsERFaJQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChqEMRRrKZdrLKMOP2OMP4bKwiATJntKxXMWymPdwwI23ARABIABglZKggrAHggEXY2EtcHViLTAyODQ1MjY4NTA0MjY2NzDIAQmpAnNiPom0EbI-qAMByAMCqgT_AU_QdsrQBEIiQnV4Mt7z7yVb6F9Wp2JJcZIxJvF5Y8N84GnblnJAfCaI5Pet--kpTqXbPnwqZIL-EUwjXTIue8wHBAhsCcPrKu3VkVJbFB7h5wVCywjmov6KVa1gFgr6plR_w5CjQxnc-0OQN9EvTLdvfguRdfUlHzFKoLp3_vA5fUSVem_rR9tN9-cs7SJWQJfx03qRJzKogTt8kf92qNXLBnBn0hULwtUtKYHoNyIEnwLEqBx2p4P76NX265RLxpl1IAswsrq-Z_dsu9LFf7PFTxTde-GG9fKtaIX4JirVnHC7yQ72nf5xNhK5KbtQ6pSmzVtzekiXuy5MY8DZR4AGr82tlebZ3-X7AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCQIgOGAcBABMgLrAjoJgECAgISAgIQISL39wTpY9LKBu_GlhAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0zzDGEml-LK-lQsUqJpUx_FXFFOg%26client%3Dca-pub-0284526850426670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:54 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 06 Feb 2025 13:16:54 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame CA5E 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZcoaRQAKJdoGdgfDAAwZYQq99PYcYx_Nq-S7SQ&u=%7CxgT5wVfWBNmm4D21NoaaY4kd6AgKGQzZpjIVpRsyLWs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSWY8jeVe2k8ObqzjhRY3iWdYxeb0TFq0BsrbBRdJGBvh0dfvto9R4hI0kooYm79qmw7qmgBgT6y2MPJbZ0dSBUMWcYP5NKMiYT7A047vX_nXmm1Pu0GcvFfboO45ARdk0ZjCme0YFlLbYWTIhoKWV4T0vvgnbdshFf1CXEr_s_ChdeY1hYv7zvWj5C0Kz5CGAliiRXds3w9COqT_bwz7u-HwdXVe_kci55rf-SSbyzMqyNmOcC-Yvtng2wIHariAs6KeDFB1xbUT09bjRWK9co9mRzCvR-bs_6pMTkdSCoNqSUiss2SJHVqskYZdxunziRrW6sC85qFUjCr52uEVqyFclkWWHeB7iiOMG6gFzjqx5Ulqaa20xsvgEUULNnejVHPgt4vzD0EsQ6nI8cg18U4g7gGhnbsd9EMrnB3mGdpHDYbJBffLUuNPVgveRCtyHIUJAyILViY8uata4pz7Vx6V0Qp59i2fiktvp27M7D4SgVKo-NpgpyH0YjZjWo_0qDPSIaFpTJHqDySSnp4tweajee4z4AFjbH0wPyaS2dRHrCKKa9EiTctSk5C6iAxgpJjV1zlxMFOrx1Cjo9VzOpb7PGsERFaJQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChqEMRRrKZdrLKMOP2OMP4bKwiATJntKxXMWymPdwwI23ARABIABglZKggrAHggEXY2EtcHViLTAyODQ1MjY4NTA0MjY2NzDIAQmpAnNiPom0EbI-qAMByAMCqgT_AU_QdsrQBEIiQnV4Mt7z7yVb6F9Wp2JJcZIxJvF5Y8N84GnblnJAfCaI5Pet--kpTqXbPnwqZIL-EUwjXTIue8wHBAhsCcPrKu3VkVJbFB7h5wVCywjmov6KVa1gFgr6plR_w5CjQxnc-0OQN9EvTLdvfguRdfUlHzFKoLp3_vA5fUSVem_rR9tN9-cs7SJWQJfx03qRJzKogTt8kf92qNXLBnBn0hULwtUtKYHoNyIEnwLEqBx2p4P76NX265RLxpl1IAswsrq-Z_dsu9LFf7PFTxTde-GG9fKtaIX4JirVnHC7yQ72nf5xNhK5KbtQ6pSmzVtzekiXuy5MY8DZR4AGr82tlebZ3-X7AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCQIgOGAcBABMgLrAjoJgECAgISAgIQISL39wTpY9LKBu_GlhAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0zzDGEml-LK-lQsUqJpUx_FXFFOg%26client%3Dca-pub-0284526850426670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:54 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Thu, 06 Feb 2025 13:16:54 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame CA5E 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=jBUn_VM5f0MUAg_BvTGjTYK_zXBNCXd_gTdTmF7a5OfIUDR3z0OQ3lXE7f_X8v6W_pbEkVgSj8Yq2mu-FPBEjaZzykAhSK3rFaH9Be-_Xn84v0VYeg-UDH5KCdM5ChnOvyRL7dihM1SrZB6Mk0yHOcSZZCXpLMBQYEvQwIXloMZBQGAzkKs3rAYibi1BZa1MMdOuykXjDgtlxGPw_kzNIapSIb_6wlbPWsp3Vh3WSehZruED-mH7368N1lqPZEQDqupZ4VTPme5ecW2-ldsdw8b0JYqZuNWBdED7TeQt1rjEIuNQ7F2ibcqkVD4cV5oEk_9slj45RTqtEKlrfC6ewC7akTikse8dsmLVGX8Is6GFrhx4za0vZaT4GhZSp_7dqY4qRB5WZIjebIgazrMEIfXhEab5AbOo57GszUXfwJMlcBkf
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZcoaRQAKJdoGdgfDAAwZYQq99PYcYx_Nq-S7SQ&u=%7CxgT5wVfWBNmm4D21NoaaY4kd6AgKGQzZpjIVpRsyLWs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSWY8jeVe2k8ObqzjhRY3iWdYxeb0TFq0BsrbBRdJGBvh0dfvto9R4hI0kooYm79qmw7qmgBgT6y2MPJbZ0dSBUMWcYP5NKMiYT7A047vX_nXmm1Pu0GcvFfboO45ARdk0ZjCme0YFlLbYWTIhoKWV4T0vvgnbdshFf1CXEr_s_ChdeY1hYv7zvWj5C0Kz5CGAliiRXds3w9COqT_bwz7u-HwdXVe_kci55rf-SSbyzMqyNmOcC-Yvtng2wIHariAs6KeDFB1xbUT09bjRWK9co9mRzCvR-bs_6pMTkdSCoNqSUiss2SJHVqskYZdxunziRrW6sC85qFUjCr52uEVqyFclkWWHeB7iiOMG6gFzjqx5Ulqaa20xsvgEUULNnejVHPgt4vzD0EsQ6nI8cg18U4g7gGhnbsd9EMrnB3mGdpHDYbJBffLUuNPVgveRCtyHIUJAyILViY8uata4pz7Vx6V0Qp59i2fiktvp27M7D4SgVKo-NpgpyH0YjZjWo_0qDPSIaFpTJHqDySSnp4tweajee4z4AFjbH0wPyaS2dRHrCKKa9EiTctSk5C6iAxgpJjV1zlxMFOrx1Cjo9VzOpb7PGsERFaJQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChqEMRRrKZdrLKMOP2OMP4bKwiATJntKxXMWymPdwwI23ARABIABglZKggrAHggEXY2EtcHViLTAyODQ1MjY4NTA0MjY2NzDIAQmpAnNiPom0EbI-qAMByAMCqgT_AU_QdsrQBEIiQnV4Mt7z7yVb6F9Wp2JJcZIxJvF5Y8N84GnblnJAfCaI5Pet--kpTqXbPnwqZIL-EUwjXTIue8wHBAhsCcPrKu3VkVJbFB7h5wVCywjmov6KVa1gFgr6plR_w5CjQxnc-0OQN9EvTLdvfguRdfUlHzFKoLp3_vA5fUSVem_rR9tN9-cs7SJWQJfx03qRJzKogTt8kf92qNXLBnBn0hULwtUtKYHoNyIEnwLEqBx2p4P76NX265RLxpl1IAswsrq-Z_dsu9LFf7PFTxTde-GG9fKtaIX4JirVnHC7yQ72nf5xNhK5KbtQ6pSmzVtzekiXuy5MY8DZR4AGr82tlebZ3-X7AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCQIgOGAcBABMgLrAjoJgECAgISAgIQISL39wTpY9LKBu_GlhAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0zzDGEml-LK-lQsUqJpUx_FXFFOg%26client%3Dca-pub-0284526850426670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Feb 2024 13:16:53 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1772775
expires
Mon, 26 Jul 1997 05:00:00 GMT
m
secure-gl.imrworldwide.com/cgi-bin/ Frame CA5E 		44 B
579 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1707743814
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZcoaRQAKJdoGdgfDAAwZYQq99PYcYx_Nq-S7SQ&u=%7CxgT5wVfWBNmm4D21NoaaY4kd6AgKGQzZpjIVpRsyLWs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSWY8jeVe2k8ObqzjhRY3iWdYxeb0TFq0BsrbBRdJGBvh0dfvto9R4hI0kooYm79qmw7qmgBgT6y2MPJbZ0dSBUMWcYP5NKMiYT7A047vX_nXmm1Pu0GcvFfboO45ARdk0ZjCme0YFlLbYWTIhoKWV4T0vvgnbdshFf1CXEr_s_ChdeY1hYv7zvWj5C0Kz5CGAliiRXds3w9COqT_bwz7u-HwdXVe_kci55rf-SSbyzMqyNmOcC-Yvtng2wIHariAs6KeDFB1xbUT09bjRWK9co9mRzCvR-bs_6pMTkdSCoNqSUiss2SJHVqskYZdxunziRrW6sC85qFUjCr52uEVqyFclkWWHeB7iiOMG6gFzjqx5Ulqaa20xsvgEUULNnejVHPgt4vzD0EsQ6nI8cg18U4g7gGhnbsd9EMrnB3mGdpHDYbJBffLUuNPVgveRCtyHIUJAyILViY8uata4pz7Vx6V0Qp59i2fiktvp27M7D4SgVKo-NpgpyH0YjZjWo_0qDPSIaFpTJHqDySSnp4tweajee4z4AFjbH0wPyaS2dRHrCKKa9EiTctSk5C6iAxgpJjV1zlxMFOrx1Cjo9VzOpb7PGsERFaJQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChqEMRRrKZdrLKMOP2OMP4bKwiATJntKxXMWymPdwwI23ARABIABglZKggrAHggEXY2EtcHViLTAyODQ1MjY4NTA0MjY2NzDIAQmpAnNiPom0EbI-qAMByAMCqgT_AU_QdsrQBEIiQnV4Mt7z7yVb6F9Wp2JJcZIxJvF5Y8N84GnblnJAfCaI5Pet--kpTqXbPnwqZIL-EUwjXTIue8wHBAhsCcPrKu3VkVJbFB7h5wVCywjmov6KVa1gFgr6plR_w5CjQxnc-0OQN9EvTLdvfguRdfUlHzFKoLp3_vA5fUSVem_rR9tN9-cs7SJWQJfx03qRJzKogTt8kf92qNXLBnBn0hULwtUtKYHoNyIEnwLEqBx2p4P76NX265RLxpl1IAswsrq-Z_dsu9LFf7PFTxTde-GG9fKtaIX4JirVnHC7yQ72nf5xNhK5KbtQ6pSmzVtzekiXuy5MY8DZR4AGr82tlebZ3-X7AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCQIgOGAcBABMgLrAjoJgECAgISAgIQISL39wTpY9LKBu_GlhAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0zzDGEml-LK-lQsUqJpUx_FXFFOg%26client%3Dca-pub-0284526850426670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:5a00:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:54 GMT
via
1.1 3f48626dd8757a1af3c75efd40b72542.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
x-cache
Miss from cloudfront
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy
cross-origin
content-length
44
pragma
no-cache
server
nginx
accept-ch
Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
access-control-allow-methods
POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
U87klMmkurRu35lqk8Nzm9_AWunhyA7aK-3798TBqv71gfgby504dA==
expires
Thu, 01 Dec 1994 16:00:00 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mcgrp.ru/
Origin
https://mcgrp.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sat, 10 Feb 2024 02:01:28 GMT
x-content-type-options
nosniff
age
213326
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 19:51:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 09 Feb 2025 02:01:28 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mcgrp.ru/
Origin
https://mcgrp.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 20:27:34 GMT
x-content-type-options
nosniff
age
233360
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 08 Feb 2025 20:27:34 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mcgrp.ru/
Origin
https://mcgrp.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 20:27:34 GMT
x-content-type-options
nosniff
age
233360
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 08 Feb 2025 20:27:34 GMT
AGSKWxVMaQEtcr7GFOQpa1wgbAFNUqlr2H16Lh8ZFJEzyj_co3O7Rk0JyzsMLYdd6JYTLnGnOrR_GUbB2TTmTx89fPP5DKlxBihya0LY4GzDywt7LSU6aYoywJd94IvJlzy0SLUQMZtJpw==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVMaQEtcr7GFOQpa1wgbAFNUqlr2H16Lh8ZFJEzyj_co3O7Rk0JyzsMLYdd6JYTLnGnOrR_GUbB2TTmTx89fPP5DKlxBihya0LY4GzDywt7LSU6aYoywJd94IvJlzy0SLUQMZtJpw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.M0ZgdamONNs.es5.O/am=wA/d=1/rs=AJlcJMxdLTz2qXDoSDjoP5G-9Wfg5kG_5A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-TcxjLMA-UQOB6hZDpnL53g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://mcgrp.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Feb 2024 13:16:54 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-TcxjLMA-UQOB6hZDpnL53g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmII0pBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrABALcXMc27JiHZvAgdUnvQHq1xg3"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://mcgrp.ru
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
img
imageproxy.eu.criteo.net/img/ Frame EC52 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=236&m=0&partner=2861&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F5226686%2F2b0efc3003e14b12a74041e5bb1caaa3_stepstone-logo-gradient-sticker-01-01.png&v=3&w=196&rid=4&s=QQz5sYZImlJ6RLPvGbwyZRY-
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZcoaRQAJW70GdhTpAAlrJ7qKheT065jiKR-rJA&u=%7CxgT5wVfWBNkdybP8YlnbF0vIHz57nZkXdYKInsBR6Kc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUp_kgY2lobi95-175ZKt_5UzcMHe7YrAwQYHt4rpqiT2V12qKPLdjZkINkGqQ_0-tepSBSQ3gD4cacA7Rkr72xAgYIpzB7A5NFqCVscptVbiMwwJv3rTZmcYcjoaToq0ZFVqVCkCltUAIVViBW71ef-hhNYDlgOwTfNRAwAesZASz8lWLzjAjnI7_vVoztpaZBPvhS1WlIWBd_OcIDTpgEb5e6kKSCfkIatucpeqfeKFBpMsNVg4x1lBrwJTGR1jzJWwHLLR6CFq22MzxLDZ1mL1Gv6NzkYGp8DmsaKUioJTeSGEot-pjiaR2CLq-9f_TfN-ItNViLqhkOrm-1XaX63GzDGU0ZGHggCGFU4LiFhVpULHpX5z-INLmq_edNqVYSTkij84kJowhn7os3LEqfTmRItse_ua_LD2Q-MBly8n7taty5qBXTDCKwCM_Llmieo8GKO_g8vCGJsM-X27t2An9IPawTcoqqK6n417bQ-5pPwDsorQoiMPajc1spi95xrxvuizavwHdWOmY0RZ2x4Jc2nBUCSi07FltYcboDoHfoTIcuZiGaKF1SU1AZJiCvMWfjfGWrmei2SJ_CrV8E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGKzIRRrKZb23Jemp2OMPp9alsArJntKxXLWY49aTAcCNtwEQASAAYJWSoIKwB4IBF2NhLXB1Yi0wMjg0NTI2ODUwNDI2NjcwyAEJqQJ_H9928xKyPqgDAcgDAqoE-QFP0CFSfV7V_WBTA8OrW1bkf9vp9KiLUjqiae7_dBXM48pJsK218FXNe2OZoD7MYKY8cXpEaZZo-d2JH6vDzKa-kw2X9yS1xXN6urLTzyazx9qxLQem5cGgVJfEDPbkHiBpq8XFfbZ84bsw1PVYzFYOuiUMLFQz2PWx_J-dxmDdpGedbF7qMIEOATpcDcwq0SMYewT1tHLIr7D2WdLY9cEr6f67LzN-QEG69Ik8AYqAUSurE5YRynzh4-17Es2QtAjlXfBT6E1IKZASB9yMwsMyO51a4eqFkUae2cb5QauIJgG_vCeEN8GFW3Ug4uHMGKykhYvMmPI5dveABq_NrZXm2d_l-wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggkCIDhgHAQATIC6wI6CYBAgICEgICECEi9_cE6WOm7_rrxpYQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2iKLWbiuJbFJp5rBen_3Y1yev4Mg%26client%3Dca-pub-0284526850426670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
5aab09d6f36d5d17349074353ffe15d4ccc2241729da6a3ae5a51a0a9cd73262
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
13925
expires
Sun, 05 Jan 2025 13:02:56 GMT
img
imageproxy.eu.criteo.net/img/ Frame EC52 		583 B
793 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FA%2FlogoDeutsche-Bahn-AG-Region-Sudwest-345849DE-2311071409.gif%3Feb%3D1&v=3&w=400&rid=4&s=BgP8FOik0aG3NKAtAAaaVLY9&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZcoaRQAJW70GdhTpAAlrJ7qKheT065jiKR-rJA&u=%7CxgT5wVfWBNkdybP8YlnbF0vIHz57nZkXdYKInsBR6Kc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUp_kgY2lobi95-175ZKt_5UzcMHe7YrAwQYHt4rpqiT2V12qKPLdjZkINkGqQ_0-tepSBSQ3gD4cacA7Rkr72xAgYIpzB7A5NFqCVscptVbiMwwJv3rTZmcYcjoaToq0ZFVqVCkCltUAIVViBW71ef-hhNYDlgOwTfNRAwAesZASz8lWLzjAjnI7_vVoztpaZBPvhS1WlIWBd_OcIDTpgEb5e6kKSCfkIatucpeqfeKFBpMsNVg4x1lBrwJTGR1jzJWwHLLR6CFq22MzxLDZ1mL1Gv6NzkYGp8DmsaKUioJTeSGEot-pjiaR2CLq-9f_TfN-ItNViLqhkOrm-1XaX63GzDGU0ZGHggCGFU4LiFhVpULHpX5z-INLmq_edNqVYSTkij84kJowhn7os3LEqfTmRItse_ua_LD2Q-MBly8n7taty5qBXTDCKwCM_Llmieo8GKO_g8vCGJsM-X27t2An9IPawTcoqqK6n417bQ-5pPwDsorQoiMPajc1spi95xrxvuizavwHdWOmY0RZ2x4Jc2nBUCSi07FltYcboDoHfoTIcuZiGaKF1SU1AZJiCvMWfjfGWrmei2SJ_CrV8E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGKzIRRrKZb23Jemp2OMPp9alsArJntKxXLWY49aTAcCNtwEQASAAYJWSoIKwB4IBF2NhLXB1Yi0wMjg0NTI2ODUwNDI2NjcwyAEJqQJ_H9928xKyPqgDAcgDAqoE-QFP0CFSfV7V_WBTA8OrW1bkf9vp9KiLUjqiae7_dBXM48pJsK218FXNe2OZoD7MYKY8cXpEaZZo-d2JH6vDzKa-kw2X9yS1xXN6urLTzyazx9qxLQem5cGgVJfEDPbkHiBpq8XFfbZ84bsw1PVYzFYOuiUMLFQz2PWx_J-dxmDdpGedbF7qMIEOATpcDcwq0SMYewT1tHLIr7D2WdLY9cEr6f67LzN-QEG69Ik8AYqAUSurE5YRynzh4-17Es2QtAjlXfBT6E1IKZASB9yMwsMyO51a4eqFkUae2cb5QauIJgG_vCeEN8GFW3Ug4uHMGKykhYvMmPI5dveABq_NrZXm2d_l-wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggkCIDhgHAQATIC6wI6CYBAgICEgICECEi9_cE6WOm7_rrxpYQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2iKLWbiuJbFJp5rBen_3Y1yev4Mg%26client%3Dca-pub-0284526850426670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
9750efacc632fa575ce4f87f1dd3472049652d65c7868da226c0d666f06d9bb7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=86400
timing-allow-origin
*
content-length
583
expires
Mon, 12 Feb 2024 16:48:31 GMT
img
imageproxy.eu.criteo.net/img/ Frame EC52 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FF%2FlogoDELO-Industrie-Klebstoffe-GmbH-Co-KGaA-51548DE-2202010915.gif%3Feb%3D1&v=3&w=400&rid=4&s=2efC2dRhHKgLPgA7nD1sK_Jm&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZcoaRQAJW70GdhTpAAlrJ7qKheT065jiKR-rJA&u=%7CxgT5wVfWBNkdybP8YlnbF0vIHz57nZkXdYKInsBR6Kc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUp_kgY2lobi95-175ZKt_5UzcMHe7YrAwQYHt4rpqiT2V12qKPLdjZkINkGqQ_0-tepSBSQ3gD4cacA7Rkr72xAgYIpzB7A5NFqCVscptVbiMwwJv3rTZmcYcjoaToq0ZFVqVCkCltUAIVViBW71ef-hhNYDlgOwTfNRAwAesZASz8lWLzjAjnI7_vVoztpaZBPvhS1WlIWBd_OcIDTpgEb5e6kKSCfkIatucpeqfeKFBpMsNVg4x1lBrwJTGR1jzJWwHLLR6CFq22MzxLDZ1mL1Gv6NzkYGp8DmsaKUioJTeSGEot-pjiaR2CLq-9f_TfN-ItNViLqhkOrm-1XaX63GzDGU0ZGHggCGFU4LiFhVpULHpX5z-INLmq_edNqVYSTkij84kJowhn7os3LEqfTmRItse_ua_LD2Q-MBly8n7taty5qBXTDCKwCM_Llmieo8GKO_g8vCGJsM-X27t2An9IPawTcoqqK6n417bQ-5pPwDsorQoiMPajc1spi95xrxvuizavwHdWOmY0RZ2x4Jc2nBUCSi07FltYcboDoHfoTIcuZiGaKF1SU1AZJiCvMWfjfGWrmei2SJ_CrV8E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGKzIRRrKZb23Jemp2OMPp9alsArJntKxXLWY49aTAcCNtwEQASAAYJWSoIKwB4IBF2NhLXB1Yi0wMjg0NTI2ODUwNDI2NjcwyAEJqQJ_H9928xKyPqgDAcgDAqoE-QFP0CFSfV7V_WBTA8OrW1bkf9vp9KiLUjqiae7_dBXM48pJsK218FXNe2OZoD7MYKY8cXpEaZZo-d2JH6vDzKa-kw2X9yS1xXN6urLTzyazx9qxLQem5cGgVJfEDPbkHiBpq8XFfbZ84bsw1PVYzFYOuiUMLFQz2PWx_J-dxmDdpGedbF7qMIEOATpcDcwq0SMYewT1tHLIr7D2WdLY9cEr6f67LzN-QEG69Ik8AYqAUSurE5YRynzh4-17Es2QtAjlXfBT6E1IKZASB9yMwsMyO51a4eqFkUae2cb5QauIJgG_vCeEN8GFW3Ug4uHMGKykhYvMmPI5dveABq_NrZXm2d_l-wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggkCIDhgHAQATIC6wI6CYBAgICEgICECEi9_cE6WOm7_rrxpYQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2iKLWbiuJbFJp5rBen_3Y1yev4Mg%26client%3Dca-pub-0284526850426670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b5ba03d7026d251eec6ac85a95a1a262883ac525d84f8b5d904f45873f84ed11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=86338
timing-allow-origin
*
content-length
2314
expires
Tue, 13 Feb 2024 08:26:09 GMT
img
imageproxy.eu.criteo.net/img/ Frame EC52 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FP%2FlogoPRETTL-Electronics-GmbH-172785DE.gif%3Feb%3D1&v=3&w=400&rid=4&s=rx1nL7iN571eq1aDXlr4y8dP&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZcoaRQAJW70GdhTpAAlrJ7qKheT065jiKR-rJA&u=%7CxgT5wVfWBNkdybP8YlnbF0vIHz57nZkXdYKInsBR6Kc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUp_kgY2lobi95-175ZKt_5UzcMHe7YrAwQYHt4rpqiT2V12qKPLdjZkINkGqQ_0-tepSBSQ3gD4cacA7Rkr72xAgYIpzB7A5NFqCVscptVbiMwwJv3rTZmcYcjoaToq0ZFVqVCkCltUAIVViBW71ef-hhNYDlgOwTfNRAwAesZASz8lWLzjAjnI7_vVoztpaZBPvhS1WlIWBd_OcIDTpgEb5e6kKSCfkIatucpeqfeKFBpMsNVg4x1lBrwJTGR1jzJWwHLLR6CFq22MzxLDZ1mL1Gv6NzkYGp8DmsaKUioJTeSGEot-pjiaR2CLq-9f_TfN-ItNViLqhkOrm-1XaX63GzDGU0ZGHggCGFU4LiFhVpULHpX5z-INLmq_edNqVYSTkij84kJowhn7os3LEqfTmRItse_ua_LD2Q-MBly8n7taty5qBXTDCKwCM_Llmieo8GKO_g8vCGJsM-X27t2An9IPawTcoqqK6n417bQ-5pPwDsorQoiMPajc1spi95xrxvuizavwHdWOmY0RZ2x4Jc2nBUCSi07FltYcboDoHfoTIcuZiGaKF1SU1AZJiCvMWfjfGWrmei2SJ_CrV8E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGKzIRRrKZb23Jemp2OMPp9alsArJntKxXLWY49aTAcCNtwEQASAAYJWSoIKwB4IBF2NhLXB1Yi0wMjg0NTI2ODUwNDI2NjcwyAEJqQJ_H9928xKyPqgDAcgDAqoE-QFP0CFSfV7V_WBTA8OrW1bkf9vp9KiLUjqiae7_dBXM48pJsK218FXNe2OZoD7MYKY8cXpEaZZo-d2JH6vDzKa-kw2X9yS1xXN6urLTzyazx9qxLQem5cGgVJfEDPbkHiBpq8XFfbZ84bsw1PVYzFYOuiUMLFQz2PWx_J-dxmDdpGedbF7qMIEOATpcDcwq0SMYewT1tHLIr7D2WdLY9cEr6f67LzN-QEG69Ik8AYqAUSurE5YRynzh4-17Es2QtAjlXfBT6E1IKZASB9yMwsMyO51a4eqFkUae2cb5QauIJgG_vCeEN8GFW3Ug4uHMGKykhYvMmPI5dveABq_NrZXm2d_l-wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggkCIDhgHAQATIC6wI6CYBAgICEgICECEi9_cE6WOm7_rrxpYQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2iKLWbiuJbFJp5rBen_3Y1yev4Mg%26client%3Dca-pub-0284526850426670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
dadee88bc23756d29b8b1c5e98a4e6a70dd6bbd2a20a6a74a91434942c387882
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=85500
timing-allow-origin
*
content-length
1456
expires
Mon, 12 Feb 2024 14:23:01 GMT
img
imageproxy.eu.criteo.net/img/ Frame EC52 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F1%2FlogoANTROK-Anlagentechnik-GmbH-53039DE.gif%3Feb%3D1&v=3&w=400&rid=4&s=V_7e3JG8vrwtWVRxpMC3D-bk&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZcoaRQAJW70GdhTpAAlrJ7qKheT065jiKR-rJA&u=%7CxgT5wVfWBNkdybP8YlnbF0vIHz57nZkXdYKInsBR6Kc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUp_kgY2lobi95-175ZKt_5UzcMHe7YrAwQYHt4rpqiT2V12qKPLdjZkINkGqQ_0-tepSBSQ3gD4cacA7Rkr72xAgYIpzB7A5NFqCVscptVbiMwwJv3rTZmcYcjoaToq0ZFVqVCkCltUAIVViBW71ef-hhNYDlgOwTfNRAwAesZASz8lWLzjAjnI7_vVoztpaZBPvhS1WlIWBd_OcIDTpgEb5e6kKSCfkIatucpeqfeKFBpMsNVg4x1lBrwJTGR1jzJWwHLLR6CFq22MzxLDZ1mL1Gv6NzkYGp8DmsaKUioJTeSGEot-pjiaR2CLq-9f_TfN-ItNViLqhkOrm-1XaX63GzDGU0ZGHggCGFU4LiFhVpULHpX5z-INLmq_edNqVYSTkij84kJowhn7os3LEqfTmRItse_ua_LD2Q-MBly8n7taty5qBXTDCKwCM_Llmieo8GKO_g8vCGJsM-X27t2An9IPawTcoqqK6n417bQ-5pPwDsorQoiMPajc1spi95xrxvuizavwHdWOmY0RZ2x4Jc2nBUCSi07FltYcboDoHfoTIcuZiGaKF1SU1AZJiCvMWfjfGWrmei2SJ_CrV8E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGKzIRRrKZb23Jemp2OMPp9alsArJntKxXLWY49aTAcCNtwEQASAAYJWSoIKwB4IBF2NhLXB1Yi0wMjg0NTI2ODUwNDI2NjcwyAEJqQJ_H9928xKyPqgDAcgDAqoE-QFP0CFSfV7V_WBTA8OrW1bkf9vp9KiLUjqiae7_dBXM48pJsK218FXNe2OZoD7MYKY8cXpEaZZo-d2JH6vDzKa-kw2X9yS1xXN6urLTzyazx9qxLQem5cGgVJfEDPbkHiBpq8XFfbZ84bsw1PVYzFYOuiUMLFQz2PWx_J-dxmDdpGedbF7qMIEOATpcDcwq0SMYewT1tHLIr7D2WdLY9cEr6f67LzN-QEG69Ik8AYqAUSurE5YRynzh4-17Es2QtAjlXfBT6E1IKZASB9yMwsMyO51a4eqFkUae2cb5QauIJgG_vCeEN8GFW3Ug4uHMGKykhYvMmPI5dveABq_NrZXm2d_l-wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggkCIDhgHAQATIC6wI6CYBAgICEgICECEi9_cE6WOm7_rrxpYQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2iKLWbiuJbFJp5rBen_3Y1yev4Mg%26client%3Dca-pub-0284526850426670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b05d026ea9ec9ee554e7d1e2deeecb7589aaa9ba17bd28b236d0f8265554c18d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=86400
timing-allow-origin
*
content-length
2444
expires
Tue, 13 Feb 2024 05:42:05 GMT
img
imageproxy.eu.criteo.net/img/ Frame EC52 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FC%2Flogocentrotherm_photovoltaics_AG____75686DE.gif%3Feb%3D1&v=3&w=400&rid=4&s=M_faI0ePHqEGdBQKoHRlrTXh&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZcoaRQAJW70GdhTpAAlrJ7qKheT065jiKR-rJA&u=%7CxgT5wVfWBNkdybP8YlnbF0vIHz57nZkXdYKInsBR6Kc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUp_kgY2lobi95-175ZKt_5UzcMHe7YrAwQYHt4rpqiT2V12qKPLdjZkINkGqQ_0-tepSBSQ3gD4cacA7Rkr72xAgYIpzB7A5NFqCVscptVbiMwwJv3rTZmcYcjoaToq0ZFVqVCkCltUAIVViBW71ef-hhNYDlgOwTfNRAwAesZASz8lWLzjAjnI7_vVoztpaZBPvhS1WlIWBd_OcIDTpgEb5e6kKSCfkIatucpeqfeKFBpMsNVg4x1lBrwJTGR1jzJWwHLLR6CFq22MzxLDZ1mL1Gv6NzkYGp8DmsaKUioJTeSGEot-pjiaR2CLq-9f_TfN-ItNViLqhkOrm-1XaX63GzDGU0ZGHggCGFU4LiFhVpULHpX5z-INLmq_edNqVYSTkij84kJowhn7os3LEqfTmRItse_ua_LD2Q-MBly8n7taty5qBXTDCKwCM_Llmieo8GKO_g8vCGJsM-X27t2An9IPawTcoqqK6n417bQ-5pPwDsorQoiMPajc1spi95xrxvuizavwHdWOmY0RZ2x4Jc2nBUCSi07FltYcboDoHfoTIcuZiGaKF1SU1AZJiCvMWfjfGWrmei2SJ_CrV8E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGKzIRRrKZb23Jemp2OMPp9alsArJntKxXLWY49aTAcCNtwEQASAAYJWSoIKwB4IBF2NhLXB1Yi0wMjg0NTI2ODUwNDI2NjcwyAEJqQJ_H9928xKyPqgDAcgDAqoE-QFP0CFSfV7V_WBTA8OrW1bkf9vp9KiLUjqiae7_dBXM48pJsK218FXNe2OZoD7MYKY8cXpEaZZo-d2JH6vDzKa-kw2X9yS1xXN6urLTzyazx9qxLQem5cGgVJfEDPbkHiBpq8XFfbZ84bsw1PVYzFYOuiUMLFQz2PWx_J-dxmDdpGedbF7qMIEOATpcDcwq0SMYewT1tHLIr7D2WdLY9cEr6f67LzN-QEG69Ik8AYqAUSurE5YRynzh4-17Es2QtAjlXfBT6E1IKZASB9yMwsMyO51a4eqFkUae2cb5QauIJgG_vCeEN8GFW3Ug4uHMGKykhYvMmPI5dveABq_NrZXm2d_l-wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggkCIDhgHAQATIC6wI6CYBAgICEgICECEi9_cE6WOm7_rrxpYQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2iKLWbiuJbFJp5rBen_3Y1yev4Mg%26client%3Dca-pub-0284526850426670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
faeb6a7c92370d994a2bdfe9b78984770e784b8987e67aca2ca3810d08d29d2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=85379
timing-allow-origin
*
content-length
3361
expires
Tue, 13 Feb 2024 08:10:30 GMT
img
imageproxy.eu.criteo.net/img/ Frame EC52 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F6%2FlogoErnst-Young-GmbH-Wirtschaftsprufungsgesellschaft-28690DE-2108251700.gif%3Feb%3D1&v=3&w=400&rid=4&s=wvFEOD0fRQ57Djzb3rKk_7Dj&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZcoaRQAJW70GdhTpAAlrJ7qKheT065jiKR-rJA&u=%7CxgT5wVfWBNkdybP8YlnbF0vIHz57nZkXdYKInsBR6Kc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUp_kgY2lobi95-175ZKt_5UzcMHe7YrAwQYHt4rpqiT2V12qKPLdjZkINkGqQ_0-tepSBSQ3gD4cacA7Rkr72xAgYIpzB7A5NFqCVscptVbiMwwJv3rTZmcYcjoaToq0ZFVqVCkCltUAIVViBW71ef-hhNYDlgOwTfNRAwAesZASz8lWLzjAjnI7_vVoztpaZBPvhS1WlIWBd_OcIDTpgEb5e6kKSCfkIatucpeqfeKFBpMsNVg4x1lBrwJTGR1jzJWwHLLR6CFq22MzxLDZ1mL1Gv6NzkYGp8DmsaKUioJTeSGEot-pjiaR2CLq-9f_TfN-ItNViLqhkOrm-1XaX63GzDGU0ZGHggCGFU4LiFhVpULHpX5z-INLmq_edNqVYSTkij84kJowhn7os3LEqfTmRItse_ua_LD2Q-MBly8n7taty5qBXTDCKwCM_Llmieo8GKO_g8vCGJsM-X27t2An9IPawTcoqqK6n417bQ-5pPwDsorQoiMPajc1spi95xrxvuizavwHdWOmY0RZ2x4Jc2nBUCSi07FltYcboDoHfoTIcuZiGaKF1SU1AZJiCvMWfjfGWrmei2SJ_CrV8E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGKzIRRrKZb23Jemp2OMPp9alsArJntKxXLWY49aTAcCNtwEQASAAYJWSoIKwB4IBF2NhLXB1Yi0wMjg0NTI2ODUwNDI2NjcwyAEJqQJ_H9928xKyPqgDAcgDAqoE-QFP0CFSfV7V_WBTA8OrW1bkf9vp9KiLUjqiae7_dBXM48pJsK218FXNe2OZoD7MYKY8cXpEaZZo-d2JH6vDzKa-kw2X9yS1xXN6urLTzyazx9qxLQem5cGgVJfEDPbkHiBpq8XFfbZ84bsw1PVYzFYOuiUMLFQz2PWx_J-dxmDdpGedbF7qMIEOATpcDcwq0SMYewT1tHLIr7D2WdLY9cEr6f67LzN-QEG69Ik8AYqAUSurE5YRynzh4-17Es2QtAjlXfBT6E1IKZASB9yMwsMyO51a4eqFkUae2cb5QauIJgG_vCeEN8GFW3Ug4uHMGKykhYvMmPI5dveABq_NrZXm2d_l-wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggkCIDhgHAQATIC6wI6CYBAgICEgICECEi9_cE6WOm7_rrxpYQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2iKLWbiuJbFJp5rBen_3Y1yev4Mg%26client%3Dca-pub-0284526850426670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
59f3681e05f515f597b087b4ea8886306fc363375ca24321cbe49d77132d4666
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=85507
timing-allow-origin
*
content-length
5734
expires
Mon, 12 Feb 2024 15:17:58 GMT
img
imageproxy.eu.criteo.net/img/ Frame EC52 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F6%2FlogoBosch-Gruppe-2804DE-1909091413.gif%3Feb%3D1&v=3&w=400&rid=4&s=OSdOZRntYbchQdnvU9-RxGZ0&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZcoaRQAJW70GdhTpAAlrJ7qKheT065jiKR-rJA&u=%7CxgT5wVfWBNkdybP8YlnbF0vIHz57nZkXdYKInsBR6Kc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUp_kgY2lobi95-175ZKt_5UzcMHe7YrAwQYHt4rpqiT2V12qKPLdjZkINkGqQ_0-tepSBSQ3gD4cacA7Rkr72xAgYIpzB7A5NFqCVscptVbiMwwJv3rTZmcYcjoaToq0ZFVqVCkCltUAIVViBW71ef-hhNYDlgOwTfNRAwAesZASz8lWLzjAjnI7_vVoztpaZBPvhS1WlIWBd_OcIDTpgEb5e6kKSCfkIatucpeqfeKFBpMsNVg4x1lBrwJTGR1jzJWwHLLR6CFq22MzxLDZ1mL1Gv6NzkYGp8DmsaKUioJTeSGEot-pjiaR2CLq-9f_TfN-ItNViLqhkOrm-1XaX63GzDGU0ZGHggCGFU4LiFhVpULHpX5z-INLmq_edNqVYSTkij84kJowhn7os3LEqfTmRItse_ua_LD2Q-MBly8n7taty5qBXTDCKwCM_Llmieo8GKO_g8vCGJsM-X27t2An9IPawTcoqqK6n417bQ-5pPwDsorQoiMPajc1spi95xrxvuizavwHdWOmY0RZ2x4Jc2nBUCSi07FltYcboDoHfoTIcuZiGaKF1SU1AZJiCvMWfjfGWrmei2SJ_CrV8E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGKzIRRrKZb23Jemp2OMPp9alsArJntKxXLWY49aTAcCNtwEQASAAYJWSoIKwB4IBF2NhLXB1Yi0wMjg0NTI2ODUwNDI2NjcwyAEJqQJ_H9928xKyPqgDAcgDAqoE-QFP0CFSfV7V_WBTA8OrW1bkf9vp9KiLUjqiae7_dBXM48pJsK218FXNe2OZoD7MYKY8cXpEaZZo-d2JH6vDzKa-kw2X9yS1xXN6urLTzyazx9qxLQem5cGgVJfEDPbkHiBpq8XFfbZ84bsw1PVYzFYOuiUMLFQz2PWx_J-dxmDdpGedbF7qMIEOATpcDcwq0SMYewT1tHLIr7D2WdLY9cEr6f67LzN-QEG69Ik8AYqAUSurE5YRynzh4-17Es2QtAjlXfBT6E1IKZASB9yMwsMyO51a4eqFkUae2cb5QauIJgG_vCeEN8GFW3Ug4uHMGKykhYvMmPI5dveABq_NrZXm2d_l-wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggkCIDhgHAQATIC6wI6CYBAgICEgICECEi9_cE6WOm7_rrxpYQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2iKLWbiuJbFJp5rBen_3Y1yev4Mg%26client%3Dca-pub-0284526850426670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
590902941df60bb8d5a4733cf248267f869a2bd2dec49a3e373a992573745f2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=85528
timing-allow-origin
*
content-length
1582
expires
Mon, 12 Feb 2024 13:30:15 GMT
img
imageproxy.eu.criteo.net/img/ Frame EC52 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FZ%2FlogoZEISS-3427DE.gif%3Feb%3D1&v=3&w=400&rid=4&s=5QuUgeu-NNeIXx5Pm3vTp225&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZcoaRQAJW70GdhTpAAlrJ7qKheT065jiKR-rJA&u=%7CxgT5wVfWBNkdybP8YlnbF0vIHz57nZkXdYKInsBR6Kc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUp_kgY2lobi95-175ZKt_5UzcMHe7YrAwQYHt4rpqiT2V12qKPLdjZkINkGqQ_0-tepSBSQ3gD4cacA7Rkr72xAgYIpzB7A5NFqCVscptVbiMwwJv3rTZmcYcjoaToq0ZFVqVCkCltUAIVViBW71ef-hhNYDlgOwTfNRAwAesZASz8lWLzjAjnI7_vVoztpaZBPvhS1WlIWBd_OcIDTpgEb5e6kKSCfkIatucpeqfeKFBpMsNVg4x1lBrwJTGR1jzJWwHLLR6CFq22MzxLDZ1mL1Gv6NzkYGp8DmsaKUioJTeSGEot-pjiaR2CLq-9f_TfN-ItNViLqhkOrm-1XaX63GzDGU0ZGHggCGFU4LiFhVpULHpX5z-INLmq_edNqVYSTkij84kJowhn7os3LEqfTmRItse_ua_LD2Q-MBly8n7taty5qBXTDCKwCM_Llmieo8GKO_g8vCGJsM-X27t2An9IPawTcoqqK6n417bQ-5pPwDsorQoiMPajc1spi95xrxvuizavwHdWOmY0RZ2x4Jc2nBUCSi07FltYcboDoHfoTIcuZiGaKF1SU1AZJiCvMWfjfGWrmei2SJ_CrV8E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGKzIRRrKZb23Jemp2OMPp9alsArJntKxXLWY49aTAcCNtwEQASAAYJWSoIKwB4IBF2NhLXB1Yi0wMjg0NTI2ODUwNDI2NjcwyAEJqQJ_H9928xKyPqgDAcgDAqoE-QFP0CFSfV7V_WBTA8OrW1bkf9vp9KiLUjqiae7_dBXM48pJsK218FXNe2OZoD7MYKY8cXpEaZZo-d2JH6vDzKa-kw2X9yS1xXN6urLTzyazx9qxLQem5cGgVJfEDPbkHiBpq8XFfbZ84bsw1PVYzFYOuiUMLFQz2PWx_J-dxmDdpGedbF7qMIEOATpcDcwq0SMYewT1tHLIr7D2WdLY9cEr6f67LzN-QEG69Ik8AYqAUSurE5YRynzh4-17Es2QtAjlXfBT6E1IKZASB9yMwsMyO51a4eqFkUae2cb5QauIJgG_vCeEN8GFW3Ug4uHMGKykhYvMmPI5dveABq_NrZXm2d_l-wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggkCIDhgHAQATIC6wI6CYBAgICEgICECEi9_cE6WOm7_rrxpYQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2iKLWbiuJbFJp5rBen_3Y1yev4Mg%26client%3Dca-pub-0284526850426670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
bfbe88ff7cf1f6b7c145d30018e05b2154eec8b86d861fa185dea8bb88decb46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=86268
timing-allow-origin
*
content-length
1196
expires
Mon, 12 Feb 2024 18:05:40 GMT
img
imageproxy.eu.criteo.net/img/ Frame EC52 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FG%2FlogoGWS_Gesellschaft_f%25C3%25BCr_Warenwirtschafts-Systeme_mbH___48487DE.gif%3Feb%3D1&v=3&w=400&rid=4&s=J_inaQDKQgTqr6z2qHTuIvPe&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZcoaRQAJW70GdhTpAAlrJ7qKheT065jiKR-rJA&u=%7CxgT5wVfWBNkdybP8YlnbF0vIHz57nZkXdYKInsBR6Kc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUp_kgY2lobi95-175ZKt_5UzcMHe7YrAwQYHt4rpqiT2V12qKPLdjZkINkGqQ_0-tepSBSQ3gD4cacA7Rkr72xAgYIpzB7A5NFqCVscptVbiMwwJv3rTZmcYcjoaToq0ZFVqVCkCltUAIVViBW71ef-hhNYDlgOwTfNRAwAesZASz8lWLzjAjnI7_vVoztpaZBPvhS1WlIWBd_OcIDTpgEb5e6kKSCfkIatucpeqfeKFBpMsNVg4x1lBrwJTGR1jzJWwHLLR6CFq22MzxLDZ1mL1Gv6NzkYGp8DmsaKUioJTeSGEot-pjiaR2CLq-9f_TfN-ItNViLqhkOrm-1XaX63GzDGU0ZGHggCGFU4LiFhVpULHpX5z-INLmq_edNqVYSTkij84kJowhn7os3LEqfTmRItse_ua_LD2Q-MBly8n7taty5qBXTDCKwCM_Llmieo8GKO_g8vCGJsM-X27t2An9IPawTcoqqK6n417bQ-5pPwDsorQoiMPajc1spi95xrxvuizavwHdWOmY0RZ2x4Jc2nBUCSi07FltYcboDoHfoTIcuZiGaKF1SU1AZJiCvMWfjfGWrmei2SJ_CrV8E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGKzIRRrKZb23Jemp2OMPp9alsArJntKxXLWY49aTAcCNtwEQASAAYJWSoIKwB4IBF2NhLXB1Yi0wMjg0NTI2ODUwNDI2NjcwyAEJqQJ_H9928xKyPqgDAcgDAqoE-QFP0CFSfV7V_WBTA8OrW1bkf9vp9KiLUjqiae7_dBXM48pJsK218FXNe2OZoD7MYKY8cXpEaZZo-d2JH6vDzKa-kw2X9yS1xXN6urLTzyazx9qxLQem5cGgVJfEDPbkHiBpq8XFfbZ84bsw1PVYzFYOuiUMLFQz2PWx_J-dxmDdpGedbF7qMIEOATpcDcwq0SMYewT1tHLIr7D2WdLY9cEr6f67LzN-QEG69Ik8AYqAUSurE5YRynzh4-17Es2QtAjlXfBT6E1IKZASB9yMwsMyO51a4eqFkUae2cb5QauIJgG_vCeEN8GFW3Ug4uHMGKykhYvMmPI5dveABq_NrZXm2d_l-wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggkCIDhgHAQATIC6wI6CYBAgICEgICECEi9_cE6WOm7_rrxpYQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2iKLWbiuJbFJp5rBen_3Y1yev4Mg%26client%3Dca-pub-0284526850426670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
6f8c50527419722ed3f104f107f99b7d4a9655813c39fbe53f28c6c48bd7437e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=86365
timing-allow-origin
*
content-length
1800
expires
Mon, 12 Feb 2024 16:56:33 GMT
all
csm.eu.criteo.net/ Frame EC52 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=7fgRty0FHlsTHk8dy-Ngg3ZEhSZtz3bZuPhGqnVLtZhZqY4MA2K8JlEWG0feNko8j1XQEq75mMvH6kAJLngpQqw3wqfW0WtM6itbGBiyADmZ0S11OOxsXe9N2Ap1_Lw_egKJbjw8dutI0RAp9r8Je6VoHk7qOXRygRb7B_6szSSFIkjB9nbPlwXEmy1NWK5Tnv9Elr1IcC4-iLNVO7QdipSOyM90r9p9bT6KuJdeo-2pp1y8-qJTh5DhVVgb6Kwy8uUI2w&sds=2&rev=90562.7&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZcoaRQAJW70GdhTpAAlrJ7qKheT065jiKR-rJA&u=%7CxgT5wVfWBNkdybP8YlnbF0vIHz57nZkXdYKInsBR6Kc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUp_kgY2lobi95-175ZKt_5UzcMHe7YrAwQYHt4rpqiT2V12qKPLdjZkINkGqQ_0-tepSBSQ3gD4cacA7Rkr72xAgYIpzB7A5NFqCVscptVbiMwwJv3rTZmcYcjoaToq0ZFVqVCkCltUAIVViBW71ef-hhNYDlgOwTfNRAwAesZASz8lWLzjAjnI7_vVoztpaZBPvhS1WlIWBd_OcIDTpgEb5e6kKSCfkIatucpeqfeKFBpMsNVg4x1lBrwJTGR1jzJWwHLLR6CFq22MzxLDZ1mL1Gv6NzkYGp8DmsaKUioJTeSGEot-pjiaR2CLq-9f_TfN-ItNViLqhkOrm-1XaX63GzDGU0ZGHggCGFU4LiFhVpULHpX5z-INLmq_edNqVYSTkij84kJowhn7os3LEqfTmRItse_ua_LD2Q-MBly8n7taty5qBXTDCKwCM_Llmieo8GKO_g8vCGJsM-X27t2An9IPawTcoqqK6n417bQ-5pPwDsorQoiMPajc1spi95xrxvuizavwHdWOmY0RZ2x4Jc2nBUCSi07FltYcboDoHfoTIcuZiGaKF1SU1AZJiCvMWfjfGWrmei2SJ_CrV8E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGKzIRRrKZb23Jemp2OMPp9alsArJntKxXLWY49aTAcCNtwEQASAAYJWSoIKwB4IBF2NhLXB1Yi0wMjg0NTI2ODUwNDI2NjcwyAEJqQJ_H9928xKyPqgDAcgDAqoE-QFP0CFSfV7V_WBTA8OrW1bkf9vp9KiLUjqiae7_dBXM48pJsK218FXNe2OZoD7MYKY8cXpEaZZo-d2JH6vDzKa-kw2X9yS1xXN6urLTzyazx9qxLQem5cGgVJfEDPbkHiBpq8XFfbZ84bsw1PVYzFYOuiUMLFQz2PWx_J-dxmDdpGedbF7qMIEOATpcDcwq0SMYewT1tHLIr7D2WdLY9cEr6f67LzN-QEG69Ik8AYqAUSurE5YRynzh4-17Es2QtAjlXfBT6E1IKZASB9yMwsMyO51a4eqFkUae2cb5QauIJgG_vCeEN8GFW3Ug4uHMGKykhYvMmPI5dveABq_NrZXm2d_l-wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggkCIDhgHAQATIC6wI6CYBAgICEgICECEi9_cE6WOm7_rrxpYQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2iKLWbiuJbFJp5rBen_3Y1yev4Mg%26client%3Dca-pub-0284526850426670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 12 Feb 2024 13:16:53 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame EC52 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZcoaRQAJW70GdhTpAAlrJ7qKheT065jiKR-rJA&u=%7CxgT5wVfWBNkdybP8YlnbF0vIHz57nZkXdYKInsBR6Kc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUp_kgY2lobi95-175ZKt_5UzcMHe7YrAwQYHt4rpqiT2V12qKPLdjZkINkGqQ_0-tepSBSQ3gD4cacA7Rkr72xAgYIpzB7A5NFqCVscptVbiMwwJv3rTZmcYcjoaToq0ZFVqVCkCltUAIVViBW71ef-hhNYDlgOwTfNRAwAesZASz8lWLzjAjnI7_vVoztpaZBPvhS1WlIWBd_OcIDTpgEb5e6kKSCfkIatucpeqfeKFBpMsNVg4x1lBrwJTGR1jzJWwHLLR6CFq22MzxLDZ1mL1Gv6NzkYGp8DmsaKUioJTeSGEot-pjiaR2CLq-9f_TfN-ItNViLqhkOrm-1XaX63GzDGU0ZGHggCGFU4LiFhVpULHpX5z-INLmq_edNqVYSTkij84kJowhn7os3LEqfTmRItse_ua_LD2Q-MBly8n7taty5qBXTDCKwCM_Llmieo8GKO_g8vCGJsM-X27t2An9IPawTcoqqK6n417bQ-5pPwDsorQoiMPajc1spi95xrxvuizavwHdWOmY0RZ2x4Jc2nBUCSi07FltYcboDoHfoTIcuZiGaKF1SU1AZJiCvMWfjfGWrmei2SJ_CrV8E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGKzIRRrKZb23Jemp2OMPp9alsArJntKxXLWY49aTAcCNtwEQASAAYJWSoIKwB4IBF2NhLXB1Yi0wMjg0NTI2ODUwNDI2NjcwyAEJqQJ_H9928xKyPqgDAcgDAqoE-QFP0CFSfV7V_WBTA8OrW1bkf9vp9KiLUjqiae7_dBXM48pJsK218FXNe2OZoD7MYKY8cXpEaZZo-d2JH6vDzKa-kw2X9yS1xXN6urLTzyazx9qxLQem5cGgVJfEDPbkHiBpq8XFfbZ84bsw1PVYzFYOuiUMLFQz2PWx_J-dxmDdpGedbF7qMIEOATpcDcwq0SMYewT1tHLIr7D2WdLY9cEr6f67LzN-QEG69Ik8AYqAUSurE5YRynzh4-17Es2QtAjlXfBT6E1IKZASB9yMwsMyO51a4eqFkUae2cb5QauIJgG_vCeEN8GFW3Ug4uHMGKykhYvMmPI5dveABq_NrZXm2d_l-wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggkCIDhgHAQATIC6wI6CYBAgICEgICECEi9_cE6WOm7_rrxpYQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2iKLWbiuJbFJp5rBen_3Y1yev4Mg%26client%3Dca-pub-0284526850426670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 06 Feb 2025 13:16:54 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame EC52 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZcoaRQAJW70GdhTpAAlrJ7qKheT065jiKR-rJA&u=%7CxgT5wVfWBNkdybP8YlnbF0vIHz57nZkXdYKInsBR6Kc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUp_kgY2lobi95-175ZKt_5UzcMHe7YrAwQYHt4rpqiT2V12qKPLdjZkINkGqQ_0-tepSBSQ3gD4cacA7Rkr72xAgYIpzB7A5NFqCVscptVbiMwwJv3rTZmcYcjoaToq0ZFVqVCkCltUAIVViBW71ef-hhNYDlgOwTfNRAwAesZASz8lWLzjAjnI7_vVoztpaZBPvhS1WlIWBd_OcIDTpgEb5e6kKSCfkIatucpeqfeKFBpMsNVg4x1lBrwJTGR1jzJWwHLLR6CFq22MzxLDZ1mL1Gv6NzkYGp8DmsaKUioJTeSGEot-pjiaR2CLq-9f_TfN-ItNViLqhkOrm-1XaX63GzDGU0ZGHggCGFU4LiFhVpULHpX5z-INLmq_edNqVYSTkij84kJowhn7os3LEqfTmRItse_ua_LD2Q-MBly8n7taty5qBXTDCKwCM_Llmieo8GKO_g8vCGJsM-X27t2An9IPawTcoqqK6n417bQ-5pPwDsorQoiMPajc1spi95xrxvuizavwHdWOmY0RZ2x4Jc2nBUCSi07FltYcboDoHfoTIcuZiGaKF1SU1AZJiCvMWfjfGWrmei2SJ_CrV8E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGKzIRRrKZb23Jemp2OMPp9alsArJntKxXLWY49aTAcCNtwEQASAAYJWSoIKwB4IBF2NhLXB1Yi0wMjg0NTI2ODUwNDI2NjcwyAEJqQJ_H9928xKyPqgDAcgDAqoE-QFP0CFSfV7V_WBTA8OrW1bkf9vp9KiLUjqiae7_dBXM48pJsK218FXNe2OZoD7MYKY8cXpEaZZo-d2JH6vDzKa-kw2X9yS1xXN6urLTzyazx9qxLQem5cGgVJfEDPbkHiBpq8XFfbZ84bsw1PVYzFYOuiUMLFQz2PWx_J-dxmDdpGedbF7qMIEOATpcDcwq0SMYewT1tHLIr7D2WdLY9cEr6f67LzN-QEG69Ik8AYqAUSurE5YRynzh4-17Es2QtAjlXfBT6E1IKZASB9yMwsMyO51a4eqFkUae2cb5QauIJgG_vCeEN8GFW3Ug4uHMGKykhYvMmPI5dveABq_NrZXm2d_l-wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggkCIDhgHAQATIC6wI6CYBAgICEgICECEi9_cE6WOm7_rrxpYQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2iKLWbiuJbFJp5rBen_3Y1yev4Mg%26client%3Dca-pub-0284526850426670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 06 Feb 2025 13:16:54 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 7D54 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZcoaRQAJwsIGdgw2AAmiy8KyxItATs6HBoIhHg&u=%7CxgT5wVfWBNlG7SQlZEUDdQOgzmIJj5WP5c3yF9fzxYw%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_TwyvpqAGq0ZdC3ai4cspT3vKmwbXBSN1779wSnj7X3AfLotdCvUamZj5R2Bu5aebxUGTbXxcyiDq4o8ZoS5DeRFOOjKl1D-opNouj72riIusisMlksNW4jxBmyQ-3MhpdYiSAhS40a6sIK41no9ahUOBZ6VT-FzVwwNjWeZ8RpNDVpCLi3HZOS703sdQFst8T05nrU7eXrjMYljdGoqMyYzmasiaFQKkVESSD3jOb0PReb9JM4I3GPrGNNcLiSlgfVtUXx9oDDGmVOPVgO4jSL-3NEnOdhiAELOqYaGnAT-l9FT7qbR_kG90OuXYSWnWZO8IVQAj7S4vfEICODdLwHPUeEF-pm5unYWUYX6rinrO6okWogJ5ZY-sCBVvSQpBD3ZP9uGPxVzDwEGPgy6tq4iNMrULZ0agZx6k-l2UTL4VszoVq2hGa9A49Hs9D-ktPv0iJJvcD_M6yxmOja2HSv5LjY_50crv1O8LCUJINmlKxkgKzcRxCR8WrETosDuThDycnho8RAKjY5ecD0IZ4sdRj7blODC8BZgXD0iRKdFTHGVmHYz32KCtxPodIfbqGap6M0BwKEC_ZN_8UvbAJYY9J_YDgEfyEg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNh6hRRrKZcKFJ7aY2OMPy8Wm4APJntKxXPWR3r6xAcCNtwEQASAAYJWSoIKwB4IBF2NhLXB1Yi0wMjg0NTI2ODUwNDI2NjcwyAEJqQJ_H9928xKyPqgDAcgDAqoE-AFP0O2R8Pps-IXBiWsjLewWtV2sHME4Swa3I1FCnu3lYT_evyR4wKSP3CK_sjwJ0nvacURmwl18CE3DL2eifKTc4WqoK9VvVpSVpMqsC0JWFc9PK2SENSt22G7bbJaihIP3FO3uykyeA7RsLkNHFNPWrfpu0eAlWxrQIzlH-ceKwAO5B0MCdsFyqwNDT3yQGVuXXoDpgzRZVuLBUHNreFpCEX4f8obQzu7dQYC-2rbRwJy82D7HN_cHEfda18bt-135VZ3KNm7ELZuBnuRjCVN-t2I0LDAH4KG7XK0MsNfQrWR2KH1_YXPSU7iRzXGo7NK-eAKiDrZvOYAGr82tlebZ3-X7AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCQIgOGAcBABMgLrAjoJgECAgISAgIQISL39wTpY58n_uvGlhAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3MeMEiJL6tv3eqtk9yeAS28v1vmw%26client%3Dca-pub-0284526850426670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1104153
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xqgm%2B5%2Bszhmu5q%2Fto5YbViL6guaXhbaVh0qe3LrmbNwrZg8N4GPWKwqlTe0yAz7vZMuKrKB9pK4JAkhle7wzIz7oHLWuSj%2FzXNZ2ZlvvVjCb%2Blja7KpzEw6s3VV5RnBNZstyrrWDy9fOi3E%2BBjIW6raD"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
85451bd68db5bb7a-FRA
expires
Sat, 01 Feb 2025 13:16:54 GMT
animejs.js
static.criteo.net/animejs/ Frame 7D54 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZcoaRQAJwsIGdgw2AAmiy8KyxItATs6HBoIhHg&u=%7CxgT5wVfWBNlG7SQlZEUDdQOgzmIJj5WP5c3yF9fzxYw%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_TwyvpqAGq0ZdC3ai4cspT3vKmwbXBSN1779wSnj7X3AfLotdCvUamZj5R2Bu5aebxUGTbXxcyiDq4o8ZoS5DeRFOOjKl1D-opNouj72riIusisMlksNW4jxBmyQ-3MhpdYiSAhS40a6sIK41no9ahUOBZ6VT-FzVwwNjWeZ8RpNDVpCLi3HZOS703sdQFst8T05nrU7eXrjMYljdGoqMyYzmasiaFQKkVESSD3jOb0PReb9JM4I3GPrGNNcLiSlgfVtUXx9oDDGmVOPVgO4jSL-3NEnOdhiAELOqYaGnAT-l9FT7qbR_kG90OuXYSWnWZO8IVQAj7S4vfEICODdLwHPUeEF-pm5unYWUYX6rinrO6okWogJ5ZY-sCBVvSQpBD3ZP9uGPxVzDwEGPgy6tq4iNMrULZ0agZx6k-l2UTL4VszoVq2hGa9A49Hs9D-ktPv0iJJvcD_M6yxmOja2HSv5LjY_50crv1O8LCUJINmlKxkgKzcRxCR8WrETosDuThDycnho8RAKjY5ecD0IZ4sdRj7blODC8BZgXD0iRKdFTHGVmHYz32KCtxPodIfbqGap6M0BwKEC_ZN_8UvbAJYY9J_YDgEfyEg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNh6hRRrKZcKFJ7aY2OMPy8Wm4APJntKxXPWR3r6xAcCNtwEQASAAYJWSoIKwB4IBF2NhLXB1Yi0wMjg0NTI2ODUwNDI2NjcwyAEJqQJ_H9928xKyPqgDAcgDAqoE-AFP0O2R8Pps-IXBiWsjLewWtV2sHME4Swa3I1FCnu3lYT_evyR4wKSP3CK_sjwJ0nvacURmwl18CE3DL2eifKTc4WqoK9VvVpSVpMqsC0JWFc9PK2SENSt22G7bbJaihIP3FO3uykyeA7RsLkNHFNPWrfpu0eAlWxrQIzlH-ceKwAO5B0MCdsFyqwNDT3yQGVuXXoDpgzRZVuLBUHNreFpCEX4f8obQzu7dQYC-2rbRwJy82D7HN_cHEfda18bt-135VZ3KNm7ELZuBnuRjCVN-t2I0LDAH4KG7XK0MsNfQrWR2KH1_YXPSU7iRzXGo7NK-eAKiDrZvOYAGr82tlebZ3-X7AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCQIgOGAcBABMgLrAjoJgECAgISAgIQISL39wTpY58n_uvGlhAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3MeMEiJL6tv3eqtk9yeAS28v1vmw%26client%3Dca-pub-0284526850426670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 06 Feb 2025 13:16:54 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame CA5E 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZcoaRQAKJdoGdgfDAAwZYQq99PYcYx_Nq-S7SQ&u=%7CxgT5wVfWBNmm4D21NoaaY4kd6AgKGQzZpjIVpRsyLWs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSWY8jeVe2k8ObqzjhRY3iWdYxeb0TFq0BsrbBRdJGBvh0dfvto9R4hI0kooYm79qmw7qmgBgT6y2MPJbZ0dSBUMWcYP5NKMiYT7A047vX_nXmm1Pu0GcvFfboO45ARdk0ZjCme0YFlLbYWTIhoKWV4T0vvgnbdshFf1CXEr_s_ChdeY1hYv7zvWj5C0Kz5CGAliiRXds3w9COqT_bwz7u-HwdXVe_kci55rf-SSbyzMqyNmOcC-Yvtng2wIHariAs6KeDFB1xbUT09bjRWK9co9mRzCvR-bs_6pMTkdSCoNqSUiss2SJHVqskYZdxunziRrW6sC85qFUjCr52uEVqyFclkWWHeB7iiOMG6gFzjqx5Ulqaa20xsvgEUULNnejVHPgt4vzD0EsQ6nI8cg18U4g7gGhnbsd9EMrnB3mGdpHDYbJBffLUuNPVgveRCtyHIUJAyILViY8uata4pz7Vx6V0Qp59i2fiktvp27M7D4SgVKo-NpgpyH0YjZjWo_0qDPSIaFpTJHqDySSnp4tweajee4z4AFjbH0wPyaS2dRHrCKKa9EiTctSk5C6iAxgpJjV1zlxMFOrx1Cjo9VzOpb7PGsERFaJQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChqEMRRrKZdrLKMOP2OMP4bKwiATJntKxXMWymPdwwI23ARABIABglZKggrAHggEXY2EtcHViLTAyODQ1MjY4NTA0MjY2NzDIAQmpAnNiPom0EbI-qAMByAMCqgT_AU_QdsrQBEIiQnV4Mt7z7yVb6F9Wp2JJcZIxJvF5Y8N84GnblnJAfCaI5Pet--kpTqXbPnwqZIL-EUwjXTIue8wHBAhsCcPrKu3VkVJbFB7h5wVCywjmov6KVa1gFgr6plR_w5CjQxnc-0OQN9EvTLdvfguRdfUlHzFKoLp3_vA5fUSVem_rR9tN9-cs7SJWQJfx03qRJzKogTt8kf92qNXLBnBn0hULwtUtKYHoNyIEnwLEqBx2p4P76NX265RLxpl1IAswsrq-Z_dsu9LFf7PFTxTde-GG9fKtaIX4JirVnHC7yQ72nf5xNhK5KbtQ6pSmzVtzekiXuy5MY8DZR4AGr82tlebZ3-X7AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCQIgOGAcBABMgLrAjoJgECAgISAgIQISL39wTpY9LKBu_GlhAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0zzDGEml-LK-lQsUqJpUx_FXFFOg%26client%3Dca-pub-0284526850426670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1104153
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HNKfZ9vAq%2BCwvhtdd2wTgw%2BnhXHwted2x46Jr3ZqkQtG518BVz4G832d1qh6YQHBoKahMDh7lPcahGFpjT8iy%2B1a%2Bzywg8duAin0coK0V5dvzA56hhSyrIucU3VtwWzZ8wxdF58HFPHh81jJniGAEvpo"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
85451bd6adcbbb7a-FRA
expires
Sat, 01 Feb 2025 13:16:54 GMT
animejs.js
static.criteo.net/animejs/ Frame CA5E 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZcoaRQAKJdoGdgfDAAwZYQq99PYcYx_Nq-S7SQ&u=%7CxgT5wVfWBNmm4D21NoaaY4kd6AgKGQzZpjIVpRsyLWs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSWY8jeVe2k8ObqzjhRY3iWdYxeb0TFq0BsrbBRdJGBvh0dfvto9R4hI0kooYm79qmw7qmgBgT6y2MPJbZ0dSBUMWcYP5NKMiYT7A047vX_nXmm1Pu0GcvFfboO45ARdk0ZjCme0YFlLbYWTIhoKWV4T0vvgnbdshFf1CXEr_s_ChdeY1hYv7zvWj5C0Kz5CGAliiRXds3w9COqT_bwz7u-HwdXVe_kci55rf-SSbyzMqyNmOcC-Yvtng2wIHariAs6KeDFB1xbUT09bjRWK9co9mRzCvR-bs_6pMTkdSCoNqSUiss2SJHVqskYZdxunziRrW6sC85qFUjCr52uEVqyFclkWWHeB7iiOMG6gFzjqx5Ulqaa20xsvgEUULNnejVHPgt4vzD0EsQ6nI8cg18U4g7gGhnbsd9EMrnB3mGdpHDYbJBffLUuNPVgveRCtyHIUJAyILViY8uata4pz7Vx6V0Qp59i2fiktvp27M7D4SgVKo-NpgpyH0YjZjWo_0qDPSIaFpTJHqDySSnp4tweajee4z4AFjbH0wPyaS2dRHrCKKa9EiTctSk5C6iAxgpJjV1zlxMFOrx1Cjo9VzOpb7PGsERFaJQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChqEMRRrKZdrLKMOP2OMP4bKwiATJntKxXMWymPdwwI23ARABIABglZKggrAHggEXY2EtcHViLTAyODQ1MjY4NTA0MjY2NzDIAQmpAnNiPom0EbI-qAMByAMCqgT_AU_QdsrQBEIiQnV4Mt7z7yVb6F9Wp2JJcZIxJvF5Y8N84GnblnJAfCaI5Pet--kpTqXbPnwqZIL-EUwjXTIue8wHBAhsCcPrKu3VkVJbFB7h5wVCywjmov6KVa1gFgr6plR_w5CjQxnc-0OQN9EvTLdvfguRdfUlHzFKoLp3_vA5fUSVem_rR9tN9-cs7SJWQJfx03qRJzKogTt8kf92qNXLBnBn0hULwtUtKYHoNyIEnwLEqBx2p4P76NX265RLxpl1IAswsrq-Z_dsu9LFf7PFTxTde-GG9fKtaIX4JirVnHC7yQ72nf5xNhK5KbtQ6pSmzVtzekiXuy5MY8DZR4AGr82tlebZ3-X7AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCQIgOGAcBABMgLrAjoJgECAgISAgIQISL39wTpY9LKBu_GlhAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0zzDGEml-LK-lQsUqJpUx_FXFFOg%26client%3Dca-pub-0284526850426670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 06 Feb 2025 13:16:54 GMT
f9d5f193fe704d30bc6e97384f41c8fe_relative-bold-pro.woff
static.criteo.net/design/dt/ Frame 7D54 		57 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/f9d5f193fe704d30bc6e97384f41c8fe_relative-bold-pro.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZcoaRQAJwsIGdgw2AAmiy8KyxItATs6HBoIhHg&u=%7CxgT5wVfWBNlG7SQlZEUDdQOgzmIJj5WP5c3yF9fzxYw%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_TwyvpqAGq0ZdC3ai4cspT3vKmwbXBSN1779wSnj7X3AfLotdCvUamZj5R2Bu5aebxUGTbXxcyiDq4o8ZoS5DeRFOOjKl1D-opNouj72riIusisMlksNW4jxBmyQ-3MhpdYiSAhS40a6sIK41no9ahUOBZ6VT-FzVwwNjWeZ8RpNDVpCLi3HZOS703sdQFst8T05nrU7eXrjMYljdGoqMyYzmasiaFQKkVESSD3jOb0PReb9JM4I3GPrGNNcLiSlgfVtUXx9oDDGmVOPVgO4jSL-3NEnOdhiAELOqYaGnAT-l9FT7qbR_kG90OuXYSWnWZO8IVQAj7S4vfEICODdLwHPUeEF-pm5unYWUYX6rinrO6okWogJ5ZY-sCBVvSQpBD3ZP9uGPxVzDwEGPgy6tq4iNMrULZ0agZx6k-l2UTL4VszoVq2hGa9A49Hs9D-ktPv0iJJvcD_M6yxmOja2HSv5LjY_50crv1O8LCUJINmlKxkgKzcRxCR8WrETosDuThDycnho8RAKjY5ecD0IZ4sdRj7blODC8BZgXD0iRKdFTHGVmHYz32KCtxPodIfbqGap6M0BwKEC_ZN_8UvbAJYY9J_YDgEfyEg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNh6hRRrKZcKFJ7aY2OMPy8Wm4APJntKxXPWR3r6xAcCNtwEQASAAYJWSoIKwB4IBF2NhLXB1Yi0wMjg0NTI2ODUwNDI2NjcwyAEJqQJ_H9928xKyPqgDAcgDAqoE-AFP0O2R8Pps-IXBiWsjLewWtV2sHME4Swa3I1FCnu3lYT_evyR4wKSP3CK_sjwJ0nvacURmwl18CE3DL2eifKTc4WqoK9VvVpSVpMqsC0JWFc9PK2SENSt22G7bbJaihIP3FO3uykyeA7RsLkNHFNPWrfpu0eAlWxrQIzlH-ceKwAO5B0MCdsFyqwNDT3yQGVuXXoDpgzRZVuLBUHNreFpCEX4f8obQzu7dQYC-2rbRwJy82D7HN_cHEfda18bt-135VZ3KNm7ELZuBnuRjCVN-t2I0LDAH4KG7XK0MsNfQrWR2KH1_YXPSU7iRzXGo7NK-eAKiDrZvOYAGr82tlebZ3-X7AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCQIgOGAcBABMgLrAjoJgECAgISAgIQISL39wTpY58n_uvGlhAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3MeMEiJL6tv3eqtk9yeAS28v1vmw%26client%3Dca-pub-0284526850426670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
fd8826f91fb323bf7b87cfd12679567bc1764700503b8cbebca918006642f2ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 20 Apr 2023 14:26:14 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"64414b86-e41c"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 06 Feb 2025 13:16:54 GMT
f9d5f193fe704d30bc6e97384f41c8fe_relative-bold-pro.woff
static.criteo.net/design/dt/ Frame CA5E 		57 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/f9d5f193fe704d30bc6e97384f41c8fe_relative-bold-pro.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZcoaRQAKJdoGdgfDAAwZYQq99PYcYx_Nq-S7SQ&u=%7CxgT5wVfWBNmm4D21NoaaY4kd6AgKGQzZpjIVpRsyLWs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSWY8jeVe2k8ObqzjhRY3iWdYxeb0TFq0BsrbBRdJGBvh0dfvto9R4hI0kooYm79qmw7qmgBgT6y2MPJbZ0dSBUMWcYP5NKMiYT7A047vX_nXmm1Pu0GcvFfboO45ARdk0ZjCme0YFlLbYWTIhoKWV4T0vvgnbdshFf1CXEr_s_ChdeY1hYv7zvWj5C0Kz5CGAliiRXds3w9COqT_bwz7u-HwdXVe_kci55rf-SSbyzMqyNmOcC-Yvtng2wIHariAs6KeDFB1xbUT09bjRWK9co9mRzCvR-bs_6pMTkdSCoNqSUiss2SJHVqskYZdxunziRrW6sC85qFUjCr52uEVqyFclkWWHeB7iiOMG6gFzjqx5Ulqaa20xsvgEUULNnejVHPgt4vzD0EsQ6nI8cg18U4g7gGhnbsd9EMrnB3mGdpHDYbJBffLUuNPVgveRCtyHIUJAyILViY8uata4pz7Vx6V0Qp59i2fiktvp27M7D4SgVKo-NpgpyH0YjZjWo_0qDPSIaFpTJHqDySSnp4tweajee4z4AFjbH0wPyaS2dRHrCKKa9EiTctSk5C6iAxgpJjV1zlxMFOrx1Cjo9VzOpb7PGsERFaJQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChqEMRRrKZdrLKMOP2OMP4bKwiATJntKxXMWymPdwwI23ARABIABglZKggrAHggEXY2EtcHViLTAyODQ1MjY4NTA0MjY2NzDIAQmpAnNiPom0EbI-qAMByAMCqgT_AU_QdsrQBEIiQnV4Mt7z7yVb6F9Wp2JJcZIxJvF5Y8N84GnblnJAfCaI5Pet--kpTqXbPnwqZIL-EUwjXTIue8wHBAhsCcPrKu3VkVJbFB7h5wVCywjmov6KVa1gFgr6plR_w5CjQxnc-0OQN9EvTLdvfguRdfUlHzFKoLp3_vA5fUSVem_rR9tN9-cs7SJWQJfx03qRJzKogTt8kf92qNXLBnBn0hULwtUtKYHoNyIEnwLEqBx2p4P76NX265RLxpl1IAswsrq-Z_dsu9LFf7PFTxTde-GG9fKtaIX4JirVnHC7yQ72nf5xNhK5KbtQ6pSmzVtzekiXuy5MY8DZR4AGr82tlebZ3-X7AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCQIgOGAcBABMgLrAjoJgECAgISAgIQISL39wTpY9LKBu_GlhAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0zzDGEml-LK-lQsUqJpUx_FXFFOg%26client%3Dca-pub-0284526850426670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
fd8826f91fb323bf7b87cfd12679567bc1764700503b8cbebca918006642f2ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 20 Apr 2023 14:26:14 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"64414b86-e41c"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 06 Feb 2025 13:16:54 GMT
img
imageproxy.eu.criteo.net/img/ Frame 7D54 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=116&m=0&partner=2861&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F230524%2Fab5244b2b96f4d3db06cb0ff9e6efb06_logo_n_horizontal_9.png&v=3&w=416&rid=4&s=-5DQQ84ffQP70M4sxcB6WszG
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZcoaRQAJwsIGdgw2AAmiy8KyxItATs6HBoIhHg&u=%7CxgT5wVfWBNlG7SQlZEUDdQOgzmIJj5WP5c3yF9fzxYw%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_TwyvpqAGq0ZdC3ai4cspT3vKmwbXBSN1779wSnj7X3AfLotdCvUamZj5R2Bu5aebxUGTbXxcyiDq4o8ZoS5DeRFOOjKl1D-opNouj72riIusisMlksNW4jxBmyQ-3MhpdYiSAhS40a6sIK41no9ahUOBZ6VT-FzVwwNjWeZ8RpNDVpCLi3HZOS703sdQFst8T05nrU7eXrjMYljdGoqMyYzmasiaFQKkVESSD3jOb0PReb9JM4I3GPrGNNcLiSlgfVtUXx9oDDGmVOPVgO4jSL-3NEnOdhiAELOqYaGnAT-l9FT7qbR_kG90OuXYSWnWZO8IVQAj7S4vfEICODdLwHPUeEF-pm5unYWUYX6rinrO6okWogJ5ZY-sCBVvSQpBD3ZP9uGPxVzDwEGPgy6tq4iNMrULZ0agZx6k-l2UTL4VszoVq2hGa9A49Hs9D-ktPv0iJJvcD_M6yxmOja2HSv5LjY_50crv1O8LCUJINmlKxkgKzcRxCR8WrETosDuThDycnho8RAKjY5ecD0IZ4sdRj7blODC8BZgXD0iRKdFTHGVmHYz32KCtxPodIfbqGap6M0BwKEC_ZN_8UvbAJYY9J_YDgEfyEg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNh6hRRrKZcKFJ7aY2OMPy8Wm4APJntKxXPWR3r6xAcCNtwEQASAAYJWSoIKwB4IBF2NhLXB1Yi0wMjg0NTI2ODUwNDI2NjcwyAEJqQJ_H9928xKyPqgDAcgDAqoE-AFP0O2R8Pps-IXBiWsjLewWtV2sHME4Swa3I1FCnu3lYT_evyR4wKSP3CK_sjwJ0nvacURmwl18CE3DL2eifKTc4WqoK9VvVpSVpMqsC0JWFc9PK2SENSt22G7bbJaihIP3FO3uykyeA7RsLkNHFNPWrfpu0eAlWxrQIzlH-ceKwAO5B0MCdsFyqwNDT3yQGVuXXoDpgzRZVuLBUHNreFpCEX4f8obQzu7dQYC-2rbRwJy82D7HN_cHEfda18bt-135VZ3KNm7ELZuBnuRjCVN-t2I0LDAH4KG7XK0MsNfQrWR2KH1_YXPSU7iRzXGo7NK-eAKiDrZvOYAGr82tlebZ3-X7AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCQIgOGAcBABMgLrAjoJgECAgISAgIQISL39wTpY58n_uvGlhAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3MeMEiJL6tv3eqtk9yeAS28v1vmw%26client%3Dca-pub-0284526850426670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
05e6b3f7f19592b7d534d6a279441968d4a3c3936158bfe6fabf2c6e83a1b482
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
16141
expires
Thu, 06 Feb 2025 02:38:27 GMT
all
csm.eu.criteo.net/ Frame 7D54 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=TFE7Ny0FHlsTHk8dzQ4EDfPJF71uSEV3dI1RPy0s5vHT8plXMlCD0itTN_nzlQia1wEyG_RtgYQzAPVG4Ht1wZf-5v_u4I_RL_ZFi3AXnTpSbg-UIKILL2MI2VCxh9LL3ssUAjNTlXpy8qe6DzsZUxKi2DgwRqpiia-tevJWkqgxabcFZf-yXFKdhng8qMwldGiPdfmJHbTb9nZdyyRKW-hTZpYdDSefHm9JK44qytdWRBo5sSl8haklzIFIi2phTkqBeg&sds=2&rev=90562.7&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZcoaRQAJwsIGdgw2AAmiy8KyxItATs6HBoIhHg&u=%7CxgT5wVfWBNlG7SQlZEUDdQOgzmIJj5WP5c3yF9fzxYw%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_TwyvpqAGq0ZdC3ai4cspT3vKmwbXBSN1779wSnj7X3AfLotdCvUamZj5R2Bu5aebxUGTbXxcyiDq4o8ZoS5DeRFOOjKl1D-opNouj72riIusisMlksNW4jxBmyQ-3MhpdYiSAhS40a6sIK41no9ahUOBZ6VT-FzVwwNjWeZ8RpNDVpCLi3HZOS703sdQFst8T05nrU7eXrjMYljdGoqMyYzmasiaFQKkVESSD3jOb0PReb9JM4I3GPrGNNcLiSlgfVtUXx9oDDGmVOPVgO4jSL-3NEnOdhiAELOqYaGnAT-l9FT7qbR_kG90OuXYSWnWZO8IVQAj7S4vfEICODdLwHPUeEF-pm5unYWUYX6rinrO6okWogJ5ZY-sCBVvSQpBD3ZP9uGPxVzDwEGPgy6tq4iNMrULZ0agZx6k-l2UTL4VszoVq2hGa9A49Hs9D-ktPv0iJJvcD_M6yxmOja2HSv5LjY_50crv1O8LCUJINmlKxkgKzcRxCR8WrETosDuThDycnho8RAKjY5ecD0IZ4sdRj7blODC8BZgXD0iRKdFTHGVmHYz32KCtxPodIfbqGap6M0BwKEC_ZN_8UvbAJYY9J_YDgEfyEg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNh6hRRrKZcKFJ7aY2OMPy8Wm4APJntKxXPWR3r6xAcCNtwEQASAAYJWSoIKwB4IBF2NhLXB1Yi0wMjg0NTI2ODUwNDI2NjcwyAEJqQJ_H9928xKyPqgDAcgDAqoE-AFP0O2R8Pps-IXBiWsjLewWtV2sHME4Swa3I1FCnu3lYT_evyR4wKSP3CK_sjwJ0nvacURmwl18CE3DL2eifKTc4WqoK9VvVpSVpMqsC0JWFc9PK2SENSt22G7bbJaihIP3FO3uykyeA7RsLkNHFNPWrfpu0eAlWxrQIzlH-ceKwAO5B0MCdsFyqwNDT3yQGVuXXoDpgzRZVuLBUHNreFpCEX4f8obQzu7dQYC-2rbRwJy82D7HN_cHEfda18bt-135VZ3KNm7ELZuBnuRjCVN-t2I0LDAH4KG7XK0MsNfQrWR2KH1_YXPSU7iRzXGo7NK-eAKiDrZvOYAGr82tlebZ3-X7AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCQIgOGAcBABMgLrAjoJgECAgISAgIQISL39wTpY58n_uvGlhAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3MeMEiJL6tv3eqtk9yeAS28v1vmw%26client%3Dca-pub-0284526850426670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 12 Feb 2024 13:16:53 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 7D54 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZcoaRQAJwsIGdgw2AAmiy8KyxItATs6HBoIhHg&u=%7CxgT5wVfWBNlG7SQlZEUDdQOgzmIJj5WP5c3yF9fzxYw%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_TwyvpqAGq0ZdC3ai4cspT3vKmwbXBSN1779wSnj7X3AfLotdCvUamZj5R2Bu5aebxUGTbXxcyiDq4o8ZoS5DeRFOOjKl1D-opNouj72riIusisMlksNW4jxBmyQ-3MhpdYiSAhS40a6sIK41no9ahUOBZ6VT-FzVwwNjWeZ8RpNDVpCLi3HZOS703sdQFst8T05nrU7eXrjMYljdGoqMyYzmasiaFQKkVESSD3jOb0PReb9JM4I3GPrGNNcLiSlgfVtUXx9oDDGmVOPVgO4jSL-3NEnOdhiAELOqYaGnAT-l9FT7qbR_kG90OuXYSWnWZO8IVQAj7S4vfEICODdLwHPUeEF-pm5unYWUYX6rinrO6okWogJ5ZY-sCBVvSQpBD3ZP9uGPxVzDwEGPgy6tq4iNMrULZ0agZx6k-l2UTL4VszoVq2hGa9A49Hs9D-ktPv0iJJvcD_M6yxmOja2HSv5LjY_50crv1O8LCUJINmlKxkgKzcRxCR8WrETosDuThDycnho8RAKjY5ecD0IZ4sdRj7blODC8BZgXD0iRKdFTHGVmHYz32KCtxPodIfbqGap6M0BwKEC_ZN_8UvbAJYY9J_YDgEfyEg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNh6hRRrKZcKFJ7aY2OMPy8Wm4APJntKxXPWR3r6xAcCNtwEQASAAYJWSoIKwB4IBF2NhLXB1Yi0wMjg0NTI2ODUwNDI2NjcwyAEJqQJ_H9928xKyPqgDAcgDAqoE-AFP0O2R8Pps-IXBiWsjLewWtV2sHME4Swa3I1FCnu3lYT_evyR4wKSP3CK_sjwJ0nvacURmwl18CE3DL2eifKTc4WqoK9VvVpSVpMqsC0JWFc9PK2SENSt22G7bbJaihIP3FO3uykyeA7RsLkNHFNPWrfpu0eAlWxrQIzlH-ceKwAO5B0MCdsFyqwNDT3yQGVuXXoDpgzRZVuLBUHNreFpCEX4f8obQzu7dQYC-2rbRwJy82D7HN_cHEfda18bt-135VZ3KNm7ELZuBnuRjCVN-t2I0LDAH4KG7XK0MsNfQrWR2KH1_YXPSU7iRzXGo7NK-eAKiDrZvOYAGr82tlebZ3-X7AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCQIgOGAcBABMgLrAjoJgECAgISAgIQISL39wTpY58n_uvGlhAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3MeMEiJL6tv3eqtk9yeAS28v1vmw%26client%3Dca-pub-0284526850426670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 06 Feb 2025 13:16:54 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 7D54 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZcoaRQAJwsIGdgw2AAmiy8KyxItATs6HBoIhHg&u=%7CxgT5wVfWBNlG7SQlZEUDdQOgzmIJj5WP5c3yF9fzxYw%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_TwyvpqAGq0ZdC3ai4cspT3vKmwbXBSN1779wSnj7X3AfLotdCvUamZj5R2Bu5aebxUGTbXxcyiDq4o8ZoS5DeRFOOjKl1D-opNouj72riIusisMlksNW4jxBmyQ-3MhpdYiSAhS40a6sIK41no9ahUOBZ6VT-FzVwwNjWeZ8RpNDVpCLi3HZOS703sdQFst8T05nrU7eXrjMYljdGoqMyYzmasiaFQKkVESSD3jOb0PReb9JM4I3GPrGNNcLiSlgfVtUXx9oDDGmVOPVgO4jSL-3NEnOdhiAELOqYaGnAT-l9FT7qbR_kG90OuXYSWnWZO8IVQAj7S4vfEICODdLwHPUeEF-pm5unYWUYX6rinrO6okWogJ5ZY-sCBVvSQpBD3ZP9uGPxVzDwEGPgy6tq4iNMrULZ0agZx6k-l2UTL4VszoVq2hGa9A49Hs9D-ktPv0iJJvcD_M6yxmOja2HSv5LjY_50crv1O8LCUJINmlKxkgKzcRxCR8WrETosDuThDycnho8RAKjY5ecD0IZ4sdRj7blODC8BZgXD0iRKdFTHGVmHYz32KCtxPodIfbqGap6M0BwKEC_ZN_8UvbAJYY9J_YDgEfyEg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNh6hRRrKZcKFJ7aY2OMPy8Wm4APJntKxXPWR3r6xAcCNtwEQASAAYJWSoIKwB4IBF2NhLXB1Yi0wMjg0NTI2ODUwNDI2NjcwyAEJqQJ_H9928xKyPqgDAcgDAqoE-AFP0O2R8Pps-IXBiWsjLewWtV2sHME4Swa3I1FCnu3lYT_evyR4wKSP3CK_sjwJ0nvacURmwl18CE3DL2eifKTc4WqoK9VvVpSVpMqsC0JWFc9PK2SENSt22G7bbJaihIP3FO3uykyeA7RsLkNHFNPWrfpu0eAlWxrQIzlH-ceKwAO5B0MCdsFyqwNDT3yQGVuXXoDpgzRZVuLBUHNreFpCEX4f8obQzu7dQYC-2rbRwJy82D7HN_cHEfda18bt-135VZ3KNm7ELZuBnuRjCVN-t2I0LDAH4KG7XK0MsNfQrWR2KH1_YXPSU7iRzXGo7NK-eAKiDrZvOYAGr82tlebZ3-X7AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCQIgOGAcBABMgLrAjoJgECAgISAgIQISL39wTpY58n_uvGlhAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3MeMEiJL6tv3eqtk9yeAS28v1vmw%26client%3Dca-pub-0284526850426670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 06 Feb 2025 13:16:54 GMT
img
imageproxy.eu.criteo.net/img/ Frame CA5E 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FP%2FlogoPRETTL-Electronics-GmbH-172785DE.gif%3Feb%3D1&v=3&w=400&rid=4&s=rx1nL7iN571eq1aDXlr4y8dP&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZcoaRQAKJdoGdgfDAAwZYQq99PYcYx_Nq-S7SQ&u=%7CxgT5wVfWBNmm4D21NoaaY4kd6AgKGQzZpjIVpRsyLWs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSWY8jeVe2k8ObqzjhRY3iWdYxeb0TFq0BsrbBRdJGBvh0dfvto9R4hI0kooYm79qmw7qmgBgT6y2MPJbZ0dSBUMWcYP5NKMiYT7A047vX_nXmm1Pu0GcvFfboO45ARdk0ZjCme0YFlLbYWTIhoKWV4T0vvgnbdshFf1CXEr_s_ChdeY1hYv7zvWj5C0Kz5CGAliiRXds3w9COqT_bwz7u-HwdXVe_kci55rf-SSbyzMqyNmOcC-Yvtng2wIHariAs6KeDFB1xbUT09bjRWK9co9mRzCvR-bs_6pMTkdSCoNqSUiss2SJHVqskYZdxunziRrW6sC85qFUjCr52uEVqyFclkWWHeB7iiOMG6gFzjqx5Ulqaa20xsvgEUULNnejVHPgt4vzD0EsQ6nI8cg18U4g7gGhnbsd9EMrnB3mGdpHDYbJBffLUuNPVgveRCtyHIUJAyILViY8uata4pz7Vx6V0Qp59i2fiktvp27M7D4SgVKo-NpgpyH0YjZjWo_0qDPSIaFpTJHqDySSnp4tweajee4z4AFjbH0wPyaS2dRHrCKKa9EiTctSk5C6iAxgpJjV1zlxMFOrx1Cjo9VzOpb7PGsERFaJQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChqEMRRrKZdrLKMOP2OMP4bKwiATJntKxXMWymPdwwI23ARABIABglZKggrAHggEXY2EtcHViLTAyODQ1MjY4NTA0MjY2NzDIAQmpAnNiPom0EbI-qAMByAMCqgT_AU_QdsrQBEIiQnV4Mt7z7yVb6F9Wp2JJcZIxJvF5Y8N84GnblnJAfCaI5Pet--kpTqXbPnwqZIL-EUwjXTIue8wHBAhsCcPrKu3VkVJbFB7h5wVCywjmov6KVa1gFgr6plR_w5CjQxnc-0OQN9EvTLdvfguRdfUlHzFKoLp3_vA5fUSVem_rR9tN9-cs7SJWQJfx03qRJzKogTt8kf92qNXLBnBn0hULwtUtKYHoNyIEnwLEqBx2p4P76NX265RLxpl1IAswsrq-Z_dsu9LFf7PFTxTde-GG9fKtaIX4JirVnHC7yQ72nf5xNhK5KbtQ6pSmzVtzekiXuy5MY8DZR4AGr82tlebZ3-X7AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCQIgOGAcBABMgLrAjoJgECAgISAgIQISL39wTpY9LKBu_GlhAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0zzDGEml-LK-lQsUqJpUx_FXFFOg%26client%3Dca-pub-0284526850426670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
dadee88bc23756d29b8b1c5e98a4e6a70dd6bbd2a20a6a74a91434942c387882
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:54 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=85500
timing-allow-origin
*
content-length
1456
expires
Mon, 12 Feb 2024 14:23:01 GMT
img
imageproxy.eu.criteo.net/img/ Frame CA5E 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=556&m=0&partner=2861&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F230524%2Fab5244b2b96f4d3db06cb0ff9e6efb06_logo_n_horizontal_9.png&v=3&w=196&rid=4&s=Ow40BJL2onKSKk1B9r80V3iP
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZcoaRQAKJdoGdgfDAAwZYQq99PYcYx_Nq-S7SQ&u=%7CxgT5wVfWBNmm4D21NoaaY4kd6AgKGQzZpjIVpRsyLWs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSWY8jeVe2k8ObqzjhRY3iWdYxeb0TFq0BsrbBRdJGBvh0dfvto9R4hI0kooYm79qmw7qmgBgT6y2MPJbZ0dSBUMWcYP5NKMiYT7A047vX_nXmm1Pu0GcvFfboO45ARdk0ZjCme0YFlLbYWTIhoKWV4T0vvgnbdshFf1CXEr_s_ChdeY1hYv7zvWj5C0Kz5CGAliiRXds3w9COqT_bwz7u-HwdXVe_kci55rf-SSbyzMqyNmOcC-Yvtng2wIHariAs6KeDFB1xbUT09bjRWK9co9mRzCvR-bs_6pMTkdSCoNqSUiss2SJHVqskYZdxunziRrW6sC85qFUjCr52uEVqyFclkWWHeB7iiOMG6gFzjqx5Ulqaa20xsvgEUULNnejVHPgt4vzD0EsQ6nI8cg18U4g7gGhnbsd9EMrnB3mGdpHDYbJBffLUuNPVgveRCtyHIUJAyILViY8uata4pz7Vx6V0Qp59i2fiktvp27M7D4SgVKo-NpgpyH0YjZjWo_0qDPSIaFpTJHqDySSnp4tweajee4z4AFjbH0wPyaS2dRHrCKKa9EiTctSk5C6iAxgpJjV1zlxMFOrx1Cjo9VzOpb7PGsERFaJQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChqEMRRrKZdrLKMOP2OMP4bKwiATJntKxXMWymPdwwI23ARABIABglZKggrAHggEXY2EtcHViLTAyODQ1MjY4NTA0MjY2NzDIAQmpAnNiPom0EbI-qAMByAMCqgT_AU_QdsrQBEIiQnV4Mt7z7yVb6F9Wp2JJcZIxJvF5Y8N84GnblnJAfCaI5Pet--kpTqXbPnwqZIL-EUwjXTIue8wHBAhsCcPrKu3VkVJbFB7h5wVCywjmov6KVa1gFgr6plR_w5CjQxnc-0OQN9EvTLdvfguRdfUlHzFKoLp3_vA5fUSVem_rR9tN9-cs7SJWQJfx03qRJzKogTt8kf92qNXLBnBn0hULwtUtKYHoNyIEnwLEqBx2p4P76NX265RLxpl1IAswsrq-Z_dsu9LFf7PFTxTde-GG9fKtaIX4JirVnHC7yQ72nf5xNhK5KbtQ6pSmzVtzekiXuy5MY8DZR4AGr82tlebZ3-X7AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCQIgOGAcBABMgLrAjoJgECAgISAgIQISL39wTpY9LKBu_GlhAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0zzDGEml-LK-lQsUqJpUx_FXFFOg%26client%3Dca-pub-0284526850426670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4a3762cf65fbc90f094b64a66c8c649a6a5a576ddc0f0eac486dddb1358708e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:54 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
8001
expires
Mon, 06 Jan 2025 02:36:19 GMT
img
imageproxy.eu.criteo.net/img/ Frame CA5E 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F1%2FlogoPacura-doc-GmbH-244572DE-2108101252.gif%3Feb%3D1&v=3&w=400&rid=4&s=x2DYII6nJxK7wz2QOUz65kig&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZcoaRQAKJdoGdgfDAAwZYQq99PYcYx_Nq-S7SQ&u=%7CxgT5wVfWBNmm4D21NoaaY4kd6AgKGQzZpjIVpRsyLWs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSWY8jeVe2k8ObqzjhRY3iWdYxeb0TFq0BsrbBRdJGBvh0dfvto9R4hI0kooYm79qmw7qmgBgT6y2MPJbZ0dSBUMWcYP5NKMiYT7A047vX_nXmm1Pu0GcvFfboO45ARdk0ZjCme0YFlLbYWTIhoKWV4T0vvgnbdshFf1CXEr_s_ChdeY1hYv7zvWj5C0Kz5CGAliiRXds3w9COqT_bwz7u-HwdXVe_kci55rf-SSbyzMqyNmOcC-Yvtng2wIHariAs6KeDFB1xbUT09bjRWK9co9mRzCvR-bs_6pMTkdSCoNqSUiss2SJHVqskYZdxunziRrW6sC85qFUjCr52uEVqyFclkWWHeB7iiOMG6gFzjqx5Ulqaa20xsvgEUULNnejVHPgt4vzD0EsQ6nI8cg18U4g7gGhnbsd9EMrnB3mGdpHDYbJBffLUuNPVgveRCtyHIUJAyILViY8uata4pz7Vx6V0Qp59i2fiktvp27M7D4SgVKo-NpgpyH0YjZjWo_0qDPSIaFpTJHqDySSnp4tweajee4z4AFjbH0wPyaS2dRHrCKKa9EiTctSk5C6iAxgpJjV1zlxMFOrx1Cjo9VzOpb7PGsERFaJQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChqEMRRrKZdrLKMOP2OMP4bKwiATJntKxXMWymPdwwI23ARABIABglZKggrAHggEXY2EtcHViLTAyODQ1MjY4NTA0MjY2NzDIAQmpAnNiPom0EbI-qAMByAMCqgT_AU_QdsrQBEIiQnV4Mt7z7yVb6F9Wp2JJcZIxJvF5Y8N84GnblnJAfCaI5Pet--kpTqXbPnwqZIL-EUwjXTIue8wHBAhsCcPrKu3VkVJbFB7h5wVCywjmov6KVa1gFgr6plR_w5CjQxnc-0OQN9EvTLdvfguRdfUlHzFKoLp3_vA5fUSVem_rR9tN9-cs7SJWQJfx03qRJzKogTt8kf92qNXLBnBn0hULwtUtKYHoNyIEnwLEqBx2p4P76NX265RLxpl1IAswsrq-Z_dsu9LFf7PFTxTde-GG9fKtaIX4JirVnHC7yQ72nf5xNhK5KbtQ6pSmzVtzekiXuy5MY8DZR4AGr82tlebZ3-X7AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCQIgOGAcBABMgLrAjoJgECAgISAgIQISL39wTpY9LKBu_GlhAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0zzDGEml-LK-lQsUqJpUx_FXFFOg%26client%3Dca-pub-0284526850426670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
1be08882dfeb8650bd7e5095225c4486fca31df5c071bb103f053f2c45b715ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=86329
timing-allow-origin
*
content-length
2486
expires
Tue, 13 Feb 2024 12:39:56 GMT
img
imageproxy.eu.criteo.net/img/ Frame CA5E 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FN%2FlogoNOWEDA-eG-Apothekergenossenschaft-179486DE.gif%3Feb%3D1&v=3&w=400&rid=4&s=IoS4wFZvYUqkFRrrAem9qwZD&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZcoaRQAKJdoGdgfDAAwZYQq99PYcYx_Nq-S7SQ&u=%7CxgT5wVfWBNmm4D21NoaaY4kd6AgKGQzZpjIVpRsyLWs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSWY8jeVe2k8ObqzjhRY3iWdYxeb0TFq0BsrbBRdJGBvh0dfvto9R4hI0kooYm79qmw7qmgBgT6y2MPJbZ0dSBUMWcYP5NKMiYT7A047vX_nXmm1Pu0GcvFfboO45ARdk0ZjCme0YFlLbYWTIhoKWV4T0vvgnbdshFf1CXEr_s_ChdeY1hYv7zvWj5C0Kz5CGAliiRXds3w9COqT_bwz7u-HwdXVe_kci55rf-SSbyzMqyNmOcC-Yvtng2wIHariAs6KeDFB1xbUT09bjRWK9co9mRzCvR-bs_6pMTkdSCoNqSUiss2SJHVqskYZdxunziRrW6sC85qFUjCr52uEVqyFclkWWHeB7iiOMG6gFzjqx5Ulqaa20xsvgEUULNnejVHPgt4vzD0EsQ6nI8cg18U4g7gGhnbsd9EMrnB3mGdpHDYbJBffLUuNPVgveRCtyHIUJAyILViY8uata4pz7Vx6V0Qp59i2fiktvp27M7D4SgVKo-NpgpyH0YjZjWo_0qDPSIaFpTJHqDySSnp4tweajee4z4AFjbH0wPyaS2dRHrCKKa9EiTctSk5C6iAxgpJjV1zlxMFOrx1Cjo9VzOpb7PGsERFaJQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChqEMRRrKZdrLKMOP2OMP4bKwiATJntKxXMWymPdwwI23ARABIABglZKggrAHggEXY2EtcHViLTAyODQ1MjY4NTA0MjY2NzDIAQmpAnNiPom0EbI-qAMByAMCqgT_AU_QdsrQBEIiQnV4Mt7z7yVb6F9Wp2JJcZIxJvF5Y8N84GnblnJAfCaI5Pet--kpTqXbPnwqZIL-EUwjXTIue8wHBAhsCcPrKu3VkVJbFB7h5wVCywjmov6KVa1gFgr6plR_w5CjQxnc-0OQN9EvTLdvfguRdfUlHzFKoLp3_vA5fUSVem_rR9tN9-cs7SJWQJfx03qRJzKogTt8kf92qNXLBnBn0hULwtUtKYHoNyIEnwLEqBx2p4P76NX265RLxpl1IAswsrq-Z_dsu9LFf7PFTxTde-GG9fKtaIX4JirVnHC7yQ72nf5xNhK5KbtQ6pSmzVtzekiXuy5MY8DZR4AGr82tlebZ3-X7AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCQIgOGAcBABMgLrAjoJgECAgISAgIQISL39wTpY9LKBu_GlhAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0zzDGEml-LK-lQsUqJpUx_FXFFOg%26client%3Dca-pub-0284526850426670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d104aebd4e410991461cfe8128cffdb358b321ec6f1a1dc7d3181a4d6ea8f229
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=39370
timing-allow-origin
*
content-length
4351
expires
Mon, 12 Feb 2024 15:53:38 GMT
img
imageproxy.eu.criteo.net/img/ Frame CA5E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F9%2FlogoOVB-Vermogensberatung-AG-Alexander-Urban-Bezirksleiter-fur-die-OVB-323839DE-2303161143.gif%3Feb%3D1&v=3&w=400&rid=4&s=EYQQwqE9A9Kk2V6o1IOMxRTq&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZcoaRQAKJdoGdgfDAAwZYQq99PYcYx_Nq-S7SQ&u=%7CxgT5wVfWBNmm4D21NoaaY4kd6AgKGQzZpjIVpRsyLWs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSWY8jeVe2k8ObqzjhRY3iWdYxeb0TFq0BsrbBRdJGBvh0dfvto9R4hI0kooYm79qmw7qmgBgT6y2MPJbZ0dSBUMWcYP5NKMiYT7A047vX_nXmm1Pu0GcvFfboO45ARdk0ZjCme0YFlLbYWTIhoKWV4T0vvgnbdshFf1CXEr_s_ChdeY1hYv7zvWj5C0Kz5CGAliiRXds3w9COqT_bwz7u-HwdXVe_kci55rf-SSbyzMqyNmOcC-Yvtng2wIHariAs6KeDFB1xbUT09bjRWK9co9mRzCvR-bs_6pMTkdSCoNqSUiss2SJHVqskYZdxunziRrW6sC85qFUjCr52uEVqyFclkWWHeB7iiOMG6gFzjqx5Ulqaa20xsvgEUULNnejVHPgt4vzD0EsQ6nI8cg18U4g7gGhnbsd9EMrnB3mGdpHDYbJBffLUuNPVgveRCtyHIUJAyILViY8uata4pz7Vx6V0Qp59i2fiktvp27M7D4SgVKo-NpgpyH0YjZjWo_0qDPSIaFpTJHqDySSnp4tweajee4z4AFjbH0wPyaS2dRHrCKKa9EiTctSk5C6iAxgpJjV1zlxMFOrx1Cjo9VzOpb7PGsERFaJQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChqEMRRrKZdrLKMOP2OMP4bKwiATJntKxXMWymPdwwI23ARABIABglZKggrAHggEXY2EtcHViLTAyODQ1MjY4NTA0MjY2NzDIAQmpAnNiPom0EbI-qAMByAMCqgT_AU_QdsrQBEIiQnV4Mt7z7yVb6F9Wp2JJcZIxJvF5Y8N84GnblnJAfCaI5Pet--kpTqXbPnwqZIL-EUwjXTIue8wHBAhsCcPrKu3VkVJbFB7h5wVCywjmov6KVa1gFgr6plR_w5CjQxnc-0OQN9EvTLdvfguRdfUlHzFKoLp3_vA5fUSVem_rR9tN9-cs7SJWQJfx03qRJzKogTt8kf92qNXLBnBn0hULwtUtKYHoNyIEnwLEqBx2p4P76NX265RLxpl1IAswsrq-Z_dsu9LFf7PFTxTde-GG9fKtaIX4JirVnHC7yQ72nf5xNhK5KbtQ6pSmzVtzekiXuy5MY8DZR4AGr82tlebZ3-X7AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCQIgOGAcBABMgLrAjoJgECAgISAgIQISL39wTpY9LKBu_GlhAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0zzDGEml-LK-lQsUqJpUx_FXFFOg%26client%3Dca-pub-0284526850426670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
5ab31cb09d25f55d59b61c92b068cbf12c9abc23e94bde926442b042ab891d80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:53 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=85501
timing-allow-origin
*
content-length
1770
expires
Tue, 13 Feb 2024 04:02:18 GMT
all
csm.eu.criteo.net/ Frame CA5E 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=6CEtSi0FHlsTHk8dHN2GFi5IUq0iZAomeMef7b82kYV5RWoJEpc2hQJeQziDw2zabnEcto2p-gBe6JkOJJGQyP6zYZcedAjCOj1W3b_jCpZTDAYL9CZO1viU-TqAAz7wu2uU8fELrqAleOFTGphsw7TSNdEXqEgotxwk3-IIRubMqGD6Z9xPf4s7VVDPI813it3vYByNwHR32oyKRed89N0GzkRqnLqFq_Lvi-dtK9Xhdy3-95Qa8VNCpxWEqxhN8vvxfw&sds=2&rev=90562.7&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZcoaRQAKJdoGdgfDAAwZYQq99PYcYx_Nq-S7SQ&u=%7CxgT5wVfWBNmm4D21NoaaY4kd6AgKGQzZpjIVpRsyLWs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSWY8jeVe2k8ObqzjhRY3iWdYxeb0TFq0BsrbBRdJGBvh0dfvto9R4hI0kooYm79qmw7qmgBgT6y2MPJbZ0dSBUMWcYP5NKMiYT7A047vX_nXmm1Pu0GcvFfboO45ARdk0ZjCme0YFlLbYWTIhoKWV4T0vvgnbdshFf1CXEr_s_ChdeY1hYv7zvWj5C0Kz5CGAliiRXds3w9COqT_bwz7u-HwdXVe_kci55rf-SSbyzMqyNmOcC-Yvtng2wIHariAs6KeDFB1xbUT09bjRWK9co9mRzCvR-bs_6pMTkdSCoNqSUiss2SJHVqskYZdxunziRrW6sC85qFUjCr52uEVqyFclkWWHeB7iiOMG6gFzjqx5Ulqaa20xsvgEUULNnejVHPgt4vzD0EsQ6nI8cg18U4g7gGhnbsd9EMrnB3mGdpHDYbJBffLUuNPVgveRCtyHIUJAyILViY8uata4pz7Vx6V0Qp59i2fiktvp27M7D4SgVKo-NpgpyH0YjZjWo_0qDPSIaFpTJHqDySSnp4tweajee4z4AFjbH0wPyaS2dRHrCKKa9EiTctSk5C6iAxgpJjV1zlxMFOrx1Cjo9VzOpb7PGsERFaJQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChqEMRRrKZdrLKMOP2OMP4bKwiATJntKxXMWymPdwwI23ARABIABglZKggrAHggEXY2EtcHViLTAyODQ1MjY4NTA0MjY2NzDIAQmpAnNiPom0EbI-qAMByAMCqgT_AU_QdsrQBEIiQnV4Mt7z7yVb6F9Wp2JJcZIxJvF5Y8N84GnblnJAfCaI5Pet--kpTqXbPnwqZIL-EUwjXTIue8wHBAhsCcPrKu3VkVJbFB7h5wVCywjmov6KVa1gFgr6plR_w5CjQxnc-0OQN9EvTLdvfguRdfUlHzFKoLp3_vA5fUSVem_rR9tN9-cs7SJWQJfx03qRJzKogTt8kf92qNXLBnBn0hULwtUtKYHoNyIEnwLEqBx2p4P76NX265RLxpl1IAswsrq-Z_dsu9LFf7PFTxTde-GG9fKtaIX4JirVnHC7yQ72nf5xNhK5KbtQ6pSmzVtzekiXuy5MY8DZR4AGr82tlebZ3-X7AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCQIgOGAcBABMgLrAjoJgECAgISAgIQISL39wTpY9LKBu_GlhAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0zzDGEml-LK-lQsUqJpUx_FXFFOg%26client%3Dca-pub-0284526850426670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 12 Feb 2024 13:16:53 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame CA5E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZcoaRQAKJdoGdgfDAAwZYQq99PYcYx_Nq-S7SQ&u=%7CxgT5wVfWBNmm4D21NoaaY4kd6AgKGQzZpjIVpRsyLWs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSWY8jeVe2k8ObqzjhRY3iWdYxeb0TFq0BsrbBRdJGBvh0dfvto9R4hI0kooYm79qmw7qmgBgT6y2MPJbZ0dSBUMWcYP5NKMiYT7A047vX_nXmm1Pu0GcvFfboO45ARdk0ZjCme0YFlLbYWTIhoKWV4T0vvgnbdshFf1CXEr_s_ChdeY1hYv7zvWj5C0Kz5CGAliiRXds3w9COqT_bwz7u-HwdXVe_kci55rf-SSbyzMqyNmOcC-Yvtng2wIHariAs6KeDFB1xbUT09bjRWK9co9mRzCvR-bs_6pMTkdSCoNqSUiss2SJHVqskYZdxunziRrW6sC85qFUjCr52uEVqyFclkWWHeB7iiOMG6gFzjqx5Ulqaa20xsvgEUULNnejVHPgt4vzD0EsQ6nI8cg18U4g7gGhnbsd9EMrnB3mGdpHDYbJBffLUuNPVgveRCtyHIUJAyILViY8uata4pz7Vx6V0Qp59i2fiktvp27M7D4SgVKo-NpgpyH0YjZjWo_0qDPSIaFpTJHqDySSnp4tweajee4z4AFjbH0wPyaS2dRHrCKKa9EiTctSk5C6iAxgpJjV1zlxMFOrx1Cjo9VzOpb7PGsERFaJQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChqEMRRrKZdrLKMOP2OMP4bKwiATJntKxXMWymPdwwI23ARABIABglZKggrAHggEXY2EtcHViLTAyODQ1MjY4NTA0MjY2NzDIAQmpAnNiPom0EbI-qAMByAMCqgT_AU_QdsrQBEIiQnV4Mt7z7yVb6F9Wp2JJcZIxJvF5Y8N84GnblnJAfCaI5Pet--kpTqXbPnwqZIL-EUwjXTIue8wHBAhsCcPrKu3VkVJbFB7h5wVCywjmov6KVa1gFgr6plR_w5CjQxnc-0OQN9EvTLdvfguRdfUlHzFKoLp3_vA5fUSVem_rR9tN9-cs7SJWQJfx03qRJzKogTt8kf92qNXLBnBn0hULwtUtKYHoNyIEnwLEqBx2p4P76NX265RLxpl1IAswsrq-Z_dsu9LFf7PFTxTde-GG9fKtaIX4JirVnHC7yQ72nf5xNhK5KbtQ6pSmzVtzekiXuy5MY8DZR4AGr82tlebZ3-X7AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCQIgOGAcBABMgLrAjoJgECAgISAgIQISL39wTpY9LKBu_GlhAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0zzDGEml-LK-lQsUqJpUx_FXFFOg%26client%3Dca-pub-0284526850426670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 06 Feb 2025 13:16:54 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame CA5E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZcoaRQAKJdoGdgfDAAwZYQq99PYcYx_Nq-S7SQ&u=%7CxgT5wVfWBNmm4D21NoaaY4kd6AgKGQzZpjIVpRsyLWs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSWY8jeVe2k8ObqzjhRY3iWdYxeb0TFq0BsrbBRdJGBvh0dfvto9R4hI0kooYm79qmw7qmgBgT6y2MPJbZ0dSBUMWcYP5NKMiYT7A047vX_nXmm1Pu0GcvFfboO45ARdk0ZjCme0YFlLbYWTIhoKWV4T0vvgnbdshFf1CXEr_s_ChdeY1hYv7zvWj5C0Kz5CGAliiRXds3w9COqT_bwz7u-HwdXVe_kci55rf-SSbyzMqyNmOcC-Yvtng2wIHariAs6KeDFB1xbUT09bjRWK9co9mRzCvR-bs_6pMTkdSCoNqSUiss2SJHVqskYZdxunziRrW6sC85qFUjCr52uEVqyFclkWWHeB7iiOMG6gFzjqx5Ulqaa20xsvgEUULNnejVHPgt4vzD0EsQ6nI8cg18U4g7gGhnbsd9EMrnB3mGdpHDYbJBffLUuNPVgveRCtyHIUJAyILViY8uata4pz7Vx6V0Qp59i2fiktvp27M7D4SgVKo-NpgpyH0YjZjWo_0qDPSIaFpTJHqDySSnp4tweajee4z4AFjbH0wPyaS2dRHrCKKa9EiTctSk5C6iAxgpJjV1zlxMFOrx1Cjo9VzOpb7PGsERFaJQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChqEMRRrKZdrLKMOP2OMP4bKwiATJntKxXMWymPdwwI23ARABIABglZKggrAHggEXY2EtcHViLTAyODQ1MjY4NTA0MjY2NzDIAQmpAnNiPom0EbI-qAMByAMCqgT_AU_QdsrQBEIiQnV4Mt7z7yVb6F9Wp2JJcZIxJvF5Y8N84GnblnJAfCaI5Pet--kpTqXbPnwqZIL-EUwjXTIue8wHBAhsCcPrKu3VkVJbFB7h5wVCywjmov6KVa1gFgr6plR_w5CjQxnc-0OQN9EvTLdvfguRdfUlHzFKoLp3_vA5fUSVem_rR9tN9-cs7SJWQJfx03qRJzKogTt8kf92qNXLBnBn0hULwtUtKYHoNyIEnwLEqBx2p4P76NX265RLxpl1IAswsrq-Z_dsu9LFf7PFTxTde-GG9fKtaIX4JirVnHC7yQ72nf5xNhK5KbtQ6pSmzVtzekiXuy5MY8DZR4AGr82tlebZ3-X7AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCQIgOGAcBABMgLrAjoJgECAgISAgIQISL39wTpY9LKBu_GlhAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0zzDGEml-LK-lQsUqJpUx_FXFFOg%26client%3Dca-pub-0284526850426670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:16:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 06 Feb 2025 13:16:54 GMT
*
ya.ru/clck/click/dtype=stred/pid=453/cid=74186/ytr_sid=46f60fdd.65ca1a45.ce737d90.74722d75726c2d776964676574/ytr_referer=https%3A%2F%2Fmcgrp.ru%2Ffiles%2Fviewer%2F483184%2F8/ytr_event=init_browser_... 		43 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://ya.ru/clck/click/dtype=stred/pid=453/cid=74186/ytr_sid=46f60fdd.65ca1a45.ce737d90.74722d75726c2d776964676574/ytr_referer=https%3A%2F%2Fmcgrp.ru%2Ffiles%2Fviewer%2F483184%2F8/ytr_event=init_browser_script/ytr_project=tr-page/ytr_useXHR/ytr_options/ytr_useLangAttribute/ytr_checkVisibility/ytr_preTranslateScreens/ytr_autoSync=true/ytr_extraParams/ytr_experiments/ytr_maxPortionLength=600/ytr_contextTitle/ytr_preTranslatedOriginals/ytr_disableContainerTags/*
Requested by
Host: yastatic.net
URL: https://yastatic.net/s3/translate/v132.3/dist/scripts/addons/tr_page.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::2:242 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
7e928161cd626935d39ff08188caa3f3a918811ca87194082dedf28b697ce6fd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://mcgrp.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id
1707743814407453-12915050736700298090-balancer-l7leveler-kubr-yp-vla-113-BAL
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type
image/gif
cache-control
no-cache
content-length
43
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240207&jk=4394020649198614&bg=!iYqlisXNAAaxkZ3akZE7ADQBe5WfOLPTx9hhBiTAWmqMwX6HkcO1m0K9-zQa2Tk4_kxyJXaRm_ylOPq6ersC1A7osxqDAgAAAEFSAAAAAmgBB5kCvWJ-Ip1jAmjXm8wQC-vsT8dzuW0Ew1EYF5Nn_np2v3dcvXAzk_SVC8HK8tyUKc4ktvcKO_I5qlnXKLP1Xon3hoxcKc732MaTgWl6E9cFw8ec4e8lpEmV88ohPfDxqjvNNW_5c2w__vVPaUaH1GVVvbvHzhA1U7dFw6yrHlU3NBW9XyscHGoB5xxke9FDdoKuiNfU0wHc-U6rRSa56N5pOSFP_ArqhUDtVY218UhKFGcsKmd_-h0MhMq4IB5eT-uXJJa4Tx2qWyd0ePD36WXhIsPcGY-b-hHveSJbJZpVisKRCHu7DmFY4gSwY5wuPtxZHDxzFSkb3esH5yMJNg7ikavNNejzf7jFkKlGGhTCRaIVdLYZlqfIfm9nI17BNJi2uCYDLZV4KbsHfjIaSr3ruyUDvJUATHBL_vdVLKNzLRKByT0rhQiAibzK9ihD7ywh67UeB8laIdtnsOUmS7Pqq_af_ZDA_oNN8NGFTYLXwmSCSempxgnFgdgbOMc-9B93pzNzpMN9fQ4N8jq3SY0Rx-eBYKoZzyHpwavgrR1xq9LwFatbQmeiDIK15Llh9L6nxsun0Q_tbt8Qa4xvMbOS2rjLb4-TWsZ9bozEd9DQvkdMtOg68Rpw31rPSY6NXaUeRBXvxXx4qbEymTVdPXlHvPuyirSPdEL3nDfI90eNdAjrWvwAR54fd9kzwH9rgrAITU2jwsUUETBqnQ1MhgoBFlncGxZIKAm0NOdP6aDzaKs65Xx2W2QC68ke_52HCbHIIOUft6yNVyC8QELKgB6YHqPn5a0M3j9lQ3yPvtj66hAeDd2cQIxUeGrT9fH4HpdKHMXTKjCYQs1rmfOYydZYIL4Zx6ZTN8q5VMXB7OXL20dTqvThg6R8O5iCewOqAPDesVNqSio_UY2xgOk8m0TrSEK4nRj_spBDwrckziyU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcgrp.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 6A8E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstd3KeJvfmd8gbcaQ_LlEYPyUhCvOFrCqZXsoy2qRva7nQDh5HQPEUfX7MnVD8XRJEODhnnuH7TgE6FxYcA4S9PMLW9epr2NzWYR93tsurqLmuk4JoivzxCN1ctdjSWjj_kZE1nLDg&sig=Cg0ArKJSzMv-tnu8tGR8EAE&id=lidar2&mcvt=1000&p=0,0,120,1042&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240208&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1445471990&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=367661400&rst=1707743813526&rpt=484&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Feb 2024 13:16:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5064 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssrCy28B069d8xuH_J97ATP5zccz7-M03UA5sIyP87LbGEPCKCMC6-riTFifphiZ65hZ1cmj6GO9CmfUv1-akrl_iR-RJrh_eVIKW3RJNiuEqYoHfS0QFDGIwDHnYG-gqub8cYpJLs&sig=Cg0ArKJSzDxosaMCrlBzEAE&id=lidar2&mcvt=1000&p=0,0,600,210&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240208&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3152841301&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=367661400&rst=1707743813538&rpt=515&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Feb 2024 13:16:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame EC52 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=7fgRty0FHlsTHk8dy-Ngg3ZEhSZtz3bZuPhGqnVLtZhZqY4MA2K8JlEWG0feNko8j1XQEq75mMvH6kAJLngpQqw3wqfW0WtM6itbGBiyADmZ0S11OOxsXe9N2Ap1_Lw_egKJbjw8dutI0RAp9r8Je6VoHk7qOXRygRb7B_6szSSFIkjB9nbPlwXEmy1NWK5Tnv9Elr1IcC4-iLNVO7QdipSOyM90r9p9bT6KuJdeo-2pp1y8-qJTh5DhVVgb6Kwy8uUI2w&sds=2&rev=90562.7&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZcoaRQAJW70GdhTpAAlrJ7qKheT065jiKR-rJA&u=%7CxgT5wVfWBNkdybP8YlnbF0vIHz57nZkXdYKInsBR6Kc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUp_kgY2lobi95-175ZKt_5UzcMHe7YrAwQYHt4rpqiT2V12qKPLdjZkINkGqQ_0-tepSBSQ3gD4cacA7Rkr72xAgYIpzB7A5NFqCVscptVbiMwwJv3rTZmcYcjoaToq0ZFVqVCkCltUAIVViBW71ef-hhNYDlgOwTfNRAwAesZASz8lWLzjAjnI7_vVoztpaZBPvhS1WlIWBd_OcIDTpgEb5e6kKSCfkIatucpeqfeKFBpMsNVg4x1lBrwJTGR1jzJWwHLLR6CFq22MzxLDZ1mL1Gv6NzkYGp8DmsaKUioJTeSGEot-pjiaR2CLq-9f_TfN-ItNViLqhkOrm-1XaX63GzDGU0ZGHggCGFU4LiFhVpULHpX5z-INLmq_edNqVYSTkij84kJowhn7os3LEqfTmRItse_ua_LD2Q-MBly8n7taty5qBXTDCKwCM_Llmieo8GKO_g8vCGJsM-X27t2An9IPawTcoqqK6n417bQ-5pPwDsorQoiMPajc1spi95xrxvuizavwHdWOmY0RZ2x4Jc2nBUCSi07FltYcboDoHfoTIcuZiGaKF1SU1AZJiCvMWfjfGWrmei2SJ_CrV8E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGKzIRRrKZb23Jemp2OMPp9alsArJntKxXLWY49aTAcCNtwEQASAAYJWSoIKwB4IBF2NhLXB1Yi0wMjg0NTI2ODUwNDI2NjcwyAEJqQJ_H9928xKyPqgDAcgDAqoE-QFP0CFSfV7V_WBTA8OrW1bkf9vp9KiLUjqiae7_dBXM48pJsK218FXNe2OZoD7MYKY8cXpEaZZo-d2JH6vDzKa-kw2X9yS1xXN6urLTzyazx9qxLQem5cGgVJfEDPbkHiBpq8XFfbZ84bsw1PVYzFYOuiUMLFQz2PWx_J-dxmDdpGedbF7qMIEOATpcDcwq0SMYewT1tHLIr7D2WdLY9cEr6f67LzN-QEG69Ik8AYqAUSurE5YRynzh4-17Es2QtAjlXfBT6E1IKZASB9yMwsMyO51a4eqFkUae2cb5QauIJgG_vCeEN8GFW3Ug4uHMGKykhYvMmPI5dveABq_NrZXm2d_l-wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggkCIDhgHAQATIC6wI6CYBAgICEgICECEi9_cE6WOm7_rrxpYQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2iKLWbiuJbFJp5rBen_3Y1yev4Mg%26client%3Dca-pub-0284526850426670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 12 Feb 2024 13:16:54 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
all
csm.eu.criteo.net/ Frame 7D54 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=TFE7Ny0FHlsTHk8dzQ4EDfPJF71uSEV3dI1RPy0s5vHT8plXMlCD0itTN_nzlQia1wEyG_RtgYQzAPVG4Ht1wZf-5v_u4I_RL_ZFi3AXnTpSbg-UIKILL2MI2VCxh9LL3ssUAjNTlXpy8qe6DzsZUxKi2DgwRqpiia-tevJWkqgxabcFZf-yXFKdhng8qMwldGiPdfmJHbTb9nZdyyRKW-hTZpYdDSefHm9JK44qytdWRBo5sSl8haklzIFIi2phTkqBeg&sds=2&rev=90562.7&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZcoaRQAJwsIGdgw2AAmiy8KyxItATs6HBoIhHg&u=%7CxgT5wVfWBNlG7SQlZEUDdQOgzmIJj5WP5c3yF9fzxYw%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_TwyvpqAGq0ZdC3ai4cspT3vKmwbXBSN1779wSnj7X3AfLotdCvUamZj5R2Bu5aebxUGTbXxcyiDq4o8ZoS5DeRFOOjKl1D-opNouj72riIusisMlksNW4jxBmyQ-3MhpdYiSAhS40a6sIK41no9ahUOBZ6VT-FzVwwNjWeZ8RpNDVpCLi3HZOS703sdQFst8T05nrU7eXrjMYljdGoqMyYzmasiaFQKkVESSD3jOb0PReb9JM4I3GPrGNNcLiSlgfVtUXx9oDDGmVOPVgO4jSL-3NEnOdhiAELOqYaGnAT-l9FT7qbR_kG90OuXYSWnWZO8IVQAj7S4vfEICODdLwHPUeEF-pm5unYWUYX6rinrO6okWogJ5ZY-sCBVvSQpBD3ZP9uGPxVzDwEGPgy6tq4iNMrULZ0agZx6k-l2UTL4VszoVq2hGa9A49Hs9D-ktPv0iJJvcD_M6yxmOja2HSv5LjY_50crv1O8LCUJINmlKxkgKzcRxCR8WrETosDuThDycnho8RAKjY5ecD0IZ4sdRj7blODC8BZgXD0iRKdFTHGVmHYz32KCtxPodIfbqGap6M0BwKEC_ZN_8UvbAJYY9J_YDgEfyEg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNh6hRRrKZcKFJ7aY2OMPy8Wm4APJntKxXPWR3r6xAcCNtwEQASAAYJWSoIKwB4IBF2NhLXB1Yi0wMjg0NTI2ODUwNDI2NjcwyAEJqQJ_H9928xKyPqgDAcgDAqoE-AFP0O2R8Pps-IXBiWsjLewWtV2sHME4Swa3I1FCnu3lYT_evyR4wKSP3CK_sjwJ0nvacURmwl18CE3DL2eifKTc4WqoK9VvVpSVpMqsC0JWFc9PK2SENSt22G7bbJaihIP3FO3uykyeA7RsLkNHFNPWrfpu0eAlWxrQIzlH-ceKwAO5B0MCdsFyqwNDT3yQGVuXXoDpgzRZVuLBUHNreFpCEX4f8obQzu7dQYC-2rbRwJy82D7HN_cHEfda18bt-135VZ3KNm7ELZuBnuRjCVN-t2I0LDAH4KG7XK0MsNfQrWR2KH1_YXPSU7iRzXGo7NK-eAKiDrZvOYAGr82tlebZ3-X7AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCQIgOGAcBABMgLrAjoJgECAgISAgIQISL39wTpY58n_uvGlhAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3MeMEiJL6tv3eqtk9yeAS28v1vmw%26client%3Dca-pub-0284526850426670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 12 Feb 2024 13:16:54 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
all
csm.eu.criteo.net/ Frame CA5E 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pb.adriver.ru
URL
https://pb.adriver.ru/cgi-bin/bid.cgi
Domain
ev.adriver.ru
URL
https://ev.adriver.ru/cgi-bin/json.cgi?ad=719473&bt=55&pid=3198680&bid=7189165&bn=7189165&tuid=1&cfa=1&sid=1&cid=0&custom=301=0;302=0;304=0;308=0;309=0&loc=https://mcgrp.ru/files/viewer/483184/8
Domain
csm.eu.criteo.net
URL
https://csm.eu.criteo.net/all?cppv=3&cpp=6CEtSi0FHlsTHk8dHN2GFi5IUq0iZAomeMef7b82kYV5RWoJEpc2hQJeQziDw2zabnEcto2p-gBe6JkOJJGQyP6zYZcedAjCOj1W3b_jCpZTDAYL9CZO1viU-TqAAz7wu2uU8fELrqAleOFTGphsw7TSNdEXqEgotxwk3-IIRubMqGD6Z9xPf4s7VVDPI813it3vYByNwHR32oyKRed89N0GzkRqnLqFq_Lvi-dtK9Xhdy3-95Qa8VNCpxWEqxhN8vvxfw&sds=2&rev=90562.7&sendBeacon=true

Verdicts & Comments Add Verdict or Comment

123 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| __cfQR object| dataLayer function| AdRiverFPS function| AdriverCounterImage function| AdriverCounterJS object| AFPS object| adrCounterStorage object| yaContextCb function| getBodyScrollTop object| adsbygoogle function| cnc object| pcode_964004_default_ECF3yfhHBu object| Ya object| pcode_964119_default_aD8dvkSSpG object| __activeTestIds object| __vasActiveTestIds object| __pcodeAllActiveTestIds boolean| yandex_context_perf_logging number| pr function| AdFox_getCodeScript object| adfoxAsyncParams object| adfoxAsyncParamsScroll object| adfoxAsyncParamsAdaptive object| ya object| yaads object| yaSafeFrameCallbacksStorage boolean| isLoadingSafeframeStarted object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter object| webpackChunk function| _ function| axios function| io object| Echo function| windowSize boolean| __cfRLUnblockHandlers string| google_user_agent_client_hint object| gapi object| ___jsl object| default_gsi object| _F_toggles object| google object| __G_ID_CLIENT__ object| closure_lm_560921 object| google_tag_manager object| adfoxBiddersMap object| adUnits number| userTimeout function| onYouTubeIframeAPIReady function| ym function| google_sa_impl object| google_image_requests number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| $sf object| yaSafeFrameAsyncCallbacks object| yaCounter19757632 object| googletag object| GoogleGcLKhOms object| yt object| googlefc boolean| adsbygoogle_ama_fc_has_run object| google_llp function| AFMA_AddEventListener function| AFMA_RemoveEventListener function| AFMA_AddObserver function| AFMA_RemoveObserver function| AFMA_ReceiveMessage function| AFMA_SendMessage object| AFMA_Communicator object| default_ContributorServingResponseClientJs object| __googlefc string| __fcInvoked string| __fcexpdef string| YWQyODljNGIyNzNiZDk1ZGxvYWRlcl9qcw== string| YWQyODljNGIyNzNiZDk1ZGNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady object| __core-js_shared__ object| core

53 Cookies

Domain/Path Name / Value
.mediatoday.ru/core Name: idntfy
Value: VUuzYMeKTp5a7AQ
.mcgrp.ru/ Name: XSRF-TOKEN
Value: eyJpdiI6ImdlVUQ5amZ6R015TTRXa2hzcm9aVGc9PSIsInZhbHVlIjoiTjRXZmVNbXlHbG81dXcraFJFSkd2QWVmc1FOdCtZSkduNHhNSGJrQzd2dTB2SW5LNlB0dzhEbjloS1hwZFNZZitDQjA1N1k2cDZiaDMyUnlRd0xwVllSR0o4QlcwWXNab2htcXB5UlBDc09KdE56MGhwQmxLOU8xWXhFOTBMUVUiLCJtYWMiOiI1ZDYxN2FhOWQ3MGFmZTdiZTllMzY5MzFjNmQwOThkNGMzYTA0OTA3Zjc4NGM3MzM0MjkyZjdhYWQ2YjAzYzU2IiwidGFnIjoiIn0%3D
.mcgrp.ru/ Name: mcgrpru_session
Value: eyJpdiI6IjFyZVB2WEhlY3JFVTZ3UDJmTDNmMVE9PSIsInZhbHVlIjoibUM3UVFQS0RCekNpU0JxYW1jazQ4UUFRc25RVTBDMmUrZC91NGFoc1JZdDcyZERkRUZGS3hFSjNlMWV2NzArbEhIT0NBaTlBU3RSTENPd0NiQ1VJbEh5UG9tOXcyR0VlQXU4Qng0NjJ2MHFia2x0blF3RXo0aXBIeksyUUlsODYiLCJtYWMiOiJlODQzNmI4MmM2MGNmY2FhMzJhYWJkNGY5ODg3NmJlYmVjODhlNWU5OWM2MGNlNjRjOGM4MWM0ZDcyOWMwMmE0IiwidGFnIjoiIn0%3D
.google.com/ Name: NID
Value: 511=BARgKrwCyu2x9SLQx55Wo78GfHShWJsUy-yer66iSUKtj19pwyahVuJwBk8MVeLqwULif3sg2DlFCv2P6N2gUjZF2ZS0PFNiWY8K6XrnRdcKoIf0Q9G4h1ZpIZjw88Lax0pfwZGnkcF-oLCRxa4w0lcayqDeUg0vR7tI2HwDKjc
yoomoney.ru/ Name: yoouid
Value: 8550864311707743812
.yandex.ru/ Name: i
Value: TN2pC47NE07rDkKInXUWaSZaseP80XPlsQyQefEbdXDJqUnaQp7Wb+XPzBsXJYs5zUJzi+/7M7q81AS5c7lftKOu4ks=
.yandex.ru/ Name: yandexuid
Value: 2133765471707743812
.yandex.ru/ Name: yashr
Value: 9488378011707743812
.yoomoney.ru/ Name: _ym_uid
Value: 1707743813475525359
.yoomoney.ru/ Name: _ym_d
Value: 1707743813
mc.yandex.com/ Name: yabs-sid
Value: 1264140981707743813
.yandex.com/ Name: yuidss
Value: 6726561041707743813
.yandex.com/ Name: ymex
Value: 1739279813.yrts.1707743813#1739279813.yrtsi.1707743813
.yandex.com/ Name: bh
Value: KgI/MA==
.yandex.com/ Name: i
Value: Vwwkn+j6wM8G/0vM76cmMouxtmmcgeJnZEAmkSXINPnGUfaxphqgnuZfIgwxqToIbgxQfn708Ym0Xw3UaVmLnL/hkf0=
.yandex.com/ Name: yandexuid
Value: 5507015481707743813
.yoomoney.ru/ Name: _ym_isad
Value: 2
ws.mcgrp.ru/ Name: io
Value: 9NlDfFdcuUvxKMx7AByw
.exchange.buzzoola.com/ Name: uuid
Value: e8be2d91-3c05-4eb8-657e-6bba09e23da3
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: bfc72ebc-50cd-522b-9c90-cdbef95ad7fb
.betweendigital.com/ Name: ut
Value: ZcoaRQAHXriyKkdn9aC7GPqgqRx64IqgYmdmrQ==
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: unm
Value: 1
.mcgrp.ru/ Name: cf_clearance
Value: jDR3y2Fm49vsTiytKhGArCdwdDpE9RFxxl40GUrcNTE-1707743813-1-AabTmO3EdYIIboo3LhP576GD/a9lIm0Z03RXXeggaz3ix6NmKUGz0cbLpWpzLzDJS83u/3v0eEAvGDhQp69okl0=
.exchange.buzzoola.com/ Name: cookiesyncs
Value: 000000000000000000000000d93dab9edf0912baf9008f35866978f1
.mcgrp.ru/ Name: _ym_uid
Value: 1707743814815669785
.mcgrp.ru/ Name: _ym_d
Value: 1707743814
.mcgrp.ru/ Name: _ga
Value: GA1.1.1930442151.1707743814
.yandex.ru/ Name: yuidss
Value: 2133765471707743812
.yandex.ru/ Name: ymex
Value: 1739279813.yrts.1707743813
mc.yandex.ru/ Name: yabs-sid
Value: 2195790851707743813
.yandex.ru/ Name: bh
Value: KgI/MA==
.ssp-rtb.sape.ru/ Name: sspuid
Value: CkIDTmXKGkVZLgRODXJwArLcVFiOVCy0R7Yj/rVqrCBNa9TJ
.mcgrp.ru/ Name: _ym_isad
Value: 2
.relap.io/ Name: unique
Value: Ed50Bbfd30F3Ebd1
.relap.io/ Name: fsts
Value: 1707743813
.relap.io/ Name: lsts
Value: 1707743813
.relap.io/ Name: suid
Value: 5ac02ed0d63ab696a0e112d71889f8c07b97f60d--971911f7696f55d6b76e0be9c8998900590b8a0a8e616c386ada9cbe2f3fbbac
.mcgrp.ru/ Name: __gads
Value: ID=0446a14a85a5f1a0:T=1707743813:RT=1707743813:S=ALNI_MYBQPhDVol5j5DY8fFhl3ywz6PqLg
.mcgrp.ru/ Name: __gpi
Value: UID=00000d565abbaff7:T=1707743813:RT=1707743813:S=ALNI_MYn8Zj9iw7gz1ASzTwvYoO6cSbBdQ
.mcgrp.ru/ Name: __eoi
Value: ID=8a5ff5ea27776e7e:T=1707743813:RT=1707743813:S=AA-Afjb3VNOyM3Zb4rS2r9XHVCB7
.mc.webvisor.org/ Name: sync_cookie_csrf
Value: 2833128541fake
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 2288731184fake
.mcgrp.ru/ Name: _ga_L7NZY3C6R9
Value: GS1.1.1707743813.1.0.1707743814.0.0.0
.doubleclick.net/ Name: IDE
Value: AHWqTUl-ef35_KOXhHUrA1eUNdih7U4J1ulKkQo1KFhPGrfEtf5IKWYO6NWqzViozMU
.webvisor.org/ Name: yandexuid
Value: 2133765471707743812
.webvisor.org/ Name: yuidss
Value: 2133765471707743812
.webvisor.org/ Name: i
Value: TN2pC47NE07rDkKInXUWaSZaseP80XPlsQyQefEbdXDJqUnaQp7Wb+XPzBsXJYs5zUJzi+/7M7q81AS5c7lftKOu4ks=
.mc.webvisor.org/ Name: sync_cookie_ok
Value: synced
.ya.ru/ Name: i
Value: SY83v7Y3ExkEoP0S2d6nuBy238+IOxNGM0KEUvRPrbhX5HDHu4KCiAkOSWBZpK9f9HPsnzC9ZMvbQCVM0kznhPKh9YY=
.ya.ru/ Name: yandexuid
Value: 2002980901707743814
.ya.ru/ Name: yashr
Value: 9299626471707743814

124 Console Messages

Source Level URL
Text
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://pb.adriver.ru/cgi-bin/bid.cgi
Message:
Failed to load resource: net::ERR_CONNECTION_REFUSED
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0284526850426670&output=html&h=120&slotname=7075887982&adk=1445471990&adf=1833537791&pi=t.ma~as.7075887982&w=1042&lmt=1707743813&rafmt=12&format=1042x120&url=https%3A%2F%2Fmcgrp.ru%2Ffiles%2Fviewer%2F483184%2F8&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707743813298&bpp=6&bdt=677&idt=225&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3827437176928&frm=20&pv=1&ga_vid=1930442151.1707743814&ga_sid=1707743814&ga_hid=931466232&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=164&ady=299&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31080780%2C31080795%2C31080820%2C42532523%2C44795922%2C95324581%2C31080932%2C95322183%2C95320869%2C95321867%2C95324155%2C95324160%2C95324260&oid=2&pvsid=4394020649198614&tmod=591409428&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=228
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://ev.adriver.ru/cgi-bin/json.cgi?ad=719473&bt=55&pid=3198680&bid=7189165&bn=7189165&tuid=1&cfa=1&sid=1&cid=0&custom=301=0;302=0;304=0;308=0;309=0&loc=https://mcgrp.ru/files/viewer/483184/8
Message:
Failed to load resource: net::ERR_CONNECTION_REFUSED
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mcgrp.ru/files/viewer/483184/8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
ad.mail.ru
ads.betweendigital.com
ads.eu.criteo.com
apis.google.com
cat.nl3.eu.criteo.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
content.adriver.ru
csm.eu.criteo.net
ev.adriver.ru
exchange.buzzoola.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
imageproxy.eu.criteo.net
lh3.googleusercontent.com
matchid.adfox.yandex.ru
mc.webvisor.org
mc.yandex.com
mc.yandex.ru
mcgrp.ru
mediatoday.ru
pagead2.googlesyndication.com
pb.adriver.ru
pbs.alfasense.com
region1.google-analytics.com
relap.io
rtb.fr3.eu.criteo.com
rtb.nl3.eu.criteo.com
secure-gl.imrworldwide.com
ssp-rtb.sape.ru
static.criteo.net
tpc.googlesyndication.com
translate.yandex.net
ws.mcgrp.ru
www.google.com
www.googletagmanager.com
ya.ru
yandex.ru
yastatic.net
yoomoney.ru
csm.eu.criteo.net
ev.adriver.ru
pb.adriver.ru
109.235.165.222
138.201.34.239
178.250.1.6
188.42.34.64
193.3.184.211
2001:4860:4802:34::36
23.111.119.60
23.111.96.36
2600:9000:225b:5a00:1e:a43d:b640:93a1
2606:4700:20::ac43:47c7
2606:4700::6810:5614
2606:4700::6811:190e
2a00:1148:db00::17
2a00:1450:4001:801::200a
2a00:1450:4001:808::200e
2a00:1450:4001:811::2008
2a00:1450:4001:812::2004
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2001
2a00:1450:400c:c0c::54
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::9
2a02:2638:d::c
2a02:2d8:0:1025::20
2a02:6b8:20::215
2a02:6b8::16b
2a02:6b8::194
2a02:6b8::1:119
2a02:6b8::2:242
2a02:6b8:a::a
95.163.43.46
95.217.244.119
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
04b73f9c0e6a03495ed1a6e8c614df487ca6d7671f96ed1f512b2f3383fba7b9
0552ad8ae81d6e80de4a9d18525ed19742b8aa084e468294ece6075e099f734c
05e6b3f7f19592b7d534d6a279441968d4a3c3936158bfe6fabf2c6e83a1b482
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
08ccab9262c6827f33ae4f37c5306e4f3da37774034431062b3f6f20902de66d
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
095f5b9353bfe1361858fec013c053cf3145126a9b8248b0a468881f4c03211d
0a441364fb8e96fdbaa964e3a621cacd98e24f19484d18cda7fe8f973e02bede
0bf1fa2053c94c7a619ba3adbda3438536a27cf1deb4efb868cce4e6f3ee8aca
0c3bf9c44025b720ba797024dc09741954a4b2ee69121fb8e884cc2b12f895ef
0c86343296ea51eaa90b3232df83d675cacb4df038f7397402ce9072f7282ef8
11ff7be03a525aa696ae2ca10539b2301099fdbaef0ff8d8b78f07dfe16f6143
15d41751c9cb3bb2bc7d74a041f1ccd0c7b985b2c43f98a4d45923629d309f5f
160ee3f3009daf2d30f1e101ae9522355a25c6a5f7e63e5875f96e2f2e80f004
19c8fe653e8a439a1c6d229ad5ce33112bf6a594e755a24749a07460467e933b
1be08882dfeb8650bd7e5095225c4486fca31df5c071bb103f053f2c45b715ca
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1dcb72155edae8fec6f6fa0f8c6d6a5ae62f6c02f4cbe6cb10befe676409f6e8
1e968eadc6c40579d68693cffdbe2c01f0d1c4dd04d49052c7bb313b19c1a983
1ec35503ffa56830497229a0a0c1b04b8bf6dc155a17f26c34f92e18b05cb76b
1f5e6453e0475c9ba80f106e4afa8098dcb23ebb0e6640e2f0874d6626af6181
21d4aa83528f8e8b3b51b7f376fff9567108e2d2922d54e3704914fdea894bfd
23d11567502488b4905a85c8ce6a03d6ce539620fa559b8f24a2a95b292a2c6a
28eb0b80f02c59b0d87b0bb25256693504acf4c550b5c9091e986ac04b0e9125
2b9db72d92dd5dad0d12825f37bfeef16d23cc747a0ba5717494b2bdf10d9c54
2cf93f506c6bc8136beedb769dd7459ba20d7487709a2bd3bcb75d8d3b2f15dd
2e8cb4ce06155570e401df1c87a06b3a58f4b2cbbde3741f5c0d879df6df1ed2
2ef0f7bfd62d1f8241ad9cf5eba3c5a8cb32722ba5b60d646452528fb8f62584
2ef289d75a7aaf0ba111182a1a42aea4efe546ce27a7f949970d1afa4a1e987e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
39a352782a754b6fd30e829892cd4cbd882367943c983a44eab51ece7203bda0
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3c7bdddff28df3aff62d8de722d3ad82c61853c52c68a174c2246275c4f88d44
405dbb71a83a656dc7949de95212934a7420a2af2cb6a0b580061412cbb4b7d9
440f1dc57031c8a5d051f2f407091b90b17683d36ccc092cbd28583e419f58d9
44f5ec24ee220e0e00bec5b1ade741fac438891d806faff7b2802acf2383f1ce
4679006146f2c54b1b10a2fd61418bd0225805c2eedb0594645f57cbeb998bc6
48200eb9ff710781b0fb5c936fdf85bc3275f391e84ccf3c51bea57343aa3b6c
482625f9d55feac9a3187b21e5a8ac098bdfaa328a094f7b4dd2d24ba59056e8
4965a35a3fbfdc47f81d85692f52c815e557e598ce2a9de6a4dfd8719500fb59
4a3762cf65fbc90f094b64a66c8c649a6a5a576ddc0f0eac486dddb1358708e7
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50fceda37b763feeea6a5fa6eec161825a5ddae333d4760d973bf824d159e713
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
590902941df60bb8d5a4733cf248267f869a2bd2dec49a3e373a992573745f2f
59f3681e05f515f597b087b4ea8886306fc363375ca24321cbe49d77132d4666
5a410488869d3bf4acddc3f3baee9ddded9bd420d73f4b487dc38a81f1d55cb0
5aab09d6f36d5d17349074353ffe15d4ccc2241729da6a3ae5a51a0a9cd73262
5ab31cb09d25f55d59b61c92b068cbf12c9abc23e94bde926442b042ab891d80
5c08ee901e63fe4693fe58034adae1a859d7c9e07031f7e2dfd68620811ece03
5d6761121e36dada7b2cb2088e9749ddc66c64da9a262386e1e358c8dbbeeeeb
5e12d47c233fa13f56a6da5b6c14f9d1073c8da59c22111b381b16dc8ebc76a6
5ec80490b29b0432e2c0c081d7e5c30ec8d5fe56ebf2a0983d999276363cc09a
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62325dfc1fc675255519674da6e2c4aad5f51cc6c3217ed3c6fbf6cabe0d86b0
6270cd5b97fab37051d414dad9ece7a390041a2616002d4c6567c2ae6d432a44
6296cbe3862a1be8c43ef2259b89e22d280f1a1b398247a751999166b8f8eca6
64d5d64f7ba87ef4afcd3eec76201089e349099f04f1087a6b599b0f5d01b4cb
65a01de1a60e7ec3e72121d01a231185a9c1ad08ba93acdd2f5283ce97e74a40
695cf8fda4d090b298f03022d3d5d055bc77373206a29fde0671bf5f7936a1af
6f8c50527419722ed3f104f107f99b7d4a9655813c39fbe53f28c6c48bd7437e
6ffe105b7b642759e05a3910670f1d68e37fe3817a6325671bc1d4e589eb51e6
7105b8d155586113fcefe8300778fe9ebc8eee28b521120fb9e00dbcf61c09b3
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
77b2bfa4a5d0971882d9178cfe950dafd440dd2a1ce5d020fbf294bed6581ab0
7e928161cd626935d39ff08188caa3f3a918811ca87194082dedf28b697ce6fd
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
82f711c783a62d38c21fe65c17989882b7de5f6b2f5c8c2378f41e3cc7546b42
8458b919505e2fa64747cfde0c322aedd97fd7bd3ae71e05f229f3188b7288c3
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
91df33a1e9627cc8db44804b653e3b961ba8e800ebca60c76512a8dde465b861
956cf54ea73a4cdb4225c0250b0dec1561cc495bba8488b035dc9ebc28262e63
971fe9c7a0d3d03475b76cbb6ad43b41a4fc297c9facf41f6f04d5274c2e2804
9750efacc632fa575ce4f87f1dd3472049652d65c7868da226c0d666f06d9bb7
9b41ec88763865a0363a4b8610b98ea6e1ecbcfff2013e3f6606ae13edbf2946
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9f251ab0f186bd1a01e122ce3d37182976d71c3315ec473cb6b6646eb3b92d4d
a05917ea755c907b34871da881d5db14a8d3c0d8020810cfdcb3cf14ba8f1a89
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a483d90c8f4ecfed3189a6301d18b249424888d11283fe4bbfed62f352616497
a62b33b10cab6407b450fa82f70baf663fad7346918d956c2909fe43dfab5029
a6d65a1998f0d1f33de164915de8f05819e371b65fb52f866b439cc36d6598a9
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a7db7a463468bb62cebae898dee4f70250fb6811a927fd138a14e1da056ff89d
ae8939748cf1c028d1604678e88a83a1af816b3f55b9907511a1d8db378789cd
b05d026ea9ec9ee554e7d1e2deeecb7589aaa9ba17bd28b236d0f8265554c18d
b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6
b5ba03d7026d251eec6ac85a95a1a262883ac525d84f8b5d904f45873f84ed11
b89d2f3d53c1cb03290de74de114b12f55f8556e6b1f73b0bb611603cfe5cf70
babe86d068fc234b3fc7661e88a59fca26b2a2293b3e6c96cfc6ac82a2b2e01c
bb6254bbd77f007392cddaccdc347c9de9f993a98535e2261b3786e1cb5a66a5
bdb66bf929c8f1e9830c282f042d9441b73776c02bfaf1bbb8a0fe221b548920
be70d4e975dad77deadb0aebb820a003dec95a75857347ec5483033055fa3efd
bfbe88ff7cf1f6b7c145d30018e05b2154eec8b86d861fa185dea8bb88decb46
c120b5ed21655af61863ef9f82249e1f8a8a861225e8d19851f76cdd0f9c1f2a
c1e71f3f659fa81ea0259cd3d25bdaff8e50f33843c90cca83a20a183e23f87f
c4d930d30be8fb09c987629d61b34ec7d7b726095c77fefd11a7ae63534396a6
c74f6f565f14bbdad565468e9278e19f6c4a98fb7a9d962c94145a31c479895c
c7aec10442e679e4a9a51781b77226c6aa02f3dbf05a1f378db1e18a87e3a2cd
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d104aebd4e410991461cfe8128cffdb358b321ec6f1a1dc7d3181a4d6ea8f229
d29dfa9e141ae6f30a7544da06aa7193888b3d308ae3f9d43e537e75a79d1a54
dadee88bc23756d29b8b1c5e98a4e6a70dd6bbd2a20a6a74a91434942c387882
ded65898a773a5f57157e9f69052c5558115b01677a90f5bd343806ad8543b11
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e1273351c6f163c4ec7a3cd6b29fa34a5f828da0b7f6c6630d39c9f6f4ddf14a
e1ca993194493444a47f3955bdc5a0df9c40da60a7938d0dd0e6a6d3f42d3478
e20b03734720291d35016704ae8ece368144653179ebd1f44a41d97e98472606
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8b5675b39ee559e8533101ab53a1a7f819f8977817e4c5ef4906477f2a9f9c
f2e4261a93fa36d50fcb77e42e487fb7073d6a633b3c981bffca36492b638d1c
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f665e1a40d9a0e3d2f8b0ba07d0f0fd1bb89dc62e02f96d63df94827a4446d24
f910c917fc1de961581592e7e1b3e13f93f8518e39b302c74130d0c58d225e04
fa7c882ddf3c6e95cfcdf60802160f9f6934e5d9e2a73fc7ee4701fd1393b4f8
faeb6a7c92370d994a2bdfe9b78984770e784b8987e67aca2ca3810d08d29d2c
fb7d53d872de0e886f04ce437cdebac6a0642297d863b8e1e296fc379a362d53
fcfd3365c191d241998142d54f37e1e14ad1a7ca1ba6c1cc07e50eb46a3e87b8
fd8826f91fb323bf7b87cfd12679567bc1764700503b8cbebca918006642f2ff
fe767d8767d94fff39ded94c37077f587734643de662ffd050dacb08e691080d