gems.su Open in urlscan Pro
46.36.218.48 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://gems.su/
Submission Tags: l4ing tld su ru rf cccp h8 g* ay Search All
Submission: On January 17 via manual (January 17th 2024, 1:12:06 am UTC) from BG — Scanned from DE

Summary HTTP 49 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 15 IPs in 5 countries across 10 domains to perform 49 HTTP transactions. The main IP is 46.36.218.48, located in Jõhvi, Estonia and belongs to PAGM-AS, EE. The main domain is gems.su.

This is the only time gems.su was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	46.36.218.48 46.36.218.48	198068 (PAGM-AS) (PAGM-AS)
4	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1 2	45.143.84.231 45.143.84.231	201193 (IPRJ-4-0) (IPRJ-4-0)
1 1	88.212.202.52 88.212.202.52	39134 (UNITEDNET) (UNITEDNET)
1 2	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
2	142.44.227.16 142.44.227.16	16276 (OVH) (OVH)
5	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
7	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
8	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
49	15

12 46.36.218.48 (Jõhvi, Estonia)

ASN198068 (PAGM-AS, EE)
PTR: istorya.ru

gems.su	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.143.84.231 (Russian Federation) 1 redirects

ASN201193 (IPRJ-4-0, RU)
PTR: pisik231.sndsy.ru

subscribe.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.212.202.52 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host152.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.198 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.44.227.16 (Canada)

ASN16276 (OVH, FR)
PTR: ip16.ip-142-44-227.net

mixmarket.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	criteo.net static.criteo.net — Cisco Umbrella Rank: 657 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9386 csm.eu.criteo.net — Cisco Umbrella Rank: 8850	132 KB
12	gems.su gems.su	154 KB
6	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	208 KB
5	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	20 KB
3	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 8778 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10462 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 15704	52 KB
3	yadro.ru 2 redirects counter.yadro.ru — Cisco Umbrella Rank: 11938	2 KB
2	mixmarket.biz mixmarket.biz
2	subscribe.ru 1 redirects subscribe.ru	3 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	65 KB
0	nativevideo.ru Failed box.nativevideo.ru Failed
49	10

	Domain	Requested by
12	gems.su	gems.su
8	imageproxy.eu.criteo.net	ads.eu.criteo.com
7	static.criteo.net	ads.eu.criteo.com
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	pagead2.googlesyndication.com	gems.su pagead2.googlesyndication.com www.googletagservices.com
3	counter.yadro.ru	2 redirects gems.su
2	csm.eu.criteo.net	ads.eu.criteo.com
2	tpc.googlesyndication.com	googleads.g.doubleclick.net
2	mixmarket.biz	gems.su
2	subscribe.ru	1 redirects gems.su
1	rtb.fr3.eu.criteo.com	googleads.g.doubleclick.net
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	www.googletagservices.com	googleads.g.doubleclick.net
1	ads.eu.criteo.com	googleads.g.doubleclick.net
0	box.nativevideo.ru Failed	gems.su
49	15

This site contains links to these domains. Also see Links.

Domain
subscribe.ru
www.liveinternet.ru
www.optima.su

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-15` - `2024-03-10`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-03` - `2024-02-28`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-27` - `2024-03-21`	3 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-08` - `2024-03-03`	3 months	crt.sh

This page contains 6 frames:

Primary Page: http://gems.su/
Frame ID: EA10F6562175C086DEE34069011D23F9
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240111/r20190131/zrt_lookup_fy2021.html?hello=world
Frame ID: 7979649B4E3917CC6A50AD107865C10D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2121045720920046&output=html&h=90&slotname=8368764609&adk=49913715&adf=854766408&pi=t.ma~as.8368764609&w=728&lmt=1705453921&url=http%3A%2F%2Fgems.su%2F&wgl=1&dt=1705453921294&bpp=230&bdt=106&idt=420&shv=r20240116&mjsv=m202401100101&ptt=5&saldr=sd&abxe=1&correlator=7081970599755&frm=20&pv=2&ga_vid=328600650.1705453922&ga_sid=1705453922&ga_hid=1802141498&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079965%2C44809003%2C31080430%2C95320889%2C95321627%2C95322164%2C31080354&oid=2&pvsid=1749250452719648&tmod=2023230392&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=427
Frame ID: E2EE4319A43CE2CFCC41DA7FBA7454B6
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2121045720920046&output=html&h=60&slotname=3164758654&adk=3440193766&adf=3141960068&pi=t.ma~as.3164758654&w=468&lmt=1705453921&url=http%3A%2F%2Fgems.su%2F&wgl=1&dt=1705453921297&bpp=227&bdt=109&idt=427&shv=r20240116&mjsv=m202401100101&ptt=5&saldr=sd&abxe=1&prev_slotnames=8368764609&correlator=7081970599755&frm=20&pv=1&ga_vid=328600650.1705453922&ga_sid=1705453922&ga_hid=1802141498&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=457&ady=2565&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079965%2C44809003%2C31080430%2C95320889%2C95321627%2C95322164%2C31080354&oid=2&pvsid=1749250452719648&tmod=2023230392&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=429
Frame ID: B12B8CC4E61296EA20D3D30E3C91F5E7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2121045720920046&output=html&adk=1812271804&adf=3025194257&lmt=1705453921&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x1080_l%7C404x1080_r&format=0x0&url=http%3A%2F%2Fgems.su%2F&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=0.8&dt=1705453921682&bpp=1&bdt=493&idt=45&shv=r20240116&mjsv=m202401100101&ptt=9&saldr=aa&abxe=1&prev_slotnames=8368764609%2C3164758654&nras=1&correlator=7081970599755&frm=20&pv=1&ga_vid=328600650.1705453922&ga_sid=1705453922&ga_hid=1802141498&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079965%2C44809003%2C31080430%2C95320889%2C95321627%2C95322164&oid=2&pvsid=1749250452719648&tmod=2023230392&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=50
Frame ID: 98F52815B275C743EFC2B34B781E4339
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZacpYQALlkkHg61DAAyHhbApmOmUDQRh66jxbg&u=%7C2PJRwO4eIHyF%2FoCpZ%2F5xF8kiJClaKDnF7mlKGrV5Pdo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi61yeCiYOBHBQDe-nW9DrHEH9QzEthiJpAZ-HBvtzWbpsXphT2DPJyRu5__PBztjOv61lSdTDktvZYOzLTZJ77E_wlQAuTfbxu6r-WCeQPLMPYVxmD9j2bI668lFtWU8T7I7GPxShcCWp1SmDLmrcPUebN8N9M48ORTWZQiBhUT__CnytylO647hACg50Ke1wYIcEU_-P5kJn7qBNkZbsYV2l9nziZn5xtqFT-ndYJp7laLm7LWRrjW0lx5D0Uqq0FSUXt7WAynVEZ6wkBk_7P-YV85ztEo2xmwH7tMCGhrWBU4Lp15H0AhtxmfmcyzN-yEbx2Xdrzpgy8Thxa4UKlq8ztXS4-urhiHeKK3RyRfKtSx40jOnWyyITiKhYS_zlyZ6FtpYubuXN0QZtkeCsBFCZqQ4ceWmg0fDGW_OADkk-9rilWqD2JCEOjLE8v-lQhsn5rnBJRTzQ8nt1iJ9uB9sHIZe7t1FP04R6LADeiSsuRVuNDG8OjDV32Zdjzuti1Q52h0dE_nL2i-v4Z69i3T-7RudDjNoJUOQu6EXav5jQoD4QP7NdYPuoxkA0E3G4R0HAbRWye9K0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMcInYSmnZcmsLsPajuwPhY-yuAfJntKxXNWdkfdwwI23ARABIABglYKAgLAHggEXY2EtcHViLTIxMjEwNDU3MjA5MjAwNDbIAQmpArMX2jC6PrI-qAMByAMCqgTdAU_Q4Ysw1OBsQbhTRLVQjXz4ITEW7RmhkMVQCDgVsrGygvBwFxuWMuh3Dw3xa7mO_cjYtYFGHqaSJ37gKjgRVtxJXKPj2uklBdoodJ9dYBfOECXhJDcbE5eL8N2N6i0-COZrfzonCWv6aiPRQqVJA1sFLyQG2F_uA_mgdN_0QyGoYiaSyClXAuUK9i5KtWwHEmiYixAkplQaDKYCkyqDYCmNYVfGr1rsfryij4in2ZNxgVV9Mogk3kf6E8HorgzzOoZVLweCF-7NoQh4MLzpe_max-91oduStcRwXotegAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYjce_-Z7jgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_32ncHXYH6khM67CpCWJtBZRtIhaA%26client%3Dca-pub-2121045720920046%26adurl%3D
Frame ID: 211085504512F2FBB35768CF5E71C484
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Gems.su - Энциклопедия драгоценных камней.

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Liveinternet (Analytics) Expand

Overall confidence: 100%
Detected patterns

<a href="http://www\.liveinternet\.ru/click"

Page Statistics

49
Requests

63 %
HTTPS

60 %
IPv6

10
Domains

15
Subdomains

15
IPs

5
Countries

635 kB
Transfer

1320 kB
Size

5
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://subscribe.ru/catalog/home.modebeauty.dum
Title: Ювелирные украшения

Search URL Search Domain Scan URL

URL: http://www.liveinternet.ru/click

Search URL Search Domain Scan URL

URL: http://www.optima.su/
Title: Продвижение сайта

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

http://subscribe.ru/stat/home.modebeauty.dum/count.png HTTP 301
https://subscribe.ru/stat/home.modebeauty.dum/count.png

Request Chain 8

http://counter.yadro.ru/hit?t23.11;r;s1600*1200*24;uhttp%3A//gems.su/;hGems.su%20-%20%u042D%u043D%u0446%u0438%u043A%u043B%u043E%u043F%u0435%u0434%u0438%u044F%20%u0434%u0440%u0430%u0433%u043E%u0446%u0435%u043D%u043D%u044B%u0445%20%u043A%u0430%u043C%u043D%u0435%u0439.;0.5101450891735646 HTTP 302
https://counter.yadro.ru/hit?t23.11;r;s1600*1200*24;uhttp%3A//gems.su/;hGems.su%20-%20%u042D%u043D%u0446%u0438%u043A%u043B%u043E%u043F%u0435%u0434%u0438%u044F%20%u0434%u0440%u0430%u0433%u043E%u0446%u0435%u043D%u043D%u044B%u0445%20%u043A%u0430%u043C%u043D%u0435%u0439.;0.5101450891735646 HTTP 302
https://counter.yadro.ru/hit?q;t23.11;r;s1600*1200*24;uhttp%3A//gems.su/;hGems.su%20-%20%u042D%u043D%u0446%u0438%u043A%u043B%u043E%u043F%u0435%u0434%u0438%u044F%20%u0434%u0440%u0430%u0433%u043E%u0446%u0435%u043D%u043D%u044B%u0445%20%u043A%u0430%u043C%u043D%u0435%u0439.;0.5101450891735646

49 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
gems.su/ 13 KB
6 KB 246ms
87ms Document
text/html 46.36.218.48
PAGM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://gems.su/
Protocol: HTTP/1.1
Server: 46.36.218.48 Jõhvi, Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS: istorya.ru
Software: nginx/1.8.0 / PHP/5.3.29-1~dotdeb.0
Resource Hash: 101bb78b7f82b5e22b378b4f5bf502a921f53d91fcde90ea62ae2db3d92bd65f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Length: 5673
Content-Type: text/html; charset=windows-1251
Date: Wed, 17 Jan 2024 01:12:01 GMT
Server: nginx/1.8.0
Vary: Accept-Encoding
X-Powered-By: PHP/5.3.29-1~dotdeb.0

GET
H/1.1 200
OK style.css
gems.su/ 3 KB
1 KB 74ms
73ms Stylesheet
text/css 46.36.218.48
PAGM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://gems.su/style.css
Requested by: Host: gems.su
URL: http://gems.su/
Protocol: HTTP/1.1
Server: 46.36.218.48 Jõhvi, Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS: istorya.ru
Software: nginx/1.8.0 /
Resource Hash: 89fa72bcb46cba5949b7292c86893e5623eb69f36e0d5874b6ff05d94d3e0e1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gems.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

Date: Wed, 17 Jan 2024 01:12:01 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 May 2009 18:17:52 GMT
Server: nginx/1.8.0
ETag: W/"4a144950-aec"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 26 KB
11 KB 102ms
68ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: gems.su
URL: http://gems.su/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c67b132317b70f666aca179f857834afbef8612404504022d0c23b8efb497853

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gems.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

Date: Wed, 17 Jan 2024 01:12:01 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 5979646871292384199
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 10955
X-XSS-Protection: 0
Expires: Wed, 17 Jan 2024 01:12:01 GMT

GET
H/1.1 200
OK logo.jpg
gems.su/images/ 18 KB
18 KB 146ms
74ms Image
image/jpeg 46.36.218.48
PAGM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gems.su/images/logo.jpg
Requested by: Host: gems.su
URL: http://gems.su/
Protocol: HTTP/1.1
Server: 46.36.218.48 Jõhvi, Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS: istorya.ru
Software: nginx/1.8.0 /
Resource Hash: 3348b75af4ce88bfffc6b9edbcdd78e042a062c9679aaf6704c8367951692847

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gems.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

Date: Wed, 17 Jan 2024 01:12:01 GMT
Last-Modified: Wed, 20 May 2009 16:38:47 GMT
Server: nginx/1.8.0
ETag: "4a143217-485e"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18526

GET
H/1.1 200
OK girl.jpg
gems.su/images/ 53 KB
53 KB 145ms
72ms Image
image/jpeg 46.36.218.48
PAGM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gems.su/images/girl.jpg
Requested by: Host: gems.su
URL: http://gems.su/
Protocol: HTTP/1.1
Server: 46.36.218.48 Jõhvi, Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS: istorya.ru
Software: nginx/1.8.0 /
Resource Hash: f8ac5b76c880e35d75a77b0b1ddf0e5d52af2cb753d8345f428927ec1b722bf8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gems.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

Date: Wed, 17 Jan 2024 01:12:01 GMT
Last-Modified: Wed, 20 May 2009 16:33:28 GMT
Server: nginx/1.8.0
ETag: "4a1430d8-d3c4"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 54212

GET
H/1.1

200
OK

count.png
subscribe.ru/stat/home.modebeauty.dum/
Redirect Chain

http://subscribe.ru/stat/home.modebeauty.dum/count.png
https://subscribe.ru/stat/home.modebeauty.dum/count.png

2 KB
2 KB

365ms
87ms

Image
image/png

45.143.84.231
IPRJ-4-0

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://subscribe.ru/stat/home.modebeauty.dum/count.png

Requested by

Host: gems.su
URL: http://gems.su/

Protocol

HTTP/1.1

Server

45.143.84.231 , Russian Federation, ASN201193 (IPRJ-4-0, RU),

Reverse DNS

pisik231.sndsy.ru

Software

nginx /

Resource Hash

a1547fbb1dd23847bc05dd6bd911c7151cbed2219c332b980ed0b6a900efb35d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gems.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

Date: Wed, 17 Jan 2024 01:12:01 GMT
Strict-Transport-Security: max-age=15552000
Server: nginx
Transfer-Encoding: chunked
Content-Language: ru
P3P: policyref="/w3c/p3p.xml", CP="NOI PSA OUR BUS UNI"
Content-Type: image/png
Connection: keep-alive

Redirect headers

Location: https://subscribe.ru/stat/home.modebeauty.dum/count.png
Date: Wed, 17 Jan 2024 01:12:01 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H/1.1 200
OK spacer.gif
gems.su/images/ 43 B
278 B 152ms
78ms Image
image/gif 46.36.218.48
PAGM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gems.su/images/spacer.gif
Requested by: Host: gems.su
URL: http://gems.su/
Protocol: HTTP/1.1
Server: 46.36.218.48 Jõhvi, Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS: istorya.ru
Software: nginx/1.8.0 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gems.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

Date: Wed, 17 Jan 2024 01:12:01 GMT
Last-Modified: Wed, 20 May 2009 16:45:46 GMT
Server: nginx/1.8.0
ETag: "4a1433ba-2b"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
51 KB 162ms
88ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

672644308e47839992be84d1322b14abc02e5bea3a7f315d179cb180b337daaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gems.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:12:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51401
x-xss-protection: 0
server: cafe
etag: 664552706001403457
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 17 Jan 2024 01:12:01 GMT

GET GetWidgetJS
box.nativevideo.ru/preview/ 0
0

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

http://counter.yadro.ru/hit?t23.11;r;s1600*1200*24;uhttp%3A//gems.su/;hGems.su%20-%20%u042D%u043D%u0446%u0438%u043A%u043B%u043E%u043F%u0435%u0434%u0438%u044F%20%u0434%u0440%u0430%u0433%u043E%u0446%...
https://counter.yadro.ru/hit?t23.11;r;s1600*1200*24;uhttp%3A//gems.su/;hGems.su%20-%20%u042D%u043D%u0446%u0438%u043A%u043B%u043E%u043F%u0435%u0434%u0438%u044F%20%u0434%u0440%u0430%u0433%u043E%u0446...
https://counter.yadro.ru/hit?q;t23.11;r;s1600*1200*24;uhttp%3A//gems.su/;hGems.su%20-%20%u042D%u043D%u0446%u0438%u043A%u043B%u043E%u043F%u0435%u0434%u0438%u044F%20%u0434%u0440%u0430%u0433%u043E%u04...

462 B
948 B

89ms
88ms

Image
image/gif

88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t23.11;r;s1600*1200*24;uhttp%3A//gems.su/;hGems.su%20-%20%u042D%u043D%u0446%u0438%u043A%u043B%u043E%u043F%u0435%u0434%u0438%u044F%20%u0434%u0440%u0430%u0433%u043E%u0446%u0435%u043D%u043D%u044B%u0445%20%u043A%u0430%u043C%u043D%u0435%u0439.;0.5101450891735646

Requested by

Host: gems.su
URL: http://gems.su/

Protocol

HTTP/1.1

Server

88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host198.rax.ru

Software

nginx/1.17.9 /

Resource Hash

1a26a27a948d41f5e7942cbbd603d4cd74282ef8eadd684a81a38a8926a89d08

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gems.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 Jan 2024 01:12:01 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 462
Expires: Mon, 16 Jan 2023 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 17 Jan 2024 01:12:01 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit?q;t23.11;r;s1600*1200*24;uhttp%3A//gems.su/;hGems.su%20-%20%u042D%u043D%u0446%u0438%u043A%u043B%u043E%u043F%u0435%u0434%u0438%u044F%20%u0434%u0440%u0430%u0433%u043E%u0446%u0435%u043D%u043D%u044B%u0445%20%u043A%u0430%u043C%u043D%u0435%u0439.;0.5101450891735646
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Mon, 16 Jan 2023 21:00:00 GMT

GET
H/1.1 500
Internal Server Error &div=mixkt_4294949045&r=&rnd=84892
mixmarket.biz/show/4294949045/ 0
0 382ms
140ms Script
text/html 142.44.227.16
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://mixmarket.biz/show/4294949045/&div=mixkt_4294949045&r=&rnd=84892
Requested by: Host: gems.su
URL: http://gems.su/
Protocol: HTTP/1.1
Server: 142.44.227.16 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ip16.ip-142-44-227.net
Software: /
Resource Hash

Request headers

Referer: http://gems.su/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

GET
H/1.1 200
OK bg.jpg
gems.su/images/ 1 KB
2 KB 74ms
74ms Image
image/jpeg 46.36.218.48
PAGM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gems.su/images/bg.jpg
Requested by: Host: gems.su
URL: http://gems.su/style.css
Protocol: HTTP/1.1
Server: 46.36.218.48 Jõhvi, Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS: istorya.ru
Software: nginx/1.8.0 /
Resource Hash: 9426d3d09ece69b032ec1be456750f952bb17a4cb7b23b13fb2bfe8180c698bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gems.su/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

Date: Wed, 17 Jan 2024 01:12:01 GMT
Last-Modified: Wed, 20 May 2009 16:25:52 GMT
Server: nginx/1.8.0
ETag: "4a142f10-51f"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1311

GET
H/1.1 200
OK bg-flower.jpg
gems.su/images/ 31 KB
31 KB 150ms
78ms Image
image/jpeg 46.36.218.48
PAGM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gems.su/images/bg-flower.jpg
Requested by: Host: gems.su
URL: http://gems.su/style.css
Protocol: HTTP/1.1
Server: 46.36.218.48 Jõhvi, Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS: istorya.ru
Software: nginx/1.8.0 /
Resource Hash: 827813ffec57d127ddd57e6fe8d707dbe7f9bb3d0469bf8547da4f170c527deb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gems.su/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

Date: Wed, 17 Jan 2024 01:12:01 GMT
Last-Modified: Wed, 20 May 2009 16:25:39 GMT
Server: nginx/1.8.0
ETag: "4a142f03-7cde"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 31966

GET
H/1.1 200
OK bg-menu.jpg
gems.su/images/ 16 KB
16 KB 153ms
79ms Image
image/jpeg 46.36.218.48
PAGM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gems.su/images/bg-menu.jpg
Requested by: Host: gems.su
URL: http://gems.su/style.css
Protocol: HTTP/1.1
Server: 46.36.218.48 Jõhvi, Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS: istorya.ru
Software: nginx/1.8.0 /
Resource Hash: 8f5b505da7e9a0a569c694d165ad7a5543c28fc38de9540ba2a5899a0f9565a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gems.su/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

Date: Wed, 17 Jan 2024 01:12:01 GMT
Last-Modified: Wed, 20 May 2009 16:25:49 GMT
Server: nginx/1.8.0
ETag: "4a142f0d-3f4b"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16203

GET
H/1.1 200
OK bg-kamni.gif
gems.su/images/ 2 KB
2 KB 102ms
74ms Image
image/gif 46.36.218.48
PAGM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gems.su/images/bg-kamni.gif
Requested by: Host: gems.su
URL: http://gems.su/style.css
Protocol: HTTP/1.1
Server: 46.36.218.48 Jõhvi, Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS: istorya.ru
Software: nginx/1.8.0 /
Resource Hash: d385878fae6d9a16620ee1cfc3ff07d1c8687aaa5cbead3dafa3c17347476099

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gems.su/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

Date: Wed, 17 Jan 2024 01:12:01 GMT
Last-Modified: Wed, 20 May 2009 16:25:43 GMT
Server: nginx/1.8.0
ETag: "4a142f07-741"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1857

GET
H/1.1 200
OK bull-h1.gif
gems.su/images/ 52 B
287 B 143ms
77ms Image
image/gif 46.36.218.48
PAGM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gems.su/images/bull-h1.gif
Requested by: Host: gems.su
URL: http://gems.su/style.css
Protocol: HTTP/1.1
Server: 46.36.218.48 Jõhvi, Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS: istorya.ru
Software: nginx/1.8.0 /
Resource Hash: d65709c2ff9a8a28234ec9e6681452129e69389265f02d8f3ea25923620caea7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gems.su/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

Date: Wed, 17 Jan 2024 01:12:01 GMT
Last-Modified: Wed, 20 May 2009 16:28:16 GMT
Server: nginx/1.8.0
ETag: "4a142fa0-34"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 52

GET
H/1.1 200
OK footer-diamonds-white.jpg
gems.su/images/ 7 KB
7 KB 79ms
79ms Image
image/jpeg 46.36.218.48
PAGM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gems.su/images/footer-diamonds-white.jpg
Requested by: Host: gems.su
URL: http://gems.su/style.css
Protocol: HTTP/1.1
Server: 46.36.218.48 Jõhvi, Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS: istorya.ru
Software: nginx/1.8.0 /
Resource Hash: 489e6da8392d2c4713f222df682ec83fc647d59330d2b5fa6709876bd50477d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gems.su/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

Date: Wed, 17 Jan 2024 01:12:01 GMT
Last-Modified: Wed, 20 May 2009 16:30:39 GMT
Server: nginx/1.8.0
ETag: "4a14302f-1ced"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7405

GET
H/1.1 200
OK footer-diamonds-black.jpg
gems.su/images/ 17 KB
17 KB 81ms
81ms Image
image/jpeg 46.36.218.48
PAGM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gems.su/images/footer-diamonds-black.jpg
Requested by: Host: gems.su
URL: http://gems.su/style.css
Protocol: HTTP/1.1
Server: 46.36.218.48 Jõhvi, Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS: istorya.ru
Software: nginx/1.8.0 /
Resource Hash: 064f405444175ecd797130f23c16954db72e4a617c81a77c5b5da0bd2b71a614

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gems.su/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

Date: Wed, 17 Jan 2024 01:12:01 GMT
Last-Modified: Wed, 20 May 2009 16:30:34 GMT
Server: nginx/1.8.0
ETag: "4a14302a-42ca"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17098

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401100101/ 401 KB
136 KB 97ms
96ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401100101/show_ads_impl_with_ama_fy2021.js?client=pub-2121045720920046&plah=gems.su&bust=31080430

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dfec54edf0382239def011e9e228ad3c0fbfc70f69ea31fac44aeae83fec271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gems.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:12:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139277
x-xss-protection: 0
server: cafe
etag: 4320682619892278313
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 17 Jan 2024 01:12:01 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240111/r20190131/ Frame 7979 9 KB
4 KB 115ms
35ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240111/r20190131/zrt_lookup_fy2021.html?hello=world

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://gems.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 23498
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 18:40:23 GMT
etag: 9219409622527106327
expires: Tue, 30 Jan 2024 18:40:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 500
Internal Server Error t.php
mixmarket.biz/ 0
0 274ms
139ms Image
text/html 142.44.227.16
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://mixmarket.biz/t.php?id=3540244&r=&t=1705453921681
Requested by: Host: gems.su
URL: http://gems.su/
Protocol: HTTP/1.1
Server: 142.44.227.16 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ip16.ip-142-44-227.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gems.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E2EE 36 KB
15 KB 140ms
139ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2121045720920046&output=html&h=90&slotname=8368764609&adk=49913715&adf=854766408&pi=t.ma~as.8368764609&w=728&lmt=1705453921&url=http%3A%2F%2Fgems.su%2F&wgl=1&dt=1705453921294&bpp=230&bdt=106&idt=420&shv=r20240116&mjsv=m202401100101&ptt=5&saldr=sd&abxe=1&correlator=7081970599755&frm=20&pv=2&ga_vid=328600650.1705453922&ga_sid=1705453922&ga_hid=1802141498&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079965%2C44809003%2C31080430%2C95320889%2C95321627%2C95322164%2C31080354&oid=2&pvsid=1749250452719648&tmod=2023230392&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=427

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401100101/show_ads_impl_with_ama_fy2021.js?client=pub-2121045720920046&plah=gems.su&bust=31080430

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

31b587bac15a3625d4b860823f6518aaf0693b4581af1b3944d2f420c54452f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://gems.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 14823
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 17 Jan 2024 01:12:01 GMT
expires: Wed, 17 Jan 2024 01:12:01 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B12B 709 B
545 B 136ms
136ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2121045720920046&output=html&h=60&slotname=3164758654&adk=3440193766&adf=3141960068&pi=t.ma~as.3164758654&w=468&lmt=1705453921&url=http%3A%2F%2Fgems.su%2F&wgl=1&dt=1705453921297&bpp=227&bdt=109&idt=427&shv=r20240116&mjsv=m202401100101&ptt=5&saldr=sd&abxe=1&prev_slotnames=8368764609&correlator=7081970599755&frm=20&pv=1&ga_vid=328600650.1705453922&ga_sid=1705453922&ga_hid=1802141498&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=457&ady=2565&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079965%2C44809003%2C31080430%2C95320889%2C95321627%2C95322164%2C31080354&oid=2&pvsid=1749250452719648&tmod=2023230392&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=429

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42e6fab67ec64f8f50176f6ab0333eb3f22766e444366077800f651a9434f80f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://gems.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 353
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 17 Jan 2024 01:12:01 GMT
expires: Wed, 17 Jan 2024 01:12:01 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 98F5 0
188 B 108ms
107ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2121045720920046&output=html&adk=1812271804&adf=3025194257&lmt=1705453921&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x1080_l%7C404x1080_r&format=0x0&url=http%3A%2F%2Fgems.su%2F&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=0.8&dt=1705453921682&bpp=1&bdt=493&idt=45&shv=r20240116&mjsv=m202401100101&ptt=9&saldr=aa&abxe=1&prev_slotnames=8368764609%2C3164758654&nras=1&correlator=7081970599755&frm=20&pv=1&ga_vid=328600650.1705453922&ga_sid=1705453922&ga_hid=1802141498&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079965%2C44809003%2C31080430%2C95320889%2C95321627%2C95322164&oid=2&pvsid=1749250452719648&tmod=2023230392&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=50

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://gems.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 17 Jan 2024 01:12:01 GMT
expires: Wed, 17 Jan 2024 01:12:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 2110 170 KB
52 KB 228ms
115ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZacpYQALlkkHg61DAAyHhbApmOmUDQRh66jxbg&u=%7C2PJRwO4eIHyF%2FoCpZ%2F5xF8kiJClaKDnF7mlKGrV5Pdo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi61yeCiYOBHBQDe-nW9DrHEH9QzEthiJpAZ-HBvtzWbpsXphT2DPJyRu5__PBztjOv61lSdTDktvZYOzLTZJ77E_wlQAuTfbxu6r-WCeQPLMPYVxmD9j2bI668lFtWU8T7I7GPxShcCWp1SmDLmrcPUebN8N9M48ORTWZQiBhUT__CnytylO647hACg50Ke1wYIcEU_-P5kJn7qBNkZbsYV2l9nziZn5xtqFT-ndYJp7laLm7LWRrjW0lx5D0Uqq0FSUXt7WAynVEZ6wkBk_7P-YV85ztEo2xmwH7tMCGhrWBU4Lp15H0AhtxmfmcyzN-yEbx2Xdrzpgy8Thxa4UKlq8ztXS4-urhiHeKK3RyRfKtSx40jOnWyyITiKhYS_zlyZ6FtpYubuXN0QZtkeCsBFCZqQ4ceWmg0fDGW_OADkk-9rilWqD2JCEOjLE8v-lQhsn5rnBJRTzQ8nt1iJ9uB9sHIZe7t1FP04R6LADeiSsuRVuNDG8OjDV32Zdjzuti1Q52h0dE_nL2i-v4Z69i3T-7RudDjNoJUOQu6EXav5jQoD4QP7NdYPuoxkA0E3G4R0HAbRWye9K0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMcInYSmnZcmsLsPajuwPhY-yuAfJntKxXNWdkfdwwI23ARABIABglYKAgLAHggEXY2EtcHViLTIxMjEwNDU3MjA5MjAwNDbIAQmpArMX2jC6PrI-qAMByAMCqgTdAU_Q4Ysw1OBsQbhTRLVQjXz4ITEW7RmhkMVQCDgVsrGygvBwFxuWMuh3Dw3xa7mO_cjYtYFGHqaSJ37gKjgRVtxJXKPj2uklBdoodJ9dYBfOECXhJDcbE5eL8N2N6i0-COZrfzonCWv6aiPRQqVJA1sFLyQG2F_uA_mgdN_0QyGoYiaSyClXAuUK9i5KtWwHEmiYixAkplQaDKYCkyqDYCmNYVfGr1rsfryij4in2ZNxgVV9Mogk3kf6E8HorgzzOoZVLweCF-7NoQh4MLzpe_max-91oduStcRwXotegAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYjce_-Z7jgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_32ncHXYH6khM67CpCWJtBZRtIhaA%26client%3Dca-pub-2121045720920046%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2121045720920046&output=html&h=90&slotname=8368764609&adk=49913715&adf=854766408&pi=t.ma~as.8368764609&w=728&lmt=1705453921&url=http%3A%2F%2Fgems.su%2F&wgl=1&dt=1705453921294&bpp=230&bdt=106&idt=420&shv=r20240116&mjsv=m202401100101&ptt=5&saldr=sd&abxe=1&correlator=7081970599755&frm=20&pv=2&ga_vid=328600650.1705453922&ga_sid=1705453922&ga_hid=1802141498&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079965%2C44809003%2C31080430%2C95320889%2C95321627%2C95322164%2C31080354&oid=2&pvsid=1749250452719648&tmod=2023230392&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=427

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d2344f7df0934fede7f231c6b2f8db164f649282ac604f610492ead1f7b9642c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 17 Jan 2024 01:12:01 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=KaqGiUgCPI45id--DfX2OTTI-RF4YQLS-OiREl_o0frWuPFuPz_v1N-GX6akuZDDP70Szy8fw4_gv1rWxRhCac1grTBgOXCPhTRzX4InuV1lhzDGuTNVTi9570yuWUWe3W2eKmIcfps-aEg-S00lSZChjjKexqPPothcKDpEmoSFyPRND5smYVe8UMkDR6Gw-A6DIccVmLTmdhX5sGbHFLb25PFmp2kw-PldvbKh8MGhF6OwYcDqTsgxrJkmJqShx0uPhg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 50940918
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240116/r20110914/client/ Frame E2EE 3 KB
1 KB 116ms
38ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240116/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 15:04:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36438
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Jan 2024 15:04:43 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240116/r20110914/client/ Frame E2EE 20 KB
9 KB 111ms
33ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240116/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 15:00:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36701
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Jan 2024 15:00:20 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame E2EE 205 KB
65 KB 150ms
70ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Jan 2024 01:12:02 GMT

GET
DATA 200
OK truncated
/ Frame E2EE 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ccb65c3483853b505823f99d33cec4444e21f9995bb949864ee126819af1e32

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 2110 2 KB
1 KB 164ms
51ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZacpYQALlkkHg61DAAyHhbApmOmUDQRh66jxbg&u=%7C2PJRwO4eIHyF%2FoCpZ%2F5xF8kiJClaKDnF7mlKGrV5Pdo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi61yeCiYOBHBQDe-nW9DrHEH9QzEthiJpAZ-HBvtzWbpsXphT2DPJyRu5__PBztjOv61lSdTDktvZYOzLTZJ77E_wlQAuTfbxu6r-WCeQPLMPYVxmD9j2bI668lFtWU8T7I7GPxShcCWp1SmDLmrcPUebN8N9M48ORTWZQiBhUT__CnytylO647hACg50Ke1wYIcEU_-P5kJn7qBNkZbsYV2l9nziZn5xtqFT-ndYJp7laLm7LWRrjW0lx5D0Uqq0FSUXt7WAynVEZ6wkBk_7P-YV85ztEo2xmwH7tMCGhrWBU4Lp15H0AhtxmfmcyzN-yEbx2Xdrzpgy8Thxa4UKlq8ztXS4-urhiHeKK3RyRfKtSx40jOnWyyITiKhYS_zlyZ6FtpYubuXN0QZtkeCsBFCZqQ4ceWmg0fDGW_OADkk-9rilWqD2JCEOjLE8v-lQhsn5rnBJRTzQ8nt1iJ9uB9sHIZe7t1FP04R6LADeiSsuRVuNDG8OjDV32Zdjzuti1Q52h0dE_nL2i-v4Z69i3T-7RudDjNoJUOQu6EXav5jQoD4QP7NdYPuoxkA0E3G4R0HAbRWye9K0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMcInYSmnZcmsLsPajuwPhY-yuAfJntKxXNWdkfdwwI23ARABIABglYKAgLAHggEXY2EtcHViLTIxMjEwNDU3MjA5MjAwNDbIAQmpArMX2jC6PrI-qAMByAMCqgTdAU_Q4Ysw1OBsQbhTRLVQjXz4ITEW7RmhkMVQCDgVsrGygvBwFxuWMuh3Dw3xa7mO_cjYtYFGHqaSJ37gKjgRVtxJXKPj2uklBdoodJ9dYBfOECXhJDcbE5eL8N2N6i0-COZrfzonCWv6aiPRQqVJA1sFLyQG2F_uA_mgdN_0QyGoYiaSyClXAuUK9i5KtWwHEmiYixAkplQaDKYCkyqDYCmNYVfGr1rsfryij4in2ZNxgVV9Mogk3kf6E8HorgzzOoZVLweCF-7NoQh4MLzpe_max-91oduStcRwXotegAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYjce_-Z7jgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_32ncHXYH6khM67CpCWJtBZRtIhaA%26client%3Dca-pub-2121045720920046%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:12:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 11 Jan 2025 01:12:02 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 2110 2 KB
1 KB 163ms
49ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:12:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 11 Jan 2025 01:12:02 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 2110 308 B
636 B 161ms
48ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:12:02 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 11 Jan 2025 01:12:02 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 2110 293 B
622 B 159ms
47ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:12:02 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 11 Jan 2025 01:12:02 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 2110 43 B
348 B 193ms
52ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=V0kKD6Gf2y-U-RQcR6vvHJ-mroqszZNPat4dAwuk-3fJ5UZ2z8g3S_JdDUQc3GIkAtUYvjNUIsIjUMIeTb3VTRGPP2JW6GkMUGrwWHfFHfAgb-63TluclNr2w38IGRk6lLhDICYhsL49okjhf74FLsPUl2Amgp7G2IKZ4_ybqsYldgARiZSSgEvZ0STsJej6Itp3QvAVb3PYoJB-RL0Tnjv0kMVEEZFZFv9zbF6HKCvlSvwnInf9EWBv2-Y33Uiyc8l4R7hSIH3PSG0LiCwPdHnQH2_79A47mNTMbML_jg4o4wTH0_-rr4sfPD_sbiblzSMHUU86s56Li8hYA2XcrwS00by8c3o2KwOXSaAlyzrJp6XtlBafZEHv2P2grvXFgLKFaG888gHC4sMlC90lOKlEOHnWH7yTWtFqZF2_20tTjDOn

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Jan 2024 01:12:02 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1915691
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 2110 12 KB
6 KB 161ms
95ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:12:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 11 Jan 2025 01:12:02 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 2110 13 KB
14 KB 263ms
159ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=176&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F105623%2F5022139%2F2ad0250af6b64105b12172cc0682064c_eu_oveckarna_vertikalni_hneda.png&v=3&w=412&rid=4&s=4XmDzDhTj_Xt41SoTFfmZS1p

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6cbe8afbaa101f41446ac5bfc341a559d315cab38a0e88e04fd82a10404f8917

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:12:01 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 13661
expires: Mon, 06 Jan 2025 04:52:51 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 2110 10 KB
10 KB 159ms
54ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F6%2F8236_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=P5mhH5gFjmG1_jQYQfekpmb0&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4d89f06919f428c48f0de6d99a23b7ade372a85697474d91f97e08c5cd44b4a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:12:01 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 10070
expires: Fri, 02 Feb 2024 12:26:32 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 2110 20 KB
21 KB 233ms
129ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F9%2F7589_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=QvWAiJw45SA2Nxl5GvGoazQu&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

631ef40533993f8b4aad96351b89da51af46cb360957a7495ccf2616918f64ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:12:01 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 20960
expires: Fri, 02 Feb 2024 13:03:08 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 2110 15 KB
15 KB 216ms
112ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F1%2F11461_102.jpg%3F1637921114_2&v=3&w=800&rid=4&s=nK4TKOFBzfHIIkA2nAKvp5i6&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ee87e6547702fb6ef8a6f9d5ef54c46594c7481654f383a9ba9c17867932172c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:12:02 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 15494
expires: Sat, 03 Feb 2024 04:35:54 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 2110 0
128 B 150ms
47ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=KaqGiUgCPI45id--DfX2OTTI-RF4YQLS-OiREl_o0frWuPFuPz_v1N-GX6akuZDDP70Szy8fw4_gv1rWxRhCac1grTBgOXCPhTRzX4InuV1lhzDGuTNVTi9570yuWUWe3W2eKmIcfps-aEg-S00lSZChjjKexqPPothcKDpEmoSFyPRND5smYVe8UMkDR6Gw-A6DIccVmLTmdhX5sGbHFLb25PFmp2kw-PldvbKh8MGhF6OwYcDqTsgxrJkmJqShx0uPhg&sds=2&rev=90178&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 17 Jan 2024 01:12:02 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 2110 2 KB
1 KB 99ms
52ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:12:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 11 Jan 2025 01:12:02 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 2110 2 KB
1 KB 48ms
47ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:12:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 11 Jan 2025 01:12:02 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 2110 10 KB
10 KB 113ms
112ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4d89f06919f428c48f0de6d99a23b7ade372a85697474d91f97e08c5cd44b4a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:12:02 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 10070
expires: Fri, 02 Feb 2024 12:26:32 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 2110 15 KB
15 KB 70ms
69ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ee87e6547702fb6ef8a6f9d5ef54c46594c7481654f383a9ba9c17867932172c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:12:01 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 15494
expires: Sat, 03 Feb 2024 04:35:54 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 2110 20 KB
21 KB 56ms
56ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

631ef40533993f8b4aad96351b89da51af46cb360957a7495ccf2616918f64ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:12:02 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 20960
expires: Fri, 02 Feb 2024 13:03:08 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 2110 13 KB
14 KB 54ms
54ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6cbe8afbaa101f41446ac5bfc341a559d315cab38a0e88e04fd82a10404f8917

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:12:02 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 13661
expires: Mon, 06 Jan 2025 04:52:51 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E2EE 0
23 B 83ms
83ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CXuVCYSmnZcmsLsPajuwPhY-yuAfJntKxXNWdkfdwwI23ARABIABglYKAgLAHggEXY2EtcHViLTIxMjEwNDU3MjA5MjAwNDbIAQmpArMX2jC6PrI-qAMByAMCqgTaAU_Q4Ysw1OBsQbhTRLVQjXz4ITEW7RmhkMVQCDgVsrGygvBwFxuWMuh3Dw3xa7mO_cjYtYFGHqaSJ37gKjgRVtxJXKPj2uklBdoodJ9dYBfOECXhJDcbE5eL8N2N6i0-COZrfzonCWv6aiPRQqVJA1sFLyQG2F_uA_mgdN_0QyGoYiaSyClXAuUK9i5KtWwHEmiYixAkplQaDKYCkyqDYCmNYVfGr1rsfryij4in2ZNxgVV9Msom_9V6gBHVCNzU4Ap1xqOMMOR7qyZgsgghRl9oePFZuUNYIeSZgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYjce_-Z7jgwOACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMjEyMTA0NTcyMDkyMDA0NhgA&sigh=YmsiwZwEjOM&uach_m=%5BUACH%5D&cid=CAQSTwAvHhf_iEY9vqs_nhXMRgCT3TBiaAasKdjTd2P2iV4aF3sgT3ZPfhFUsxg3jPnrEvk2GBjaOfNA3S2I9_cmOzyAMiylmW7_rqlHbCkDDEAYAQ&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2121045720920046&output=html&h=90&slotname=8368764609&adk=49913715&adf=854766408&pi=t.ma~as.8368764609&w=728&lmt=1705453921&url=http%3A%2F%2Fgems.su%2F&wgl=1&dt=1705453921294&bpp=230&bdt=106&idt=420&shv=r20240116&mjsv=m202401100101&ptt=5&saldr=sd&abxe=1&correlator=7081970599755&frm=20&pv=2&ga_vid=328600650.1705453922&ga_sid=1705453922&ga_hid=1802141498&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079965%2C44809003%2C31080430%2C95320889%2C95321627%2C95322164%2C31080354&oid=2&pvsid=1749250452719648&tmod=2023230392&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=427
User-Agent: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 17 Jan 2024 01:12:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 17 Jan 2024 01:12:02 GMT

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame E2EE 0
126 B 167ms
50ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kI7EGN6BMNgFWp2DYgICAAAA4dSsgAkiOhQQYCmnZawOjbijDkyWnG8AABIAAAoKQVFVRER3RUJEdw&wp=ZacpYQALlkkHg61DAAyHhbApmOmUDQRh66jxbg&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:12:02 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 126527
server: Kestrel
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E2EE 42 B
64 B 137ms
68ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstjZ762WwinBe3q3vzhNEGWJyImWK1E6hZq5PVf_lV63mTGiOBr4kxfBfyk1mgPdnQFjkmSLaqASO2mnhTjUJP6czYYX9YnxN4SHd5TDODiUFykIUVg&sig=Cg0ArKJSzJ_A3fWSvvkAEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=49913715&rs=2&la=0&cr=0&vs=4&r=v&rst=1705453921723&rpt=414&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Jan 2024 01:12:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 2110 0
127 B 46ms
46ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 17 Jan 2024 01:12:02 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: box.nativevideo.ru
URL: http://box.nativevideo.ru/preview/GetWidgetJS?siteId=82d567af-7352-4da3-b3e9-7411d079ca4f&Count=4&View=responsive&tags=%E4%F0%E0%E3%EE%F6%E5%ED%ED%FB%E5%20%EA%E0%EC%ED%E8,%FE%E2%E5%EB%E8%F0%ED%FB%E5%20%E8%E7%E4%E5%EB%E8%DF,%FE%E2%E5%EB%E8%F0%ED%EE%E5%20%E4%E5%EB%EE,%E7%EE%EB%EE%F2%EE,%EF%EB%E0%F2%E8%ED%E0,%F1%E5%F0%E5%E1%EE%F0

Verdicts & Comments Add Verdict or Comment

171 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.yadro.ru/	1970-01-21 02:29:34	Name: FTID Value: 1bfobX3PsNej1bfobX001OSC
.yadro.ru/	1970-01-21 02:29:34	Name: VID Value: 3qFv8q1uXy8j1bfobX001OSj
.gems.su/	1970-01-21 03:05:49	Name: __gads Value: ID=779461cade593499:T=1705453921:RT=1705453921:S=ALNI_MaY5AAuqCGYUXY1mrSZpBUXqFQcFg
.gems.su/	1970-01-21 03:05:49	Name: __gpi Value: UID=00000d42c246e31f:T=1705453921:RT=1705453921:S=ALNI_MbM7CEbJSCIDl4ld-OuwNDmF8rGGw
.doubleclick.net/	1970-01-21 03:05:49	Name: IDE Value: AHWqTUklXV9eMUrG4OmiORanuTnwiuK-0cyV66d7z1BHWg7x5pPTDD0kJBuvB3urLug

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://gems.su/(Line 197) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://mixmarket.biz/show/4294949045/&div=mixkt_4294949045&r=&rnd=84892, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://gems.su/(Line 197) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://mixmarket.biz/show/4294949045/&div=mixkt_4294949045&r=&rnd=84892, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: http://mixmarket.biz/show/4294949045/&div=mixkt_4294949045&r=&rnd=84892 Message: Failed to load resource: the server responded with a status of 500 (Internal Server Error)
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2121045720920046&output=html&h=90&slotname=8368764609&adk=49913715&adf=854766408&pi=t.ma~as.8368764609&w=728&lmt=1705453921&url=http%3A%2F%2Fgems.su%2F&wgl=1&dt=1705453921294&bpp=230&bdt=106&idt=420&shv=r20240116&mjsv=m202401100101&ptt=5&saldr=sd&abxe=1&correlator=7081970599755&frm=20&pv=2&ga_vid=328600650.1705453922&ga_sid=1705453922&ga_hid=1802141498&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079965%2C44809003%2C31080430%2C95320889%2C95321627%2C95322164%2C31080354&oid=2&pvsid=1749250452719648&tmod=2023230392&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=427 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
network	error	URL: http://mixmarket.biz/t.php?id=3540244&r=&t=1705453921681 Message: Failed to load resource: the server responded with a status of 500 (Internal Server Error)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
box.nativevideo.ru
cat.nl3.eu.criteo.com
counter.yadro.ru
csm.eu.criteo.net
gems.su
googleads.g.doubleclick.net
imageproxy.eu.criteo.net
mixmarket.biz
pagead2.googlesyndication.com
rtb.fr3.eu.criteo.com
static.criteo.net
subscribe.ru
tpc.googlesyndication.com
www.googletagservices.com
box.nativevideo.ru
142.44.227.16
178.250.1.6
2a00:1450:4001:802::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:811::2002
2a00:1450:4001:830::2002
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:d::c
45.143.84.231
46.36.218.48
88.212.201.198
88.212.202.52
064f405444175ecd797130f23c16954db72e4a617c81a77c5b5da0bd2b71a614
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
101bb78b7f82b5e22b378b4f5bf502a921f53d91fcde90ea62ae2db3d92bd65f
1a26a27a948d41f5e7942cbbd603d4cd74282ef8eadd684a81a38a8926a89d08
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b587bac15a3625d4b860823f6518aaf0693b4581af1b3944d2f420c54452f8
3348b75af4ce88bfffc6b9edbcdd78e042a062c9679aaf6704c8367951692847
42e6fab67ec64f8f50176f6ab0333eb3f22766e444366077800f651a9434f80f
489e6da8392d2c4713f222df682ec83fc647d59330d2b5fa6709876bd50477d7
4d89f06919f428c48f0de6d99a23b7ade372a85697474d91f97e08c5cd44b4a0
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
631ef40533993f8b4aad96351b89da51af46cb360957a7495ccf2616918f64ac
672644308e47839992be84d1322b14abc02e5bea3a7f315d179cb180b337daaf
6cbe8afbaa101f41446ac5bfc341a559d315cab38a0e88e04fd82a10404f8917
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
827813ffec57d127ddd57e6fe8d707dbe7f9bb3d0469bf8547da4f170c527deb
89fa72bcb46cba5949b7292c86893e5623eb69f36e0d5874b6ff05d94d3e0e1d
8ccb65c3483853b505823f99d33cec4444e21f9995bb949864ee126819af1e32
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f5b505da7e9a0a569c694d165ad7a5543c28fc38de9540ba2a5899a0f9565a6
9426d3d09ece69b032ec1be456750f952bb17a4cb7b23b13fb2bfe8180c698bd
9dfec54edf0382239def011e9e228ad3c0fbfc70f69ea31fac44aeae83fec271
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1547fbb1dd23847bc05dd6bd911c7151cbed2219c332b980ed0b6a900efb35d
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
c67b132317b70f666aca179f857834afbef8612404504022d0c23b8efb497853
d2344f7df0934fede7f231c6b2f8db164f649282ac604f610492ead1f7b9642c
d385878fae6d9a16620ee1cfc3ff07d1c8687aaa5cbead3dafa3c17347476099
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d65709c2ff9a8a28234ec9e6681452129e69389265f02d8f3ea25923620caea7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
ee87e6547702fb6ef8a6f9d5ef54c46594c7481654f383a9ba9c17867932172c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f8ac5b76c880e35d75a77b0b1ddf0e5d52af2cb753d8345f428927ec1b722bf8

gems.su Open in urlscan Pro 46.36.218.48 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

49 Requests

63 %HTTPS

60 %IPv6

10 Domains

15 Subdomains

15 IPs

5 Countries

635 kBTransfer

1320 kBSize

5 Cookies

3 Outgoing links

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

gems.su Open in urlscan Pro
46.36.218.48 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

63 %
HTTPS

60 %
IPv6

10
Domains

15
Subdomains

15
IPs

5
Countries

635 kB
Transfer

1320 kB
Size

5
Cookies

49 HTTP transactions
1 data transactions