2ip.ru Open in urlscan Pro
195.201.201.35 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://2ip.ru/
Effective URL:
https://2ip.ru/
Submission: On November 09 via api (November 9th 2023, 3:07:16 pm UTC) from US — Scanned from DE

Summary HTTP 116 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 19 IPs in 3 countries across 13 domains to perform 116 HTTP transactions. The main IP is 195.201.201.35, located in Gunzenhausen, Germany and belongs to HETZNER-AS, DE. The main domain is 2ip.ru. The Cisco Umbrella rank of the primary domain is 412377.
TLS certificate: Issued by R3 on October 5th 2023. Valid for: 3 months.

This is the only time 2ip.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 37	195.201.201.35 195.201.201.35	24940 (HETZNER-AS) (HETZNER-AS)
15	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	2a01:4f8:231:... 2a01:4f8:231:4097::1	24940 (HETZNER-AS) (HETZNER-AS)
1 9	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
16	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	217.79.188.21 217.79.188.21	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
16	217.79.188.11 217.79.188.11	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 2	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
2	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
116	19

37 195.201.201.35 (Gunzenhausen, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.35.201.201.195.clients.your-server.de

2ip.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:4f8:231:4097::1 (Ehingen, Germany)

ASN24940 (HETZNER-AS, DE)

ipv6.2ip.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.79.188.21 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ad2.adfarm1.adition.com

ad2.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 217.79.188.11 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: imagesrv.adition.com

imagesrv.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	2ip.ru 1 redirects 2ip.ru — Cisco Umbrella Rank: 412377	1 MB
28	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	417 KB
17	adition.com ad2.adfarm1.adition.com — Cisco Umbrella Rank: 48092 imagesrv.adition.com — Cisco Umbrella Rank: 17389	69 KB
9	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	124 KB
7	criteo.net static.criteo.net — Cisco Umbrella Rank: 668 csm.eu.criteo.net — Cisco Umbrella Rank: 10557	6 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	66 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	4 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	180 KB
3	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 10450 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 17732 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 11552	17 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
2	2ip.io ipv6.2ip.io	243 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	22 KB
116	13

	Domain	Requested by
37	2ip.ru	1 redirects 2ip.ru
16	imagesrv.adition.com	ad2.adfarm1.adition.com imagesrv.adition.com
16	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
12	pagead2.googlesyndication.com	2ip.ru pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
9	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
6	static.criteo.net	ads.eu.criteo.com
4	www.gstatic.com	googleads.g.doubleclick.net
3	fonts.googleapis.com	googleads.g.doubleclick.net
3	www.googletagservices.com	googleads.g.doubleclick.net
2	www.googleadservices.com	2ip.ru
2	www.google.com	1 redirects tpc.googlesyndication.com
2	ipv6.2ip.io	2ip.ru
1	cdnjs.cloudflare.com	imagesrv.adition.com
1	fonts.gstatic.com	fonts.googleapis.com
1	csm.eu.criteo.net	ads.eu.criteo.com
1	ad2.adfarm1.adition.com	ads.eu.criteo.com
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	rtb.fr3.eu.criteo.com	googleads.g.doubleclick.net
1	ads.eu.criteo.com	googleads.g.doubleclick.net
116	19

This site contains links to these domains. Also see Links.

Domain
2ip.io
2ipproxy.com

Subject Issuer	Validity	Valid
2ip.ru R3	`2023-10-05` - `2024-01-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.2ip.io R3	`2023-10-17` - `2024-01-15`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2023-12-23`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-07` - `2023-12-30`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-30` - `2023-12-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.adfarm1.adition.com AlphaSSL CA - SHA256 - G4	`2023-05-08` - `2024-06-08`	a year	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-17` - `2024-01-18`	3 months	crt.sh
*.adition.com AlphaSSL CA - SHA256 - G4	`2023-05-08` - `2024-06-08`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://2ip.ru/
Frame ID: 8379FD3BC8BDF53F3ADAF9077FACC235
Requests: 45 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20190131/zrt_lookup_fy2021.html
Frame ID: 3ACF36931C153D510D0C3DBD5CABAAF8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5433854045166583&output=html&adk=1812271804&adf=3025194257&lmt=1699542431&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2F2ip.ru%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699542431614&bpp=3&bdt=238&idt=203&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1605828524370&frm=20&pv=2&ga_vid=1614540068.1699542432&ga_sid=1699542432&ga_hid=534780872&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079345%2C31079346%2C31079515%2C42531705%2C44807462%2C31078301%2C31079382%2C31079156%2C44806139%2C44808149&oid=2&pvsid=579671908671304&tmod=1582792885&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=222
Frame ID: FE3CCFE34F5DB3CAE33DA1C546DB047B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5433854045166583&output=html&h=280&slotname=7508478564&adk=382923868&adf=3113743974&pi=t.ma~as.7508478564&w=1200&fwrn=4&fwrnh=100&lmt=1699542431&rafmt=1&format=1200x280&url=https%3A%2F%2F2ip.ru%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699542431617&bpp=1&bdt=241&idt=223&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1605828524370&frm=20&pv=1&ga_vid=1614540068.1699542432&ga_sid=1699542432&ga_hid=534780872&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=87&ady=110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079345%2C31079346%2C31079515%2C42531705%2C44807462%2C31078301%2C31079382%2C31079156%2C44806139%2C44808149&oid=2&pvsid=579671908671304&tmod=1582792885&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=227
Frame ID: 66448C2793FCF43DD528769349608C97
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5433854045166583&output=html&h=90&slotname=4885479069&adk=3521678509&adf=1588894327&pi=t.ma~as.4885479069&w=1200&fwrn=4&fwrnh=100&lmt=1699542431&rafmt=2&format=1200x90&url=https%3A%2F%2F2ip.ru%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699542431618&bpp=1&bdt=242&idt=229&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=1605828524370&frm=20&pv=1&ga_vid=1614540068.1699542432&ga_sid=1699542432&ga_hid=534780872&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=87&ady=1159&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079345%2C31079346%2C31079515%2C42531705%2C44807462%2C31078301%2C31079382%2C31079156%2C44806139%2C44808149&oid=2&pvsid=579671908671304&tmod=1582792885&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=231
Frame ID: 386E98A8BA5EFE51718200B3CB038766
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUz1nwAOkHwIuNwiAATVghHJkNNEXO9nABMryg&u=%7CI07o04aWhjH5pGUn1oFLVNdSgPxe4JDOGzy%2BWkcv%2BvY%3D%7C&c1=glLBMxGOcDk-vbOOpZWuiwL9OpXS6gVV0_Ig_J1IpPwRDCJxJvxJzDfeVglSmwvD_fvf_kzuoKBljIUMj5jZ0pxzPqU4_vdStjaaskIH7jX-yP9qYg7M72sLVBH9FeixaeAuyBMZO1Ucf6PR2fA7sW1AZmQmBDkl6uBi565swRx9ZhlkFk0XlqQDi8776TkPp4cE_D2eDuQM9VKc0h5vVn6QaJUS6Bs7WIGU71e9M5BAnBH2H67w5bIXoCjqj-TWC9v35snau7cflvH0WLe41SrlNH-gj49h-kNUH_NdIinNZbY5YxLDFlTE-icpcaB2YPpW2rOtMx8gz4bNkJQPkQFQCLB0kPC7pduMnOWPSJgkxIGykZhhr7KC2KKvJ6PjVJ_Pq-Bu_LYPAePtvNjcLl9IJ3k-khlFmHOXfzVr1neXaU9pz9IVzNdr1ehkXCQLYqSGarph025zvb7_TGzITPZcpRFaTsBdFzu0d1nRVMZOBlk8ZmXFh9lrd0SEqTYgtNBZE6jQKhjzXRXJUj4RzSxHzotHb0DPZa4AMKcHiZ4gijh09F2GAyq_wChETKNKer7r08-3c-Yf79AaC20HIOgVEPmaP1baoSyYBzfIkdqfBXk77qQkhQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP3PHn_VMZfygOqK44_UPgquTkA3JntKxXNWdkfdwwI23ARABIABglYKAgLAHggEXY2EtcHViLTU0MzM4NTQwNDUxNjY1ODPIAQmpAkUoK1Rb7rE-qAMByAMCqgS7AU_Q1VjT5yCA7PKe2_X2tC6ifD0aOmYvTTlTtTqgGnqbwsnXM_NktMR2j-LBkOkPdeoq8gZCxkHIDzYLmTdzjagVQtRl-_S_D5kIheFxxz6eo7lubcs7s--Rplx31prkrLfRD5S5Dq1XAPSpLq3a3Hs8TzhYrmamR0G4X19cmETtOZLe-u0QWxNLqN6KpG7fVFUznqgNcEjJSWx4Yf4Vo7Iy9fHbZbvhN-lR4XRjQe-zvb3erCQwfTC605WABuf6uvXvuO79eqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2QVpLFxl4ye22SPnOweq-PJtOYTg%26client%3Dca-pub-5433854045166583%26adurl%3D
Frame ID: BE598675FB5E469B3BBE9984C0BBDDB8
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js
Frame ID: 810E1B11A846BDC4ED76FF4B42877553
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 4E3F1100A80B7B99B6871122232F825F
Requests: 6 HTTP requests in this frame

Frame: https://ad2.adfarm1.adition.com/banner?sid=4285905&gdpr=1&&ts=1699542431&kid=6122634&bid=18731171&wpt=H&kw=[criteo_kid]129132&clickurl=https%3A%2F%2Fcat.nl3.eu.criteo.com%2Fdelivery%2Fck.php%3Fcppv%3D3%26cpp%3DrKQ2fkwUuUv1uJncv82Jnfhrz9E_XM4JgRz-nD5_9a69mklgw6dmqlu3ZzPKs5xzQcezaXBGajbfErMLRaMPcLMxjWIBECXr2wjkuTIGIomyH60PLkTHoEgBbSct41mVoYYfHABBTwQaO4ZZpdtu5lQZps4gb2vL5yigQpiKMLRVmrZMumGJakSlu3O4uP5W6blS2J7kQxfV6jH-2zW9FkZO_3gQWsI3BBQwW4YuSEXcidkNQIc6Wcd0pSxPI7ACw854sbu-Qz7PgNV_tAODipy1DDcBSKXNVRdWt6PEU63qYA1zyXfkeW6vKCpT7UE8ONyckWIWk884YQ2XXtkyYyE_v0bQ4cEDSM6r3IL1KbCUx5bGBpv0Hxp3czhmVsf-ss6GLeMJpHzLSswb_ZO18ej1Roih8c3b7-z4hLVLv5QW6no-%26maxdest%3D
Frame ID: B6D02E5DE8D1D5413867406D42AC03F3
Requests: 1 HTTP requests in this frame

Frame: https://imagesrv.adition.com/banners/268/01/1d/d0/a3/index.html?clicktag=https%3A%2F%2Fcat.nl3.eu.criteo.com%2Fdelivery%2Fck.php%3Fcppv%3D3%26cpp%3DrKQ2fkwUuUv1uJncv82Jnfhrz9E%5FXM4JgRz%2DnD5%5F9a69mklgw6dmqlu3ZzPKs5xzQcezaXBGajbfErMLRaMPcLMxjWIBECXr2wjkuTIGIomyH60PLkTHoEgBbSct41mVoYYfHABBTwQaO4ZZpdtu5lQZps4gb2vL5yigQpiKMLRVmrZMumGJakSlu3O4uP5W6blS2J7kQxfV6jH%2D2zW9FkZO%5F3gQWsI3BBQwW4YuSEXcidkNQIc6Wcd0pSxPI7ACw854sbu%2DQz7PgNV%5FtAODipy1DDcBSKXNVRdWt6PEU63qYA1zyXfkeW6vKCpT7UE8ONyckWIWk884YQ2XXtkyYyE%5Fv0bQ4cEDSM6r3IL1KbCUx5bGBpv0Hxp3czhmVsf%2Dss6GLeMJpHzLSswb%5FZO18ej1Roih8c3b7%2Dz4hLVLv5QW6no%2D%26maxdest%3Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7299479163623048405%2526gdpr%253D1%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7299479163622982869%2526sid%253D4285905%2526kid%253D6122634%2526bid%253D18731171%2526c%253D58236%2526keyword%253D%25255Bcriteo%25255Fkid%25255D129132%2526sr%253D0%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=1&gdpr_consent=&h5Params=%7B%7D
Frame ID: 0686D034BA4155A733708369DBD20C97
Requests: 17 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 709302F6A5C989DF2A7D0C418F2F8C87
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1E06F658585D9301A2163FCC5AE88D21
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QFuvQnGphQ6GO9QABj_Aqe7B_rJiyTlA9JcZ7sKm_jE.js
Frame ID: 97712D5F5483DFA3B20863AE7F3CE80A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QFuvQnGphQ6GO9QABj_Aqe7B_rJiyTlA9JcZ7sKm_jE.js
Frame ID: 5E56D231A24273B8D8E2BD545A3CCFBB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 764C8CFE7B6A68164AE65DC4D1B85BDC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C818247C25687BAB17C4FDB2BFEE4C14
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Узнать IP адрес

Page URL History Show full URLs

http://2ip.ru/ HTTP 301
https://2ip.ru/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

116
Requests

99 %
HTTPS

72 %
IPv6

13
Domains

19
Subdomains

19
IPs

3
Countries

2018 kB
Transfer

3916 kB
Size

9
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://2ip.io/ru/geoip/
Title: Германия, Шенефельд

Search URL Search Domain Scan URL

URL: https://2ipproxy.com/?code=2ip
Title: Get a proxy

Search URL Search Domain Scan URL

URL: https://2ip.io/ru/privacy/
Title: Проверка анонимности

Search URL Search Domain Scan URL

URL: https://2ip.io/ru/mail-checker/
Title: Проверка существования email

Search URL Search Domain Scan URL

URL: https://2ip.io/ru/check-port/
Title: Проверка порта

Search URL Search Domain Scan URL

URL: https://2ip.io/
Title: EN

Search URL Search Domain Scan URL

URL: https://2ip.io/ua/
Title: UA

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://2ip.ru/ HTTP 301
https://2ip.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 89

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 90

https://googleads.g.doubleclick.net/pagead/adview?ai=CnsQ7n_VMZeiyNa-WwuIPl8-HuAqN0JGMdLqwuquNEmQQASD83ZwDYJWCgICwB6AB3Jrc-wHIAQmpAqpQfoDC87E-qAMByAPLBKoExQFP0LJuVpwkkZ9l27rKkEcgHQqdUZcfJ6e8aO4zulxQUnJmMROZZaTcd67Fu8uyeKMqcTuT8PoXHdM6tTP-E0uE1TWRF3MRPKaweMUky_D1dyd_T4rpPzVj8BXtzTOOTOx432OOQUa_AYhwoAYoYsd6VnZRO0o2ifEIkYWcKb-g4SYqP6WIyYM0eG__xqYIbR81pLSTZRs_YUxwyMAmHiGdOgSDmcFwlfBRsYN3WSGC4liWdhw6ikmLgc_JpUAjzf06icMWOsAE9PvetsEEiAXL1KqSTZIFBAgEGAGSBQQIBRgEoAYugAeM5aOEAqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEKWZItIIFgiA4YBwEAEYHzIC6wI6AoBASL39wTqaCV5odHRwczovL2NoZWNrY2FyczI0LmRlL2ZhaHJ6ZXVnZS9UZXNsYS9Nb2RlbCUyMDM_dHlwZT1jcmVkaXRDb25kaXRpb24mbWluVmFsdWU9MCZtYXhWYWx1ZT0yMDAwgAoByAsBogwQKg4KDLW4sQLktLEC7rWxAtgTDYgUAdAVAZgWAYAXAbIXHAoaCAASFHB1Yi01NDMzODU0MDQ1MTY2NTgzGAA&sigh=3lWu7iohjbo&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTwDICaaN1OEi6qdOIj7ixjkD8H5uEO3nqogz0-YLBDthnTIBKOyIszQLhpBsLMcVKXN2eMSKTRNW6_tSkSlTUoBcKVVUlPJT56x0EoRYCRoYAQ&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222202725770950318144%22,%22debug_reporting%22:true,%22destination%22:%22https://checkcars24.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22527895900%22],%224%22:[%2211-09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226305818221175796945%22}&andc=true

116 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
2ip.ru/
Redirect Chain

http://2ip.ru/
https://2ip.ru/

160 KB
31 KB

189ms
162ms

Document
text/html

195.201.201.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://2ip.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.201.35 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.35.201.201.195.clients.your-server.de

Software

nginx /

Resource Hash

f7472831062520d9f9766130d098a8820b2b538a0033b76aeec660486bb5e05b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version-List
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 09 Nov 2023 15:07:11 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
x-frame-options: SAMEORIGIN

Redirect headers

Connection: keep-alive
Content-Length: 178
Content-Type: text/html
Date: Thu, 09 Nov 2023 15:07:11 GMT
Location: https://2ip.ru/
Server: nginx

GET
H2 200 icons.woff2
2ip.ru/fonts/ip/ 11 KB
12 KB 30ms
27ms Font
application/octet-stream 195.201.201.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://2ip.ru/fonts/ip/icons.woff2
Requested by: Host: 2ip.ru
URL: https://2ip.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.201.201.35 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.35.201.201.195.clients.your-server.de
Software: nginx /
Resource Hash: 4bb5fd96f23131b75f6b30a5290dd3613fee190b74438198daaf150ba9b0ea31

Request headers

Referer: https://2ip.ru/
Origin: https://2ip.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: public
date: Thu, 09 Nov 2023 15:07:11 GMT
last-modified: Sat, 03 Jun 2023 08:53:36 GMT
server: nginx
etag: "647aff90-2dc4"
content-type: application/octet-stream
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 11716
expires: Fri, 08 Nov 2024 15:07:11 GMT

GET
H2 200 icons.woff
2ip.ru/fonts/ip/ 14 KB
14 KB 31ms
28ms Font
application/font-woff 195.201.201.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://2ip.ru/fonts/ip/icons.woff
Requested by: Host: 2ip.ru
URL: https://2ip.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.201.201.35 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.35.201.201.195.clients.your-server.de
Software: nginx /
Resource Hash: 8f9bb0055e94b7c7324ea1d58a76caed4f112575528b4442314b466a3ccc69d3

Request headers

Referer: https://2ip.ru/
Origin: https://2ip.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: public
date: Thu, 09 Nov 2023 15:07:11 GMT
last-modified: Sat, 03 Jun 2023 08:53:36 GMT
server: nginx
etag: "647aff90-37f4"
content-type: application/font-woff
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 14324
expires: Fri, 08 Nov 2024 15:07:11 GMT

GET
H2 200 icons.ttf
2ip.ru/fonts/ip/ 27 KB
27 KB 31ms
28ms Font
application/octet-stream 195.201.201.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://2ip.ru/fonts/ip/icons.ttf
Requested by: Host: 2ip.ru
URL: https://2ip.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.201.201.35 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.35.201.201.195.clients.your-server.de
Software: nginx /
Resource Hash: cec904386a3fabc328a821f7cf28d14c3e7bf48910d24f8558291a4fd9cd4d6c

Request headers

Referer: https://2ip.ru/
Origin: https://2ip.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: public
date: Thu, 09 Nov 2023 15:07:11 GMT
last-modified: Sat, 03 Jun 2023 08:53:36 GMT
server: nginx
etag: "647aff90-6b6c"
content-type: application/octet-stream
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 27500
expires: Fri, 08 Nov 2024 15:07:11 GMT

GET
H2 200 Raleway-Bold.woff2
2ip.ru/fonts/raleway/ 49 KB
49 KB 32ms
29ms Font
application/octet-stream 195.201.201.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://2ip.ru/fonts/raleway/Raleway-Bold.woff2
Requested by: Host: 2ip.ru
URL: https://2ip.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.201.201.35 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.35.201.201.195.clients.your-server.de
Software: nginx /
Resource Hash: 8cca48479bc91d350347030e9f4bef73b85a33fe983cc892fdf3540f1b59292b

Request headers

Referer: https://2ip.ru/
Origin: https://2ip.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: public
date: Thu, 09 Nov 2023 15:07:11 GMT
last-modified: Tue, 26 May 2020 08:51:33 GMT
server: nginx
etag: "5eccd895-c4ac"
content-type: application/octet-stream
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 50348
expires: Fri, 08 Nov 2024 15:07:11 GMT

GET
H2 200 Raleway-BoldItalic.woff2
2ip.ru/fonts/raleway/ 44 KB
44 KB 32ms
29ms Font
application/octet-stream 195.201.201.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://2ip.ru/fonts/raleway/Raleway-BoldItalic.woff2
Requested by: Host: 2ip.ru
URL: https://2ip.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.201.201.35 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.35.201.201.195.clients.your-server.de
Software: nginx /
Resource Hash: 8a6f9798437a0a8d7d77cd10600f7c8d941bbfa4288754ac8fc99325577f6636

Request headers

Referer: https://2ip.ru/
Origin: https://2ip.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: public
date: Thu, 09 Nov 2023 15:07:11 GMT
last-modified: Tue, 26 May 2020 08:51:33 GMT
server: nginx
etag: "5eccd895-afa0"
content-type: application/octet-stream
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 44960
expires: Fri, 08 Nov 2024 15:07:11 GMT

GET
H2 200 Raleway-Regular.woff2
2ip.ru/fonts/raleway/ 49 KB
49 KB 32ms
29ms Font
application/octet-stream 195.201.201.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://2ip.ru/fonts/raleway/Raleway-Regular.woff2
Requested by: Host: 2ip.ru
URL: https://2ip.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.201.201.35 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.35.201.201.195.clients.your-server.de
Software: nginx /
Resource Hash: 1cf891fe4848089c5dc2e4051ebb244d8967bc109abdbb0798abda6a51791d84

Request headers

Referer: https://2ip.ru/
Origin: https://2ip.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: public
date: Thu, 09 Nov 2023 15:07:11 GMT
last-modified: Tue, 26 May 2020 08:51:33 GMT
server: nginx
etag: "5eccd895-c35c"
content-type: application/octet-stream
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 50012
expires: Fri, 08 Nov 2024 15:07:11 GMT

GET
H2 200 Raleway-SemiBold.woff2
2ip.ru/fonts/raleway/ 49 KB
50 KB 32ms
29ms Font
application/octet-stream 195.201.201.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://2ip.ru/fonts/raleway/Raleway-SemiBold.woff2
Requested by: Host: 2ip.ru
URL: https://2ip.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.201.201.35 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.35.201.201.195.clients.your-server.de
Software: nginx /
Resource Hash: 67ad497d5b6ef1c59e243fbd6ea09901bc94975459fb03e78123c98fbb3d048e

Request headers

Referer: https://2ip.ru/
Origin: https://2ip.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: public
date: Thu, 09 Nov 2023 15:07:11 GMT
last-modified: Tue, 26 May 2020 08:51:33 GMT
server: nginx
etag: "5eccd895-c5ac"
content-type: application/octet-stream
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 50604
expires: Fri, 08 Nov 2024 15:07:11 GMT

GET
H2 200 Montserrat-SemiBold.woff2
2ip.ru/fonts/montserrat/ 86 KB
86 KB 32ms
29ms Font
application/octet-stream 195.201.201.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://2ip.ru/fonts/montserrat/Montserrat-SemiBold.woff2
Requested by: Host: 2ip.ru
URL: https://2ip.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.201.201.35 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.35.201.201.195.clients.your-server.de
Software: nginx /
Resource Hash: 0da8ca13048726f721e083e458e053d2197e2136bab0e3be66b5cedd9b70e792

Request headers

Referer: https://2ip.ru/
Origin: https://2ip.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: public
date: Thu, 09 Nov 2023 15:07:11 GMT
last-modified: Tue, 26 May 2020 08:51:33 GMT
server: nginx
etag: "5eccd895-15724"
content-type: application/octet-stream
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 87844
expires: Fri, 08 Nov 2024 15:07:11 GMT

GET
H2 200 Montserrat-BoldItalic.woff2
2ip.ru/fonts/montserrat/ 90 KB
90 KB 32ms
29ms Font
application/octet-stream 195.201.201.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://2ip.ru/fonts/montserrat/Montserrat-BoldItalic.woff2
Requested by: Host: 2ip.ru
URL: https://2ip.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.201.201.35 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.35.201.201.195.clients.your-server.de
Software: nginx /
Resource Hash: a6cf7f29df5854ef4fc69260ef74a0b7ec4a3527e3263272c0d5ce9ca5f1218a

Request headers

Referer: https://2ip.ru/
Origin: https://2ip.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: public
date: Thu, 09 Nov 2023 15:07:11 GMT
last-modified: Tue, 26 May 2020 08:51:33 GMT
server: nginx
etag: "5eccd895-1682c"
content-type: application/octet-stream
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 92204
expires: Fri, 08 Nov 2024 15:07:11 GMT

GET
H2 200 Montserrat-Medium.woff2
2ip.ru/fonts/montserrat/ 86 KB
86 KB 32ms
30ms Font
application/octet-stream 195.201.201.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://2ip.ru/fonts/montserrat/Montserrat-Medium.woff2
Requested by: Host: 2ip.ru
URL: https://2ip.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.201.201.35 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.35.201.201.195.clients.your-server.de
Software: nginx /
Resource Hash: 32af198dae805556c3b74bd99133f6acfa1311eadf6ef25bb3cda0a7dbfd7c56

Request headers

Referer: https://2ip.ru/
Origin: https://2ip.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: public
date: Thu, 09 Nov 2023 15:07:11 GMT
last-modified: Tue, 26 May 2020 08:51:33 GMT
server: nginx
etag: "5eccd895-158b8"
content-type: application/octet-stream
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 88248
expires: Fri, 08 Nov 2024 15:07:11 GMT

GET
H2 200 Montserrat-Regular.woff2
2ip.ru/fonts/montserrat/ 86 KB
87 KB 32ms
30ms Font
application/octet-stream 195.201.201.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://2ip.ru/fonts/montserrat/Montserrat-Regular.woff2
Requested by: Host: 2ip.ru
URL: https://2ip.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.201.201.35 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.35.201.201.195.clients.your-server.de
Software: nginx /
Resource Hash: 03ca748815a2ae2131d523b407e1c83a0450c2b171faa3ff02335484a2f6027b

Request headers

Referer: https://2ip.ru/
Origin: https://2ip.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: public
date: Thu, 09 Nov 2023 15:07:11 GMT
last-modified: Tue, 26 May 2020 08:51:33 GMT
server: nginx
etag: "5eccd895-159a0"
content-type: application/octet-stream
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 88480
expires: Fri, 08 Nov 2024 15:07:11 GMT

GET
H2 200 Montserrat-Bold.woff2
2ip.ru/fonts/montserrat/ 86 KB
87 KB 32ms
30ms Font
application/octet-stream 195.201.201.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://2ip.ru/fonts/montserrat/Montserrat-Bold.woff2
Requested by: Host: 2ip.ru
URL: https://2ip.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.201.201.35 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.35.201.201.195.clients.your-server.de
Software: nginx /
Resource Hash: db773ac258dbcff888047f757d42dc45b1dd26caa4465aa6fb9f988d1a7d1ca4

Request headers

Referer: https://2ip.ru/
Origin: https://2ip.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: public
date: Thu, 09 Nov 2023 15:07:11 GMT
last-modified: Tue, 26 May 2020 08:51:33 GMT
server: nginx
etag: "5eccd895-1597c"
content-type: application/octet-stream
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 88444
expires: Fri, 08 Nov 2024 15:07:11 GMT

GET
H2 200 Montserrat-Italic.woff2
2ip.ru/fonts/montserrat/ 90 KB
90 KB 32ms
30ms Font
application/octet-stream 195.201.201.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://2ip.ru/fonts/montserrat/Montserrat-Italic.woff2
Requested by: Host: 2ip.ru
URL: https://2ip.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.201.201.35 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.35.201.201.195.clients.your-server.de
Software: nginx /
Resource Hash: 66f53bfb7b0168cba090522bbb0c3f6be72271dc6efea8b2e998d7372639cb2e

Request headers

Referer: https://2ip.ru/
Origin: https://2ip.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: public
date: Thu, 09 Nov 2023 15:07:11 GMT
last-modified: Tue, 26 May 2020 08:51:33 GMT
server: nginx
etag: "5eccd895-166d4"
content-type: application/octet-stream
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 91860
expires: Fri, 08 Nov 2024 15:07:11 GMT

GET
H2 200 config.js Show response
2ip.ru/js/v2/consent/ 8 KB
3 KB 32ms
30ms Script
application/javascript 195.201.201.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://2ip.ru/js/v2/consent/config.js
Requested by: Host: 2ip.ru
URL: https://2ip.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.201.201.35 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.35.201.201.195.clients.your-server.de
Software: nginx /
Resource Hash: 0ece3abc9e8876ad84d0731adceb25f640a553b300352c91aad1e7796a5d6dfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2ip.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: public
date: Thu, 09 Nov 2023 15:07:11 GMT
content-encoding: gzip
last-modified: Fri, 07 Jul 2023 12:18:48 GMT
server: nginx
etag: W/"64a802a8-1e17"
content-type: application/javascript
cache-control: max-age=31536000, public
expires: Fri, 08 Nov 2024 15:07:11 GMT

GET
H2 200 klaro.js Show response
2ip.ru/js/v2/consent/ 122 KB
43 KB 32ms
30ms Script
application/javascript 195.201.201.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://2ip.ru/js/v2/consent/klaro.js
Requested by: Host: 2ip.ru
URL: https://2ip.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.201.201.35 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.35.201.201.195.clients.your-server.de
Software: nginx /
Resource Hash: 68d38e09e808f9afc2618f8eedb2b2a8c431c9f5bc82b892590a85aa3c26d033

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2ip.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: public
date: Thu, 09 Nov 2023 15:07:11 GMT
content-encoding: gzip
last-modified: Thu, 10 Jun 2021 07:22:51 GMT
server: nginx
etag: W/"60c1bdcb-1e9bd"
content-type: application/javascript
cache-control: max-age=31536000, public
expires: Fri, 08 Nov 2024 15:07:11 GMT

GET
H2 200 all-min-v2.js Show response
2ip.ru/js/ 42 KB
14 KB 13ms
12ms Script
application/javascript 195.201.201.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://2ip.ru/js/all-min-v2.js?v=1.160
Requested by: Host: 2ip.ru
URL: https://2ip.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.201.201.35 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.35.201.201.195.clients.your-server.de
Software: nginx /
Resource Hash: c7e4d7e19f77cfc3f6b05d673d2de9ce37b04da3261a693c26913373587cabb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2ip.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: public
date: Thu, 09 Nov 2023 15:07:11 GMT
content-encoding: gzip
last-modified: Thu, 06 Apr 2023 10:45:36 GMT
server: nginx
etag: W/"642ea2d0-a989"
content-type: application/javascript
cache-control: max-age=31536000, public
expires: Fri, 08 Nov 2024 15:07:11 GMT

GET
H2 200 all-min-v2.css
2ip.ru/css/ 178 KB
38 KB 15ms
14ms Stylesheet
text/css 195.201.201.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://2ip.ru/css/all-min-v2.css?v=1.98
Requested by: Host: 2ip.ru
URL: https://2ip.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.201.201.35 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.35.201.201.195.clients.your-server.de
Software: nginx /
Resource Hash: 975db7fb712510b48ec0118ab5ebb1927ef8a9c28acacaf1fbba41cef556cb10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2ip.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: public
date: Thu, 09 Nov 2023 15:07:11 GMT
content-encoding: gzip
last-modified: Tue, 03 Oct 2023 09:29:19 GMT
server: nginx
etag: W/"651bdeef-2c9ff"
content-type: text/css
cache-control: max-age=31536000, public
expires: Fri, 08 Nov 2024 15:07:11 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
52 KB 120ms
85ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: 2ip.ru
URL: https://2ip.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6878fa15cbc798642b64f319869f518c51de8acb26dbb22c7892da1ce2abfd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2ip.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 15:07:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52389
x-xss-protection: 0
server: cafe
etag: 18271328792305706197
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 09 Nov 2023 15:07:11 GMT

GET
H2 200 logo.svg
2ip.ru/img/icon/ 1 KB
1 KB 11ms
11ms Image
image/svg+xml 195.201.201.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2ip.ru/img/icon/logo.svg
Requested by: Host: 2ip.ru
URL: https://2ip.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.201.201.35 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.35.201.201.195.clients.your-server.de
Software: nginx /
Resource Hash: 582094756eadd88587570203f957f6d72916030ac4bf378b505c432938a3e9fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2ip.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: public
date: Thu, 09 Nov 2023 15:07:11 GMT
last-modified: Tue, 26 May 2020 08:51:33 GMT
server: nginx
etag: "5eccd895-471"
content-type: image/svg+xml
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 1137
expires: Fri, 08 Nov 2024 15:07:11 GMT

GET
H2 200 generator.gif
2ip.ru/images/ 2 KB
2 KB 12ms
11ms Image
image/gif 195.201.201.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2ip.ru/images/generator.gif
Requested by: Host: 2ip.ru
URL: https://2ip.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.201.201.35 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.35.201.201.195.clients.your-server.de
Software: nginx /
Resource Hash: 72210562a956bd136c926c2032ca06cdf6d022c371585f5a0e1c73e860669f2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2ip.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: public
date: Thu, 09 Nov 2023 15:07:11 GMT
last-modified: Wed, 10 Feb 2010 09:27:41 GMT
server: nginx
etag: "4b727c0d-6ab"
content-type: image/gif
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 1707
expires: Fri, 08 Nov 2024 15:07:11 GMT

GET
H2 200 345-66.png
2ip.ru/banners/ 133 KB
134 KB 32ms
31ms Image
image/png 195.201.201.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2ip.ru/banners/345-66.png
Requested by: Host: 2ip.ru
URL: https://2ip.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.201.201.35 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.35.201.201.195.clients.your-server.de
Software: nginx /
Resource Hash: 058b527c4e9fc71a0fc6c0cf9ef916fb224de6a45663748359ca51604c50fdd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2ip.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: public
date: Thu, 09 Nov 2023 15:07:11 GMT
last-modified: Sat, 09 Sep 2023 08:15:17 GMT
server: nginx
etag: "64fc2995-21513"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 136467
expires: Fri, 08 Nov 2024 15:07:11 GMT

GET
H2 200 speed-2017.min.js Show response
2ip.ru/js/ 36 KB
13 KB 32ms
31ms Script
application/javascript 195.201.201.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://2ip.ru/js/speed-2017.min.js?v=1.2
Requested by: Host: 2ip.ru
URL: https://2ip.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.201.201.35 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.35.201.201.195.clients.your-server.de
Software: nginx /
Resource Hash: 41b2fdfb870510466d3aa7c4bb958fc8b733aa755332f6c0ff94d3c2ac79680a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2ip.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: public
date: Thu, 09 Nov 2023 15:07:11 GMT
content-encoding: gzip
last-modified: Mon, 05 Jun 2023 12:01:09 GMT
server: nginx
etag: W/"647dce85-9048"
content-type: application/javascript
cache-control: max-age=31536000, public
expires: Fri, 08 Nov 2024 15:07:11 GMT

OPTIONS
H2 200 /
ipv6.2ip.io/ Frame 0
0 55ms
11ms Preflight
text/plain 2a01:4f8:231:4097::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.2ip.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:231:4097::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: GET
Origin: https://2ip.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-encoding: gzip
content-type: text/plain
date: Thu, 09 Nov 2023 15:07:11 GMT
server: nginx

GET
H2 200 / Show response
ipv6.2ip.io/ 25 B
243 B 17ms
17ms XHR
text/plain 2a01:4f8:231:4097::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.2ip.io/
Requested by: Host: 2ip.ru
URL: https://2ip.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:231:4097::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: af31546d9c69c97584c3d79564ab3bc94374e040144d53af2d7a15b4b9195b5e

Request headers

Referer: https://2ip.ru/
X-REQUESTED-WITH: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 09 Nov 2023 15:07:11 GMT
content-encoding: gzip
server: nginx
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, OPTIONS
content-type: text/plain

GET
H2 200 24.svg
2ip.ru/img/icon/ 568 B
776 B 13ms
12ms Image
image/svg+xml 195.201.201.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2ip.ru/img/icon/24.svg
Requested by: Host: 2ip.ru
URL: https://2ip.ru/css/all-min-v2.css?v=1.98
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.201.201.35 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.35.201.201.195.clients.your-server.de
Software: nginx /
Resource Hash: 6a303be2b3daefb9259dd2135cc479b19e518140e7d75c6094aae80c0a24a9bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2ip.ru/css/all-min-v2.css?v=1.98
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: public
date: Thu, 09 Nov 2023 15:07:11 GMT
last-modified: Tue, 26 May 2020 08:51:33 GMT
server: nginx
etag: "5eccd895-238"
content-type: image/svg+xml
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 568
expires: Fri, 08 Nov 2024 15:07:11 GMT

GET
H2 200 favbefo-active.svg
2ip.ru/img/icon/ 315 B
523 B 13ms
12ms Image
image/svg+xml 195.201.201.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2ip.ru/img/icon/favbefo-active.svg
Requested by: Host: 2ip.ru
URL: https://2ip.ru/css/all-min-v2.css?v=1.98
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.201.201.35 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.35.201.201.195.clients.your-server.de
Software: nginx /
Resource Hash: af47836bf549fe0f156282be60ea580edb1ae37698a94a8380312fd428744bf8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2ip.ru/css/all-min-v2.css?v=1.98
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: public
date: Thu, 09 Nov 2023 15:07:11 GMT
last-modified: Tue, 26 May 2020 08:51:33 GMT
server: nginx
etag: "5eccd895-13b"
content-type: image/svg+xml
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 315
expires: Fri, 08 Nov 2024 15:07:11 GMT

GET
H2 200 history.svg
2ip.ru/img/icon/ 380 B
588 B 13ms
13ms Image
image/svg+xml 195.201.201.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2ip.ru/img/icon/history.svg
Requested by: Host: 2ip.ru
URL: https://2ip.ru/css/all-min-v2.css?v=1.98
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.201.201.35 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.35.201.201.195.clients.your-server.de
Software: nginx /
Resource Hash: 3257829b211f07df85f00b727d4fcd3a7a7e3297e302f2f8abe62f3b916e8a56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2ip.ru/css/all-min-v2.css?v=1.98
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: public
date: Thu, 09 Nov 2023 15:07:11 GMT
last-modified: Tue, 26 May 2020 08:51:33 GMT
server: nginx
etag: "5eccd895-17c"
content-type: image/svg+xml
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 380
expires: Fri, 08 Nov 2024 15:07:11 GMT

GET
H2 200 link23.svg
2ip.ru/svg/ 414 B
623 B 12ms
11ms Image
image/svg+xml 195.201.201.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2ip.ru/svg/link23.svg
Requested by: Host: 2ip.ru
URL: https://2ip.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.201.201.35 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.35.201.201.195.clients.your-server.de
Software: nginx /
Resource Hash: 96d31d5d8e3f80bbc9384d0668a5d42756b585d44e5c14bd2c2f928f4a131102

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2ip.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: public
date: Thu, 09 Nov 2023 15:07:11 GMT
last-modified: Mon, 20 Feb 2023 14:19:41 GMT
server: nginx
etag: "63f3817d-19e"
content-type: image/svg+xml
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 414
expires: Fri, 08 Nov 2024 15:07:11 GMT

GET
H2 200 x-eye.svg
2ip.ru/svg/ 837 B
1 KB 12ms
11ms Image
image/svg+xml 195.201.201.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2ip.ru/svg/x-eye.svg
Requested by: Host: 2ip.ru
URL: https://2ip.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.201.201.35 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.35.201.201.195.clients.your-server.de
Software: nginx /
Resource Hash: fe454522b02eca094f6174c4bf08d87b7468394614082b24813585b4c4ccc010

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2ip.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: public
date: Thu, 09 Nov 2023 15:07:11 GMT
last-modified: Fri, 26 May 2023 10:42:44 GMT
server: nginx
etag: "64708d24-345"
content-type: image/svg+xml
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 837
expires: Fri, 08 Nov 2024 15:07:11 GMT

GET
H2 200 de.svg
2ip.ru/img/flags/4x3/ 213 B
421 B 12ms
11ms Image
image/svg+xml 195.201.201.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2ip.ru/img/flags/4x3/de.svg
Requested by: Host: 2ip.ru
URL: https://2ip.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.201.201.35 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.35.201.201.195.clients.your-server.de
Software: nginx /
Resource Hash: 226631a8fa9deee07022680ce0461b7a09b416b616c56ebcaf21f50e2b34ea8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2ip.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: public
date: Thu, 09 Nov 2023 15:07:11 GMT
last-modified: Tue, 26 May 2020 08:51:33 GMT
server: nginx
etag: "5eccd895-d5"
content-type: image/svg+xml
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 213
expires: Fri, 08 Nov 2024 15:07:11 GMT

GET
H2 200 260897_icon.png
2ip.ru/isp_logos/ 4 KB
4 KB 12ms
12ms Image
image/png 195.201.201.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2ip.ru/isp_logos/260897_icon.png
Requested by: Host: 2ip.ru
URL: https://2ip.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.201.201.35 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.35.201.201.195.clients.your-server.de
Software: nginx /
Resource Hash: 60b1cca165909ee9c26b56a79e074b81f0bf98d0341d3b14a9e200f4aad2f862

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2ip.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: public
date: Thu, 09 Nov 2023 15:07:11 GMT
last-modified: Fri, 04 Dec 2020 07:11:13 GMT
server: nginx
etag: "5fc9e111-e36"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 3638
expires: Fri, 08 Nov 2024 15:07:11 GMT

GET
H2 200 btn-row-active.svg
2ip.ru/img/icon/ 153 B
361 B 12ms
11ms Image
image/svg+xml 195.201.201.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2ip.ru/img/icon/btn-row-active.svg
Requested by: Host: 2ip.ru
URL: https://2ip.ru/css/all-min-v2.css?v=1.98
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.201.201.35 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.35.201.201.195.clients.your-server.de
Software: nginx /
Resource Hash: 6782547c6379d97823f761108c3d6a1a7da4b69764f1def75b8c747b30201290

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2ip.ru/css/all-min-v2.css?v=1.98
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: public
date: Thu, 09 Nov 2023 15:07:11 GMT
last-modified: Tue, 26 May 2020 08:51:33 GMT
server: nginx
etag: "5eccd895-99"
content-type: image/svg+xml
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 153
expires: Fri, 08 Nov 2024 15:07:11 GMT

GET
H2 200 btn-column.svg
2ip.ru/img/icon/ 154 B
362 B 12ms
12ms Image
image/svg+xml 195.201.201.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2ip.ru/img/icon/btn-column.svg
Requested by: Host: 2ip.ru
URL: https://2ip.ru/css/all-min-v2.css?v=1.98
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.201.201.35 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.35.201.201.195.clients.your-server.de
Software: nginx /
Resource Hash: 20de87fe2216465da05d4f62cba8a1806fa6085da854fbe89a4217ead508d7d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2ip.ru/css/all-min-v2.css?v=1.98
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: public
date: Thu, 09 Nov 2023 15:07:11 GMT
last-modified: Tue, 26 May 2020 08:51:33 GMT
server: nginx
etag: "5eccd895-9a"
content-type: image/svg+xml
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 154
expires: Fri, 08 Nov 2024 15:07:11 GMT

GET
H2 200 krot.svg
2ip.ru/img/icon/ 550 B
758 B 12ms
12ms Image
image/svg+xml 195.201.201.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2ip.ru/img/icon/krot.svg
Requested by: Host: 2ip.ru
URL: https://2ip.ru/css/all-min-v2.css?v=1.98
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.201.201.35 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.35.201.201.195.clients.your-server.de
Software: nginx /
Resource Hash: e0e7195f0592d35dae4bc118951afd1b2df7b05b87763216c8c7f7f6fc5cbd0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2ip.ru/css/all-min-v2.css?v=1.98
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: public
date: Thu, 09 Nov 2023 15:07:11 GMT
last-modified: Tue, 26 May 2020 08:51:33 GMT
server: nginx
etag: "5eccd895-226"
content-type: image/svg+xml
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 550
expires: Fri, 08 Nov 2024 15:07:11 GMT

GET
H2 200 search.svg
2ip.ru/img/icon/ 548 B
756 B 13ms
12ms Image
image/svg+xml 195.201.201.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2ip.ru/img/icon/search.svg
Requested by: Host: 2ip.ru
URL: https://2ip.ru/css/all-min-v2.css?v=1.98
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.201.201.35 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.35.201.201.195.clients.your-server.de
Software: nginx /
Resource Hash: 7931df7e276fa968b9ead241c6f307cfd0607387e10359d1471cfed75aeb3ea8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2ip.ru/css/all-min-v2.css?v=1.98
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: public
date: Thu, 09 Nov 2023 15:07:11 GMT
last-modified: Tue, 26 May 2020 08:51:33 GMT
server: nginx
etag: "5eccd895-224"
content-type: image/svg+xml
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 548
expires: Fri, 08 Nov 2024 15:07:11 GMT

GET
H2 200 rknd@3x.jpg
2ip.ru/img/v2/ 5 KB
5 KB 12ms
11ms Image
image/jpeg 195.201.201.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2ip.ru/img/v2/rknd@3x.jpg
Requested by: Host: 2ip.ru
URL: https://2ip.ru/css/all-min-v2.css?v=1.98
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.201.201.35 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.35.201.201.195.clients.your-server.de
Software: nginx /
Resource Hash: 5014648b137a5101bd6480f273afe06fc8140bb0afba4c950fbbfce0e7b4dcbb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2ip.ru/css/all-min-v2.css?v=1.98
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: public
date: Thu, 09 Nov 2023 15:07:11 GMT
last-modified: Tue, 26 May 2020 08:51:33 GMT
server: nginx
etag: "5eccd895-127a"
content-type: image/jpeg
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 4730
expires: Fri, 08 Nov 2024 15:07:11 GMT

GET
H2 200 top.svg
2ip.ru/img/icon/ 321 B
529 B 11ms
11ms Image
image/svg+xml 195.201.201.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2ip.ru/img/icon/top.svg
Requested by: Host: 2ip.ru
URL: https://2ip.ru/css/all-min-v2.css?v=1.98
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.201.201.35 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.35.201.201.195.clients.your-server.de
Software: nginx /
Resource Hash: 4f49872ada63cc913787e9129793300a20f655a67bd04b08a12b949795af83fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2ip.ru/css/all-min-v2.css?v=1.98
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: public
date: Thu, 09 Nov 2023 15:07:11 GMT
last-modified: Tue, 26 May 2020 08:51:33 GMT
server: nginx
etag: "5eccd895-141"
content-type: image/svg+xml
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 321
expires: Fri, 08 Nov 2024 15:07:11 GMT

GET
H2 200 Raleway-Black.woff2
2ip.ru/fonts/raleway/ 48 KB
48 KB 11ms
11ms Font
application/octet-stream 195.201.201.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://2ip.ru/fonts/raleway/Raleway-Black.woff2
Requested by: Host: 2ip.ru
URL: https://2ip.ru/css/all-min-v2.css?v=1.98
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.201.201.35 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.35.201.201.195.clients.your-server.de
Software: nginx /
Resource Hash: dfff71daeffe209f7fe5206f6c3f6f0cdb570535955e5c0d5acc0c6735bfaf18

Request headers

Referer: https://2ip.ru/css/all-min-v2.css?v=1.98
Origin: https://2ip.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: public
date: Thu, 09 Nov 2023 15:07:11 GMT
last-modified: Tue, 26 May 2020 08:51:33 GMT
server: nginx
etag: "5eccd895-bfec"
content-type: application/octet-stream
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 49132
expires: Fri, 08 Nov 2024 15:07:11 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/ 400 KB
135 KB 79ms
79ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5433854045166583&plah=2ip.ru

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e2d61134000bcc43025bfd6894e3a198440c82df3e3845059e9cf321e7c3c6ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2ip.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 15:07:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138482
x-xss-protection: 0
server: cafe
etag: 11627393571502511191
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 09 Nov 2023 15:07:11 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231106/r20190131/ Frame 3ACF 9 KB
4 KB 49ms
14ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231106/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2ip.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 12594
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 11:37:17 GMT
etag: 16674218716276178799
expires: Thu, 23 Nov 2023 11:37:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FE3C 210 KB
56 KB 344ms
342ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5433854045166583&output=html&adk=1812271804&adf=3025194257&lmt=1699542431&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2F2ip.ru%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699542431614&bpp=3&bdt=238&idt=203&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1605828524370&frm=20&pv=2&ga_vid=1614540068.1699542432&ga_sid=1699542432&ga_hid=534780872&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079345%2C31079346%2C31079515%2C42531705%2C44807462%2C31078301%2C31079382%2C31079156%2C44806139%2C44808149&oid=2&pvsid=579671908671304&tmod=1582792885&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=222

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5433854045166583&plah=2ip.ru

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d16649e54ccf128e53e1c9223d4cb95d305c9179083b6dd1f7c38e587db9b272

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2ip.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 57284
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 15:07:12 GMT
expires: Thu, 09 Nov 2023 15:07:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 49ms
48ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=consent__notice&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: 2ip.ru
URL: https://2ip.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2ip.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 15:07:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 49ms
47ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=consent__notice&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: 2ip.ru
URL: https://2ip.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2ip.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 15:07:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6644 138 KB
44 KB 665ms
665ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5433854045166583&output=html&h=280&slotname=7508478564&adk=382923868&adf=3113743974&pi=t.ma~as.7508478564&w=1200&fwrn=4&fwrnh=100&lmt=1699542431&rafmt=1&format=1200x280&url=https%3A%2F%2F2ip.ru%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699542431617&bpp=1&bdt=241&idt=223&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1605828524370&frm=20&pv=1&ga_vid=1614540068.1699542432&ga_sid=1699542432&ga_hid=534780872&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=87&ady=110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079345%2C31079346%2C31079515%2C42531705%2C44807462%2C31078301%2C31079382%2C31079156%2C44806139%2C44808149&oid=2&pvsid=579671908671304&tmod=1582792885&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=227

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d92fdb72237e8592d9d77fe7de93c441fa458bcf62fb9253c3fc51214b8fd5fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2ip.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 44575
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 15:07:12 GMT
expires: Thu, 09 Nov 2023 15:07:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 386E 44 KB
15 KB 499ms
499ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5433854045166583&output=html&h=90&slotname=4885479069&adk=3521678509&adf=1588894327&pi=t.ma~as.4885479069&w=1200&fwrn=4&fwrnh=100&lmt=1699542431&rafmt=2&format=1200x90&url=https%3A%2F%2F2ip.ru%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699542431618&bpp=1&bdt=242&idt=229&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=1605828524370&frm=20&pv=1&ga_vid=1614540068.1699542432&ga_sid=1699542432&ga_hid=534780872&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=87&ady=1159&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079345%2C31079346%2C31079515%2C42531705%2C44807462%2C31078301%2C31079382%2C31079156%2C44806139%2C44808149&oid=2&pvsid=579671908671304&tmod=1582792885&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=231

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79dc953e79df57c0b5a1a5c9f498cd4f0cf0ec326c01ecb40611b8789ff28f6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2ip.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 15429
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 15:07:12 GMT
expires: Thu, 09 Nov 2023 15:07:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/ 160 KB
55 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dcb27378f3a6aaed99f68ca8bc81cc083561aba44bbf878da18372afab044b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2ip.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 15:07:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55821
x-xss-protection: 0
server: cafe
etag: 1683054841143277588
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Nov 2023 15:07:12 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame BE59 42 KB
16 KB 105ms
36ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUz1nwAOkHwIuNwiAATVghHJkNNEXO9nABMryg&u=%7CI07o04aWhjH5pGUn1oFLVNdSgPxe4JDOGzy%2BWkcv%2BvY%3D%7C&c1=glLBMxGOcDk-vbOOpZWuiwL9OpXS6gVV0_Ig_J1IpPwRDCJxJvxJzDfeVglSmwvD_fvf_kzuoKBljIUMj5jZ0pxzPqU4_vdStjaaskIH7jX-yP9qYg7M72sLVBH9FeixaeAuyBMZO1Ucf6PR2fA7sW1AZmQmBDkl6uBi565swRx9ZhlkFk0XlqQDi8776TkPp4cE_D2eDuQM9VKc0h5vVn6QaJUS6Bs7WIGU71e9M5BAnBH2H67w5bIXoCjqj-TWC9v35snau7cflvH0WLe41SrlNH-gj49h-kNUH_NdIinNZbY5YxLDFlTE-icpcaB2YPpW2rOtMx8gz4bNkJQPkQFQCLB0kPC7pduMnOWPSJgkxIGykZhhr7KC2KKvJ6PjVJ_Pq-Bu_LYPAePtvNjcLl9IJ3k-khlFmHOXfzVr1neXaU9pz9IVzNdr1ehkXCQLYqSGarph025zvb7_TGzITPZcpRFaTsBdFzu0d1nRVMZOBlk8ZmXFh9lrd0SEqTYgtNBZE6jQKhjzXRXJUj4RzSxHzotHb0DPZa4AMKcHiZ4gijh09F2GAyq_wChETKNKer7r08-3c-Yf79AaC20HIOgVEPmaP1baoSyYBzfIkdqfBXk77qQkhQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP3PHn_VMZfygOqK44_UPgquTkA3JntKxXNWdkfdwwI23ARABIABglYKAgLAHggEXY2EtcHViLTU0MzM4NTQwNDUxNjY1ODPIAQmpAkUoK1Rb7rE-qAMByAMCqgS7AU_Q1VjT5yCA7PKe2_X2tC6ifD0aOmYvTTlTtTqgGnqbwsnXM_NktMR2j-LBkOkPdeoq8gZCxkHIDzYLmTdzjagVQtRl-_S_D5kIheFxxz6eo7lubcs7s--Rplx31prkrLfRD5S5Dq1XAPSpLq3a3Hs8TzhYrmamR0G4X19cmETtOZLe-u0QWxNLqN6KpG7fVFUznqgNcEjJSWx4Yf4Vo7Iy9fHbZbvhN-lR4XRjQe-zvb3erCQwfTC605WABuf6uvXvuO79eqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2QVpLFxl4ye22SPnOweq-PJtOYTg%26client%3Dca-pub-5433854045166583%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5433854045166583&output=html&h=90&slotname=4885479069&adk=3521678509&adf=1588894327&pi=t.ma~as.4885479069&w=1200&fwrn=4&fwrnh=100&lmt=1699542431&rafmt=2&format=1200x90&url=https%3A%2F%2F2ip.ru%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699542431618&bpp=1&bdt=242&idt=229&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=1605828524370&frm=20&pv=1&ga_vid=1614540068.1699542432&ga_sid=1699542432&ga_hid=534780872&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=87&ady=1159&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079345%2C31079346%2C31079515%2C42531705%2C44807462%2C31078301%2C31079382%2C31079156%2C44806139%2C44808149&oid=2&pvsid=579671908671304&tmod=1582792885&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=231

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2e91711120c34e29a00024948123332a16bc90611601cd565ec1e0b3b5b3c04c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 15:07:11 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=dxCofSvs_wSCdya3QGxzHYGmZbIo-Y9XVW5gmKfAf3c3NvVFYMdyLRngdcrb7RRn85UMLMY_pBOOA_agmR79k6d_s52AFqlXpFNH5SGJQbUKCo6yg25v3BWaXUN961PKRqf72-ra5NO9QG0PVvj3KiHRbYVV-wR5zYJZh7Ko0kQtkIcI51G7I8jWRWg7sDOuN3ObyBug5uxcXwErtsjBDxwnzuaTz-XyaNQUlCsaduWZuVQnvHEXLEBtoi253tB1qZTlhg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 3066397
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 810E 3 KB
1 KB 102ms
27ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 10:02:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18280
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Nov 2023 10:02:32 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 810E 20 KB
9 KB 94ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 20:02:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68688
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8543
x-xss-protection: 0
server: cafe
etag: 18034338113832500900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 20:02:24 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 810E 190 KB
60 KB 43ms
38ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 15:07:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61127
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699274420466708"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Nov 2023 15:07:12 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/ Frame 4E3F 9 KB
4 KB 61ms
43ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2ip.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 19834
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 09:36:38 GMT
etag: 16674218716276178799
expires: Thu, 23 Nov 2023 09:36:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 810E 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 16b3614ffb0279ff2e6dbb0dd5de7f016ab9ea13914c786d1c7493172751b472

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 810E 0
23 B 82ms
81ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ch9-5n_VMZfygOqK44_UPgquTkA3JntKxXNWdkfdwwI23ARABIABglYKAgLAHggEXY2EtcHViLTU0MzM4NTQwNDUxNjY1ODPIAQmpAkUoK1Rb7rE-qAMByAMCqgS4AU_Q1VjT5yCA7PKe2_X2tC6ifD0aOmYvTTlTtTqgGnqbwsnXM_NktMR2j-LBkOkPdeoq8gZCxkHIDzYLmTdzjagVQtRl-_S_D5kIheFxxz6eo7lubcs7s--Rplx31prkrLfRD5S5Dq1XAPSpLq3a3Hs8TzhYrmamR0G4X19cmETtOZLe-u0QWxNLqN6KpG7fVFUz3Kos4shamVHesdnPL5LbUf_8bw3rGfHTVbxe5x0Mo5HGNO6kXdmABuf6uvXvuO79eqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01NDMzODU0MDQ1MTY2NTgzGAA&sigh=Fgc8KMdI_SM&uach_m=[UACH]&cid=CAQSTwDICaaNHXEi-WMiW_UZvyNa55ExgqW92WDKLXj2ZzcddXGMNXFT0yRxmm7t8Ww2nOjRTd_Rz_9NJEA-F5TYb5hJeQlD7qHBf7n90VOAzykYAQ&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5433854045166583&output=html&h=90&slotname=4885479069&adk=3521678509&adf=1588894327&pi=t.ma~as.4885479069&w=1200&fwrn=4&fwrnh=100&lmt=1699542431&rafmt=2&format=1200x90&url=https%3A%2F%2F2ip.ru%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699542431618&bpp=1&bdt=242&idt=229&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=1605828524370&frm=20&pv=1&ga_vid=1614540068.1699542432&ga_sid=1699542432&ga_hid=534780872&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=87&ady=1159&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079345%2C31079346%2C31079515%2C42531705%2C44807462%2C31078301%2C31079382%2C31079156%2C44806139%2C44808149&oid=2&pvsid=579671908671304&tmod=1582792885&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=231
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 09 Nov 2023 15:07:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 09 Nov 2023 15:07:12 GMT

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 810E 0
126 B 135ms
21ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kOzwB96BMNgFWp2DYgICAAAA1H_WWybpMtEQn_VMZcabUC5kW04gbMoAABIAAAoKQVFVQkR3RUJEdw&wp=ZUz1nwAOkHwIuNwiAATVghHJkNNEXO9nABMryg&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 15:07:12 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 176381
server: Kestrel
content-length: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame BE59 2 KB
1 KB 88ms
16ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUz1nwAOkHwIuNwiAATVghHJkNNEXO9nABMryg&u=%7CI07o04aWhjH5pGUn1oFLVNdSgPxe4JDOGzy%2BWkcv%2BvY%3D%7C&c1=glLBMxGOcDk-vbOOpZWuiwL9OpXS6gVV0_Ig_J1IpPwRDCJxJvxJzDfeVglSmwvD_fvf_kzuoKBljIUMj5jZ0pxzPqU4_vdStjaaskIH7jX-yP9qYg7M72sLVBH9FeixaeAuyBMZO1Ucf6PR2fA7sW1AZmQmBDkl6uBi565swRx9ZhlkFk0XlqQDi8776TkPp4cE_D2eDuQM9VKc0h5vVn6QaJUS6Bs7WIGU71e9M5BAnBH2H67w5bIXoCjqj-TWC9v35snau7cflvH0WLe41SrlNH-gj49h-kNUH_NdIinNZbY5YxLDFlTE-icpcaB2YPpW2rOtMx8gz4bNkJQPkQFQCLB0kPC7pduMnOWPSJgkxIGykZhhr7KC2KKvJ6PjVJ_Pq-Bu_LYPAePtvNjcLl9IJ3k-khlFmHOXfzVr1neXaU9pz9IVzNdr1ehkXCQLYqSGarph025zvb7_TGzITPZcpRFaTsBdFzu0d1nRVMZOBlk8ZmXFh9lrd0SEqTYgtNBZE6jQKhjzXRXJUj4RzSxHzotHb0DPZa4AMKcHiZ4gijh09F2GAyq_wChETKNKer7r08-3c-Yf79AaC20HIOgVEPmaP1baoSyYBzfIkdqfBXk77qQkhQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP3PHn_VMZfygOqK44_UPgquTkA3JntKxXNWdkfdwwI23ARABIABglYKAgLAHggEXY2EtcHViLTU0MzM4NTQwNDUxNjY1ODPIAQmpAkUoK1Rb7rE-qAMByAMCqgS7AU_Q1VjT5yCA7PKe2_X2tC6ifD0aOmYvTTlTtTqgGnqbwsnXM_NktMR2j-LBkOkPdeoq8gZCxkHIDzYLmTdzjagVQtRl-_S_D5kIheFxxz6eo7lubcs7s--Rplx31prkrLfRD5S5Dq1XAPSpLq3a3Hs8TzhYrmamR0G4X19cmETtOZLe-u0QWxNLqN6KpG7fVFUznqgNcEjJSWx4Yf4Vo7Iy9fHbZbvhN-lR4XRjQe-zvb3erCQwfTC605WABuf6uvXvuO79eqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2QVpLFxl4ye22SPnOweq-PJtOYTg%26client%3Dca-pub-5433854045166583%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 15:07:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 03 Nov 2024 15:07:12 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame BE59 2 KB
1 KB 88ms
16ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 15:07:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 03 Nov 2024 15:07:12 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame BE59 308 B
636 B 81ms
18ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 15:07:12 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 03 Nov 2024 15:07:12 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame BE59 293 B
621 B 80ms
17ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 15:07:12 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 03 Nov 2024 15:07:12 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame BE59 43 B
348 B 118ms
19ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=K_GFTUwUuUv1uJncv82Jnfhrz9E_XM4JgRz-nD5_9a69mklgw6dmqlu3ZzPKs5xzQcezaXBGajbfErMLRaMPcLMxjWIBECXr2wjkuTIGIomyH60PLkTHoEgBbSct41mVoYYfHABBTwQaO4ZZpdtu5lQZps5P6R0XV3alUt1VPWDG-eeDrBhjKfVEsaOnzrz1zQdG5dS6rfdKhjcF5fT7q2WN5fYu1UdDRuJQwzuaKFIYXnDFRq6694TUFNSQ8WF7RwIOzK0nciG9y67Un1GPwpeUS9yeDVC5K52SIgHDZYybBA63EAKBhOW1L2maSl2tMxmXio4R-HOUkJJ-zVwO7q7-ZxOpYfYFNRWZGOR4l-WmblbAX-QO-orfWA4_2U3IXVuXNLnuTfJNGfPZ4yh7MgiLggApnaBc4glRwUGe4QVKazis

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 15:07:12 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1835405
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6644 14 KB
2 KB 126ms
24ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5433854045166583&output=html&h=280&slotname=7508478564&adk=382923868&adf=3113743974&pi=t.ma~as.7508478564&w=1200&fwrn=4&fwrnh=100&lmt=1699542431&rafmt=1&format=1200x280&url=https%3A%2F%2F2ip.ru%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699542431617&bpp=1&bdt=241&idt=223&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1605828524370&frm=20&pv=1&ga_vid=1614540068.1699542432&ga_sid=1699542432&ga_hid=534780872&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=87&ady=110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079345%2C31079346%2C31079515%2C42531705%2C44807462%2C31078301%2C31079382%2C31079156%2C44806139%2C44808149&oid=2&pvsid=579671908671304&tmod=1582792885&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=227

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 Nov 2023 15:07:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 09 Nov 2023 14:08:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Nov 2023 15:07:12 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 6644 2 KB
875 B 21ms
19ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 20:02:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68688
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 20:02:24 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/ Frame 6644 23 KB
9 KB 52ms
3ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 00:22:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53074
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9286
x-xss-protection: 0
server: cafe
etag: 5170786266788330719
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Nov 2023 00:22:38 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 6644 3 KB
1 KB 64ms
16ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 10:02:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18280
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Nov 2023 10:02:32 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 6644 20 KB
8 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 20:02:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68688
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8543
x-xss-protection: 0
server: cafe
etag: 18034338113832500900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 20:02:24 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6644 190 KB
60 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 15:07:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61127
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699274420466708"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Nov 2023 15:07:12 GMT

GET
H2 200 81801f102bbf3ca11da2806ffde236a3.js Show response
www.gstatic.com/mysidia/ Frame 6644 37 KB
16 KB 112ms
16ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/81801f102bbf3ca11da2806ffde236a3.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec7e5b4f20e4e5f2bec7c116075036082f6bccc56c3522790c7040d4d9380f43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:36:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 207037
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15369
x-xss-protection: 0
last-modified: Tue, 07 Nov 2023 05:08:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 05 Feb 2024 05:36:35 GMT

GET
H2 200 banner Show response
ad2.adfarm1.adition.com/ Frame B6D0 5 KB
2 KB 115ms
18ms Document
text/html 217.79.188.21
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.adfarm1.adition.com/banner?sid=4285905&gdpr=1&&ts=1699542431&kid=6122634&bid=18731171&wpt=H&kw=[criteo_kid]129132&clickurl=https%3A%2F%2Fcat.nl3.eu.criteo.com%2Fdelivery%2Fck.php%3Fcppv%3D3%26cpp%3DrKQ2fkwUuUv1uJncv82Jnfhrz9E_XM4JgRz-nD5_9a69mklgw6dmqlu3ZzPKs5xzQcezaXBGajbfErMLRaMPcLMxjWIBECXr2wjkuTIGIomyH60PLkTHoEgBbSct41mVoYYfHABBTwQaO4ZZpdtu5lQZps4gb2vL5yigQpiKMLRVmrZMumGJakSlu3O4uP5W6blS2J7kQxfV6jH-2zW9FkZO_3gQWsI3BBQwW4YuSEXcidkNQIc6Wcd0pSxPI7ACw854sbu-Qz7PgNV_tAODipy1DDcBSKXNVRdWt6PEU63qYA1zyXfkeW6vKCpT7UE8ONyckWIWk884YQ2XXtkyYyE_v0bQ4cEDSM6r3IL1KbCUx5bGBpv0Hxp3czhmVsf-ss6GLeMJpHzLSswb_ZO18ej1Roih8c3b7-z4hLVLv5QW6no-%26maxdest%3D
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUz1nwAOkHwIuNwiAATVghHJkNNEXO9nABMryg&u=%7CI07o04aWhjH5pGUn1oFLVNdSgPxe4JDOGzy%2BWkcv%2BvY%3D%7C&c1=glLBMxGOcDk-vbOOpZWuiwL9OpXS6gVV0_Ig_J1IpPwRDCJxJvxJzDfeVglSmwvD_fvf_kzuoKBljIUMj5jZ0pxzPqU4_vdStjaaskIH7jX-yP9qYg7M72sLVBH9FeixaeAuyBMZO1Ucf6PR2fA7sW1AZmQmBDkl6uBi565swRx9ZhlkFk0XlqQDi8776TkPp4cE_D2eDuQM9VKc0h5vVn6QaJUS6Bs7WIGU71e9M5BAnBH2H67w5bIXoCjqj-TWC9v35snau7cflvH0WLe41SrlNH-gj49h-kNUH_NdIinNZbY5YxLDFlTE-icpcaB2YPpW2rOtMx8gz4bNkJQPkQFQCLB0kPC7pduMnOWPSJgkxIGykZhhr7KC2KKvJ6PjVJ_Pq-Bu_LYPAePtvNjcLl9IJ3k-khlFmHOXfzVr1neXaU9pz9IVzNdr1ehkXCQLYqSGarph025zvb7_TGzITPZcpRFaTsBdFzu0d1nRVMZOBlk8ZmXFh9lrd0SEqTYgtNBZE6jQKhjzXRXJUj4RzSxHzotHb0DPZa4AMKcHiZ4gijh09F2GAyq_wChETKNKer7r08-3c-Yf79AaC20HIOgVEPmaP1baoSyYBzfIkdqfBXk77qQkhQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP3PHn_VMZfygOqK44_UPgquTkA3JntKxXNWdkfdwwI23ARABIABglYKAgLAHggEXY2EtcHViLTU0MzM4NTQwNDUxNjY1ODPIAQmpAkUoK1Rb7rE-qAMByAMCqgS7AU_Q1VjT5yCA7PKe2_X2tC6ifD0aOmYvTTlTtTqgGnqbwsnXM_NktMR2j-LBkOkPdeoq8gZCxkHIDzYLmTdzjagVQtRl-_S_D5kIheFxxz6eo7lubcs7s--Rplx31prkrLfRD5S5Dq1XAPSpLq3a3Hs8TzhYrmamR0G4X19cmETtOZLe-u0QWxNLqN6KpG7fVFUznqgNcEjJSWx4Yf4Vo7Iy9fHbZbvhN-lR4XRjQe-zvb3erCQwfTC605WABuf6uvXvuO79eqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2QVpLFxl4ye22SPnOweq-PJtOYTg%26client%3Dca-pub-5433854045166583%26adurl%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.21 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: ad2.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: 6f291319dbf4b4b4fd0e653ff97b7baebd68b1f885992991f6b40121e57c5784

Request headers

Referer: https://ads.eu.criteo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-type: text/html
date: Thu, 09 Nov 2023 16:07:12 +0100
expires: Sat, 01 Jan 2000 00:00:00 GMT
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pragma: no-cache
server: ADITIONSERVER v1.0

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/4989826582257633222/ Frame 6644 34 KB
35 KB 58ms
17ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4989826582257633222/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23f7a79a4aacb2e98de00eb35baa03948e0c78c7b38124994b435d5029d2bc92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 08:52:23 GMT
x-content-type-options: nosniff
age: 22489
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35209
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 08:40:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 08 Nov 2024 08:52:23 GMT

GET
DATA 200
OK truncated
/ Frame 6644 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 6644 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 all
csm.eu.criteo.net/ Frame BE59 0
128 B 67ms
17ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=dxCofSvs_wSCdya3QGxzHYGmZbIo-Y9XVW5gmKfAf3c3NvVFYMdyLRngdcrb7RRn85UMLMY_pBOOA_agmR79k6d_s52AFqlXpFNH5SGJQbUKCo6yg25v3BWaXUN961PKRqf72-ra5NO9QG0PVvj3KiHRbYVV-wR5zYJZh7Ko0kQtkIcI51G7I8jWRWg7sDOuN3ObyBug5uxcXwErtsjBDxwnzuaTz-XyaNQUlCsaduWZuVQnvHEXLEBtoi253tB1qZTlhg&sds=2&rev=89278&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 09 Nov 2023 15:07:12 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame BE59 2 KB
1 KB 30ms
19ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 15:07:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 03 Nov 2024 15:07:12 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame BE59 2 KB
1 KB 27ms
17ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 15:07:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 03 Nov 2024 15:07:12 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 4E3F 4 KB
745 B 25ms
23ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 Nov 2023 15:07:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 09 Nov 2023 13:50:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Nov 2023 15:07:12 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4E3F 205 B
294 B 23ms
21ms Image
image/png 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 13:40:18 GMT
x-content-type-options: nosniff
age: 5214
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 08 Nov 2024 13:40:18 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4E3F 604 B
919 B 22ms
21ms Image
image/png 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 13:30:38 GMT
x-content-type-options: nosniff
age: 5794
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 08 Nov 2024 13:30:38 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/ Frame 4E3F 15 KB
7 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ccc4eb3e8c138e0ac4c09d09e765d3228f6fdf29b134613b5a2331c47b39aef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 22:17:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60564
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6703
x-xss-protection: 0
server: cafe
etag: 18125926408851158271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 22:17:48 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/ Frame 4E3F 21 KB
9 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bfd4745fee7e2635754df4ff32e620ff7356b538283d881968cf48255db8eebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 21:14:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64335
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8785
x-xss-protection: 0
server: cafe
etag: 17726888854999048520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 21:14:57 GMT

GET
DATA 200
OK truncated
/ Frame 6644 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e23ce7243cd04dfd12e041e4892bfb8efe76aebd3cddd487a138f4bace67a0b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 6644 33 KB
34 KB 123ms
28ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 09:09:18 GMT
x-content-type-options: nosniff
age: 194274
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Nov 2024 09:09:18 GMT

GET
H2 200 index.html Show response
imagesrv.adition.com/banners/268/01/1d/d0/a3/ Frame 0686 5 KB
1 KB 142ms
59ms Document
text/html 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/banners/268/01/1d/d0/a3/index.html?clicktag=https%3A%2F%2Fcat.nl3.eu.criteo.com%2Fdelivery%2Fck.php%3Fcppv%3D3%26cpp%3DrKQ2fkwUuUv1uJncv82Jnfhrz9E%5FXM4JgRz%2DnD5%5F9a69mklgw6dmqlu3ZzPKs5xzQcezaXBGajbfErMLRaMPcLMxjWIBECXr2wjkuTIGIomyH60PLkTHoEgBbSct41mVoYYfHABBTwQaO4ZZpdtu5lQZps4gb2vL5yigQpiKMLRVmrZMumGJakSlu3O4uP5W6blS2J7kQxfV6jH%2D2zW9FkZO%5F3gQWsI3BBQwW4YuSEXcidkNQIc6Wcd0pSxPI7ACw854sbu%2DQz7PgNV%5FtAODipy1DDcBSKXNVRdWt6PEU63qYA1zyXfkeW6vKCpT7UE8ONyckWIWk884YQ2XXtkyYyE%5Fv0bQ4cEDSM6r3IL1KbCUx5bGBpv0Hxp3czhmVsf%2Dss6GLeMJpHzLSswb%5FZO18ej1Roih8c3b7%2Dz4hLVLv5QW6no%2D%26maxdest%3Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7299479163623048405%2526gdpr%253D1%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7299479163622982869%2526sid%253D4285905%2526kid%253D6122634%2526bid%253D18731171%2526c%253D58236%2526keyword%253D%25255Bcriteo%25255Fkid%25255D129132%2526sr%253D0%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=1&gdpr_consent=&h5Params=%7B%7D
Requested by: Host: ad2.adfarm1.adition.com
URL: https://ad2.adfarm1.adition.com/banner?sid=4285905&gdpr=1&&ts=1699542431&kid=6122634&bid=18731171&wpt=H&kw=[criteo_kid]129132&clickurl=https%3A%2F%2Fcat.nl3.eu.criteo.com%2Fdelivery%2Fck.php%3Fcppv%3D3%26cpp%3DrKQ2fkwUuUv1uJncv82Jnfhrz9E_XM4JgRz-nD5_9a69mklgw6dmqlu3ZzPKs5xzQcezaXBGajbfErMLRaMPcLMxjWIBECXr2wjkuTIGIomyH60PLkTHoEgBbSct41mVoYYfHABBTwQaO4ZZpdtu5lQZps4gb2vL5yigQpiKMLRVmrZMumGJakSlu3O4uP5W6blS2J7kQxfV6jH-2zW9FkZO_3gQWsI3BBQwW4YuSEXcidkNQIc6Wcd0pSxPI7ACw854sbu-Qz7PgNV_tAODipy1DDcBSKXNVRdWt6PEU63qYA1zyXfkeW6vKCpT7UE8ONyckWIWk884YQ2XXtkyYyE_v0bQ4cEDSM6r3IL1KbCUx5bGBpv0Hxp3czhmVsf-ss6GLeMJpHzLSswb_ZO18ej1Roih8c3b7-z4hLVLv5QW6no-%26maxdest%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: fbcbe12abb1688a1fecca6b1ac123982f9efd030889f6d2d18d057f4fbb3a05e

Request headers

Referer: https://ad2.adfarm1.adition.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
content-encoding: br
content-length: 988
content-type: text/html
date: Thu, 09 Nov 2023 15:07:12 GMT
etag: "421426765-br"
last-modified: Tue, 07 Nov 2023 14:02:04 GMT
vary: Accept-Encoding

GET
H2 200 css
fonts.googleapis.com/ Frame 7093 14 KB
1 KB 36ms
36ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 Nov 2023 15:07:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 09 Nov 2023 13:37:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Nov 2023 15:07:12 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 7093 2 KB
822 B 32ms
32ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 20:02:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68688
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 20:02:24 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/ Frame 7093 23 KB
9 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 00:22:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53074
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9286
x-xss-protection: 0
server: cafe
etag: 5170786266788330719
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Nov 2023 00:22:38 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1E06 143 B
166 B 27ms
23ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1970
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 14:34:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 7093 3 KB
1 KB 28ms
23ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 10:02:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18280
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Nov 2023 10:02:32 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 7093 20 KB
8 KB 28ms
23ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 20:02:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68688
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8543
x-xss-protection: 0
server: cafe
etag: 18034338113832500900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 20:02:24 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7093 190 KB
60 KB 48ms
44ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 15:07:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61127
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699274420466708"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Nov 2023 15:07:12 GMT

GET
H2 200 81801f102bbf3ca11da2806ffde236a3.js Show response
www.gstatic.com/mysidia/ Frame 7093 37 KB
15 KB 44ms
17ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/81801f102bbf3ca11da2806ffde236a3.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec7e5b4f20e4e5f2bec7c116075036082f6bccc56c3522790c7040d4d9380f43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:36:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 207037
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15369
x-xss-protection: 0
last-modified: Tue, 07 Nov 2023 05:08:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 05 Feb 2024 05:36:35 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1E06
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

36ms
33ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 15:07:13 GMT
expires: Thu, 09 Nov 2023 15:07:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 15:07:12 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 6644
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CnsQ7n_VMZeiyNa-WwuIPl8-HuAqN0JGMdLqwuquNEmQQASD83ZwDYJWCgICwB6AB3Jrc-wHIAQmpAqpQfoDC87E-qAMByAPLBKoExQFP0LJuVpwkkZ9l27rKkEcgHQqdUZcfJ6e8aO4zulx...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222202725770950318144%22,%22debug_reporting%22:true,%22destination%22:%22https://checkcars24.de%22,%22event_report_window%22...

0
0

89ms
50ms

Fetch
text/css

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222202725770950318144%22,%22debug_reporting%22:true,%22destination%22:%22https://checkcars24.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22527895900%22],%224%22:[%2211-09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226305818221175796945%22}&andc=true

Requested by

Host: 2ip.ru
URL: https://2ip.ru/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 15:07:13 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"2202725770950318144","debug_reporting":true,"destination":"https://checkcars24.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["527895900"],"4":["11-09"],"6":["true"]},"priority":"500","source_event_id":"6305818221175796945"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 09 Nov 2023 15:07:13 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 09 Nov 2023 15:07:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"2202725770950318144","debug_reporting":true,"destination":"https://checkcars24.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["527895900"],"4":["11-09"],"6":["true"]},"priority":"500","source_event_id":"6305818221175796945"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 QFuvQnGphQ6GO9QABj_Aqe7B_rJiyTlA9JcZ7sKm_jE.js Show response
pagead2.googlesyndication.com/bg/ Frame 9771 50 KB
19 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QFuvQnGphQ6GO9QABj_Aqe7B_rJiyTlA9JcZ7sKm_jE.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

405baf4271a9850e863bd400063fc0a9eec1feb262c93940f49719eec2a6fe31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 19:23:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71025
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19777
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Nov 2024 19:23:27 GMT

GET
H2 200 AditionH5_ClickTags.js Show response
imagesrv.adition.com/js/ Frame 0686 753 B
424 B 37ms
34ms Script
application/javascript 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/AditionH5_ClickTags.js
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/1d/d0/a3/index.html?clicktag=https%3A%2F%2Fcat.nl3.eu.criteo.com%2Fdelivery%2Fck.php%3Fcppv%3D3%26cpp%3DrKQ2fkwUuUv1uJncv82Jnfhrz9E%5FXM4JgRz%2DnD5%5F9a69mklgw6dmqlu3ZzPKs5xzQcezaXBGajbfErMLRaMPcLMxjWIBECXr2wjkuTIGIomyH60PLkTHoEgBbSct41mVoYYfHABBTwQaO4ZZpdtu5lQZps4gb2vL5yigQpiKMLRVmrZMumGJakSlu3O4uP5W6blS2J7kQxfV6jH%2D2zW9FkZO%5F3gQWsI3BBQwW4YuSEXcidkNQIc6Wcd0pSxPI7ACw854sbu%2DQz7PgNV%5FtAODipy1DDcBSKXNVRdWt6PEU63qYA1zyXfkeW6vKCpT7UE8ONyckWIWk884YQ2XXtkyYyE%5Fv0bQ4cEDSM6r3IL1KbCUx5bGBpv0Hxp3czhmVsf%2Dss6GLeMJpHzLSswb%5FZO18ej1Roih8c3b7%2Dz4hLVLv5QW6no%2D%26maxdest%3Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7299479163623048405%2526gdpr%253D1%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7299479163622982869%2526sid%253D4285905%2526kid%253D6122634%2526bid%253D18731171%2526c%253D58236%2526keyword%253D%25255Bcriteo%25255Fkid%25255D129132%2526sr%253D0%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=1&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 5a0cecf509251de7b796c7c34ca1374bbb3fabe582e9e9394f1a1ebd9d421997

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/1d/d0/a3/index.html?clicktag=https%3A%2F%2Fcat.nl3.eu.criteo.com%2Fdelivery%2Fck.php%3Fcppv%3D3%26cpp%3DrKQ2fkwUuUv1uJncv82Jnfhrz9E%5FXM4JgRz%2DnD5%5F9a69mklgw6dmqlu3ZzPKs5xzQcezaXBGajbfErMLRaMPcLMxjWIBECXr2wjkuTIGIomyH60PLkTHoEgBbSct41mVoYYfHABBTwQaO4ZZpdtu5lQZps4gb2vL5yigQpiKMLRVmrZMumGJakSlu3O4uP5W6blS2J7kQxfV6jH%2D2zW9FkZO%5F3gQWsI3BBQwW4YuSEXcidkNQIc6Wcd0pSxPI7ACw854sbu%2DQz7PgNV%5FtAODipy1DDcBSKXNVRdWt6PEU63qYA1zyXfkeW6vKCpT7UE8ONyckWIWk884YQ2XXtkyYyE%5Fv0bQ4cEDSM6r3IL1KbCUx5bGBpv0Hxp3czhmVsf%2Dss6GLeMJpHzLSswb%5FZO18ej1Roih8c3b7%2Dz4hLVLv5QW6no%2D%26maxdest%3Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7299479163623048405%2526gdpr%253D1%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7299479163622982869%2526sid%253D4285905%2526kid%253D6122634%2526bid%253D18731171%2526c%253D58236%2526keyword%253D%25255Bcriteo%25255Fkid%25255D129132%2526sr%253D0%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=1&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 15:07:12 GMT
content-encoding: br
last-modified: Thu, 20 Aug 2020 14:03:40 GMT
etag: "1134380014-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 330

GET
H2 200 stylesheet.min.css
imagesrv.adition.com/banners/268/01/1d/d0/a3/css/ Frame 0686 7 KB
2 KB 36ms
33ms Stylesheet
text/css 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/banners/268/01/1d/d0/a3/css/stylesheet.min.css
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/1d/d0/a3/index.html?clicktag=https%3A%2F%2Fcat.nl3.eu.criteo.com%2Fdelivery%2Fck.php%3Fcppv%3D3%26cpp%3DrKQ2fkwUuUv1uJncv82Jnfhrz9E%5FXM4JgRz%2DnD5%5F9a69mklgw6dmqlu3ZzPKs5xzQcezaXBGajbfErMLRaMPcLMxjWIBECXr2wjkuTIGIomyH60PLkTHoEgBbSct41mVoYYfHABBTwQaO4ZZpdtu5lQZps4gb2vL5yigQpiKMLRVmrZMumGJakSlu3O4uP5W6blS2J7kQxfV6jH%2D2zW9FkZO%5F3gQWsI3BBQwW4YuSEXcidkNQIc6Wcd0pSxPI7ACw854sbu%2DQz7PgNV%5FtAODipy1DDcBSKXNVRdWt6PEU63qYA1zyXfkeW6vKCpT7UE8ONyckWIWk884YQ2XXtkyYyE%5Fv0bQ4cEDSM6r3IL1KbCUx5bGBpv0Hxp3czhmVsf%2Dss6GLeMJpHzLSswb%5FZO18ej1Roih8c3b7%2Dz4hLVLv5QW6no%2D%26maxdest%3Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7299479163623048405%2526gdpr%253D1%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7299479163622982869%2526sid%253D4285905%2526kid%253D6122634%2526bid%253D18731171%2526c%253D58236%2526keyword%253D%25255Bcriteo%25255Fkid%25255D129132%2526sr%253D0%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=1&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 9bad5a01bfb2d70482b687f738b8d55d6f061d8b707ad28f1cb24b40e09f59e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/1d/d0/a3/index.html?clicktag=https%3A%2F%2Fcat.nl3.eu.criteo.com%2Fdelivery%2Fck.php%3Fcppv%3D3%26cpp%3DrKQ2fkwUuUv1uJncv82Jnfhrz9E%5FXM4JgRz%2DnD5%5F9a69mklgw6dmqlu3ZzPKs5xzQcezaXBGajbfErMLRaMPcLMxjWIBECXr2wjkuTIGIomyH60PLkTHoEgBbSct41mVoYYfHABBTwQaO4ZZpdtu5lQZps4gb2vL5yigQpiKMLRVmrZMumGJakSlu3O4uP5W6blS2J7kQxfV6jH%2D2zW9FkZO%5F3gQWsI3BBQwW4YuSEXcidkNQIc6Wcd0pSxPI7ACw854sbu%2DQz7PgNV%5FtAODipy1DDcBSKXNVRdWt6PEU63qYA1zyXfkeW6vKCpT7UE8ONyckWIWk884YQ2XXtkyYyE%5Fv0bQ4cEDSM6r3IL1KbCUx5bGBpv0Hxp3czhmVsf%2Dss6GLeMJpHzLSswb%5FZO18ej1Roih8c3b7%2Dz4hLVLv5QW6no%2D%26maxdest%3Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7299479163623048405%2526gdpr%253D1%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7299479163622982869%2526sid%253D4285905%2526kid%253D6122634%2526bid%253D18731171%2526c%253D58236%2526keyword%253D%25255Bcriteo%25255Fkid%25255D129132%2526sr%253D0%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=1&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 15:07:12 GMT
content-encoding: br
last-modified: Mon, 09 Oct 2023 07:47:31 GMT
etag: "2335076925-br"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1598

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.6.1/ Frame 0686 61 KB
22 KB 55ms
15ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.6.1/gsap.min.js

Requested by

Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/1d/d0/a3/index.html?clicktag=https%3A%2F%2Fcat.nl3.eu.criteo.com%2Fdelivery%2Fck.php%3Fcppv%3D3%26cpp%3DrKQ2fkwUuUv1uJncv82Jnfhrz9E%5FXM4JgRz%2DnD5%5F9a69mklgw6dmqlu3ZzPKs5xzQcezaXBGajbfErMLRaMPcLMxjWIBECXr2wjkuTIGIomyH60PLkTHoEgBbSct41mVoYYfHABBTwQaO4ZZpdtu5lQZps4gb2vL5yigQpiKMLRVmrZMumGJakSlu3O4uP5W6blS2J7kQxfV6jH%2D2zW9FkZO%5F3gQWsI3BBQwW4YuSEXcidkNQIc6Wcd0pSxPI7ACw854sbu%2DQz7PgNV%5FtAODipy1DDcBSKXNVRdWt6PEU63qYA1zyXfkeW6vKCpT7UE8ONyckWIWk884YQ2XXtkyYyE%5Fv0bQ4cEDSM6r3IL1KbCUx5bGBpv0Hxp3czhmVsf%2Dss6GLeMJpHzLSswb%5FZO18ej1Roih8c3b7%2Dz4hLVLv5QW6no%2D%26maxdest%3Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7299479163623048405%2526gdpr%253D1%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7299479163622982869%2526sid%253D4285905%2526kid%253D6122634%2526bid%253D18731171%2526c%253D58236%2526keyword%253D%25255Bcriteo%25255Fkid%25255D129132%2526sr%253D0%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=1&gdpr_consent=&h5Params=%7B%7D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dce03f3336254bd93ae523da00dc35de7a9851eb33fb6fbe20d94d4d32612a2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagesrv.adition.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 15:07:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 683138
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 22334
last-modified: Thu, 25 Mar 2021 07:56:19 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "605c4223-f455"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sWFnJbFal1pAHz0JphFTMASgC%2FbQkfLs2BzdBUmF47Q6LT4NtTGtcnOCt5gS5jUNwC28vDc8PjEMLGuo9I%2BA%2FRqJSu%2BHSNrfMMk0v7ChydrjeneCDbCDOV3n2yLvsiqGqnBEv%2BJUBA2K2%2FjnmiQzoZqZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8236f6ce3ff79064-FRA
expires: Tue, 29 Oct 2024 15:07:12 GMT

GET
H2 200 bg_1.jpg
imagesrv.adition.com/banners/268/01/1d/d0/a3/img/ Frame 0686 23 KB
23 KB 48ms
46ms Image
image/jpeg 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/268/01/1d/d0/a3/img/bg_1.jpg
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/1d/d0/a3/index.html?clicktag=https%3A%2F%2Fcat.nl3.eu.criteo.com%2Fdelivery%2Fck.php%3Fcppv%3D3%26cpp%3DrKQ2fkwUuUv1uJncv82Jnfhrz9E%5FXM4JgRz%2DnD5%5F9a69mklgw6dmqlu3ZzPKs5xzQcezaXBGajbfErMLRaMPcLMxjWIBECXr2wjkuTIGIomyH60PLkTHoEgBbSct41mVoYYfHABBTwQaO4ZZpdtu5lQZps4gb2vL5yigQpiKMLRVmrZMumGJakSlu3O4uP5W6blS2J7kQxfV6jH%2D2zW9FkZO%5F3gQWsI3BBQwW4YuSEXcidkNQIc6Wcd0pSxPI7ACw854sbu%2DQz7PgNV%5FtAODipy1DDcBSKXNVRdWt6PEU63qYA1zyXfkeW6vKCpT7UE8ONyckWIWk884YQ2XXtkyYyE%5Fv0bQ4cEDSM6r3IL1KbCUx5bGBpv0Hxp3czhmVsf%2Dss6GLeMJpHzLSswb%5FZO18ej1Roih8c3b7%2Dz4hLVLv5QW6no%2D%26maxdest%3Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7299479163623048405%2526gdpr%253D1%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7299479163622982869%2526sid%253D4285905%2526kid%253D6122634%2526bid%253D18731171%2526c%253D58236%2526keyword%253D%25255Bcriteo%25255Fkid%25255D129132%2526sr%253D0%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=1&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: f76e97627c4cfb8f8c39e04a13d9f330bd6296b685c4d7d1ca9930b38c8247ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/1d/d0/a3/index.html?clicktag=https%3A%2F%2Fcat.nl3.eu.criteo.com%2Fdelivery%2Fck.php%3Fcppv%3D3%26cpp%3DrKQ2fkwUuUv1uJncv82Jnfhrz9E%5FXM4JgRz%2DnD5%5F9a69mklgw6dmqlu3ZzPKs5xzQcezaXBGajbfErMLRaMPcLMxjWIBECXr2wjkuTIGIomyH60PLkTHoEgBbSct41mVoYYfHABBTwQaO4ZZpdtu5lQZps4gb2vL5yigQpiKMLRVmrZMumGJakSlu3O4uP5W6blS2J7kQxfV6jH%2D2zW9FkZO%5F3gQWsI3BBQwW4YuSEXcidkNQIc6Wcd0pSxPI7ACw854sbu%2DQz7PgNV%5FtAODipy1DDcBSKXNVRdWt6PEU63qYA1zyXfkeW6vKCpT7UE8ONyckWIWk884YQ2XXtkyYyE%5Fv0bQ4cEDSM6r3IL1KbCUx5bGBpv0Hxp3czhmVsf%2Dss6GLeMJpHzLSswb%5FZO18ej1Roih8c3b7%2Dz4hLVLv5QW6no%2D%26maxdest%3Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7299479163623048405%2526gdpr%253D1%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7299479163622982869%2526sid%253D4285905%2526kid%253D6122634%2526bid%253D18731171%2526c%253D58236%2526keyword%253D%25255Bcriteo%25255Fkid%25255D129132%2526sr%253D0%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=1&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 09 Nov 2023 15:07:12 GMT
last-modified: Mon, 09 Oct 2023 07:47:31 GMT
accept-ranges: bytes
etag: "1595929077"
content-length: 23855
content-type: image/jpeg

GET
H2 200 m_1.png
imagesrv.adition.com/banners/268/01/1d/d0/a3/img/ Frame 0686 20 KB
20 KB 50ms
48ms Image
image/png 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/268/01/1d/d0/a3/img/m_1.png
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/1d/d0/a3/index.html?clicktag=https%3A%2F%2Fcat.nl3.eu.criteo.com%2Fdelivery%2Fck.php%3Fcppv%3D3%26cpp%3DrKQ2fkwUuUv1uJncv82Jnfhrz9E%5FXM4JgRz%2DnD5%5F9a69mklgw6dmqlu3ZzPKs5xzQcezaXBGajbfErMLRaMPcLMxjWIBECXr2wjkuTIGIomyH60PLkTHoEgBbSct41mVoYYfHABBTwQaO4ZZpdtu5lQZps4gb2vL5yigQpiKMLRVmrZMumGJakSlu3O4uP5W6blS2J7kQxfV6jH%2D2zW9FkZO%5F3gQWsI3BBQwW4YuSEXcidkNQIc6Wcd0pSxPI7ACw854sbu%2DQz7PgNV%5FtAODipy1DDcBSKXNVRdWt6PEU63qYA1zyXfkeW6vKCpT7UE8ONyckWIWk884YQ2XXtkyYyE%5Fv0bQ4cEDSM6r3IL1KbCUx5bGBpv0Hxp3czhmVsf%2Dss6GLeMJpHzLSswb%5FZO18ej1Roih8c3b7%2Dz4hLVLv5QW6no%2D%26maxdest%3Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7299479163623048405%2526gdpr%253D1%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7299479163622982869%2526sid%253D4285905%2526kid%253D6122634%2526bid%253D18731171%2526c%253D58236%2526keyword%253D%25255Bcriteo%25255Fkid%25255D129132%2526sr%253D0%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=1&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 038b3bd47ada8018a197458af3e9c3f8a7322465a6dc92fc24da2c082ff31a9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/1d/d0/a3/index.html?clicktag=https%3A%2F%2Fcat.nl3.eu.criteo.com%2Fdelivery%2Fck.php%3Fcppv%3D3%26cpp%3DrKQ2fkwUuUv1uJncv82Jnfhrz9E%5FXM4JgRz%2DnD5%5F9a69mklgw6dmqlu3ZzPKs5xzQcezaXBGajbfErMLRaMPcLMxjWIBECXr2wjkuTIGIomyH60PLkTHoEgBbSct41mVoYYfHABBTwQaO4ZZpdtu5lQZps4gb2vL5yigQpiKMLRVmrZMumGJakSlu3O4uP5W6blS2J7kQxfV6jH%2D2zW9FkZO%5F3gQWsI3BBQwW4YuSEXcidkNQIc6Wcd0pSxPI7ACw854sbu%2DQz7PgNV%5FtAODipy1DDcBSKXNVRdWt6PEU63qYA1zyXfkeW6vKCpT7UE8ONyckWIWk884YQ2XXtkyYyE%5Fv0bQ4cEDSM6r3IL1KbCUx5bGBpv0Hxp3czhmVsf%2Dss6GLeMJpHzLSswb%5FZO18ej1Roih8c3b7%2Dz4hLVLv5QW6no%2D%26maxdest%3Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7299479163623048405%2526gdpr%253D1%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7299479163622982869%2526sid%253D4285905%2526kid%253D6122634%2526bid%253D18731171%2526c%253D58236%2526keyword%253D%25255Bcriteo%25255Fkid%25255D129132%2526sr%253D0%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=1&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 09 Nov 2023 15:07:12 GMT
last-modified: Mon, 09 Oct 2023 07:47:31 GMT
accept-ranges: bytes
etag: "2010854501"
content-length: 20207
content-type: image/png

GET
H2 200 txt_1_1.png
imagesrv.adition.com/banners/268/01/1d/d0/a3/img/ Frame 0686 1 KB
1 KB 28ms
14ms Image
image/png 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/268/01/1d/d0/a3/img/txt_1_1.png
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/1d/d0/a3/index.html?clicktag=https%3A%2F%2Fcat.nl3.eu.criteo.com%2Fdelivery%2Fck.php%3Fcppv%3D3%26cpp%3DrKQ2fkwUuUv1uJncv82Jnfhrz9E%5FXM4JgRz%2DnD5%5F9a69mklgw6dmqlu3ZzPKs5xzQcezaXBGajbfErMLRaMPcLMxjWIBECXr2wjkuTIGIomyH60PLkTHoEgBbSct41mVoYYfHABBTwQaO4ZZpdtu5lQZps4gb2vL5yigQpiKMLRVmrZMumGJakSlu3O4uP5W6blS2J7kQxfV6jH%2D2zW9FkZO%5F3gQWsI3BBQwW4YuSEXcidkNQIc6Wcd0pSxPI7ACw854sbu%2DQz7PgNV%5FtAODipy1DDcBSKXNVRdWt6PEU63qYA1zyXfkeW6vKCpT7UE8ONyckWIWk884YQ2XXtkyYyE%5Fv0bQ4cEDSM6r3IL1KbCUx5bGBpv0Hxp3czhmVsf%2Dss6GLeMJpHzLSswb%5FZO18ej1Roih8c3b7%2Dz4hLVLv5QW6no%2D%26maxdest%3Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7299479163623048405%2526gdpr%253D1%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7299479163622982869%2526sid%253D4285905%2526kid%253D6122634%2526bid%253D18731171%2526c%253D58236%2526keyword%253D%25255Bcriteo%25255Fkid%25255D129132%2526sr%253D0%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=1&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: d4839c4818f313a14f736892ebd4c42136e6c32ccbf59696d6fb4340d49df8af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/1d/d0/a3/index.html?clicktag=https%3A%2F%2Fcat.nl3.eu.criteo.com%2Fdelivery%2Fck.php%3Fcppv%3D3%26cpp%3DrKQ2fkwUuUv1uJncv82Jnfhrz9E%5FXM4JgRz%2DnD5%5F9a69mklgw6dmqlu3ZzPKs5xzQcezaXBGajbfErMLRaMPcLMxjWIBECXr2wjkuTIGIomyH60PLkTHoEgBbSct41mVoYYfHABBTwQaO4ZZpdtu5lQZps4gb2vL5yigQpiKMLRVmrZMumGJakSlu3O4uP5W6blS2J7kQxfV6jH%2D2zW9FkZO%5F3gQWsI3BBQwW4YuSEXcidkNQIc6Wcd0pSxPI7ACw854sbu%2DQz7PgNV%5FtAODipy1DDcBSKXNVRdWt6PEU63qYA1zyXfkeW6vKCpT7UE8ONyckWIWk884YQ2XXtkyYyE%5Fv0bQ4cEDSM6r3IL1KbCUx5bGBpv0Hxp3czhmVsf%2Dss6GLeMJpHzLSswb%5FZO18ej1Roih8c3b7%2Dz4hLVLv5QW6no%2D%26maxdest%3Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7299479163623048405%2526gdpr%253D1%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7299479163622982869%2526sid%253D4285905%2526kid%253D6122634%2526bid%253D18731171%2526c%253D58236%2526keyword%253D%25255Bcriteo%25255Fkid%25255D129132%2526sr%253D0%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=1&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 09 Nov 2023 15:07:13 GMT
last-modified: Mon, 06 Nov 2023 11:00:09 GMT
accept-ranges: bytes
etag: "2911419533"
content-length: 1315
content-type: image/png

GET
H2 200 txt_1_2.png
imagesrv.adition.com/banners/268/01/1d/d0/a3/img/ Frame 0686 3 KB
3 KB 28ms
15ms Image
image/png 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/268/01/1d/d0/a3/img/txt_1_2.png
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/1d/d0/a3/index.html?clicktag=https%3A%2F%2Fcat.nl3.eu.criteo.com%2Fdelivery%2Fck.php%3Fcppv%3D3%26cpp%3DrKQ2fkwUuUv1uJncv82Jnfhrz9E%5FXM4JgRz%2DnD5%5F9a69mklgw6dmqlu3ZzPKs5xzQcezaXBGajbfErMLRaMPcLMxjWIBECXr2wjkuTIGIomyH60PLkTHoEgBbSct41mVoYYfHABBTwQaO4ZZpdtu5lQZps4gb2vL5yigQpiKMLRVmrZMumGJakSlu3O4uP5W6blS2J7kQxfV6jH%2D2zW9FkZO%5F3gQWsI3BBQwW4YuSEXcidkNQIc6Wcd0pSxPI7ACw854sbu%2DQz7PgNV%5FtAODipy1DDcBSKXNVRdWt6PEU63qYA1zyXfkeW6vKCpT7UE8ONyckWIWk884YQ2XXtkyYyE%5Fv0bQ4cEDSM6r3IL1KbCUx5bGBpv0Hxp3czhmVsf%2Dss6GLeMJpHzLSswb%5FZO18ej1Roih8c3b7%2Dz4hLVLv5QW6no%2D%26maxdest%3Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7299479163623048405%2526gdpr%253D1%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7299479163622982869%2526sid%253D4285905%2526kid%253D6122634%2526bid%253D18731171%2526c%253D58236%2526keyword%253D%25255Bcriteo%25255Fkid%25255D129132%2526sr%253D0%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=1&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 4424d71cc3e975558378cccb14c7812bd5eac822e145edabac4ecdd99023b668

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/1d/d0/a3/index.html?clicktag=https%3A%2F%2Fcat.nl3.eu.criteo.com%2Fdelivery%2Fck.php%3Fcppv%3D3%26cpp%3DrKQ2fkwUuUv1uJncv82Jnfhrz9E%5FXM4JgRz%2DnD5%5F9a69mklgw6dmqlu3ZzPKs5xzQcezaXBGajbfErMLRaMPcLMxjWIBECXr2wjkuTIGIomyH60PLkTHoEgBbSct41mVoYYfHABBTwQaO4ZZpdtu5lQZps4gb2vL5yigQpiKMLRVmrZMumGJakSlu3O4uP5W6blS2J7kQxfV6jH%2D2zW9FkZO%5F3gQWsI3BBQwW4YuSEXcidkNQIc6Wcd0pSxPI7ACw854sbu%2DQz7PgNV%5FtAODipy1DDcBSKXNVRdWt6PEU63qYA1zyXfkeW6vKCpT7UE8ONyckWIWk884YQ2XXtkyYyE%5Fv0bQ4cEDSM6r3IL1KbCUx5bGBpv0Hxp3czhmVsf%2Dss6GLeMJpHzLSswb%5FZO18ej1Roih8c3b7%2Dz4hLVLv5QW6no%2D%26maxdest%3Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7299479163623048405%2526gdpr%253D1%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7299479163622982869%2526sid%253D4285905%2526kid%253D6122634%2526bid%253D18731171%2526c%253D58236%2526keyword%253D%25255Bcriteo%25255Fkid%25255D129132%2526sr%253D0%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=1&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 09 Nov 2023 15:07:13 GMT
last-modified: Mon, 06 Nov 2023 11:00:09 GMT
accept-ranges: bytes
etag: "1699429247"
content-length: 3071
content-type: image/png

GET
H2 200 txt_1_3.png
imagesrv.adition.com/banners/268/01/1d/d0/a3/img/ Frame 0686 4 KB
4 KB 31ms
29ms Image
image/png 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/268/01/1d/d0/a3/img/txt_1_3.png
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/1d/d0/a3/index.html?clicktag=https%3A%2F%2Fcat.nl3.eu.criteo.com%2Fdelivery%2Fck.php%3Fcppv%3D3%26cpp%3DrKQ2fkwUuUv1uJncv82Jnfhrz9E%5FXM4JgRz%2DnD5%5F9a69mklgw6dmqlu3ZzPKs5xzQcezaXBGajbfErMLRaMPcLMxjWIBECXr2wjkuTIGIomyH60PLkTHoEgBbSct41mVoYYfHABBTwQaO4ZZpdtu5lQZps4gb2vL5yigQpiKMLRVmrZMumGJakSlu3O4uP5W6blS2J7kQxfV6jH%2D2zW9FkZO%5F3gQWsI3BBQwW4YuSEXcidkNQIc6Wcd0pSxPI7ACw854sbu%2DQz7PgNV%5FtAODipy1DDcBSKXNVRdWt6PEU63qYA1zyXfkeW6vKCpT7UE8ONyckWIWk884YQ2XXtkyYyE%5Fv0bQ4cEDSM6r3IL1KbCUx5bGBpv0Hxp3czhmVsf%2Dss6GLeMJpHzLSswb%5FZO18ej1Roih8c3b7%2Dz4hLVLv5QW6no%2D%26maxdest%3Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7299479163623048405%2526gdpr%253D1%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7299479163622982869%2526sid%253D4285905%2526kid%253D6122634%2526bid%253D18731171%2526c%253D58236%2526keyword%253D%25255Bcriteo%25255Fkid%25255D129132%2526sr%253D0%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=1&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 6c30d75ad4b8993cc23e8e9ecee5656e05f99316aafd8ff6ea0cc62c192c25f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/1d/d0/a3/index.html?clicktag=https%3A%2F%2Fcat.nl3.eu.criteo.com%2Fdelivery%2Fck.php%3Fcppv%3D3%26cpp%3DrKQ2fkwUuUv1uJncv82Jnfhrz9E%5FXM4JgRz%2DnD5%5F9a69mklgw6dmqlu3ZzPKs5xzQcezaXBGajbfErMLRaMPcLMxjWIBECXr2wjkuTIGIomyH60PLkTHoEgBbSct41mVoYYfHABBTwQaO4ZZpdtu5lQZps4gb2vL5yigQpiKMLRVmrZMumGJakSlu3O4uP5W6blS2J7kQxfV6jH%2D2zW9FkZO%5F3gQWsI3BBQwW4YuSEXcidkNQIc6Wcd0pSxPI7ACw854sbu%2DQz7PgNV%5FtAODipy1DDcBSKXNVRdWt6PEU63qYA1zyXfkeW6vKCpT7UE8ONyckWIWk884YQ2XXtkyYyE%5Fv0bQ4cEDSM6r3IL1KbCUx5bGBpv0Hxp3czhmVsf%2Dss6GLeMJpHzLSswb%5FZO18ej1Roih8c3b7%2Dz4hLVLv5QW6no%2D%26maxdest%3Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7299479163623048405%2526gdpr%253D1%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7299479163622982869%2526sid%253D4285905%2526kid%253D6122634%2526bid%253D18731171%2526c%253D58236%2526keyword%253D%25255Bcriteo%25255Fkid%25255D129132%2526sr%253D0%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=1&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 09 Nov 2023 15:07:13 GMT
last-modified: Mon, 06 Nov 2023 11:00:09 GMT
accept-ranges: bytes
etag: "256769394"
content-length: 4157
content-type: image/png

GET
H2 200 txt_2_1.png
imagesrv.adition.com/banners/268/01/1d/d0/a3/img/ Frame 0686 2 KB
2 KB 39ms
14ms Image
image/png 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/268/01/1d/d0/a3/img/txt_2_1.png
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/1d/d0/a3/index.html?clicktag=https%3A%2F%2Fcat.nl3.eu.criteo.com%2Fdelivery%2Fck.php%3Fcppv%3D3%26cpp%3DrKQ2fkwUuUv1uJncv82Jnfhrz9E%5FXM4JgRz%2DnD5%5F9a69mklgw6dmqlu3ZzPKs5xzQcezaXBGajbfErMLRaMPcLMxjWIBECXr2wjkuTIGIomyH60PLkTHoEgBbSct41mVoYYfHABBTwQaO4ZZpdtu5lQZps4gb2vL5yigQpiKMLRVmrZMumGJakSlu3O4uP5W6blS2J7kQxfV6jH%2D2zW9FkZO%5F3gQWsI3BBQwW4YuSEXcidkNQIc6Wcd0pSxPI7ACw854sbu%2DQz7PgNV%5FtAODipy1DDcBSKXNVRdWt6PEU63qYA1zyXfkeW6vKCpT7UE8ONyckWIWk884YQ2XXtkyYyE%5Fv0bQ4cEDSM6r3IL1KbCUx5bGBpv0Hxp3czhmVsf%2Dss6GLeMJpHzLSswb%5FZO18ej1Roih8c3b7%2Dz4hLVLv5QW6no%2D%26maxdest%3Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7299479163623048405%2526gdpr%253D1%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7299479163622982869%2526sid%253D4285905%2526kid%253D6122634%2526bid%253D18731171%2526c%253D58236%2526keyword%253D%25255Bcriteo%25255Fkid%25255D129132%2526sr%253D0%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=1&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 20136402934c397d63c03912510d1d6bf4041295237cc9553dfe048113b38f88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/1d/d0/a3/index.html?clicktag=https%3A%2F%2Fcat.nl3.eu.criteo.com%2Fdelivery%2Fck.php%3Fcppv%3D3%26cpp%3DrKQ2fkwUuUv1uJncv82Jnfhrz9E%5FXM4JgRz%2DnD5%5F9a69mklgw6dmqlu3ZzPKs5xzQcezaXBGajbfErMLRaMPcLMxjWIBECXr2wjkuTIGIomyH60PLkTHoEgBbSct41mVoYYfHABBTwQaO4ZZpdtu5lQZps4gb2vL5yigQpiKMLRVmrZMumGJakSlu3O4uP5W6blS2J7kQxfV6jH%2D2zW9FkZO%5F3gQWsI3BBQwW4YuSEXcidkNQIc6Wcd0pSxPI7ACw854sbu%2DQz7PgNV%5FtAODipy1DDcBSKXNVRdWt6PEU63qYA1zyXfkeW6vKCpT7UE8ONyckWIWk884YQ2XXtkyYyE%5Fv0bQ4cEDSM6r3IL1KbCUx5bGBpv0Hxp3czhmVsf%2Dss6GLeMJpHzLSswb%5FZO18ej1Roih8c3b7%2Dz4hLVLv5QW6no%2D%26maxdest%3Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7299479163623048405%2526gdpr%253D1%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7299479163622982869%2526sid%253D4285905%2526kid%253D6122634%2526bid%253D18731171%2526c%253D58236%2526keyword%253D%25255Bcriteo%25255Fkid%25255D129132%2526sr%253D0%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=1&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 09 Nov 2023 15:07:13 GMT
last-modified: Mon, 06 Nov 2023 10:38:42 GMT
accept-ranges: bytes
etag: "3371427633"
content-length: 2442
content-type: image/png

GET
H2 200 txt_2_2.png
imagesrv.adition.com/banners/268/01/1d/d0/a3/img/ Frame 0686 2 KB
2 KB 40ms
15ms Image
image/png 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/268/01/1d/d0/a3/img/txt_2_2.png
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/1d/d0/a3/index.html?clicktag=https%3A%2F%2Fcat.nl3.eu.criteo.com%2Fdelivery%2Fck.php%3Fcppv%3D3%26cpp%3DrKQ2fkwUuUv1uJncv82Jnfhrz9E%5FXM4JgRz%2DnD5%5F9a69mklgw6dmqlu3ZzPKs5xzQcezaXBGajbfErMLRaMPcLMxjWIBECXr2wjkuTIGIomyH60PLkTHoEgBbSct41mVoYYfHABBTwQaO4ZZpdtu5lQZps4gb2vL5yigQpiKMLRVmrZMumGJakSlu3O4uP5W6blS2J7kQxfV6jH%2D2zW9FkZO%5F3gQWsI3BBQwW4YuSEXcidkNQIc6Wcd0pSxPI7ACw854sbu%2DQz7PgNV%5FtAODipy1DDcBSKXNVRdWt6PEU63qYA1zyXfkeW6vKCpT7UE8ONyckWIWk884YQ2XXtkyYyE%5Fv0bQ4cEDSM6r3IL1KbCUx5bGBpv0Hxp3czhmVsf%2Dss6GLeMJpHzLSswb%5FZO18ej1Roih8c3b7%2Dz4hLVLv5QW6no%2D%26maxdest%3Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7299479163623048405%2526gdpr%253D1%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7299479163622982869%2526sid%253D4285905%2526kid%253D6122634%2526bid%253D18731171%2526c%253D58236%2526keyword%253D%25255Bcriteo%25255Fkid%25255D129132%2526sr%253D0%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=1&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 7fbfdfb7ee059e312d88ac9b2b33d52ab3de0d4441f764a97421ee41684154b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/1d/d0/a3/index.html?clicktag=https%3A%2F%2Fcat.nl3.eu.criteo.com%2Fdelivery%2Fck.php%3Fcppv%3D3%26cpp%3DrKQ2fkwUuUv1uJncv82Jnfhrz9E%5FXM4JgRz%2DnD5%5F9a69mklgw6dmqlu3ZzPKs5xzQcezaXBGajbfErMLRaMPcLMxjWIBECXr2wjkuTIGIomyH60PLkTHoEgBbSct41mVoYYfHABBTwQaO4ZZpdtu5lQZps4gb2vL5yigQpiKMLRVmrZMumGJakSlu3O4uP5W6blS2J7kQxfV6jH%2D2zW9FkZO%5F3gQWsI3BBQwW4YuSEXcidkNQIc6Wcd0pSxPI7ACw854sbu%2DQz7PgNV%5FtAODipy1DDcBSKXNVRdWt6PEU63qYA1zyXfkeW6vKCpT7UE8ONyckWIWk884YQ2XXtkyYyE%5Fv0bQ4cEDSM6r3IL1KbCUx5bGBpv0Hxp3czhmVsf%2Dss6GLeMJpHzLSswb%5FZO18ej1Roih8c3b7%2Dz4hLVLv5QW6no%2D%26maxdest%3Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7299479163623048405%2526gdpr%253D1%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7299479163622982869%2526sid%253D4285905%2526kid%253D6122634%2526bid%253D18731171%2526c%253D58236%2526keyword%253D%25255Bcriteo%25255Fkid%25255D129132%2526sr%253D0%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=1&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 09 Nov 2023 15:07:13 GMT
last-modified: Mon, 06 Nov 2023 10:38:42 GMT
accept-ranges: bytes
etag: "2118672681"
content-length: 1821
content-type: image/png

GET
H2 200 txt_2_3.png
imagesrv.adition.com/banners/268/01/1d/d0/a3/img/ Frame 0686 1 KB
1 KB 38ms
13ms Image
image/png 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/268/01/1d/d0/a3/img/txt_2_3.png
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/1d/d0/a3/index.html?clicktag=https%3A%2F%2Fcat.nl3.eu.criteo.com%2Fdelivery%2Fck.php%3Fcppv%3D3%26cpp%3DrKQ2fkwUuUv1uJncv82Jnfhrz9E%5FXM4JgRz%2DnD5%5F9a69mklgw6dmqlu3ZzPKs5xzQcezaXBGajbfErMLRaMPcLMxjWIBECXr2wjkuTIGIomyH60PLkTHoEgBbSct41mVoYYfHABBTwQaO4ZZpdtu5lQZps4gb2vL5yigQpiKMLRVmrZMumGJakSlu3O4uP5W6blS2J7kQxfV6jH%2D2zW9FkZO%5F3gQWsI3BBQwW4YuSEXcidkNQIc6Wcd0pSxPI7ACw854sbu%2DQz7PgNV%5FtAODipy1DDcBSKXNVRdWt6PEU63qYA1zyXfkeW6vKCpT7UE8ONyckWIWk884YQ2XXtkyYyE%5Fv0bQ4cEDSM6r3IL1KbCUx5bGBpv0Hxp3czhmVsf%2Dss6GLeMJpHzLSswb%5FZO18ej1Roih8c3b7%2Dz4hLVLv5QW6no%2D%26maxdest%3Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7299479163623048405%2526gdpr%253D1%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7299479163622982869%2526sid%253D4285905%2526kid%253D6122634%2526bid%253D18731171%2526c%253D58236%2526keyword%253D%25255Bcriteo%25255Fkid%25255D129132%2526sr%253D0%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=1&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: d1506068cb267142b10dd6182f9c401979c8f0d8526da06870ccfa3fe02b2a3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/1d/d0/a3/index.html?clicktag=https%3A%2F%2Fcat.nl3.eu.criteo.com%2Fdelivery%2Fck.php%3Fcppv%3D3%26cpp%3DrKQ2fkwUuUv1uJncv82Jnfhrz9E%5FXM4JgRz%2DnD5%5F9a69mklgw6dmqlu3ZzPKs5xzQcezaXBGajbfErMLRaMPcLMxjWIBECXr2wjkuTIGIomyH60PLkTHoEgBbSct41mVoYYfHABBTwQaO4ZZpdtu5lQZps4gb2vL5yigQpiKMLRVmrZMumGJakSlu3O4uP5W6blS2J7kQxfV6jH%2D2zW9FkZO%5F3gQWsI3BBQwW4YuSEXcidkNQIc6Wcd0pSxPI7ACw854sbu%2DQz7PgNV%5FtAODipy1DDcBSKXNVRdWt6PEU63qYA1zyXfkeW6vKCpT7UE8ONyckWIWk884YQ2XXtkyYyE%5Fv0bQ4cEDSM6r3IL1KbCUx5bGBpv0Hxp3czhmVsf%2Dss6GLeMJpHzLSswb%5FZO18ej1Roih8c3b7%2Dz4hLVLv5QW6no%2D%26maxdest%3Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7299479163623048405%2526gdpr%253D1%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7299479163622982869%2526sid%253D4285905%2526kid%253D6122634%2526bid%253D18731171%2526c%253D58236%2526keyword%253D%25255Bcriteo%25255Fkid%25255D129132%2526sr%253D0%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=1&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 09 Nov 2023 15:07:13 GMT
last-modified: Mon, 06 Nov 2023 10:38:42 GMT
accept-ranges: bytes
etag: "3747651836"
content-length: 1248
content-type: image/png

GET
H2 200 cta__bg.png
imagesrv.adition.com/banners/268/01/1d/d0/a3/img/ Frame 0686 285 B
337 B 42ms
17ms Image
image/png 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/268/01/1d/d0/a3/img/cta__bg.png
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/1d/d0/a3/index.html?clicktag=https%3A%2F%2Fcat.nl3.eu.criteo.com%2Fdelivery%2Fck.php%3Fcppv%3D3%26cpp%3DrKQ2fkwUuUv1uJncv82Jnfhrz9E%5FXM4JgRz%2DnD5%5F9a69mklgw6dmqlu3ZzPKs5xzQcezaXBGajbfErMLRaMPcLMxjWIBECXr2wjkuTIGIomyH60PLkTHoEgBbSct41mVoYYfHABBTwQaO4ZZpdtu5lQZps4gb2vL5yigQpiKMLRVmrZMumGJakSlu3O4uP5W6blS2J7kQxfV6jH%2D2zW9FkZO%5F3gQWsI3BBQwW4YuSEXcidkNQIc6Wcd0pSxPI7ACw854sbu%2DQz7PgNV%5FtAODipy1DDcBSKXNVRdWt6PEU63qYA1zyXfkeW6vKCpT7UE8ONyckWIWk884YQ2XXtkyYyE%5Fv0bQ4cEDSM6r3IL1KbCUx5bGBpv0Hxp3czhmVsf%2Dss6GLeMJpHzLSswb%5FZO18ej1Roih8c3b7%2Dz4hLVLv5QW6no%2D%26maxdest%3Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7299479163623048405%2526gdpr%253D1%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7299479163622982869%2526sid%253D4285905%2526kid%253D6122634%2526bid%253D18731171%2526c%253D58236%2526keyword%253D%25255Bcriteo%25255Fkid%25255D129132%2526sr%253D0%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=1&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 54f0b27a723ecb93512f8f1f311cfaba2d469227a68935e3394967c6bc85c89b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/1d/d0/a3/index.html?clicktag=https%3A%2F%2Fcat.nl3.eu.criteo.com%2Fdelivery%2Fck.php%3Fcppv%3D3%26cpp%3DrKQ2fkwUuUv1uJncv82Jnfhrz9E%5FXM4JgRz%2DnD5%5F9a69mklgw6dmqlu3ZzPKs5xzQcezaXBGajbfErMLRaMPcLMxjWIBECXr2wjkuTIGIomyH60PLkTHoEgBbSct41mVoYYfHABBTwQaO4ZZpdtu5lQZps4gb2vL5yigQpiKMLRVmrZMumGJakSlu3O4uP5W6blS2J7kQxfV6jH%2D2zW9FkZO%5F3gQWsI3BBQwW4YuSEXcidkNQIc6Wcd0pSxPI7ACw854sbu%2DQz7PgNV%5FtAODipy1DDcBSKXNVRdWt6PEU63qYA1zyXfkeW6vKCpT7UE8ONyckWIWk884YQ2XXtkyYyE%5Fv0bQ4cEDSM6r3IL1KbCUx5bGBpv0Hxp3czhmVsf%2Dss6GLeMJpHzLSswb%5FZO18ej1Roih8c3b7%2Dz4hLVLv5QW6no%2D%26maxdest%3Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7299479163623048405%2526gdpr%253D1%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7299479163622982869%2526sid%253D4285905%2526kid%253D6122634%2526bid%253D18731171%2526c%253D58236%2526keyword%253D%25255Bcriteo%25255Fkid%25255D129132%2526sr%253D0%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=1&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 09 Nov 2023 15:07:13 GMT
last-modified: Mon, 09 Oct 2023 07:47:31 GMT
accept-ranges: bytes
etag: "1618539483"
content-length: 285
content-type: image/png

GET
H2 200 cta__txt.png
imagesrv.adition.com/banners/268/01/1d/d0/a3/img/ Frame 0686 900 B
951 B 40ms
15ms Image
image/png 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/268/01/1d/d0/a3/img/cta__txt.png
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/1d/d0/a3/index.html?clicktag=https%3A%2F%2Fcat.nl3.eu.criteo.com%2Fdelivery%2Fck.php%3Fcppv%3D3%26cpp%3DrKQ2fkwUuUv1uJncv82Jnfhrz9E%5FXM4JgRz%2DnD5%5F9a69mklgw6dmqlu3ZzPKs5xzQcezaXBGajbfErMLRaMPcLMxjWIBECXr2wjkuTIGIomyH60PLkTHoEgBbSct41mVoYYfHABBTwQaO4ZZpdtu5lQZps4gb2vL5yigQpiKMLRVmrZMumGJakSlu3O4uP5W6blS2J7kQxfV6jH%2D2zW9FkZO%5F3gQWsI3BBQwW4YuSEXcidkNQIc6Wcd0pSxPI7ACw854sbu%2DQz7PgNV%5FtAODipy1DDcBSKXNVRdWt6PEU63qYA1zyXfkeW6vKCpT7UE8ONyckWIWk884YQ2XXtkyYyE%5Fv0bQ4cEDSM6r3IL1KbCUx5bGBpv0Hxp3czhmVsf%2Dss6GLeMJpHzLSswb%5FZO18ej1Roih8c3b7%2Dz4hLVLv5QW6no%2D%26maxdest%3Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7299479163623048405%2526gdpr%253D1%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7299479163622982869%2526sid%253D4285905%2526kid%253D6122634%2526bid%253D18731171%2526c%253D58236%2526keyword%253D%25255Bcriteo%25255Fkid%25255D129132%2526sr%253D0%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=1&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 594ba6116aa117a6e4a1d3ab5d543c1a4b793f31c8b07fcfb32289a1c5f5f6bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/1d/d0/a3/index.html?clicktag=https%3A%2F%2Fcat.nl3.eu.criteo.com%2Fdelivery%2Fck.php%3Fcppv%3D3%26cpp%3DrKQ2fkwUuUv1uJncv82Jnfhrz9E%5FXM4JgRz%2DnD5%5F9a69mklgw6dmqlu3ZzPKs5xzQcezaXBGajbfErMLRaMPcLMxjWIBECXr2wjkuTIGIomyH60PLkTHoEgBbSct41mVoYYfHABBTwQaO4ZZpdtu5lQZps4gb2vL5yigQpiKMLRVmrZMumGJakSlu3O4uP5W6blS2J7kQxfV6jH%2D2zW9FkZO%5F3gQWsI3BBQwW4YuSEXcidkNQIc6Wcd0pSxPI7ACw854sbu%2DQz7PgNV%5FtAODipy1DDcBSKXNVRdWt6PEU63qYA1zyXfkeW6vKCpT7UE8ONyckWIWk884YQ2XXtkyYyE%5Fv0bQ4cEDSM6r3IL1KbCUx5bGBpv0Hxp3czhmVsf%2Dss6GLeMJpHzLSswb%5FZO18ej1Roih8c3b7%2Dz4hLVLv5QW6no%2D%26maxdest%3Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7299479163623048405%2526gdpr%253D1%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7299479163622982869%2526sid%253D4285905%2526kid%253D6122634%2526bid%253D18731171%2526c%253D58236%2526keyword%253D%25255Bcriteo%25255Fkid%25255D129132%2526sr%253D0%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=1&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 09 Nov 2023 15:07:13 GMT
last-modified: Mon, 09 Oct 2023 07:47:31 GMT
accept-ranges: bytes
etag: "3390076610"
content-length: 900
content-type: image/png

GET
H2 200 cursor.png
imagesrv.adition.com/banners/268/01/1d/d0/a3/img/ Frame 0686 457 B
509 B 41ms
16ms Image
image/png 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/268/01/1d/d0/a3/img/cursor.png
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/1d/d0/a3/index.html?clicktag=https%3A%2F%2Fcat.nl3.eu.criteo.com%2Fdelivery%2Fck.php%3Fcppv%3D3%26cpp%3DrKQ2fkwUuUv1uJncv82Jnfhrz9E%5FXM4JgRz%2DnD5%5F9a69mklgw6dmqlu3ZzPKs5xzQcezaXBGajbfErMLRaMPcLMxjWIBECXr2wjkuTIGIomyH60PLkTHoEgBbSct41mVoYYfHABBTwQaO4ZZpdtu5lQZps4gb2vL5yigQpiKMLRVmrZMumGJakSlu3O4uP5W6blS2J7kQxfV6jH%2D2zW9FkZO%5F3gQWsI3BBQwW4YuSEXcidkNQIc6Wcd0pSxPI7ACw854sbu%2DQz7PgNV%5FtAODipy1DDcBSKXNVRdWt6PEU63qYA1zyXfkeW6vKCpT7UE8ONyckWIWk884YQ2XXtkyYyE%5Fv0bQ4cEDSM6r3IL1KbCUx5bGBpv0Hxp3czhmVsf%2Dss6GLeMJpHzLSswb%5FZO18ej1Roih8c3b7%2Dz4hLVLv5QW6no%2D%26maxdest%3Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7299479163623048405%2526gdpr%253D1%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7299479163622982869%2526sid%253D4285905%2526kid%253D6122634%2526bid%253D18731171%2526c%253D58236%2526keyword%253D%25255Bcriteo%25255Fkid%25255D129132%2526sr%253D0%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=1&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: d89af053267d4e7fd540efb1644477d56d03bdec78ee6ac865812b562a8fdde9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/1d/d0/a3/index.html?clicktag=https%3A%2F%2Fcat.nl3.eu.criteo.com%2Fdelivery%2Fck.php%3Fcppv%3D3%26cpp%3DrKQ2fkwUuUv1uJncv82Jnfhrz9E%5FXM4JgRz%2DnD5%5F9a69mklgw6dmqlu3ZzPKs5xzQcezaXBGajbfErMLRaMPcLMxjWIBECXr2wjkuTIGIomyH60PLkTHoEgBbSct41mVoYYfHABBTwQaO4ZZpdtu5lQZps4gb2vL5yigQpiKMLRVmrZMumGJakSlu3O4uP5W6blS2J7kQxfV6jH%2D2zW9FkZO%5F3gQWsI3BBQwW4YuSEXcidkNQIc6Wcd0pSxPI7ACw854sbu%2DQz7PgNV%5FtAODipy1DDcBSKXNVRdWt6PEU63qYA1zyXfkeW6vKCpT7UE8ONyckWIWk884YQ2XXtkyYyE%5Fv0bQ4cEDSM6r3IL1KbCUx5bGBpv0Hxp3czhmVsf%2Dss6GLeMJpHzLSswb%5FZO18ej1Roih8c3b7%2Dz4hLVLv5QW6no%2D%26maxdest%3Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7299479163623048405%2526gdpr%253D1%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7299479163622982869%2526sid%253D4285905%2526kid%253D6122634%2526bid%253D18731171%2526c%253D58236%2526keyword%253D%25255Bcriteo%25255Fkid%25255D129132%2526sr%253D0%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=1&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 09 Nov 2023 15:07:13 GMT
last-modified: Mon, 09 Oct 2023 07:47:31 GMT
accept-ranges: bytes
etag: "1781069596"
content-length: 457
content-type: image/png

GET
H2 200 logo.png
imagesrv.adition.com/banners/268/01/1d/d0/a3/img/ Frame 0686 1 KB
1 KB 42ms
18ms Image
image/png 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/268/01/1d/d0/a3/img/logo.png
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/1d/d0/a3/index.html?clicktag=https%3A%2F%2Fcat.nl3.eu.criteo.com%2Fdelivery%2Fck.php%3Fcppv%3D3%26cpp%3DrKQ2fkwUuUv1uJncv82Jnfhrz9E%5FXM4JgRz%2DnD5%5F9a69mklgw6dmqlu3ZzPKs5xzQcezaXBGajbfErMLRaMPcLMxjWIBECXr2wjkuTIGIomyH60PLkTHoEgBbSct41mVoYYfHABBTwQaO4ZZpdtu5lQZps4gb2vL5yigQpiKMLRVmrZMumGJakSlu3O4uP5W6blS2J7kQxfV6jH%2D2zW9FkZO%5F3gQWsI3BBQwW4YuSEXcidkNQIc6Wcd0pSxPI7ACw854sbu%2DQz7PgNV%5FtAODipy1DDcBSKXNVRdWt6PEU63qYA1zyXfkeW6vKCpT7UE8ONyckWIWk884YQ2XXtkyYyE%5Fv0bQ4cEDSM6r3IL1KbCUx5bGBpv0Hxp3czhmVsf%2Dss6GLeMJpHzLSswb%5FZO18ej1Roih8c3b7%2Dz4hLVLv5QW6no%2D%26maxdest%3Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7299479163623048405%2526gdpr%253D1%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7299479163622982869%2526sid%253D4285905%2526kid%253D6122634%2526bid%253D18731171%2526c%253D58236%2526keyword%253D%25255Bcriteo%25255Fkid%25255D129132%2526sr%253D0%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=1&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 37ebf9414a9561684f64f1664123e1e6c4b3ba68cf8d3ed2753f8022c8893cc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/1d/d0/a3/index.html?clicktag=https%3A%2F%2Fcat.nl3.eu.criteo.com%2Fdelivery%2Fck.php%3Fcppv%3D3%26cpp%3DrKQ2fkwUuUv1uJncv82Jnfhrz9E%5FXM4JgRz%2DnD5%5F9a69mklgw6dmqlu3ZzPKs5xzQcezaXBGajbfErMLRaMPcLMxjWIBECXr2wjkuTIGIomyH60PLkTHoEgBbSct41mVoYYfHABBTwQaO4ZZpdtu5lQZps4gb2vL5yigQpiKMLRVmrZMumGJakSlu3O4uP5W6blS2J7kQxfV6jH%2D2zW9FkZO%5F3gQWsI3BBQwW4YuSEXcidkNQIc6Wcd0pSxPI7ACw854sbu%2DQz7PgNV%5FtAODipy1DDcBSKXNVRdWt6PEU63qYA1zyXfkeW6vKCpT7UE8ONyckWIWk884YQ2XXtkyYyE%5Fv0bQ4cEDSM6r3IL1KbCUx5bGBpv0Hxp3czhmVsf%2Dss6GLeMJpHzLSswb%5FZO18ej1Roih8c3b7%2Dz4hLVLv5QW6no%2D%26maxdest%3Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7299479163623048405%2526gdpr%253D1%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7299479163622982869%2526sid%253D4285905%2526kid%253D6122634%2526bid%253D18731171%2526c%253D58236%2526keyword%253D%25255Bcriteo%25255Fkid%25255D129132%2526sr%253D0%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=1&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 09 Nov 2023 15:07:13 GMT
last-modified: Mon, 09 Oct 2023 07:47:31 GMT
accept-ranges: bytes
etag: "3272734176"
content-length: 1330
content-type: image/png

GET
H2 200 pvm.min.js Show response
imagesrv.adition.com/banners/268/01/1d/d0/a3/js/ Frame 0686 14 KB
3 KB 28ms
26ms Script
application/javascript 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/banners/268/01/1d/d0/a3/js/pvm.min.js
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/1d/d0/a3/index.html?clicktag=https%3A%2F%2Fcat.nl3.eu.criteo.com%2Fdelivery%2Fck.php%3Fcppv%3D3%26cpp%3DrKQ2fkwUuUv1uJncv82Jnfhrz9E%5FXM4JgRz%2DnD5%5F9a69mklgw6dmqlu3ZzPKs5xzQcezaXBGajbfErMLRaMPcLMxjWIBECXr2wjkuTIGIomyH60PLkTHoEgBbSct41mVoYYfHABBTwQaO4ZZpdtu5lQZps4gb2vL5yigQpiKMLRVmrZMumGJakSlu3O4uP5W6blS2J7kQxfV6jH%2D2zW9FkZO%5F3gQWsI3BBQwW4YuSEXcidkNQIc6Wcd0pSxPI7ACw854sbu%2DQz7PgNV%5FtAODipy1DDcBSKXNVRdWt6PEU63qYA1zyXfkeW6vKCpT7UE8ONyckWIWk884YQ2XXtkyYyE%5Fv0bQ4cEDSM6r3IL1KbCUx5bGBpv0Hxp3czhmVsf%2Dss6GLeMJpHzLSswb%5FZO18ej1Roih8c3b7%2Dz4hLVLv5QW6no%2D%26maxdest%3Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7299479163623048405%2526gdpr%253D1%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7299479163622982869%2526sid%253D4285905%2526kid%253D6122634%2526bid%253D18731171%2526c%253D58236%2526keyword%253D%25255Bcriteo%25255Fkid%25255D129132%2526sr%253D0%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=1&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 7f71f46273ff97547ecaeb548176b82786aac8660d95b235998a4eee83d3b466

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/1d/d0/a3/index.html?clicktag=https%3A%2F%2Fcat.nl3.eu.criteo.com%2Fdelivery%2Fck.php%3Fcppv%3D3%26cpp%3DrKQ2fkwUuUv1uJncv82Jnfhrz9E%5FXM4JgRz%2DnD5%5F9a69mklgw6dmqlu3ZzPKs5xzQcezaXBGajbfErMLRaMPcLMxjWIBECXr2wjkuTIGIomyH60PLkTHoEgBbSct41mVoYYfHABBTwQaO4ZZpdtu5lQZps4gb2vL5yigQpiKMLRVmrZMumGJakSlu3O4uP5W6blS2J7kQxfV6jH%2D2zW9FkZO%5F3gQWsI3BBQwW4YuSEXcidkNQIc6Wcd0pSxPI7ACw854sbu%2DQz7PgNV%5FtAODipy1DDcBSKXNVRdWt6PEU63qYA1zyXfkeW6vKCpT7UE8ONyckWIWk884YQ2XXtkyYyE%5Fv0bQ4cEDSM6r3IL1KbCUx5bGBpv0Hxp3czhmVsf%2Dss6GLeMJpHzLSswb%5FZO18ej1Roih8c3b7%2Dz4hLVLv5QW6no%2D%26maxdest%3Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7299479163623048405%2526gdpr%253D1%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7299479163622982869%2526sid%253D4285905%2526kid%253D6122634%2526bid%253D18731171%2526c%253D58236%2526keyword%253D%25255Bcriteo%25255Fkid%25255D129132%2526sr%253D0%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=1&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 15:07:13 GMT
content-encoding: br
last-modified: Mon, 06 Nov 2023 10:53:51 GMT
etag: "1399344119-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 2790

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 110ms
48ms Preflight
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 09 Nov 2023 15:07:13 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 QFuvQnGphQ6GO9QABj_Aqe7B_rJiyTlA9JcZ7sKm_jE.js Show response
pagead2.googlesyndication.com/bg/ Frame 5E56 50 KB
19 KB 29ms
12ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QFuvQnGphQ6GO9QABj_Aqe7B_rJiyTlA9JcZ7sKm_jE.js

Requested by

Host: 2ip.ru
URL: https://2ip.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

405baf4271a9850e863bd400063fc0a9eec1feb262c93940f49719eec2a6fe31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 19:23:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71026
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19777
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Nov 2024 19:23:27 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 103ms
67ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231106&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fcdfe287d22822c83b4271b14cc618c31f5040b1efa932a164cd6b67922c4900

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2ip.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 15:07:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12130
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 102ms
101ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2ip.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 15:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 09 Nov 2023 15:07:13 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 764C 13 KB
5 KB 23ms
18ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2ip.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 10969
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 12:04:24 GMT
expires: Fri, 08 Nov 2024 12:04:24 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C818 829 B
998 B 33ms
29ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ae845d2f373eed5e1a28e6148b53d0ec40bd157eae8865fff9d387208660442f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8wK5Fx3tlacpGPyBhNxz2w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2ip.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-8wK5Fx3tlacpGPyBhNxz2w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 15:07:13 GMT
expires: Thu, 09 Nov 2023 15:07:13 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response
pagead2.googlesyndication.com/bg/ Frame 764C 38 KB
15 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 10:38:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16111
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15096
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Nov 2024 10:38:42 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C818 0
0 49ms
48ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231106&jk=579671908671304&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 764C 0
10 B 16ms
16ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?p-DL7g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 15:07:13 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6644 42 B
64 B 53ms
52ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuRKNKGPawJwxWmh43LI414Ha8V4bR3QfFhkcKyrCuPFOg4JSV_DDeCmP6VjV9J_bqwbjz5voh4kZVePLBNgm7ePi8aj9oVX_OawJxp0CGNE9So6822e3zdV5p4GLG5SLvlW3TBxFFgoYxD&sai=AMfl-YRWQY6NmLm02z0X7Z71nvNbHRlY2wXKmNqRoIt9GYKU_4lPB3-8piZkwm1QBBuGCGG9SZKuy_cnCKod2KjaBG3Cof-RJzHv-JBlgO1_qRMcW4DhqQyx4uAEc6if9jPbG8YZO7qtUrVX6rjfsYacBA&sig=Cg0ArKJSzMB4hK0akpqkEAE&cid=CAQSTwDICaaN1OEi6qdOIj7ixjkD8H5uEO3nqogz0-YLBDthnTIBKOyIszQLhpBsLMcVKXN2eMSKTRNW6_tSkSlTUoBcKVVUlPJT56x0EoRYCRoYAQ&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231106&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=382923868&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699542431845&rpt=1094&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 15:07:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 52ms
51ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231106&jk=579671908671304&bg=!5-Sl5KvNAAb4oU7C2KE7ADQBe5WfOEVfDiypL8Q4QmFSB7D4oS-jPApnQkvHIzGrPqTwTnBGbYMWIUja-aTGhg3b6zrKAgAAAFlSAAAADGgBBwoACEAcWNjoFo-ImQKjYKh3L6NdmIjrin3DrYk57EY67wXXL874DXxdS_dDE87_EF36-N4goYOWBaHuz5WO_vHH-SeIeoydX1Bdngze6wXCueAl529UegVAivzZArUMrhEazxDx8f9-IgRidRI9MVEqgLLQl6PMFOPNT5z1rHt32anj1FCyubB8AUBIb0IGFeyHVSflzKYsH9N_ird0LNV-WI7B9tWMA5WEefJXeiST1hw2jK6uQLm5tpsPbKY0yfvX6twg7SzwgQ6GXMIEFlCu6jGWmljFkcla4KPYf4bm-0aRNFAPXe_JHXYpkjq0F8LSJZpsuuwUMCtenrO0nWKJZ0OxyFVHLBcjLYfHLL8rCc8AfYIzkd5V-HCx6H0J2-1l70Vqaq3est9U6fzJBP22fpojy9rGznETeDhBZzkuVRFjy6corznZqfLJ2TxPew3kvsd4pfrNIItUUZcGgja9RgWAMqrY73ACBFd8Go7MZHq1QCEnEIUfmkG8J_k__uAQ6dVw3Sk7vwZnM9XwEe0w6WLVSGOTBnMS0bRTS4cHeAIqVkESPAHdCTW3CtNL6kkuduz1pxKlUH8P1IIGzJRHJPkOFaKFRJQ7P9uv_7Wgp-MGKYoFk2daBZtJPfK2qlzZeWkjHjbDFGSMeXrJdeI-09JFJG5YUgyWBL7Cg1JBSrqfxmt35misJPERIXFI9dhqlUICjEqL0d2I5Q--r7HrYfX2q1BN7wKWb5kLIVtfLEFIBMfk425hTYYbgjgQwIh_SocJvd3cQSV25H5NLu4YEVa8p0L8RoNnYJ3jQnXdoGC8Hqb55_2lDxquKBda0H4h-d2ObcnUgk4acDRqRpAQ4_P9FnaBDeGchrA-_wUPHicCg294sFwf76ltX9NBB3ZWz67vzCQtY7ij6ZYrsJaO
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2ip.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

95 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
2ip.ru/	1969-12-31 23:59:59	Name: PHPSESSID Value: d6p7mcf9vvv4ch9a05f5sbik5o
.2ip.ru/	1970-01-20 18:15:18	Name: ipHistory Value: 1699542431%2C2997014918
.2ip.ru/	1970-01-21 01:27:18	Name: __gads Value: ID=dd02135752ac825a:T=1699542431:RT=1699542431:S=ALNI_MbsEdbHJfvy92m885IYA_hbXCEIUg
.2ip.ru/	1970-01-21 01:27:18	Name: __gpi Value: UID=00000cbdb415ee8f:T=1699542431:RT=1699542431:S=ALNI_Mb9FVNQwg72f059gpHOrKqJUP_62A
.doubleclick.net/	1970-01-21 01:27:18	Name: IDE Value: AHWqTUncqNzSRBf2p6cZViFdjf_p2JIwxlewqbMhpM9XA7lhU3osehK-ds3gqJziPsU
.adfarm1.adition.com/	1970-01-20 18:15:18	Name: UserID1 Value: 7299479163622982869
.adfarm1.adition.com/	1970-01-20 16:05:44	Name: lv_6122634 Value: w=4285905\|t=1699542432
.doubleclick.net/	1970-01-20 16:05:46	Name: DSID Value: NO_DATA
.googleadservices.com/	1970-01-20 18:15:18	Name: ar_debug Value: 1

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://2ip.ru/(Line 303) Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://2ip.ru/(Line 307) Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5433854045166583&output=html&h=90&slotname=4885479069&adk=3521678509&adf=1588894327&pi=t.ma~as.4885479069&w=1200&fwrn=4&fwrnh=100&lmt=1699542431&rafmt=2&format=1200x90&url=https%3A%2F%2F2ip.ru%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699542431618&bpp=1&bdt=242&idt=229&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=1605828524370&frm=20&pv=1&ga_vid=1614540068.1699542432&ga_sid=1699542432&ga_hid=534780872&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=87&ady=1159&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079345%2C31079346%2C31079515%2C42531705%2C44807462%2C31078301%2C31079382%2C31079156%2C44806139%2C44808149&oid=2&pvsid=579671908671304&tmod=1582792885&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=231 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2ip.ru
ad2.adfarm1.adition.com
ads.eu.criteo.com
cat.nl3.eu.criteo.com
cdnjs.cloudflare.com
csm.eu.criteo.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
imagesrv.adition.com
ipv6.2ip.io
pagead2.googlesyndication.com
rtb.fr3.eu.criteo.com
static.criteo.net
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
142.250.186.162
178.250.1.6
195.201.201.35
217.79.188.11
217.79.188.21
2606:4700::6811:190e
2a00:1450:4001:802::2003
2a00:1450:4001:803::2003
2a00:1450:4001:809::2002
2a00:1450:4001:810::2002
2a00:1450:4001:813::2004
2a00:1450:4001:828::2001
2a00:1450:4001:830::200a
2a01:4f8:231:4097::1
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:d::c
038b3bd47ada8018a197458af3e9c3f8a7322465a6dc92fc24da2c082ff31a9c
03ca748815a2ae2131d523b407e1c83a0450c2b171faa3ff02335484a2f6027b
058b527c4e9fc71a0fc6c0cf9ef916fb224de6a45663748359ca51604c50fdd1
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0da8ca13048726f721e083e458e053d2197e2136bab0e3be66b5cedd9b70e792
0ece3abc9e8876ad84d0731adceb25f640a553b300352c91aad1e7796a5d6dfa
16b3614ffb0279ff2e6dbb0dd5de7f016ab9ea13914c786d1c7493172751b472
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1cf891fe4848089c5dc2e4051ebb244d8967bc109abdbb0798abda6a51791d84
1e23ce7243cd04dfd12e041e4892bfb8efe76aebd3cddd487a138f4bace67a0b
20136402934c397d63c03912510d1d6bf4041295237cc9553dfe048113b38f88
20de87fe2216465da05d4f62cba8a1806fa6085da854fbe89a4217ead508d7d7
226631a8fa9deee07022680ce0461b7a09b416b616c56ebcaf21f50e2b34ea8f
23f7a79a4aacb2e98de00eb35baa03948e0c78c7b38124994b435d5029d2bc92
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2e91711120c34e29a00024948123332a16bc90611601cd565ec1e0b3b5b3c04c
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3257829b211f07df85f00b727d4fcd3a7a7e3297e302f2f8abe62f3b916e8a56
32af198dae805556c3b74bd99133f6acfa1311eadf6ef25bb3cda0a7dbfd7c56
37ebf9414a9561684f64f1664123e1e6c4b3ba68cf8d3ed2753f8022c8893cc2
405baf4271a9850e863bd400063fc0a9eec1feb262c93940f49719eec2a6fe31
41b2fdfb870510466d3aa7c4bb958fc8b733aa755332f6c0ff94d3c2ac79680a
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
4424d71cc3e975558378cccb14c7812bd5eac822e145edabac4ecdd99023b668
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4bb5fd96f23131b75f6b30a5290dd3613fee190b74438198daaf150ba9b0ea31
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49872ada63cc913787e9129793300a20f655a67bd04b08a12b949795af83fa
5014648b137a5101bd6480f273afe06fc8140bb0afba4c950fbbfce0e7b4dcbb
54f0b27a723ecb93512f8f1f311cfaba2d469227a68935e3394967c6bc85c89b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
582094756eadd88587570203f957f6d72916030ac4bf378b505c432938a3e9fe
594ba6116aa117a6e4a1d3ab5d543c1a4b793f31c8b07fcfb32289a1c5f5f6bc
5a0cecf509251de7b796c7c34ca1374bbb3fabe582e9e9394f1a1ebd9d421997
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
60b1cca165909ee9c26b56a79e074b81f0bf98d0341d3b14a9e200f4aad2f862
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
66f53bfb7b0168cba090522bbb0c3f6be72271dc6efea8b2e998d7372639cb2e
6782547c6379d97823f761108c3d6a1a7da4b69764f1def75b8c747b30201290
67ad497d5b6ef1c59e243fbd6ea09901bc94975459fb03e78123c98fbb3d048e
68d38e09e808f9afc2618f8eedb2b2a8c431c9f5bc82b892590a85aa3c26d033
6a303be2b3daefb9259dd2135cc479b19e518140e7d75c6094aae80c0a24a9bc
6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa
6c30d75ad4b8993cc23e8e9ecee5656e05f99316aafd8ff6ea0cc62c192c25f0
6f291319dbf4b4b4fd0e653ff97b7baebd68b1f885992991f6b40121e57c5784
72210562a956bd136c926c2032ca06cdf6d022c371585f5a0e1c73e860669f2b
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7931df7e276fa968b9ead241c6f307cfd0607387e10359d1471cfed75aeb3ea8
79dc953e79df57c0b5a1a5c9f498cd4f0cf0ec326c01ecb40611b8789ff28f6c
7ccc4eb3e8c138e0ac4c09d09e765d3228f6fdf29b134613b5a2331c47b39aef
7f71f46273ff97547ecaeb548176b82786aac8660d95b235998a4eee83d3b466
7fbfdfb7ee059e312d88ac9b2b33d52ab3de0d4441f764a97421ee41684154b5
8a6f9798437a0a8d7d77cd10600f7c8d941bbfa4288754ac8fc99325577f6636
8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f
8cca48479bc91d350347030e9f4bef73b85a33fe983cc892fdf3540f1b59292b
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9bb0055e94b7c7324ea1d58a76caed4f112575528b4442314b466a3ccc69d3
96d31d5d8e3f80bbc9384d0668a5d42756b585d44e5c14bd2c2f928f4a131102
975db7fb712510b48ec0118ab5ebb1927ef8a9c28acacaf1fbba41cef556cb10
9bad5a01bfb2d70482b687f738b8d55d6f061d8b707ad28f1cb24b40e09f59e0
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a6878fa15cbc798642b64f319869f518c51de8acb26dbb22c7892da1ce2abfd9
a6cf7f29df5854ef4fc69260ef74a0b7ec4a3527e3263272c0d5ce9ca5f1218a
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ae845d2f373eed5e1a28e6148b53d0ec40bd157eae8865fff9d387208660442f
af31546d9c69c97584c3d79564ab3bc94374e040144d53af2d7a15b4b9195b5e
af47836bf549fe0f156282be60ea580edb1ae37698a94a8380312fd428744bf8
bfd4745fee7e2635754df4ff32e620ff7356b538283d881968cf48255db8eebc
c7e4d7e19f77cfc3f6b05d673d2de9ce37b04da3261a693c26913373587cabb3
cec904386a3fabc328a821f7cf28d14c3e7bf48910d24f8558291a4fd9cd4d6c
d1506068cb267142b10dd6182f9c401979c8f0d8526da06870ccfa3fe02b2a3e
d16649e54ccf128e53e1c9223d4cb95d305c9179083b6dd1f7c38e587db9b272
d4839c4818f313a14f736892ebd4c42136e6c32ccbf59696d6fb4340d49df8af
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d89af053267d4e7fd540efb1644477d56d03bdec78ee6ac865812b562a8fdde9
d92fdb72237e8592d9d77fe7de93c441fa458bcf62fb9253c3fc51214b8fd5fd
db773ac258dbcff888047f757d42dc45b1dd26caa4465aa6fb9f988d1a7d1ca4
dcb27378f3a6aaed99f68ca8bc81cc083561aba44bbf878da18372afab044b54
dce03f3336254bd93ae523da00dc35de7a9851eb33fb6fbe20d94d4d32612a2a
dfff71daeffe209f7fe5206f6c3f6f0cdb570535955e5c0d5acc0c6735bfaf18
e0e7195f0592d35dae4bc118951afd1b2df7b05b87763216c8c7f7f6fc5cbd0f
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
e2d61134000bcc43025bfd6894e3a198440c82df3e3845059e9cf321e7c3c6ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec7e5b4f20e4e5f2bec7c116075036082f6bccc56c3522790c7040d4d9380f43
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f7472831062520d9f9766130d098a8820b2b538a0033b76aeec660486bb5e05b
f76e97627c4cfb8f8c39e04a13d9f330bd6296b685c4d7d1ca9930b38c8247ff
fbcbe12abb1688a1fecca6b1ac123982f9efd030889f6d2d18d057f4fbb3a05e
fcdfe287d22822c83b4271b14cc618c31f5040b1efa932a164cd6b67922c4900
fe454522b02eca094f6174c4bf08d87b7468394614082b24813585b4c4ccc010

2ip.ru Open in urlscan Pro 195.201.201.35 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

116 Requests

99 %HTTPS

72 %IPv6

13 Domains

19 Subdomains

19 IPs

3 Countries

2018 kBTransfer

3916 kBSize

9 Cookies

7 Outgoing links

Page URL History

Redirected requests

116 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

2ip.ru Open in urlscan Pro
195.201.201.35 Public Scan

Screenshot
Live screenshot

Full Image

116
Requests

99 %
HTTPS

72 %
IPv6

13
Domains

19
Subdomains

19
IPs

3
Countries

2018 kB
Transfer

3916 kB
Size

9
Cookies

116 HTTP transactions
4 data transactions