urlscan.io logo urlscan.io
SecurityTrails logo

adservice.google.com Open in urlscan Pro
2a00:1450:4001:809::2002  Public Scan

Go To Rescan Add Verdict Report
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CO-Oz7_ooO8CFQ0qGwodK9MDFg;src=9309168;type=learn0;cat=cloud002;ord=99888463776...
Submission: On March 08 via api from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 6 domains to perform 9 HTTP transactions. The main IP is 2a00:1450:4001:809::2002, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is adservice.google.com.
TLS certificate: Issued by GTS CA 1O1 on February 17th 2021. Valid for: 3 months.
This is the only time adservice.google.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.166 15169 (GOOGLE)
2 142.250.186.162 15169 (GOOGLE)
1 2a02:2638::3 44788 (ASN-CRITE...)
1 1 178.250.2.151 44788 (ASN-CRITE...)
1 74.119.119.150 19750 (AS-CRITEO)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 178.250.0.157 44788 (ASN-CRITE...)
9 8
2    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
googleads.g.doubleclick.net
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    142.250.186.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net
9309168.fls.doubleclick.net
2    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
www.googleadservices.com
1    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
sslwidget.criteo.com
1    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
widget.us.criteo.com
2    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
Domain Requested by
2 gum.criteo.com 1 redirects static.criteo.net
2 www.googleadservices.com 9309168.fls.doubleclick.net
www.googleadservices.com
1 mug.criteo.com 9309168.fls.doubleclick.net
1 www.google.de 9309168.fls.doubleclick.net
1 www.google.com 1 redirects
1 googleads.g.doubleclick.net 1 redirects
1 widget.us.criteo.com 9309168.fls.doubleclick.net
1 sslwidget.criteo.com 1 redirects
1 static.criteo.net 9309168.fls.doubleclick.net
1 9309168.fls.doubleclick.net adservice.google.com
1 adservice.google.de 1 redirects
1 adservice.google.com
9 12

This site contains no links.

Subject Issuer Validity Valid
*.google.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.doubleclick.net
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
www.googleadservices.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-01-30 -
2021-04-28		 3 months crt.sh
*.googleadservices.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.us.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-01-11 -
2021-04-10		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-01-30 -
2021-04-28		 3 months crt.sh
www.google.de
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://adservice.google.com/ddm/fls/i/dc_pre=CO-Oz7_ooO8CFQ0qGwodK9MDFg;src=9309168;type=learn0;cat=cloud002;ord=9988846377696;gtm=2wg2o0;auiddc=1104112221.1615243031;~oref=https%3A%2F%2Fwww.cloudflare.com%2F
Frame ID: 2167F6848821AC22291B04E4710C81DA
Requests: 1 HTTP requests in this frame

Frame: https://9309168.fls.doubleclick.net/ddm/fls/r/dc_pre=CO-Oz7_ooO8CFQ0qGwodK9MDFg;src=9309168;type=learn0;cat=cloud002;ord=9988846377696;gtm=2wg2o0;auiddc=1104112221.1615243031;~oref=https%3A%2F%2Fwww.cloudflare.com%2F
Frame ID: 89C364B9802CC9CDC8D37CD3F62667E4
Requests: 6 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=adservice.google.com
Frame ID: 0A4FBD97307B8B5CEA3CC1B7316CCEA9
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

9
Requests

100 %
HTTPS

55 %
IPv6

6
Domains

12
Subdomains

8
IPs

3
Countries

38 kB
Transfer

92 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://adservice.google.de/ddm/fls/i/dc_pre=CO-Oz7_ooO8CFQ0qGwodK9MDFg;src=9309168;type=learn0;cat=cloud002;ord=9988846377696;gtm=2wg2o0;auiddc=1104112221.1615243031;~oref=https%3A%2F%2Fwww.cloudflare.com%2F HTTP 302
  • https://9309168.fls.doubleclick.net/ddm/fls/r/dc_pre=CO-Oz7_ooO8CFQ0qGwodK9MDFg;src=9309168;type=learn0;cat=cloud002;ord=9988846377696;gtm=2wg2o0;auiddc=1104112221.1615243031;~oref=https%3A%2F%2Fwww.cloudflare.com%2F
Request Chain 4
  • https://sslwidget.criteo.com/event?a=65785&v=5.6.2&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fadservice.google.com&p1=e%3Dvh&p2=e%3Ddis&adce=1&tld=9309168.fls.doubleclick.net&dtycbr=50858 HTTP 302
  • https://widget.us.criteo.com/event?a=65785&v=5.6.2&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fadservice.google.com&p1=e%3Dvh&p2=e%3Ddis&adce=1&tld=9309168.fls.doubleclick.net&dtycbr=50858
Request Chain 6
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/629049740/?random=1270479382&cv=9&fst=1615210852872&num=1&npa=1&label=aeRTCNHL-uABEIyT-qsC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9309168.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCO-Oz7_ooO8CFQ0qGwodK9MDFg%3Bsrc%3D9309168%3Btype%3Dlearn0%3Bcat%3Dcloud002%3Bord%3D9988846377696%3Bgtm%3D2wg2o0%3Bauiddc%3D1104112221.1615243031%3B~oref%3Dhttps%253A%252F%252Fwww.cloudflare.com%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=ZClGYJ3cONjz-gbT2qaICQ&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-conversion/629049740/?random=1270479382&cv=9&fst=1615210852872&num=1&npa=1&label=aeRTCNHL-uABEIyT-qsC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9309168.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCO-Oz7_ooO8CFQ0qGwodK9MDFg%3Bsrc%3D9309168%3Btype%3Dlearn0%3Bcat%3Dcloud002%3Bord%3D9988846377696%3Bgtm%3D2wg2o0%3Bauiddc%3D1104112221.1615243031%3B~oref%3Dhttps%253A%252F%252Fwww.cloudflare.com%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=ZClGYJ3cONjz-gbT2qaICQ&cid=CAQSKQCNIrLMhX_ItVO5blJEJmChnxpGsfNu5b0y2st-Tb1PIBEQ9U-veaXl&random=4170097864&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/629049740/?random=1270479382&cv=9&fst=1615210852872&num=1&npa=1&label=aeRTCNHL-uABEIyT-qsC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9309168.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCO-Oz7_ooO8CFQ0qGwodK9MDFg%3Bsrc%3D9309168%3Btype%3Dlearn0%3Bcat%3Dcloud002%3Bord%3D9988846377696%3Bgtm%3D2wg2o0%3Bauiddc%3D1104112221.1615243031%3B~oref%3Dhttps%253A%252F%252Fwww.cloudflare.com%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=ZClGYJ3cONjz-gbT2qaICQ&cid=CAQSKQCNIrLMhX_ItVO5blJEJmChnxpGsfNu5b0y2st-Tb1PIBEQ9U-veaXl&random=4170097864&resp=GooglemKTybQhCsO&ipr=y
Request Chain 7
  • https://gum.criteo.com/sid/json?origin=onetag&domain=9309168.fls.doubleclick.net&sn=ChromeSyncframe&so=0&topUrl=adservice.google.com&cw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=nKR7zXxqQkpTVWtQVUh5VVVjNzYwVGJnczZxTTdhMTQ0SHk0cjFjMXdIdTh3VERTVnZGcEFuSlA0T09oSjR4K1BPK2d2OGtXcE9tOS9vY2FQbEFIaGhSaTd4UW95ZW8zNUZISTIzTHlmWWFHZVRMNGFtSHZoT2ZWMDRCakZFelhMOEw0TEF6ZmpSMEdKalhqZE8xOXRPMU90eG9QOTZkSFljYWVSVFVhNzJYRVkwZ1JpQ3p2UnArc1cyYUp3WUVpV2VDb3A4UlQ1dW5WaWJndUpZMGhRTE9BNXFFNGFmZDdmWCtUM3hnMEhXOWtLSVBpS05iNW5meXNIM1gwcTdTeDVNQ1ZxdDlCV3BVenpVejQ3OTNkQTFTR1IwWHJtTk1HRVBIZHZXczA4aXE3T3JJUT18&cppv=2

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request dc_pre=CO-Oz7_ooO8CFQ0qGwodK9MDFg;src=9309168;type=learn0;cat=cloud002;ord=9988846377696;gtm=2wg2o0;auiddc=1104112221.1615243031;~oref=https%3A%2F%2Fwww.cloudflare.com%2F
adservice.google.com/ddm/fls/i/ 		484 B
454 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CO-Oz7_ooO8CFQ0qGwodK9MDFg;src=9309168;type=learn0;cat=cloud002;ord=9988846377696;gtm=2wg2o0;auiddc=1104112221.1615243031;~oref=https%3A%2F%2Fwww.cloudflare.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1c38dbd33118e1e01ae6d22335b382a28b6ff14fa0743b228ca2da709f6a81cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
adservice.google.com
:scheme
https
:path
/ddm/fls/i/dc_pre=CO-Oz7_ooO8CFQ0qGwodK9MDFg;src=9309168;type=learn0;cat=cloud002;ord=9988846377696;gtm=2wg2o0;auiddc=1104112221.1615243031;~oref=https%3A%2F%2Fwww.cloudflare.com%2F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Mon, 08 Mar 2021 13:40:52 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
384
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
dc_pre=CO-Oz7_ooO8CFQ0qGwodK9MDFg;src=9309168;type=learn0;cat=cloud002;ord=9988846377696;gtm=2wg2o0;auiddc=1104112221.1615243031;~oref=https%3A%2F%2Fwww.cloudflare.com%2F
9309168.fls.doubleclick.net/ddm/fls/r/ Frame 89C3
Redirect Chain
  • https://adservice.google.de/ddm/fls/i/dc_pre=CO-Oz7_ooO8CFQ0qGwodK9MDFg;src=9309168;type=learn0;cat=cloud002;ord=9988846377696;gtm=2wg2o0;auiddc=1104112221.1615243031;~oref=https%3A%2F%2Fwww.cloudf...
  • https://9309168.fls.doubleclick.net/ddm/fls/r/dc_pre=CO-Oz7_ooO8CFQ0qGwodK9MDFg;src=9309168;type=learn0;cat=cloud002;ord=9988846377696;gtm=2wg2o0;auiddc=1104112221.1615243031;~oref=https%3A%2F%2Fww...
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9309168.fls.doubleclick.net/ddm/fls/r/dc_pre=CO-Oz7_ooO8CFQ0qGwodK9MDFg;src=9309168;type=learn0;cat=cloud002;ord=9988846377696;gtm=2wg2o0;auiddc=1104112221.1615243031;~oref=https%3A%2F%2Fwww.cloudflare.com%2F
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CO-Oz7_ooO8CFQ0qGwodK9MDFg;src=9309168;type=learn0;cat=cloud002;ord=9988846377696;gtm=2wg2o0;auiddc=1104112221.1615243031;~oref=https%3A%2F%2Fwww.cloudflare.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
cf09c3d0f5a927288d49648b9c86330b29eebfaa7d5f2f5b9686af5776559379
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
9309168.fls.doubleclick.net
:scheme
https
:path
/ddm/fls/r/dc_pre=CO-Oz7_ooO8CFQ0qGwodK9MDFg;src=9309168;type=learn0;cat=cloud002;ord=9988846377696;gtm=2wg2o0;auiddc=1104112221.1615243031;~oref=https%3A%2F%2Fwww.cloudflare.com%2F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adservice.google.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adservice.google.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Mon, 08 Mar 2021 13:40:52 GMT
expires
Mon, 08 Mar 2021 13:40:52 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
695
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 08-Mar-2021 13:55:52 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Mon, 08 Mar 2021 13:40:52 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
location
https://9309168.fls.doubleclick.net/ddm/fls/r/dc_pre=CO-Oz7_ooO8CFQ0qGwodK9MDFg;src=9309168;type=learn0;cat=cloud002;ord=9988846377696;gtm=2wg2o0;auiddc=1104112221.1615243031;~oref=https%3A%2F%2Fwww.cloudflare.com%2F
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
conversion.js
www.googleadservices.com/pagead/ Frame 89C3 		40 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: 9309168.fls.doubleclick.net
URL: https://9309168.fls.doubleclick.net/ddm/fls/r/dc_pre=CO-Oz7_ooO8CFQ0qGwodK9MDFg;src=9309168;type=learn0;cat=cloud002;ord=9988846377696;gtm=2wg2o0;auiddc=1104112221.1615243031;~oref=https%3A%2F%2Fwww.cloudflare.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
c490a90e70edad9a18b327427e3d2d4e315d7824d0fecac3787fb4723c00305d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9309168.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 13:40:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15433
x-xss-protection
0
server
cafe
etag
8077337756528662035
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 08 Mar 2021 13:40:52 GMT
ld.js
static.criteo.net/js/ld/ Frame 89C3 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/ld.js
Requested by
Host: 9309168.fls.doubleclick.net
URL: https://9309168.fls.doubleclick.net/ddm/fls/r/dc_pre=CO-Oz7_ooO8CFQ0qGwodK9MDFg;src=9309168;type=learn0;cat=cloud002;ord=9988846377696;gtm=2wg2o0;auiddc=1104112221.1615243031;~oref=https%3A%2F%2Fwww.cloudflare.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0f6204713c11eeb6d7648e3401617e22f8e88f96cd517a538dc018ac2ab7bdf2

Request headers

Referer
https://9309168.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 13:40:52 GMT
content-encoding
gzip
last-modified
Mon, 14 Sep 2020 13:03:43 GMT
server
nginx
etag
W/"5f5f6a2f-90a2"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Tue, 09 Mar 2021 13:40:52 GMT
/
www.googleadservices.com/pagead/conversion/629049740/ Frame 89C3 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/629049740/?random=1615210852872&cv=9&fst=1615210852872&num=1&npa=1&label=aeRTCNHL-uABEIyT-qsC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9309168.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCO-Oz7_ooO8CFQ0qGwodK9MDFg%3Bsrc%3D9309168%3Btype%3Dlearn0%3Bcat%3Dcloud002%3Bord%3D9988846377696%3Bgtm%3D2wg2o0%3Bauiddc%3D1104112221.1615243031%3B~oref%3Dhttps%253A%252F%252Fwww.cloudflare.com%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
bfd88713459dba8d2d00bf6e60ce1e684624512d3e8e408766709154a8a770e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9309168.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 13:40:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1230
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
event
widget.us.criteo.com/ Frame 89C3
Redirect Chain
  • https://sslwidget.criteo.com/event?a=65785&v=5.6.2&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fadservice.google.com&p1=e%3Dvh&p2=e%3Ddis&adce=1&tld=9309168.fls.doubleclick.net&dtycbr=50858
  • https://widget.us.criteo.com/event?a=65785&v=5.6.2&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fadservice.google.com&p1=e%3Dvh&p2=e%3Ddis&adce=1&tld=9309168.fls.doubleclick.net&dtycbr=50858
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.us.criteo.com/event?a=65785&v=5.6.2&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fadservice.google.com&p1=e%3Dvh&p2=e%3Ddis&adce=1&tld=9309168.fls.doubleclick.net&dtycbr=50858
Requested by
Host: 9309168.fls.doubleclick.net
URL: https://9309168.fls.doubleclick.net/ddm/fls/r/dc_pre=CO-Oz7_ooO8CFQ0qGwodK9MDFg;src=9309168;type=learn0;cat=cloud002;ord=9988846377696;gtm=2wg2o0;auiddc=1104112221.1615243031;~oref=https%3A%2F%2Fwww.cloudflare.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1c0e558e16e922c86ada531e382f5f061eb92616874f7380725820b8b4239436

Request headers

Referer
https://9309168.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 13:40:52 GMT
content-encoding
gzip
content-type
application/x-javascript
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control
no-cache
server-processing-duration-in-ticks
18737
timing-allow-origin
*
content-length
864
expires
0

Redirect headers

pragma
no-cache
date
Mon, 08 Mar 2021 13:40:51 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
location
https://widget.us.criteo.com/event?a=65785&v=5.6.2&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fadservice.google.com&p1=e%3Dvh&p2=e%3Ddis&adce=1&tld=9309168.fls.doubleclick.net&dtycbr=50858
cache-control
no-cache
server-processing-duration-in-ticks
2777
timing-allow-origin
*
content-length
0
expires
0
syncframe
gum.criteo.com/ Frame 0A4F 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=adservice.google.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
58da6480fc50a14bd6f73842552e9bfbd623d883c9a81d68b7d27b52d0afe71c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=adservice.google.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://9309168.fls.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://9309168.fls.doubleclick.net/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
strict-transport-security
max-age=31536000
server-processing-duration-in-ticks
1750
date
Mon, 08 Mar 2021 13:40:52 GMT
content-length
4666
/
www.google.de/pagead/1p-conversion/629049740/ Frame 89C3
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/629049740/?random=1270479382&cv=9&fst=1615210852872&num=1&npa=1&label=aeRTCNHL-uABEIyT-qsC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_...
  • https://www.google.com/pagead/1p-conversion/629049740/?random=1270479382&cv=9&fst=1615210852872&num=1&npa=1&label=aeRTCNHL-uABEIyT-qsC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw...
  • https://www.google.de/pagead/1p-conversion/629049740/?random=1270479382&cv=9&fst=1615210852872&num=1&npa=1&label=aeRTCNHL-uABEIyT-qsC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=...
42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/629049740/?random=1270479382&cv=9&fst=1615210852872&num=1&npa=1&label=aeRTCNHL-uABEIyT-qsC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9309168.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCO-Oz7_ooO8CFQ0qGwodK9MDFg%3Bsrc%3D9309168%3Btype%3Dlearn0%3Bcat%3Dcloud002%3Bord%3D9988846377696%3Bgtm%3D2wg2o0%3Bauiddc%3D1104112221.1615243031%3B~oref%3Dhttps%253A%252F%252Fwww.cloudflare.com%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=ZClGYJ3cONjz-gbT2qaICQ&cid=CAQSKQCNIrLMhX_ItVO5blJEJmChnxpGsfNu5b0y2st-Tb1PIBEQ9U-veaXl&random=4170097864&resp=GooglemKTybQhCsO&ipr=y
Requested by
Host: 9309168.fls.doubleclick.net
URL: https://9309168.fls.doubleclick.net/ddm/fls/r/dc_pre=CO-Oz7_ooO8CFQ0qGwodK9MDFg;src=9309168;type=learn0;cat=cloud002;ord=9988846377696;gtm=2wg2o0;auiddc=1104112221.1615243031;~oref=https%3A%2F%2Fwww.cloudflare.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9309168.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 13:40:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 Mar 2021 13:40:52 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-conversion/629049740/?random=1270479382&cv=9&fst=1615210852872&num=1&npa=1&label=aeRTCNHL-uABEIyT-qsC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9309168.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCO-Oz7_ooO8CFQ0qGwodK9MDFg%3Bsrc%3D9309168%3Btype%3Dlearn0%3Bcat%3Dcloud002%3Bord%3D9988846377696%3Bgtm%3D2wg2o0%3Bauiddc%3D1104112221.1615243031%3B~oref%3Dhttps%253A%252F%252Fwww.cloudflare.com%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=ZClGYJ3cONjz-gbT2qaICQ&cid=CAQSKQCNIrLMhX_ItVO5blJEJmChnxpGsfNu5b0y2st-Tb1PIBEQ9U-veaXl&random=4170097864&resp=GooglemKTybQhCsO&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame 0A4F
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=onetag&domain=9309168.fls.doubleclick.net&sn=ChromeSyncframe&so=0&topUrl=adservice.google.com&cw=1
  • https://mug.criteo.com/sid?cpp=nKR7zXxqQkpTVWtQVUh5VVVjNzYwVGJnczZxTTdhMTQ0SHk0cjFjMXdIdTh3VERTVnZGcEFuSlA0T09oSjR4K1BPK2d2OGtXcE9tOS9vY2FQbEFIaGhSaTd4UW95ZW8zNUZISTIzTHlmWWFHZVRMNGFtSHZoT2ZWMDRCak...
450 B
660 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=nKR7zXxqQkpTVWtQVUh5VVVjNzYwVGJnczZxTTdhMTQ0SHk0cjFjMXdIdTh3VERTVnZGcEFuSlA0T09oSjR4K1BPK2d2OGtXcE9tOS9vY2FQbEFIaGhSaTd4UW95ZW8zNUZISTIzTHlmWWFHZVRMNGFtSHZoT2ZWMDRCakZFelhMOEw0TEF6ZmpSMEdKalhqZE8xOXRPMU90eG9QOTZkSFljYWVSVFVhNzJYRVkwZ1JpQ3p2UnArc1cyYUp3WUVpV2VDb3A4UlQ1dW5WaWJndUpZMGhRTE9BNXFFNGFmZDdmWCtUM3hnMEhXOWtLSVBpS05iNW5meXNIM1gwcTdTeDVNQ1ZxdDlCV3BVenpVejQ3OTNkQTFTR1IwWHJtTk1HRVBIZHZXczA4aXE3T3JJUT18&cppv=2
Requested by
Host: 9309168.fls.doubleclick.net
URL: https://9309168.fls.doubleclick.net/ddm/fls/r/dc_pre=CO-Oz7_ooO8CFQ0qGwodK9MDFg;src=9309168;type=learn0;cat=cloud002;ord=9988846377696;gtm=2wg2o0;auiddc=1104112221.1615243031;~oref=https%3A%2F%2Fwww.cloudflare.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
905ca6ba69f56d98edd70831fa5c1e9f4dce26acaa0c479112a45f8f4033d6f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Mon, 08 Mar 2021 13:40:52 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2142
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 08 Mar 2021 13:40:52 GMT
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=nKR7zXxqQkpTVWtQVUh5VVVjNzYwVGJnczZxTTdhMTQ0SHk0cjFjMXdIdTh3VERTVnZGcEFuSlA0T09oSjR4K1BPK2d2OGtXcE9tOS9vY2FQbEFIaGhSaTd4UW95ZW8zNUZISTIzTHlmWWFHZVRMNGFtSHZoT2ZWMDRCakZFelhMOEw0TEF6ZmpSMEdKalhqZE8xOXRPMU90eG9QOTZkSFljYWVSVFVhNzJYRVkwZ1JpQ3p2UnArc1cyYUp3WUVpV2VDb3A4UlQ1dW5WaWJndUpZMGhRTE9BNXFFNGFmZDdmWCtUM3hnMEhXOWtLSVBpS05iNW5meXNIM1gwcTdTeDVNQ1ZxdDlCV3BVenpVejQ3OTNkQTFTR1IwWHJtTk1HRVBIZHZXczA4aXE3T3JJUT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1710
content-length
567
expires
0

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated

2 Cookies

Domain/Path Name / Value
.criteo.com/ Name: uid
Value: 0401d0e5-2eed-4537-8548-829a15656bbf
.doubleclick.net/ Name: IDE
Value: AHWqTUmdVHmSib2-h4FssFF0msuaUKSGvvrbR0uWA1g6ZGE2HeyZ23zwxyECx-g8

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 0