s3s-it1.net Open in urlscan Pro
91.190.170.12 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://s3s-it1.net/l2/7TBrBECg611/576657/3875231433.html
Effective URL:
https://s3s-it1.net/mrx/7TBrBECg6/576657/3875231433.html
Submission: On September 09 via api (September 9th 2021, 10:18:47 am UTC) from US — Scanned from DE

Summary HTTP 20 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 4 countries across 5 domains to perform 20 HTTP transactions. The main IP is 91.190.170.12, located in France and belongs to SPLIO-AS, FR. The main domain is s3s-it1.net.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 21st 2021. Valid for: a year.

This is the only time s3s-it1.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	91.190.170.12 91.190.170.12	31688 (SPLIO-AS) (SPLIO-AS)
1	91.190.170.48 91.190.170.48	31688 (SPLIO-AS) (SPLIO-AS)
1 2	142.250.187.198 142.250.187.198	15169 (GOOGLE) (GOOGLE)
9	2606:4700:1::... 2606:4700:1::6813:8647	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400e:80e::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4009:822::2002	15169 (GOOGLE) (GOOGLE)
20	7

4 91.190.170.12 (France) 1 redirects

ASN31688 (SPLIO-AS, FR)
PTR: s3s.fr

s3s-it1.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.190.170.48 (France)

ASN31688 (SPLIO-AS, FR)
PTR: www.splio4.com

www.splio4.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.187.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lhr25s33-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:1::6813:8647 (United States)

ASN13335 (CLOUDFLARENET, US)

file.splio3.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.splio3.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400e:80e::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4009:822::2002 (London, United Kingdom)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	splio3.fr file.splio3.fr cdn.splio3.fr	702 KB
4	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	37 KB
4	s3s-it1.net 1 redirects s3s-it1.net	47 KB
2	doubleclick.net 1 redirects ad.doubleclick.net	10 KB
1	splio4.com www.splio4.com	91 KB
20	5

	Domain	Requested by
8	file.splio3.fr	s3s-it1.net
4	s3s-it1.net	1 redirects s3s-it1.net
2	pagead2.googlesyndication.com	tpc.googlesyndication.com
2	tpc.googlesyndication.com	ad.doubleclick.net tpc.googlesyndication.com
2	ad.doubleclick.net	1 redirects s3s-it1.net
1	cdn.splio3.fr	s3s-it1.net
1	www.splio4.com	s3s-it1.net
20	7

This site contains no links.

Subject Issuer	Validity	Valid
s3s.fr Sectigo RSA Domain Validation Secure Server CA	`2021-04-21` - `2022-05-01`	a year	crt.sh
*.splio4.com Sectigo RSA Domain Validation Secure Server CA	`2020-11-02` - `2021-11-06`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-17` - `2022-07-16`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://s3s-it1.net/mrx/7TBrBECg6/576657/3875231433.html
Frame ID: 14D3F31582DD18C0CA5270B62F9172C5
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E2671450FA3BEBB44760039FC30378ED
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://s3s-it1.net/l2/7TBrBECg611/576657/3875231433.html Page URL
https://s3s-it1.net/mrx/7TBrBECg6/576657/3875231433.html Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

90 %
HTTPS

50 %
IPv6

5
Domains

7
Subdomains

7
IPs

4
Countries

886 kB
Transfer

945 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://s3s-it1.net/l2/7TBrBECg611/576657/3875231433.html Page URL
https://s3s-it1.net/mrx/7TBrBECg6/576657/3875231433.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://ad.doubleclick.net/ddm/trackimpj/N1199285.279382DBMTP-GRUPPOUNA-D/B24606893.281286143;dc_trk_aid=475297469;dc_trk_cid=137264168;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D HTTP 302
https://ad.doubleclick.net/ddm/trackimpj/N1199285.279382DBMTP-GRUPPOUNA-D/B24606893.281286143;dc_pre=CM2SjZbV8fICFcwLBgAdddcEcg;dc_trk_aid=475297469;dc_trk_cid=137264168;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D

Request Chain 12

https://s3s-it1.net/ckimg/2019/02/14/atahotels_b2b/dd5fd75fc2a90c911fa266ee83b402a546f11a83.png HTTP 301
https://cdn.splio3.fr/ckimg/2019/02/14/atahotels_b2b/dd5fd75fc2a90c911fa266ee83b402a546f11a83.png

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK 3875231433.html Show response
s3s-it1.net/l2/7TBrBECg611/576657/ 141 B
667 B 152ms
53ms Document
text/html 91.190.170.12
SPLIO-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s3s-it1.net/l2/7TBrBECg611/576657/3875231433.html?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.190.170.12 , France, ASN31688 (SPLIO-AS, FR),
Reverse DNS: s3s.fr
Software: Apache /
Resource Hash: c3138856c1d033bf7d361a3171fefd0c938de212edfa4348b632c5b3ff8756b2

Request headers

Host: s3s-it1.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Thu, 09 Sep 2021 10:18:42 GMT
Server: Apache
Pragma: no-cache
Cache-Control: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
X-Robots-Tag: noindex,nofollow
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Headers: origin, content-type, accept
P3P: policyref="http://s3s.fr/w3c/p3p.xml", CP="ALL DSP COR DEV IVD CON OUR NOR UNI PUR NAV STA"
Content-Length: 141
Connection: close
Content-Type: text/html

GET
H/1.1 200
OK Primary Request 3875231433.html Show response
s3s-it1.net/mrx/7TBrBECg6/576657/ 45 KB
46 KB 389ms
340ms Document
text/html 91.190.170.12
SPLIO-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s3s-it1.net/mrx/7TBrBECg6/576657/3875231433.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.190.170.12 , France, ASN31688 (SPLIO-AS, FR),
Reverse DNS: s3s.fr
Software: Apache /
Resource Hash: 0acf8b3ef0f1f17eead48b4b6c82829cd4ccb8115d228dc407cfe9d7228966fb

Request headers

Host: s3s-it1.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://s3s-it1.net/l2/7TBrBECg611/576657/3875231433.html?
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://s3s-it1.net/l2/7TBrBECg611/576657/3875231433.html?

Response headers

Date: Thu, 09 Sep 2021 10:18:42 GMT
Server: Apache
Pragma: no-cache
Cache-Control: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
X-Robots-Tag: noindex,nofollow
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Headers: origin, content-type, accept
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html

GET
H/1.1 200
OK jquery-1.8.0.min.js Show response
www.splio4.com/jquery/js/ 90 KB
91 KB 145ms
25ms Script
application/x-javascript 91.190.170.48
SPLIO-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.splio4.com/jquery/js/jquery-1.8.0.min.js
Requested by: Host: s3s-it1.net
URL: https://s3s-it1.net/mrx/7TBrBECg6/576657/3875231433.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.190.170.48 , France, ASN31688 (SPLIO-AS, FR),
Reverse DNS: www.splio4.com
Software: Apache /
Resource Hash: 8c574e0a06396dfa7064b8b460e0e4a8d5d0748c4aa66eb2e4efdfcb46da4b31

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s3s-it1.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 09 Sep 2021 10:18:42 GMT
Last-Modified: Wed, 15 Aug 2012 08:41:26 GMT
Server: Apache
ETag: "8409af-1698b-4c749e4711980"
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: close
Accept-Ranges: bytes
Content-Length: 92555

GET
H2

200

B24606893.281286143;dc_pre=CM2SjZbV8fICFcwLBgAdddcEcg;dc_trk_aid=475297469;dc_trk_cid=137264168;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consen... Show response
ad.doubleclick.net/ddm/trackimpj/N1199285.279382DBMTP-GRUPPOUNA-D/
Redirect Chain

https://ad.doubleclick.net/ddm/trackimpj/N1199285.279382DBMTP-GRUPPOUNA-D/B24606893.281286143;dc_trk_aid=475297469;dc_trk_cid=137264168;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treat...
https://ad.doubleclick.net/ddm/trackimpj/N1199285.279382DBMTP-GRUPPOUNA-D/B24606893.281286143;dc_pre=CM2SjZbV8fICFcwLBgAdddcEcg;dc_trk_aid=475297469;dc_trk_cid=137264168;ord=[timestamp];dc_lat=;dc_...

11 KB
9 KB

78ms
77ms

Script
text/javascript

142.250.187.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimpj/N1199285.279382DBMTP-GRUPPOUNA-D/B24606893.281286143;dc_pre=CM2SjZbV8fICFcwLBgAdddcEcg;dc_trk_aid=475297469;dc_trk_cid=137264168;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D?

Requested by

Host: s3s-it1.net
URL: https://s3s-it1.net/mrx/7TBrBECg6/576657/3875231433.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.187.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s33-in-f6.1e100.net

Software

cafe /

Resource Hash

f8081826985ef5394bc857d6838ee18d01121a9feaf7fedf9763372df26f9938

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s3s-it1.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Sep 2021 10:18:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8796
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 09 Sep 2021 10:18:42 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimpj/N1199285.279382DBMTP-GRUPPOUNA-D/B24606893.281286143;dc_pre=CM2SjZbV8fICFcwLBgAdddcEcg;dc_trk_aid=475297469;dc_trk_cid=137264168;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 3875231433.gif
s3s-it1.net/ouv2/7TBrBECg6/576657/ 43 B
568 B 67ms
23ms Image
image/gif 91.190.170.12
SPLIO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3s-it1.net/ouv2/7TBrBECg6/576657/3875231433.gif
Requested by: Host: s3s-it1.net
URL: https://s3s-it1.net/mrx/7TBrBECg6/576657/3875231433.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.190.170.12 , France, ASN31688 (SPLIO-AS, FR),
Reverse DNS: s3s.fr
Software: Apache /
Resource Hash: a1d88b2c952b790f5f23473c63ef99473327d02e11ebe174799ad912db08f629

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: s3s-it1.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://s3s-it1.net/mrx/7TBrBECg6/576657/3875231433.html
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://s3s-it1.net/mrx/7TBrBECg6/576657/3875231433.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Sep 2021 10:18:43 GMT
Server: Apache
P3P: policyref="http://s3s.fr/w3c/p3p.xml", CP="ALL DSP COR DEV IVD CON OUR NOR UNI PUR NAV STA"
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: close
X-Robots-Tag: noindex,nofollow
Access-Control-Allow-Headers: origin, content-type, accept
Content-Length: 43
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 689c4abb76fddbce11a72a10f52e20600e351484.jpg
file.splio3.fr/ckimg/2021/08/06/atahotels/ 311 KB
312 KB 65ms
22ms Image
image/jpeg 2606:4700:1::6813:8647
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.splio3.fr/ckimg/2021/08/06/atahotels/689c4abb76fddbce11a72a10f52e20600e351484.jpg
Requested by: Host: s3s-it1.net
URL: https://s3s-it1.net/mrx/7TBrBECg6/576657/3875231433.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:8647 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5549c0e4ac2b71f36cb0749b2c91dfa8f553ccb35ed3f4a6a88a938ab91b914

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s3s-it1.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 10:18:43 GMT
cf-cache-status: HIT
age: 933
x-cache-status: HIT
content-length: 318792
x-robots-tag: noindex,nofollow
last-modified: Mon, 06 Sep 2021 09:36:21 GMT
server: cloudflare
etag: "6135e115-4dd48"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 09 Sep 2021 14:18:43 GMT
cache-control: public, max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 68bfac937af65b8c-FRA
cf-bgj: h2pri

GET
H2 200 8a42596b0a76859b46d5fe3287ca943f442dc3ea.jpg
file.splio3.fr/ckimg/2021/08/06/atahotels/ 130 KB
130 KB 62ms
22ms Image
image/jpeg 2606:4700:1::6813:8647
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.splio3.fr/ckimg/2021/08/06/atahotels/8a42596b0a76859b46d5fe3287ca943f442dc3ea.jpg
Requested by: Host: s3s-it1.net
URL: https://s3s-it1.net/mrx/7TBrBECg6/576657/3875231433.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:8647 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b8dd568fbbf475a5221e03949acf745181555d3bec38a6b24d72c300bb44b38

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s3s-it1.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 10:18:43 GMT
cf-cache-status: HIT
age: 933
x-cache-status: HIT
content-length: 133154
x-robots-tag: noindex,nofollow
last-modified: Mon, 06 Sep 2021 09:37:15 GMT
server: cloudflare
etag: "6135e14b-20822"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 09 Sep 2021 14:18:43 GMT
cache-control: public, max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 68bfac937af85b8c-FRA
cf-bgj: h2pri

GET
H2 200 4bbd61e911c44728c2ed0fd735821e0523998a94.png
file.splio3.fr/ckimg/2021/08/06/atahotels/ 110 KB
110 KB 46ms
15ms Image
image/png 2606:4700:1::6813:8647
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.splio3.fr/ckimg/2021/08/06/atahotels/4bbd61e911c44728c2ed0fd735821e0523998a94.png
Requested by: Host: s3s-it1.net
URL: https://s3s-it1.net/mrx/7TBrBECg6/576657/3875231433.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:8647 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 856ddd88b0c12fa40a5274721d2de28227b82cde6403ada41b3ba57d01d2167b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s3s-it1.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 10:18:43 GMT
cf-cache-status: HIT
age: 932
x-cache-status: HIT
content-length: 112192
x-robots-tag: noindex,nofollow
last-modified: Mon, 06 Sep 2021 09:43:25 GMT
server: cloudflare
etag: "6135e2bd-1b640"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 68bfac937af95b8c-FRA
expires: Thu, 09 Sep 2021 14:18:43 GMT

GET
H2 200 31c4c3d352af50d75d08cb7acd774e7f87450401.jpg
file.splio3.fr/ckimg/2021/08/06/atahotels/ 135 KB
136 KB 53ms
22ms Image
image/jpeg 2606:4700:1::6813:8647
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.splio3.fr/ckimg/2021/08/06/atahotels/31c4c3d352af50d75d08cb7acd774e7f87450401.jpg
Requested by: Host: s3s-it1.net
URL: https://s3s-it1.net/mrx/7TBrBECg6/576657/3875231433.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:8647 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 341146cf0ca430d90375d243b9e972a94876ed14d9d0cec678bf3f1c772380cf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s3s-it1.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 10:18:43 GMT
cf-cache-status: HIT
age: 932
x-cache-status: HIT
content-length: 138738
x-robots-tag: noindex,nofollow
last-modified: Mon, 06 Sep 2021 09:38:54 GMT
server: cloudflare
etag: "6135e1ae-21df2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 09 Sep 2021 14:18:43 GMT
cache-control: public, max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 68bfac937afb5b8c-FRA
cf-bgj: h2pri

GET
H2 200 ico-facebook.png
file.splio3.fr/72q/LH/3Mun/ 1 KB
1 KB 106ms
76ms Image
image/png 2606:4700:1::6813:8647
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.splio3.fr/72q/LH/3Mun/ico-facebook.png
Requested by: Host: s3s-it1.net
URL: https://s3s-it1.net/mrx/7TBrBECg6/576657/3875231433.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:8647 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd15f0d5846ec5769823050b3f78a4c534793a9dc8164f6c97974c791e58a61a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s3s-it1.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 10:18:43 GMT
cf-cache-status: MISS
x-cache-status: HIT
content-length: 1146
x-robots-tag: noindex,nofollow
last-modified: Tue, 23 Oct 2018 12:25:30 GMT
server: cloudflare
etag: "5bcf133a-47a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 68bfac937afc5b8c-FRA
expires: Thu, 09 Sep 2021 14:18:43 GMT

GET
H2 200 ico-twitter.png
file.splio3.fr/72q/LH/3Mun/ 1 KB
1 KB 107ms
76ms Image
image/png 2606:4700:1::6813:8647
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.splio3.fr/72q/LH/3Mun/ico-twitter.png
Requested by: Host: s3s-it1.net
URL: https://s3s-it1.net/mrx/7TBrBECg6/576657/3875231433.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:8647 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa6ca545e9f8d9b566cb28c4bf16310c72b60142719550426b9569ea42bc6d91

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s3s-it1.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 10:18:43 GMT
cf-cache-status: MISS
x-cache-status: HIT
content-length: 1357
x-robots-tag: noindex,nofollow
last-modified: Tue, 23 Oct 2018 12:25:30 GMT
server: cloudflare
etag: "5bcf133a-54d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 68bfac937afd5b8c-FRA
expires: Thu, 09 Sep 2021 14:18:43 GMT

GET
H2 200 ico-instagram.png
file.splio3.fr/72q/LH/3Mun/ 1 KB
2 KB 71ms
71ms Image
image/png 2606:4700:1::6813:8647
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.splio3.fr/72q/LH/3Mun/ico-instagram.png
Requested by: Host: s3s-it1.net
URL: https://s3s-it1.net/mrx/7TBrBECg6/576657/3875231433.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:8647 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37d865ac29fc2914457edbe1bcd060929bc35ac997ddb4b3364c806614fc8791

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s3s-it1.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 10:18:43 GMT
cf-cache-status: MISS
x-cache-status: HIT
content-length: 1481
x-robots-tag: noindex,nofollow
last-modified: Tue, 23 Oct 2018 12:25:30 GMT
server: cloudflare
etag: "5bcf133a-5c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 68bfac93bb625b8c-FRA
expires: Thu, 09 Sep 2021 14:18:43 GMT

GET
H2 200 ico-youtube.png
file.splio3.fr/72q/LH/3Mun/ 1 KB
1 KB 73ms
73ms Image
image/png 2606:4700:1::6813:8647
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.splio3.fr/72q/LH/3Mun/ico-youtube.png
Requested by: Host: s3s-it1.net
URL: https://s3s-it1.net/mrx/7TBrBECg6/576657/3875231433.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:8647 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f71605844b584cdc762b3a5352af77e530a9ff08ae7eff09ccde16bedfb6536

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s3s-it1.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 10:18:43 GMT
cf-cache-status: MISS
x-cache-status: HIT
content-length: 1268
x-robots-tag: noindex,nofollow
last-modified: Tue, 23 Oct 2018 12:25:30 GMT
server: cloudflare
etag: "5bcf133a-4f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 68bfac93bb635b8c-FRA
expires: Thu, 09 Sep 2021 14:18:43 GMT

GET
H2

200

dd5fd75fc2a90c911fa266ee83b402a546f11a83.png
cdn.splio3.fr/ckimg/2019/02/14/atahotels_b2b/
Redirect Chain

https://s3s-it1.net/ckimg/2019/02/14/atahotels_b2b/dd5fd75fc2a90c911fa266ee83b402a546f11a83.png
https://cdn.splio3.fr/ckimg/2019/02/14/atahotels_b2b/dd5fd75fc2a90c911fa266ee83b402a546f11a83.png

9 KB
9 KB

95ms
78ms

Image
image/png

2606:4700:1::6813:8647
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.splio3.fr/ckimg/2019/02/14/atahotels_b2b/dd5fd75fc2a90c911fa266ee83b402a546f11a83.png
Requested by: Host: s3s-it1.net
URL: https://s3s-it1.net/mrx/7TBrBECg6/576657/3875231433.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:8647 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c171146417ff5122c865fe661677cf7993986665506cd5952ca92957dcf17d27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s3s-it1.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 10:18:43 GMT
cf-cache-status: MISS
x-cache-status: HIT
content-length: 9197
x-robots-tag: noindex,nofollow
last-modified: Thu, 14 Mar 2019 15:09:38 GMT
server: cloudflare
etag: "5c8a6eb2-23ed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 68bfac93fbe95b8c-FRA
expires: Thu, 09 Sep 2021 14:18:43 GMT

Redirect headers

Location: https://cdn.splio3.fr/ckimg/2019/02/14/atahotels_b2b/dd5fd75fc2a90c911fa266ee83b402a546f11a83.png
Date: Thu, 09 Sep 2021 10:18:43 GMT
Server: Apache
Connection: close
Content-Length: 305
Content-Type: text/html; charset=iso-8859-1

GET jquery-ui-1.8.23.custom.min.js
www.splio4.com/jquery/js/ 0
0

GET jquery-ui-1.8.23.custom.css
www.splio4.com/jquery/css/smoothness/ 0
0

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ 41 KB
15 KB 53ms
13ms Script
text/javascript 2a00:1450:400e:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/trackimpj/N1199285.279382DBMTP-GRUPPOUNA-D/B24606893.281286143;dc_trk_aid=475297469;dc_trk_cid=137264168;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s3s-it1.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 03:47:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 282662
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Sep 2022 03:47:41 GMT

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E267 22 KB
8 KB 13ms
12ms Document
text/html 2a00:1450:400e:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s3s-it1.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://s3s-it1.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Sat, 04 Sep 2021 16:20:14 GMT
expires: Sun, 04 Sep 2022 16:20:14 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 410309
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 HnbG7550cEFPwEcIWrjaIv4px_gX-25lqkC2fOkJQZY.js Show response
pagead2.googlesyndication.com/bg/ Frame E267 35 KB
13 KB 76ms
20ms Script
text/javascript 2a00:1450:4009:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HnbG7550cEFPwEcIWrjaIv4px_gX-25lqkC2fOkJQZY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4009:822::2002 London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e76c6ef9e7470414fc047085ab8da22fe29c7f817fb6e65aa40b67ce9094196

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 19:27:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 139902
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13217
x-xss-protection: 0
last-modified: Mon, 06 Sep 2021 10:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Sep 2022 19:27:01 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E267 0
234 B 32ms
31ms Image
image/gif 2a00:1450:4009:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B-kxSgt85YZbTOaOC9fgP57OP4AwAAAAAOAHgBAI&bg=!f3ylfDjNAAYT0U73E9E7ACkAdvg8WqjGr0wQkzO3ErJXa-O9CcMRIdQyFgHKv1NbowtDWWVQadWQgAIAAABWUgAAAAtoAQcKAPtFEaaK4AARHUnU7mBy1zk70s4pJ9Kb8zI8xJZRQl8JZzuxEqHwc83f9w94U8ft7HctztjnJ7iGaRgWCYMRWG6z5zEuhrCD3Ai8ASeaufuXkLQNZ_D6rq8Qr_hs7o2Mf9oEemM2_ChAtA2p0UuXh33OKcSzUX2OyZxnVKFcA90BuXzvob93YoY1m_djUg3r6ntcgaWN8187ZaRtTz8YxyatRExKADNfuaH3js5Mjfbblwrer1kVLQMZxW8BQIcLnQAFnuR6XH4d5LjBkbwf7ZJCnH2J_v1BvPSRjQD9-tODbx0W2LCnPlkurSoxVL6DcqKUBZsIjkl6y1WaD5kCd7_tGUTNdQacoMA6KSvjhPbhAN7o5YXFtz6ujk-sKNBUHaxWN-ms8dXLv7-s1E5GgmYJLEk2gN-wPP0mGDNfV6CgeeO6Dxg1-Jn1ZA3YLC_C0wazIEb01-rJuRFnBojRLK2a_GkzDrCUlNZuoPcVRFKtnlxUuAKjIyUKzJFgppfoFF9jjZQmOviFqIz8pTLf9EgFZYfLc9S9hPhO26SZgZk6kJ3_1Jn5fFyQSE51GKHXPBf2BwKu9VHKdLlW8u1Ap-SJwBpjdQBJYRFqr1KFc31HxidUTwbtQtluhkN2xigjQR4cepffvHLiTkO2uHw2WtYQbN8Nr-CSvGCTrwZdLGEq-GNdzJDwuDNq9jXYkIvnj-tZaAsw_hpp1HkjDRaQjM2BLcTocegHFzzELxDIl-Ozl0HEa1IaUkv59q-PpJgD-ZXMXXBRdvXYlu0kV1EBdJU5UPybvbzV5chONQsp8SObDwkaqqNOmPsssLb5NeH-4Bq5mjHMKJXzB7rhrYhPOYE5cbE7wJDCk1PMgrE28_w9JGVKmYsMswvO6LE16mg_6HEwy72llPklXOveA0zT9aci28b9OVxMCFnKiuiyR8pJQTp4YQEg1u8PLnpZ60g-oSiIV5ADACvZOjLfMngjCTQQ07ji84Upi4JXLKt5pSuYoQS2BK3Bm2URk8D_yoa4TGLS-tndXMMSLibR-fOVZV5fl_X7-qSH7-D1w5dtdR1lIaXEqP0D5AGLyCpZIP_vxLe-qc926fzhDxW0go3TkVoUC0juHSRjINAx-Mpr-6pF0jDwdgiSijTXxwJqB2m4GvPXQY82jlbbNUSrsF2QVzAZEPT37k4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4009:822::2002 London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Sep 2021 10:18:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.splio4.com
URL: http://www.splio4.com/jquery/js/jquery-ui-1.8.23.custom.min.js

Domain: www.splio4.com
URL: http://www.splio4.com/jquery/css/smoothness/jquery-ui-1.8.23.custom.css

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-19 21:06:23	Name: test_cookie Value: CheckForPermission

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://s3s-it1.net/mrx/7TBrBECg6/576657/3875231433.html Message: Mixed Content: The page at 'https://s3s-it1.net/mrx/7TBrBECg6/576657/3875231433.html' was loaded over HTTPS, but requested an insecure element 'http://file.splio3.fr/72q/LH/3Mun/ico-facebook.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://s3s-it1.net/mrx/7TBrBECg6/576657/3875231433.html Message: Mixed Content: The page at 'https://s3s-it1.net/mrx/7TBrBECg6/576657/3875231433.html' was loaded over HTTPS, but requested an insecure element 'http://file.splio3.fr/72q/LH/3Mun/ico-twitter.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://s3s-it1.net/mrx/7TBrBECg6/576657/3875231433.html Message: Mixed Content: The page at 'https://s3s-it1.net/mrx/7TBrBECg6/576657/3875231433.html' was loaded over HTTPS, but requested an insecure element 'http://file.splio3.fr/72q/LH/3Mun/ico-instagram.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://s3s-it1.net/mrx/7TBrBECg6/576657/3875231433.html Message: Mixed Content: The page at 'https://s3s-it1.net/mrx/7TBrBECg6/576657/3875231433.html' was loaded over HTTPS, but requested an insecure element 'http://file.splio3.fr/72q/LH/3Mun/ico-youtube.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://s3s-it1.net/mrx/7TBrBECg6/576657/3875231433.html Message: Mixed Content: The page at 'https://s3s-it1.net/mrx/7TBrBECg6/576657/3875231433.html' was loaded over HTTPS, but requested an insecure element 'http://s3s-it1.net/ckimg/2019/02/14/atahotels_b2b/dd5fd75fc2a90c911fa266ee83b402a546f11a83.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	URL: https://s3s-it1.net/mrx/7TBrBECg6/576657/3875231433.html Message: Mixed Content: The page at 'https://s3s-it1.net/mrx/7TBrBECg6/576657/3875231433.html' was loaded over HTTPS, but requested an insecure script 'http://www.splio4.com/jquery/js/jquery-ui-1.8.23.custom.min.js'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://s3s-it1.net/mrx/7TBrBECg6/576657/3875231433.html(Line 4) Message: Mixed Content: The page at 'https://s3s-it1.net/mrx/7TBrBECg6/576657/3875231433.html' was loaded over HTTPS, but requested an insecure stylesheet 'http://www.splio4.com/jquery/css/smoothness/jquery-ui-1.8.23.custom.css'. This request has been blocked; the content must be served over HTTPS.
security	warning	URL: https://s3s-it1.net/mrx/7TBrBECg6/576657/3875231433.html Message: Mixed Content: The page at 'https://s3s-it1.net/mrx/7TBrBECg6/576657/3875231433.html' was loaded over HTTPS, but requested an insecure element 'http://file.splio3.fr/72q/LH/3Mun/ico-facebook.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://s3s-it1.net/mrx/7TBrBECg6/576657/3875231433.html Message: Mixed Content: The page at 'https://s3s-it1.net/mrx/7TBrBECg6/576657/3875231433.html' was loaded over HTTPS, but requested an insecure element 'http://file.splio3.fr/72q/LH/3Mun/ico-twitter.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://s3s-it1.net/mrx/7TBrBECg6/576657/3875231433.html Message: Mixed Content: The page at 'https://s3s-it1.net/mrx/7TBrBECg6/576657/3875231433.html' was loaded over HTTPS, but requested an insecure element 'http://file.splio3.fr/72q/LH/3Mun/ico-instagram.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://s3s-it1.net/mrx/7TBrBECg6/576657/3875231433.html Message: Mixed Content: The page at 'https://s3s-it1.net/mrx/7TBrBECg6/576657/3875231433.html' was loaded over HTTPS, but requested an insecure element 'http://file.splio3.fr/72q/LH/3Mun/ico-youtube.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://s3s-it1.net/mrx/7TBrBECg6/576657/3875231433.html Message: Mixed Content: The page at 'https://s3s-it1.net/mrx/7TBrBECg6/576657/3875231433.html' was loaded over HTTPS, but requested an insecure element 'http://s3s-it1.net/ckimg/2019/02/14/atahotels_b2b/dd5fd75fc2a90c911fa266ee83b402a546f11a83.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
cdn.splio3.fr
file.splio3.fr
pagead2.googlesyndication.com
s3s-it1.net
tpc.googlesyndication.com
www.splio4.com
www.splio4.com
142.250.187.198
2606:4700:1::6813:8647
2a00:1450:4009:822::2002
2a00:1450:400e:80e::2001
91.190.170.12
91.190.170.48
0acf8b3ef0f1f17eead48b4b6c82829cd4ccb8115d228dc407cfe9d7228966fb
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1e76c6ef9e7470414fc047085ab8da22fe29c7f817fb6e65aa40b67ce9094196
341146cf0ca430d90375d243b9e972a94876ed14d9d0cec678bf3f1c772380cf
37d865ac29fc2914457edbe1bcd060929bc35ac997ddb4b3364c806614fc8791
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
6b8dd568fbbf475a5221e03949acf745181555d3bec38a6b24d72c300bb44b38
7f71605844b584cdc762b3a5352af77e530a9ff08ae7eff09ccde16bedfb6536
856ddd88b0c12fa40a5274721d2de28227b82cde6403ada41b3ba57d01d2167b
8c574e0a06396dfa7064b8b460e0e4a8d5d0748c4aa66eb2e4efdfcb46da4b31
a1d88b2c952b790f5f23473c63ef99473327d02e11ebe174799ad912db08f629
c171146417ff5122c865fe661677cf7993986665506cd5952ca92957dcf17d27
c3138856c1d033bf7d361a3171fefd0c938de212edfa4348b632c5b3ff8756b2
cd15f0d5846ec5769823050b3f78a4c534793a9dc8164f6c97974c791e58a61a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f5549c0e4ac2b71f36cb0749b2c91dfa8f553ccb35ed3f4a6a88a938ab91b914
f8081826985ef5394bc857d6838ee18d01121a9feaf7fedf9763372df26f9938
fa6ca545e9f8d9b566cb28c4bf16310c72b60142719550426b9569ea42bc6d91

s3s-it1.net Open in urlscan Pro 91.190.170.12 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

20 Requests

90 %HTTPS

50 %IPv6

5 Domains

7 Subdomains

7 IPs

4 Countries

886 kBTransfer

945 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

1 Cookies

12 Console Messages

Indicators

s3s-it1.net Open in urlscan Pro
91.190.170.12 Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

90 %
HTTPS

50 %
IPv6

5
Domains

7
Subdomains

7
IPs

4
Countries

886 kB
Transfer

945 kB
Size

1
Cookies

20 HTTP transactions
0 data transactions