my.germany.ru Open in urlscan Pro
138.201.192.69 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://mangola.strana.de/
Effective URL:
https://my.germany.ru/1356479
Submission: On February 12 via api (February 12th 2023, 6:04:01 pm UTC) from US — Scanned from DE

Summary HTTP 223 Redirects Links 29 Behaviour Indicators

Summary

This website contacted 45 IPs in 10 countries across 37 domains to perform 223 HTTP transactions. The main IP is 138.201.192.69, located in Apeldoorn, Netherlands and belongs to HETZNER-AS, DE. The main domain is my.germany.ru.
TLS certificate: Issued by R3 on January 23rd 2023. Valid for: 3 months.

This is the only time my.germany.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 6	188.40.142.195 188.40.142.195	24940 (HETZNER-AS) (HETZNER-AS)
3 36	138.201.192.69 138.201.192.69	24940 (HETZNER-AS) (HETZNER-AS)
2	2001:4de0:ac1... 2001:4de0:ac18::1:a:2b	20446 (STACKPATH...) (STACKPATH-CDN)
2	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
33	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2600:9000:21f... 2600:9000:21f3:6400:f:4f64:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:400d:80a::2003	15169 (GOOGLE) (GOOGLE)
5	75.2.86.129 75.2.86.129	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	3.120.61.63 3.120.61.63	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:400d:803::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:1::4 2a02:2638:1::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	185.29.132.242 185.29.132.242	30419 (MEDIAMATH...) (MEDIAMATH-INC)
4	78.46.111.106 78.46.111.106	24940 (HETZNER-AS) (HETZNER-AS)
1	92.123.37.164 92.123.37.164	16625 (AKAMAI-AS) (AKAMAI-AS)
19	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 3	35.181.77.138 35.181.77.138	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	2a02:2638::c 2a02:2638::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a02:2638:1::17 2a02:2638:1::17	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	159.69.70.9 159.69.70.9	24940 (HETZNER-AS) (HETZNER-AS)
2 2	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
1	2a0b:4d07:401::1 2a0b:4d07:401::1	44239 (PROINITY ...) (PROINITY PROINITY)
1 2	2a01:4f8:d0a:... 2a01:4f8:d0a:2321::2	24940 (HETZNER-AS) (HETZNER-AS)
1	49.12.22.42 49.12.22.42	24940 (HETZNER-AS) (HETZNER-AS)
1	13.42.68.116 13.42.68.116	16509 (AMAZON-02) (AMAZON-02)
1 1	94.23.99.218 94.23.99.218	16276 (OVH) (OVH)
1	54.76.176.197 54.76.176.197	16509 (AMAZON-02) (AMAZON-02)
1 1	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
7	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	98.98.134.241 98.98.134.241	21859 (ZEN-ECN) (ZEN-ECN)
2 2	213.155.156.164 213.155.156.164	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1 1	2600:9000:211... 2600:9000:211a:2000:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	18.156.94.30 18.156.94.30	16509 (AMAZON-02) (AMAZON-02)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
2 2	35.156.135.89 35.156.135.89	16509 (AMAZON-02) (AMAZON-02)
1	13.224.189.29 13.224.189.29	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.52 99.86.4.52	16509 (AMAZON-02) (AMAZON-02)
2	18.169.219.247 18.169.219.247	16509 (AMAZON-02) (AMAZON-02)
223	45

6 188.40.142.195 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: pxb.germany.ru

mangola.strana.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ttn.germany.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 138.201.192.69 (Apeldoorn, Netherlands) 3 redirects

ASN24940 (HETZNER-AS, DE)
PTR: pxc.germany.ru

www.germany.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
my.germany.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tt.germany.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
h.germany.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21f3:6400:f:4f64:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 75.2.86.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: a3436eee63857ff41.awsglobalaccelerator.com

gaa.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.61.63 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-61-63.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:400d:803::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.132.242 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 78.46.111.106 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.106.111.46.78.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.123.37.164 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-37-164.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.181.77.138 (Paris, France) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-181-77-138.eu-west-3.compute.amazonaws.com

cs.mytheresa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mix-phoenix.commander1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a02:2638::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:1::17 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 159.69.70.9 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.9.70.69.159.clients.your-server.de

hal900017.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.193.130 (France) 2 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:401::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:4f8:d0a:2321::2 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

cdn.retailads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 49.12.22.42 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb-3.futalis.de

futalis.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.42.68.116 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-42-68-116.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.99.218 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu

medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com

ad-server.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.241 (United States)

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.164 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-164.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211a:2000:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.94.30 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-94-30.eu-central-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.135.89 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-135-89.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-29.fra2.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-52.fra6.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.169.219.247 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-169-219-247.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 139	1 MB
41	criteo.net static.criteo.net — Cisco Umbrella Rank: 644 pix.eu.criteo.net — Cisco Umbrella Rank: 8321 csm.eu.criteo.net — Cisco Umbrella Rank: 8358	715 KB
40	germany.ru 3 redirects www.germany.ru my.germany.ru tt.germany.ru ttn.germany.ru h.germany.ru	293 KB
17	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 29 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 cm.g.doubleclick.net — Cisco Umbrella Rank: 211	39 KB
10	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 72	4 KB
8	redintelligence.net hal9000.redintelligence.net — Cisco Umbrella Rank: 33148 hal900017.redintelligence.net — Cisco Umbrella Rank: 335177	34 KB
8	adscale.de js.adscale.de — Cisco Umbrella Rank: 6416 gaa.adscale.de — Cisco Umbrella Rank: 167484 ih.adscale.de — Cisco Umbrella Rank: 3298	18 KB
6	criteo.com rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 15294 ads.eu.criteo.com — Cisco Umbrella Rank: 8309 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 12307	105 KB
5	google.de www.google.de — Cisco Umbrella Rank: 6186 adservice.google.de — Cisco Umbrella Rank: 8804	1 KB
5	gstatic.com fonts.gstatic.com	190 KB
4	mathtag.com tags.mathtag.com — Cisco Umbrella Rank: 4346 pixel.mathtag.com — Cisco Umbrella Rank: 969	3 KB
4	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 842	1 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 24 region1.google-analytics.com — Cisco Umbrella Rank: 2460	20 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 15842 api.webgains.io — Cisco Umbrella Rank: 50110	31 KB
3	medialead.de 3 redirects pv.medialead.de — Cisco Umbrella Rank: 49281 medialead.de — Cisco Umbrella Rank: 48821	1 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 183	144 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 287	1 KB
2	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 278	800 B
2	360yield.com 2 redirects match.360yield.com — Cisco Umbrella Rank: 2296	795 B
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4901	646 B
2	retailads.net 1 redirects cdn.retailads.net — Cisco Umbrella Rank: 117431	6 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 202	10 KB
2	mytheresa.com 1 redirects cs.mytheresa.com — Cisco Umbrella Rank: 28221	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 41	116 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	1 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 694	96 KB
2	strana.de 2 redirects mangola.strana.de	468 B
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 47058	3 KB
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 711	437 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 607	191 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 741	716 B
1	ad-server.eu ad-server.eu — Cisco Umbrella Rank: 110908	312 B
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 39435	2 KB
1	futalis.de futalis.de — Cisco Umbrella Rank: 207404	401 B
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 146211	931 B
1	media01.eu pb.media01.eu — Cisco Umbrella Rank: 49882	629 B
1	commander1.com 1 redirects mix-phoenix.commander1.com — Cisco Umbrella Rank: 71945	1 KB
223	37

	Domain	Requested by
33	pagead2.googlesyndication.com	my.germany.ru pagead2.googlesyndication.com js.adscale.de tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
26	tt.germany.ru	my.germany.ru
19	static.criteo.net	ads.eu.criteo.com
18	pix.eu.criteo.net	ads.eu.criteo.com
18	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net my.germany.ru
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
7	cm.g.doubleclick.net	googleads.g.doubleclick.net
6	www.google.com	my.germany.ru tpc.googlesyndication.com googleads.g.doubleclick.net
6	h.germany.ru	my.germany.ru h.germany.ru
5	gaa.adscale.de	js.adscale.de
5	fonts.gstatic.com	fonts.googleapis.com
4	hal900017.redintelligence.net	hal9000.redintelligence.net hal900017.redintelligence.net
4	csm.eu.criteo.net	ads.eu.criteo.com
4	hal9000.redintelligence.net	my.germany.ru hal900017.redintelligence.net
4	adservice.google.com	pagead2.googlesyndication.com
4	adservice.google.de	pagead2.googlesyndication.com
4	partner.googleadservices.com	pagead2.googlesyndication.com
4	ttn.germany.ru	my.germany.ru
3	tags.mathtag.com	googleads.g.doubleclick.net tags.mathtag.com
3	www.googletagservices.com	googleads.g.doubleclick.net
2	api.webgains.io	analytics.webgains.io
2	x.bidswitch.net	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	match.360yield.com	2 redirects
2	d5p.de17a.com	2 redirects
2	cdn.retailads.net	1 redirects futalis.de
2	pv.medialead.de	2 redirects
2	cdnjs.cloudflare.com	ads.eu.criteo.com
2	cs.mytheresa.com	1 redirects ads.eu.criteo.com
2	cat.nl.eu.criteo.com	ads.eu.criteo.com
2	ads.eu.criteo.com	googleads.g.doubleclick.net
2	rtb.fr.eu.criteo.com	googleads.g.doubleclick.net
2	region1.google-analytics.com	www.googletagmanager.com
2	www.google-analytics.com	my.germany.ru www.google-analytics.com
2	js.adscale.de	my.germany.ru js.adscale.de
2	www.googletagmanager.com	my.germany.ru adv.office-partner.de
2	fonts.googleapis.com	my.germany.ru hal900017.redintelligence.net
2	code.jquery.com	my.germany.ru
2	my.germany.ru	1 redirects
2	www.germany.ru	2 redirects
2	mangola.strana.de	2 redirects
1	cdn.track.production.webgains.team	googleads.g.doubleclick.net
1	analytics.webgains.io	track.webgains.com
1	s.ad.smaato.net	1 redirects
1	pixel-sync.sitescout.com	googleads.g.doubleclick.net
1	um.simpli.fi	1 redirects
1	ad-server.eu	googleads.g.doubleclick.net
1	medialead.de	1 redirects
1	track.webgains.com	my.germany.ru
1	futalis.de	hal900017.redintelligence.net
1	adv.office-partner.de	hal900017.redintelligence.net
1	pb.media01.eu	hal900017.redintelligence.net
1	mix-phoenix.commander1.com	1 redirects
1	pixel.mathtag.com	tags.mathtag.com
1	www.google.de	my.germany.ru
1	ih.adscale.de	js.adscale.de
1	stats.g.doubleclick.net	www.google-analytics.com
223	57

This site contains links to these domains. Also see Links.

Domain
help.germany.ru
www.germany.ru
foren.germany.ru
mangola.germany.ru
katalog.germany.ru

Subject Issuer	Validity	Valid
*.germany.ru R3	`2023-01-23` - `2023-04-23`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.adscale.de Amazon	`2022-07-09` - `2023-08-07`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-07` - `2023-03-12`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-22` - `2023-03-26`	3 months	crt.sh
*.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-18` - `2023-04-25`	a year	crt.sh
redintelligence.net R3	`2023-02-08` - `2023-05-09`	3 months	crt.sh
pixel.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-05`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-15`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-19` - `2023-03-24`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-17`	3 months	crt.sh
*.media01.eu RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-05-20` - `2023-05-21`	a year	crt.sh
adv.office-partner.de R3	`2023-01-01` - `2023-04-01`	3 months	crt.sh
*.futalis.de R3	`2022-12-18` - `2023-03-18`	3 months	crt.sh
*.webgains.com Amazon	`2022-06-14` - `2023-07-13`	a year	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh
cdn.retailads.net Encryption Everywhere DV TLS CA - G1	`2022-06-17` - `2023-06-18`	a year	crt.sh
*.webgains.io Amazon	`2022-08-23` - `2023-09-21`	a year	crt.sh
cdn.track.production.webgains.team Amazon	`2022-09-29` - `2023-10-28`	a year	crt.sh

This page contains 27 frames:

Primary Page: https://my.germany.ru/1356479
Frame ID: D5C4984447BC1B3F7DF9539B664F2FBF
Requests: 66 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20190131/zrt_lookup.html
Frame ID: B06F363A8F20C14A079D339D06F92A83
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: 95322B9B089F5824EDDC29A429348C3F
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: A8F374C99A9F638ABB3AA77BC208807E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: A4A96B6CBD329761786DBA46C4B72375
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: D545DBC78D3FF9F6E6EBB00ACFCA683E
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: 36B9BF94444DABE3AA78D0453A69BBF8
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2481787217439354&output=html&adk=1812271804&adf=2373185778&lmt=1676225034&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x540_l%7C308x540_r&format=0x0&url=https%3A%2F%2Fmy.germany.ru%2F1356479&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676225034572&bpp=3&bdt=126&idt=231&shv=r20230207&mjsv=m202302080101&ptt=9&saldr=aa&nras=1&correlator=616708576777&frm=23&ife=1&pv=2&ga_vid=2002525937.1676225034&ga_sid=1676225035&ga_hid=1491244668&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3625558336&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44773810%2C44759927%2C31072227%2C31072258%2C31072272%2C31072287&oid=2&pvsid=3440890330699800&tmod=1820146636&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.oul4tqfqnsf&fsb=1&dtd=279
Frame ID: 89698E9B8DC371EFD744F09E833445B5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2481787217439354&output=html&h=100&slotname=8174686189&adk=3660800153&adf=3279755396&pi=t.ma~as.8174686189&w=480&lmt=1676225034&format=480x100&url=https%3A%2F%2Fmy.germany.ru%2F1356479&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676225034575&bpp=2&bdt=129&idt=282&shv=r20230207&mjsv=m202302080101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=616708576777&frm=23&ife=1&pv=1&ga_vid=2002525937.1676225034&ga_sid=1676225035&ga_hid=1491244668&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3625558336&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44773810%2C44759927%2C31072227%2C31072258%2C31072272%2C31072287&oid=2&pvsid=3440890330699800&tmod=1820146636&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CEr%7C&abl=CS&pfx=0&fu=32772&bc=31&ifi=2&uci=2.oasx3zunnhci&fsb=1&dtd=288
Frame ID: 6B382E38D1DC8AFC2429CB86DF85C825
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2481787217439354&output=html&h=600&slotname=7588654406&adk=2245745956&adf=3279755401&pi=t.ma~as.7588654406&w=300&lmt=1676225034&format=300x600&url=https%3A%2F%2Fmy.germany.ru%2F1356479&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676225034680&bpp=3&bdt=189&idt=223&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&correlator=616708576777&frm=23&ife=1&pv=1&ga_vid=2002525937.1676225034&ga_sid=1676225035&ga_hid=1323094820&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1290&ady=378&biw=1600&bih=1200&isw=0&ish=0&ifk=3625558336&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31072224%2C44779793%2C31071662&oid=2&pvsid=1592943485690680&tmod=717085120&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.a2qd127d2vju&fsb=1&dtd=246
Frame ID: F698BBB0A03FF9D775449EBA3E13FF73
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2481787217439354&output=html&h=280&slotname=2606245871&adk=3570679225&adf=3279755400&pi=t.ma~as.2606245871&w=970&fwrn=3&fwrnh=100&lmt=1676225034&rafmt=1&format=970x280&url=https%3A%2F%2Fmy.germany.ru%2F1356479&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676225034711&bpp=7&bdt=199&idt=240&shv=r20230207&mjsv=m202302080101&ptt=9&saldr=aa&correlator=616708576777&frm=23&ife=1&pv=1&ga_vid=2002525937.1676225034&ga_sid=1676225035&ga_hid=522534685&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=689&biw=1600&bih=1200&isw=970&ish=0&ifk=232895196&scr_x=0&scr_y=0&eid=44759837%2C44759926%2C44759875%2C31071756%2C31072272%2C31072288%2C44779793&oid=2&pvsid=645908094534508&tmod=116735299&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.e9y3lm44tm8n&fsb=1&dtd=258
Frame ID: B9922FDF8AE2E614281A35EBFBAE23A2
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2481787217439354&output=html&h=90&slotname=2458072068&adk=2750932062&adf=3279755398&pi=t.ma~as.2458072068&w=728&lmt=1676225035&rafmt=12&format=728x90&url=https%3A%2F%2Fmy.germany.ru%2F1356479&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676225034733&bpp=5&bdt=251&idt=297&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&cookie=ID%3Da0c2c402c8cb1fbd-225c15028bdc0063%3AT%3D1676225034%3ART%3D1676225034%3AS%3DALNI_MYxBwILpjSgAd_xzSdvdvFciwRyoQ&gpic=UID%3D00000bb503269a6a%3AT%3D1676225034%3ART%3D1676225034%3AS%3DALNI_MZ2J2oLRrCfyikZinyHGbyeHjR0Vw&correlator=616708576777&frm=23&ife=1&pv=1&ga_vid=2002525937.1676225034&ga_sid=1676225035&ga_hid=2143776794&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=58&biw=1600&bih=1200&isw=0&ish=0&ifk=3625558336&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44773810%2C31072288&oid=2&pvsid=3592967760079115&tmod=826852182&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=260&bc=31&ifi=1&uci=1.9xc328x70tr&fsb=1&dtd=316
Frame ID: 8A86B20FE7AFDA6FBE8DC4D2F7431E7E
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8A7A6200773F8CEDDDF22E1E644C53E0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C71A376EA12B561FFE614A44CA520120
Requests: 2 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y-kqCgAO-OMKwk2GAAK19Mq9Po7TjqT1FAGkfQ&u=%7CLGGW%2BsZ4wbrbdUmaI2V5LyFKdylForb8yNCPxpgagMw%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrSzdAvklCiymh-AmoIDed1ipUT25GSf4krQyHSRYdaHg7S2txPrKTY7bpRBgfvQocZuB6_pyCnVlqYd0wtap9CR5l2r8vxpr7NKO6nOB3fJSYDPKY-PrINStzgLy8sRvxq9HBwibteztoqclbsM8OakhTL3NoPVNRXu7DYIyKx6H6lTzBNItlm9RkrDo44IAY9zqovp6-JrnihiAFoxqlqq0_k6gasKIJhkK_mOCvhB-kUM2c-VB9GkrCykohgEqOEQlagoSDrvFm59mlgNKcun-UvtGYfop_QnjdPKbg-jWpuHThGR6yW_8wCJvySEbYlBhM0SL3dyWJ4CmaLN39GO-2hv3pWM6ISANKglVZVUz-bidIwocyViaIGeXlL9L1V4zj0ZtgriKxtFL3HGgc0QUEVzhmWed9bZRcvatlKwdfImO9E-87AUvck1un_eMUhU20C8HWpVSkv2OyYfqusFO4oPAsXVm-aLdrwpg27o-d9PXpv3srmdBI1h_Eazwl7dv7W7YAxlfjKQ48JKH8lgo3UogkEuLq6REIkWByCaw15Lp8Np_GxMi3GeZLfmjsbpKM96Whd9zfAI4zt2Od1aB-Tr1knc2ROQSkTWhhR7PFdPa6B4zZyQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMlfhCirpY-PxO4abiQb064qoAcme0rFc1Z2R93DAjbcBEAEgAGCVwqaCsAeCARdjYS1wdWItMjQ4MTc4NzIxNzQzOTM1NMgBCakCn_vxDvLpsT6oAwGqBLIBT9AfEuFkTNIAzBx9XrycNyswZvXEQGEKz-vxbYp2BWFrqk_smHgLEUe3ukZWMYz5to3CJ14hgPFYvtnAIS6muy6zc7kE_UojT5qioQ02Q1hwGtqs6QrSlas9zw71jyqJnP7sDE9woRKtF0H9yJvryC-cclk3WnhydIxSiL52xTmgaMTrSvXRr6TYwsyJsxxBGCShAPcdh5ElmDVfEt1E0ZA3FvUz6PPnIzHeoHD13PP2YIAGi76M3cCuk9raAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1hALhvOsyXwjFqP7O4Nlxa3t3MDA%26client%3Dca-pub-2481787217439354%26adurl%3D
Frame ID: 98BC018C74674CFD3C259744DF0F6683
Requests: 29 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3D22966FCD25E7C8CB1740FE92FEFDB4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CE4C62C17395B024A9D101E6DFACDAE2
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E1B29889EFD39ECC117584BDB7D944F0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E1D5DB1AD5235D976BDAC87134E46012
Requests: 2 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y-kqCwAAZCsKwlKtAAwHGgVwlz2uYrkz1DzMJQ&u=%7CLGGW%2BsZ4wbpefxfgy1A1rn8%2FwgdzWevAf8z7SahP7Sg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANf6ytq6cQxVnh9dES0_04hNaaUtAKgxz4DOK-6QdKLguKeI6vKkVpbxQR-quVPBEIMRqJWAAE7VOn6RwA_qs7bL4UTbbdp3gD7K0uKQ4NyH-ZJWVliKUMMn5-vmobq69qpSNJhrCk_6b-xcRhdXLU5DYOG7bi-USv5S58rrDmjRcUJ0AKy8yXyFLwBpehnZyoDK-8--Sz5b86g8EHko7dJAiU6tY0EGyGnYok6gMaR09ZYvHdEQEBYfryu4xgdfSOE49FB_kKEGt84QjnRKl7_L5AK7krZ7w7mlwRRYuJCFzqQrV5J9VLRkhfw1i0cpG0v4AnVAjKonM749-_nGdRawtxDukn2ZIh3mXmO0Vs4H0zR43z-CQjZ7yCeAK1DnQThMaYMZcU2ArbYM29ZNh2V2nIZyjq_UXKWt1N1-sVEmCUfCByZj34vWLke2Rpi0TRV61NSYBuN6sIrpKK1BVMFTQMzObZnREXvI2HWUUmX0qqJSQh_6oe4A2U74kPlS1g7LAV3jxirUmxMrhndHo6HzBclOWesYtdsISwnOIIk5OTeVLu3OLKUE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyd3qCyrpY6vIAa2liQaajrDIB8me0rFczeGS93DAjbcBEAEgAGCVwqaCsAeCARdjYS1wdWItMjQ4MTc4NzIxNzQzOTM1NMgBCakCn_vxDvLpsT6oAwGqBLIBT9AvUKJF2JOBWj4CuPCIJz8RHHuwh-2rLnxbiXhjg8a15Gy4uNcy0o-5AW-MjnA7AdQfbb5wOMvZ5PUYhV7sFAv1LcF_udpFESofTDhEnkDqGBlNQJaCesNKqIY5MTHZcfrZD5DJW9vm5ZCJeVOotVejiNrNtVVjINe25XqSfLua6D0Xtvmglf1CbmivehVhO0wUz92z5em3mnW2izxMQgKte3KhxPwtzHPwkyLrj3efqoAG87iU5Mv6z4f6AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1wunzBVF9w_66UrMmGsVvNOWd2_g%26client%3Dca-pub-2481787217439354%26adurl%3D
Frame ID: 1BE51BED093309AA53059C59874828C2
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 331CA0BB7203328FE912E8FA357AC859
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9D87411862720FC3799648EB021981D4
Requests: 2 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=25929400118688500951389012233017&actionid=981741&produktid=&dt_url=
Frame ID: 11EE1FEF3056A6E18DA93878BC82C152
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 9B815D297D5AD3722266A5F60C69EE9C
Requests: 2 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2243793815
Frame ID: 01A85DCE4A243815271CD41631770DE9
Requests: 2 HTTP requests in this frame

Frame: https://hal900017.redintelligence.net/request_content.php?s=25929400118688500951389012233017&a=3f163fda
Frame ID: 90F5FFA870EE2EC5A24FEADA3C73F7B9
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 334A47B9D68F815CD38D9EB36A00C275
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mangola - Germany.ru

Page URL History Show full URLs

http://mangola.strana.de/ HTTP 302
http://mangola.strana.de/cgi/home.cgi HTTP 302
http://www.germany.ru/cgi-bin/portal/showprofile.cgi?User=Mangola HTTP 301
https://www.germany.ru/cgi-bin/portal/showprofile.cgi?User=Mangola HTTP 302
http://my.germany.ru/1356479 HTTP 301
https://my.germany.ru/1356479 Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

223
Requests

96 %
HTTPS

50 %
IPv6

37
Domains

57
Subdomains

45
IPs

10
Countries

3063 kB
Transfer

7236 kB
Size

34
Cookies

29 Outgoing links

These are links going to different origins than the main page.

URL: https://help.germany.ru/index.php?action=artikel&cat=5&id=160&artlang=ru
Title: Mehr Informationen

Search URL Search Domain Scan URL

URL: https://www.germany.ru/cgi-bin/portal/register.cgi
Title: Регистрация нового пользователя

Search URL Search Domain Scan URL

URL: https://www.germany.ru/cgi-bin/portal/guestbooktab.cgi?UserID=1356479
Title: Гостевая

Search URL Search Domain Scan URL

URL: https://www.germany.ru/cgi-bin/portal/loginssl.cgi
Title: Забыли пароль?

Search URL Search Domain Scan URL

URL: https://www.germany.ru/
Title: Germany.ru

Search URL Search Domain Scan URL

URL: https://foren.germany.ru/report.pl?UserID=1356479
Title: Пожаловаться на Mangola

Search URL Search Domain Scan URL

URL: https://mangola.germany.ru/
Title: https://mangola.germany.ru

Search URL Search Domain Scan URL

URL: https://www.germany.ru/cgi-bin/portal/showhoroskoptab.cgi?Number=1356479
Title: Дева

Search URL Search Domain Scan URL

URL: https://www.germany.ru/cgi-bin/portal/showchatstattab.cgi?Number=1356479
Title: 0

Search URL Search Domain Scan URL

URL: https://foren.germany.ru/dosearchuser.pl?UserID=1356479
Title: 0

Search URL Search Domain Scan URL

URL: https://help.germany.ru/
Title: Помощь

Search URL Search Domain Scan URL

URL: https://help.germany.ru/index.php?action=artikel&cat=5&id=160&artlang=ru&lang=russian
Title: Datenschutz

Search URL Search Domain Scan URL

URL: https://katalog.germany.ru/cgi-bin/discount/add.cgi
Title: Реклама на сайте

Search URL Search Domain Scan URL

URL: https://www.germany.ru/contact.html
Title: Контакт

Search URL Search Domain Scan URL

URL: https://www.germany.ru/cgi-bin/portal/changeskin.cgi?skin=9&link=https%3A%2F%2Fmy.germany.ru%2Fcgi-bin%2Fmy%2Fshowprofile_my.cgi%3FUser%3D1356479
Title: HOT

Search URL Search Domain Scan URL

URL: https://www.germany.ru/cgi-bin/portal/changeskin.cgi?skin=999&link=https%3A%2F%2Fmy.germany.ru%2Fcgi-bin%2Fmy%2Fshowprofile_my.cgi%3FUser%3D1356479
Title: Yellow

Search URL Search Domain Scan URL

URL: https://www.germany.ru/cgi-bin/portal/changeskin.cgi?skin=1&link=https%3A%2F%2Fmy.germany.ru%2Fcgi-bin%2Fmy%2Fshowprofile_my.cgi%3FUser%3D1356479
Title: Blue

Search URL Search Domain Scan URL

URL: https://www.germany.ru/cgi-bin/portal/changeskin.cgi?skin=3&link=https%3A%2F%2Fmy.germany.ru%2Fcgi-bin%2Fmy%2Fshowprofile_my.cgi%3FUser%3D1356479
Title: Matrix

Search URL Search Domain Scan URL

URL: https://www.germany.ru/cgi-bin/portal/changeskin.cgi?skin=4&link=https%3A%2F%2Fmy.germany.ru%2Fcgi-bin%2Fmy%2Fshowprofile_my.cgi%3FUser%3D1356479
Title: Camomile

Search URL Search Domain Scan URL

URL: https://www.germany.ru/cgi-bin/portal/changeskin.cgi?skin=5&link=https%3A%2F%2Fmy.germany.ru%2Fcgi-bin%2Fmy%2Fshowprofile_my.cgi%3FUser%3D1356479
Title: Nostalgie

Search URL Search Domain Scan URL

URL: https://www.germany.ru/cgi-bin/portal/changeskin.cgi?skin=6&link=https%3A%2F%2Fmy.germany.ru%2Fcgi-bin%2Fmy%2Fshowprofile_my.cgi%3FUser%3D1356479
Title: Sea

Search URL Search Domain Scan URL

URL: https://www.germany.ru/cgi-bin/portal/changeskin.cgi?skin=10&link=https%3A%2F%2Fmy.germany.ru%2Fcgi-bin%2Fmy%2Fshowprofile_my.cgi%3FUser%3D1356479
Title: Lilac

Search URL Search Domain Scan URL

URL: https://www.germany.ru/cgi-bin/portal/changeskin.cgi?skin=11&link=https%3A%2F%2Fmy.germany.ru%2Fcgi-bin%2Fmy%2Fshowprofile_my.cgi%3FUser%3D1356479
Title: Pen

Search URL Search Domain Scan URL

URL: https://www.germany.ru/cgi-bin/portal/changeskin.cgi?skin=12&link=https%3A%2F%2Fmy.germany.ru%2Fcgi-bin%2Fmy%2Fshowprofile_my.cgi%3FUser%3D1356479
Title: Khaki

Search URL Search Domain Scan URL

URL: https://www.germany.ru/cgi-bin/portal/changeskin.cgi?skin=13&link=https%3A%2F%2Fmy.germany.ru%2Fcgi-bin%2Fmy%2Fshowprofile_my.cgi%3FUser%3D1356479
Title: Night

Search URL Search Domain Scan URL

URL: https://www.germany.ru/cgi-bin/portal/changeskin.cgi?skin=14&link=https%3A%2F%2Fmy.germany.ru%2Fcgi-bin%2Fmy%2Fshowprofile_my.cgi%3FUser%3D1356479
Title: Tiger

Search URL Search Domain Scan URL

URL: https://www.germany.ru/cgi-bin/portal/changeskin.cgi?skin=17&link=https%3A%2F%2Fmy.germany.ru%2Fcgi-bin%2Fmy%2Fshowprofile_my.cgi%3FUser%3D1356479
Title: Зима

Search URL Search Domain Scan URL

URL: https://www.germany.ru/cgi-bin/portal/changeskin.cgi?skin=18&link=https%3A%2F%2Fmy.germany.ru%2Fcgi-bin%2Fmy%2Fshowprofile_my.cgi%3FUser%3D1356479
Title: Xmas

Search URL Search Domain Scan URL

URL: https://www.germany.ru/cgi-bin/portal/skinselect.cgi
Title: Еще

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mangola.strana.de/ HTTP 302
http://mangola.strana.de/cgi/home.cgi HTTP 302
http://www.germany.ru/cgi-bin/portal/showprofile.cgi?User=Mangola HTTP 301
https://www.germany.ru/cgi-bin/portal/showprofile.cgi?User=Mangola HTTP 302
http://my.germany.ru/1356479 HTTP 301
https://my.germany.ru/1356479 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 147

https://cs.mytheresa.com/mix/v3/?tcs=3504&rand=63e92a0ae0ed4af47d7660eadaec0149&chn=display_pro&src=criteo&cmp=criteo_de&tarea=de&ptyp=dynamic&gdpr=1&gdpr_consent= HTTP 307
https://mix-phoenix.commander1.com/mix/v3/?TC_CHECK_COOKIES_SUPPORT=1&tc_first=cs.mytheresa.com&tcs=3504&rand=63e92a0ae0ed4af47d7660eadaec0149&chn=display_pro&src=criteo&cmp=criteo_de&tarea=de&ptyp=dynamic&gdpr=1&gdpr_consent= HTTP 307
https://cs.mytheresa.com/mix/v3/?tc_id=2023021219035510879533057&tcs=3504&rand=63e92a0ae0ed4af47d7660eadaec0149&chn=display_pro&src=criteo&cmp=criteo_de&tarea=de&ptyp=dynamic&gdpr=1&gdpr_consent=

Request Chain 187

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=25929400118688500951389012233017&t=htlp HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=25929400118688500951389012233017&actionid=981741&produktid=&dt_url=

Request Chain 189

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=25929400118688500951389012233017&ra_cnt_active=1&ra_cnt=1 HTTP 302
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2243793815

Request Chain 192

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=25929400118688500951389012233017 HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=25929400118688500951389012233017 HTTP 302
https://ad-server.eu/wm/pb/native.png

Request Chain 202

https://um.simpli.fi/gp_match?google_gid=CAESEL2yJ14nv0304BVmRfCgn-c&google_cver=1&google_push=Aa02lx9aZOl0H0Aarfc-S5qRC6UIgz2QkgD37VMZ6CVoqinMdhM5v9LDEqWeQDI5U31oi-gl5sY8xRK3ulRh_RVQnWqzcIHuiUv9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8ADC7F90E83F4EE7B49CB97693D39E5B&google_push=Aa02lx9aZOl0H0Aarfc-S5qRC6UIgz2QkgD37VMZ6CVoqinMdhM5v9LDEqWeQDI5U31oi-gl5sY8xRK3ulRh_RVQnWqzcIHuiUv9

Request Chain 204

https://d5p.de17a.com/cookies/google?google_gid=CAESEPRbj9q9bEZyNdUi-SJDObg&google_cver=1&google_push=Aa02lx8dPjkR7qQcpYGB2nNZmzAvPjBzBUgPglxMgqC9Jg-0w_fNDMKtIsw-Ibhnw0aUWF3PiPOkFfjxo0mOogdxRLXCe3A2uGYD HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEPRbj9q9bEZyNdUi-SJDObg&google_cver=1&google_push=Aa02lx8dPjkR7qQcpYGB2nNZmzAvPjBzBUgPglxMgqC9Jg-0w_fNDMKtIsw-Ibhnw0aUWF3PiPOkFfjxo0mOogdxRLXCe3A2uGYD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx8dPjkR7qQcpYGB2nNZmzAvPjBzBUgPglxMgqC9Jg-0w_fNDMKtIsw-Ibhnw0aUWF3PiPOkFfjxo0mOogdxRLXCe3A2uGYD

Request Chain 205

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEAHToMyYR2CV4adHxHl1-XA&google_cver=1&google_push=Aa02lx96CnWkgnT0LXXlLt1ENg6sBvALmkfpEPUNDBDlWqm0gSSpp_dkULCV8vv9p_7RIG9hIns705jnNR42DMBpnTfkbp2VYK0S HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx96CnWkgnT0LXXlLt1ENg6sBvALmkfpEPUNDBDlWqm0gSSpp_dkULCV8vv9p_7RIG9hIns705jnNR42DMBpnTfkbp2VYK0S

Request Chain 206

https://match.360yield.com/match/ebda?google_gid=CAESENIf6NA5f5FqJhGMFLgtuPY&google_cver=1&google_push=Aa02lx9BW4Sgaf-K7cFYFpf4psUMkv_odYD-Z50UdwBjB-XLZSDx6-zLXEjebDhucNuz4jJSWTRxHdzPWTciqXgGspkqUwTDwz1QIg HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESENIf6NA5f5FqJhGMFLgtuPY&google_cver=1&google_push=Aa02lx9BW4Sgaf-K7cFYFpf4psUMkv_odYD-Z50UdwBjB-XLZSDx6-zLXEjebDhucNuz4jJSWTRxHdzPWTciqXgGspkqUwTDwz1QIg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=hvW_otKaT7OfJiWdld02vw&google_push=Aa02lx9BW4Sgaf-K7cFYFpf4psUMkv_odYD-Z50UdwBjB-XLZSDx6-zLXEjebDhucNuz4jJSWTRxHdzPWTciqXgGspkqUwTDwz1QIg

Request Chain 207

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEMMPUFyaot638DDAVwyXjmw&google_cver=1&google_push=Aa02lx8z3zij9IQx4AfL4UM4n2a6OUVLP6wO1LR-SKUDr9VNdqCAzlmQ7EGg5Ayf9_jHTVxZxq3GNYZ13_KpmqJdxa2P3PLpTQlRSEM HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEMMPUFyaot638DDAVwyXjmw&google_cver=1&google_push=Aa02lx8z3zij9IQx4AfL4UM4n2a6OUVLP6wO1LR-SKUDr9VNdqCAzlmQ7EGg5Ayf9_jHTVxZxq3GNYZ13_KpmqJdxa2P3PLpTQlRSEM&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0xNndtTW94RTJ1RWZfMURtSmtmSXpOYzVBaThYS0gxen5B&google_push=Aa02lx8z3zij9IQx4AfL4UM4n2a6OUVLP6wO1LR-SKUDr9VNdqCAzlmQ7EGg5Ayf9_jHTVxZxq3GNYZ13_KpmqJdxa2P3PLpTQlRSEM

Request Chain 208

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEBph-KA0zk8D7FfYPjnGC_U&google_cver=1&google_push=Aa02lx9nghXYV9qPj-LbJ1qx-yqX-fpi7cT4jfwg9Q9Tv0vMnHLoKjejTtmw7WOXYcqQKd2wiEgxuJAFR3SMp5NgPr-qlv0FgzmxWZU HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEBph-KA0zk8D7FfYPjnGC_U&google_cver=1&google_push=Aa02lx9nghXYV9qPj-LbJ1qx-yqX-fpi7cT4jfwg9Q9Tv0vMnHLoKjejTtmw7WOXYcqQKd2wiEgxuJAFR3SMp5NgPr-qlv0FgzmxWZU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=4d0a2809-db1b-41fd-ae53-dea2aaf20fdd&%%GOOGLE_PUSH_PAIR%%

223 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request 1356479 Show response
my.germany.ru/
Redirect Chain

http://mangola.strana.de/
http://mangola.strana.de/cgi/home.cgi
http://www.germany.ru/cgi-bin/portal/showprofile.cgi?User=Mangola
https://www.germany.ru/cgi-bin/portal/showprofile.cgi?User=Mangola
http://my.germany.ru/1356479
https://my.germany.ru/1356479

19 KB
5 KB

417ms
391ms

Document
text/html

138.201.192.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://my.germany.ru/1356479
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.192.69 Apeldoorn, Netherlands, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxc.germany.ru
Software: nginx/1.18.0 /
Resource Hash: 8422c8819355110736e326e8a4c974f3cba9b4c15cfe1fdfa562f020b659271c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Sun, 12 Feb 2023 18:03:53 GMT
Server: nginx/1.18.0
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 169
Content-Type: text/html
Date: Sun, 12 Feb 2023 18:03:53 GMT
Location: https://my.germany.ru/1356479
Server: nginx/1.18.0

GET
H/1.1 200
OK germany_ru_common.css
tt.germany.ru/css/ 7 KB
3 KB 91ms
13ms Stylesheet
text/css 138.201.192.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.germany.ru/css/germany_ru_common.css
Requested by: Host: my.germany.ru
URL: https://my.germany.ru/1356479
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.192.69 Apeldoorn, Netherlands, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxc.germany.ru
Software: nginx/1.18.0 /
Resource Hash: 7fd4b9696a19d1e8b521192f799bd2885a6943977005afd74d839503e1dcda6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Sun, 12 Feb 2023 18:03:54 GMT
Content-Encoding: gzip
Server: nginx/1.18.0
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000, public
Connection: keep-alive
Expires: Tue, 14 Mar 2023 18:03:54 GMT

GET
H/1.1 200
OK germany_ru_skin_mini.css
tt.germany.ru/css/ 12 KB
3 KB 90ms
12ms Stylesheet
text/css 138.201.192.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.germany.ru/css/germany_ru_skin_mini.css
Requested by: Host: my.germany.ru
URL: https://my.germany.ru/1356479
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.192.69 Apeldoorn, Netherlands, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxc.germany.ru
Software: nginx/1.18.0 /
Resource Hash: 9f3852b186cca1eb720e5988afd6173c8cc7025846381f7b723f84cb8dfefb25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Sun, 12 Feb 2023 18:03:54 GMT
Content-Encoding: gzip
Server: nginx/1.18.0
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000, public
Connection: keep-alive
Expires: Tue, 14 Mar 2023 18:03:54 GMT

GET
H/1.1 200
OK basic.css
ttn.germany.ru/css/ 159 KB
47 KB 79ms
12ms Stylesheet
text/css 188.40.142.195
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ttn.germany.ru/css/basic.css
Requested by: Host: my.germany.ru
URL: https://my.germany.ru/1356479
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.40.142.195 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxb.germany.ru
Software: nginx/1.7.10 /
Resource Hash: e863b80083f3553afa2fe3cf46fd966d881365056e43908cbb42613ac91906b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Sun, 12 Feb 2023 18:03:54 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Apr 2019 19:13:23 GMT
Server: nginx/1.7.10
ETag: W/"5caceed3-27ad5"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000, public
Connection: keep-alive
Expires: Tue, 14 Mar 2023 18:03:54 GMT

GET
H/1.1 200
OK mini.css
ttn.germany.ru/css/ 14 KB
6 KB 79ms
13ms Stylesheet
text/css 188.40.142.195
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ttn.germany.ru/css/mini.css
Requested by: Host: my.germany.ru
URL: https://my.germany.ru/1356479
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.40.142.195 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxb.germany.ru
Software: nginx/1.7.10 /
Resource Hash: 7b1747bec52ea01f3de75a9201120dafe45b6a72734a87624cd5d5107afd2c36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Sun, 12 Feb 2023 18:03:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Apr 2016 14:20:19 GMT
Server: nginx/1.7.10
ETag: W/"5714ed23-3679"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000, public
Connection: keep-alive
Expires: Tue, 14 Mar 2023 18:03:54 GMT

GET
H/1.1 200
OK germany_ru_common.css
ttn.germany.ru/css/ 165 KB
53 KB 81ms
14ms Stylesheet
text/css 188.40.142.195
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ttn.germany.ru/css/germany_ru_common.css?2
Requested by: Host: my.germany.ru
URL: https://my.germany.ru/1356479
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.40.142.195 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxb.germany.ru
Software: nginx/1.7.10 /
Resource Hash: 3676c7e1de77b00773b81fa4ccf5bb1ddbc32f0c80e91303d7973dc7ac77321e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Sun, 12 Feb 2023 18:03:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 22 Jul 2019 17:42:14 GMT
Server: nginx/1.7.10
ETag: W/"5d35f576-2959b"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000, public
Connection: keep-alive
Expires: Tue, 14 Mar 2023 18:03:54 GMT

GET
H/1.1 200
OK interactivetable.js Show response
tt.germany.ru/js/ 677 B
592 B 13ms
13ms Script
application/javascript 138.201.192.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.germany.ru/js/interactivetable.js
Requested by: Host: my.germany.ru
URL: https://my.germany.ru/1356479
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.192.69 Apeldoorn, Netherlands, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxc.germany.ru
Software: nginx/1.18.0 /
Resource Hash: 53168bac7c57cb3c8a748a4a9473c29799bd27c8ca0287b40dff75e01905f798

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Sun, 12 Feb 2023 18:03:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 25 Apr 2007 12:00:03 GMT
Server: nginx/1.18.0
ETag: W/"462f42c3-2a5"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Connection: keep-alive
Expires: Tue, 14 Mar 2023 18:03:54 GMT

GET
H2 200 jquery-1.12.4.min.js Show response
code.jquery.com/ 95 KB
33 KB 43ms
10ms Script
application/javascript 2001:4de0:ac18::1:a:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.12.4.min.js
Requested by: Host: my.germany.ru
URL: https://my.germany.ru/1356479
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:54 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-17b8b"
vary: Accept-Encoding
x-hw: 1676225034.dop207.fr8.t,1676225034.cds129.fr8.hn,1676225034.cds167.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 33738

GET
H2 200 jquery-ui.min.js Show response
code.jquery.com/ui/1.11.4/ 235 KB
63 KB 50ms
18ms Script
application/javascript 2001:4de0:ac18::1:a:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.11.4/jquery-ui.min.js
Requested by: Host: my.germany.ru
URL: https://my.germany.ru/1356479
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:54 GMT
content-encoding: gzip
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
etag: W/"28feccc0-3ab2b"
vary: Accept-Encoding
x-hw: 1676225034.dop207.fr8.t,1676225034.cds129.fr8.hn,1676225034.cds159.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 64296

GET
H/1.1 200
OK b.js Show response
h.germany.ru/abogat/r/ 0
319 B 72ms
12ms Script
application/javascript 138.201.192.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://h.germany.ru/abogat/r/b.js
Requested by: Host: my.germany.ru
URL: https://my.germany.ru/1356479
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.192.69 Apeldoorn, Netherlands, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxc.germany.ru
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Sun, 12 Feb 2023 18:03:54 GMT
Last-Modified: Tue, 27 Dec 2016 13:58:35 GMT
Server: nginx/1.18.0
ETag: "5862738b-0"
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0
Expires: Tue, 14 Mar 2023 18:03:54 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1017 B 68ms
29ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans:400,700,400italic,700italic&subset=latin,cyrillic,latin-ext

Requested by

Host: my.germany.ru
URL: https://my.germany.ru/1356479

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

67d8f00d442f5c27bc4a9cd4d9a9414a7fc888124c49b78bee26719ecf92ce52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 12 Feb 2023 18:03:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 12 Feb 2023 18:03:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 12 Feb 2023 18:03:54 GMT

GET
H/1.1 200
OK jquery.cookieBar.min.css
tt.germany.ru/css/ 3 KB
1 KB 88ms
11ms Stylesheet
text/css 138.201.192.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.germany.ru/css/jquery.cookieBar.min.css
Requested by: Host: my.germany.ru
URL: https://my.germany.ru/1356479
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.192.69 Apeldoorn, Netherlands, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxc.germany.ru
Software: nginx/1.18.0 /
Resource Hash: cd3604873a59f3aa2958cc0547094e0b283d7f267a4594e704aaac6872c03e83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Sun, 12 Feb 2023 18:03:54 GMT
Content-Encoding: gzip
Server: nginx/1.18.0
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000, public
Connection: keep-alive
Expires: Tue, 14 Mar 2023 18:03:54 GMT

GET
H/1.1 200
OK jquery.cookieBarG.min.js Show response
tt.germany.ru/js/ 5 KB
3 KB 90ms
13ms Script
application/javascript 138.201.192.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.germany.ru/js/jquery.cookieBarG.min.js
Requested by: Host: my.germany.ru
URL: https://my.germany.ru/1356479
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.192.69 Apeldoorn, Netherlands, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxc.germany.ru
Software: nginx/1.18.0 /
Resource Hash: 7e5be3da581cb25ab7e553a7fc547508bd79de95435107484f24a8e9049d6c07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Sun, 12 Feb 2023 18:03:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Apr 2019 17:20:14 GMT
Server: nginx/1.18.0
ETag: W/"5cab82ce-14e1"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Connection: keep-alive
Expires: Tue, 14 Mar 2023 18:03:54 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 218 KB
76 KB 89ms
24ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TP4BKXBP5N

Requested by

Host: my.germany.ru
URL: https://my.germany.ru/1356479

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

00a40e4ac0b401477d09c9432475d9d5044a854bc4afe251bbc99483a20f3c68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77870
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 12 Feb 2023 18:03:54 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
49 KB 144ms
102ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: my.germany.ru
URL: https://my.germany.ru/1356479

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0608d892b555cefe4060c238303a8261673da704a7707808dd5d8af703792f2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49610
x-xss-protection: 0
server: cafe
etag: 8548637399051544849
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 12 Feb 2023 18:03:54 GMT

GET
H2 200 getads.js Show response
js.adscale.de/ 25 KB
9 KB 72ms
8ms Script
application/javascript 2600:9000:21f3:6400:f:4f64:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adscale.de/getads.js
Requested by: Host: my.germany.ru
URL: https://my.germany.ru/1356479
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:6400:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 37c741a1dc667159251aca3d56bb63f4d7e624075f4fd1eede6068ed0104dc6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-amz-version-id: OLenuF7vUxdzIARyLhdtZpo9Yfm2p1Gk
content-encoding: gzip
via: 1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
date: Sun, 12 Feb 2023 16:49:52 GMT
last-modified: Sun, 12 Feb 2023 12:49:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 4445
x-amz-server-side-encryption: AES256
etag: W/"4f301aee3d393a6f55621810b7e1c9b0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=7200
x-amz-cf-id: J9HI_JgdXM98ALVJr8TcC4TXZwpqvqvjXfwJVSq73ioicZKiQ2gI5Q==

GET
H/1.1 200
OK x-track.cgi
h.germany.ru/cgi-bin/ 43 B
500 B 47ms
13ms Image
image/gif 138.201.192.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h.germany.ru/cgi-bin/x-track.cgi?sqthaDdNAxdrTg476504
Requested by: Host: my.germany.ru
URL: https://my.germany.ru/1356479
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.192.69 Apeldoorn, Netherlands, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxc.germany.ru
Software: nginx/1.18.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Sun, 12 Feb 2023 18:03:54 GMT
Server: nginx/1.18.0
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H/1.1 200
OK user_profile_nophoto_female150.gif
tt.germany.ru/images/ 2 KB
3 KB 15ms
11ms Image
image/gif 138.201.192.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt.germany.ru/images/user_profile_nophoto_female150.gif
Requested by: Host: my.germany.ru
URL: https://my.germany.ru/1356479
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.192.69 Apeldoorn, Netherlands, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxc.germany.ru
Software: nginx/1.18.0 /
Resource Hash: c0a3d5e5cb50046cbdcfbe76c0c3b3bef8134d706d9d75e8e6bb3e1511030aac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Sun, 12 Feb 2023 18:03:54 GMT
Last-Modified: Thu, 07 Apr 2016 13:17:07 GMT
Server: nginx/1.18.0
ETag: "57065dd3-906"
Content-Type: image/gif
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2310
Expires: Tue, 14 Mar 2023 18:03:54 GMT

GET
H/1.1 200
OK 0.gif
tt.germany.ru/images/yearicons/ 231 B
563 B 16ms
11ms Image
image/gif 138.201.192.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt.germany.ru/images/yearicons/0.gif
Requested by: Host: my.germany.ru
URL: https://my.germany.ru/1356479
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.192.69 Apeldoorn, Netherlands, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxc.germany.ru
Software: nginx/1.18.0 /
Resource Hash: d5ee82a3fc08cc41cbd860ad2f38d45bc309db3a19846c8c0e822743d6730f65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Sun, 12 Feb 2023 18:03:54 GMT
Last-Modified: Tue, 26 May 2009 11:27:04 GMT
Server: nginx/1.18.0
ETag: "4a1bd208-e7"
Content-Type: image/gif
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 231
Expires: Tue, 14 Mar 2023 18:03:54 GMT

GET
H/1.1 200
OK germany_ru_16x16_status_female.gif
tt.germany.ru/images/ 630 B
963 B 16ms
12ms Image
image/gif 138.201.192.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt.germany.ru/images/germany_ru_16x16_status_female.gif
Requested by: Host: my.germany.ru
URL: https://my.germany.ru/1356479
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.192.69 Apeldoorn, Netherlands, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxc.germany.ru
Software: nginx/1.18.0 /
Resource Hash: 2cdd5ac8a3c2e35476af241001b3e3f33bab75dedb3926aaaee71d71eeac0c28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Sun, 12 Feb 2023 18:03:54 GMT
Last-Modified: Mon, 26 Apr 2004 14:36:27 GMT
Server: nginx/1.18.0
ETag: "408d1e6b-276"
Content-Type: image/gif
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 630
Expires: Tue, 14 Mar 2023 18:03:54 GMT

GET
H/1.1 200
OK virgo.gif
tt.germany.ru/images/horo/ 438 B
771 B 16ms
12ms Image
image/gif 138.201.192.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt.germany.ru/images/horo/virgo.gif
Requested by: Host: my.germany.ru
URL: https://my.germany.ru/1356479
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.192.69 Apeldoorn, Netherlands, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxc.germany.ru
Software: nginx/1.18.0 /
Resource Hash: 5aa346301f5ffcad8db21102cad33892f9f107b209b1d0c08df861b6c8cfb8e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Sun, 12 Feb 2023 18:03:54 GMT
Last-Modified: Fri, 06 Apr 2007 11:52:40 GMT
Server: nginx/1.18.0
ETag: "46163488-1b6"
Content-Type: image/gif
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 438
Expires: Tue, 14 Mar 2023 18:03:54 GMT

GET
H/1.1 200
OK skinswitch_mini.gif
tt.germany.ru/images/ 108 B
440 B 28ms
11ms Image
image/gif 138.201.192.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt.germany.ru/images/skinswitch_mini.gif
Requested by: Host: my.germany.ru
URL: https://my.germany.ru/1356479
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.192.69 Apeldoorn, Netherlands, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxc.germany.ru
Software: nginx/1.18.0 /
Resource Hash: 3ea71896c74dc9df5844e6eafc42d49534c6e0e05ac3d35a1a105613a8b09324

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Sun, 12 Feb 2023 18:03:54 GMT
Last-Modified: Thu, 31 Mar 2005 15:30:16 GMT
Server: nginx/1.18.0
ETag: "424c1788-6c"
Content-Type: image/gif
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 108
Expires: Tue, 14 Mar 2023 18:03:54 GMT

GET
H/1.1 200
OK skinswitch_sunny.gif
tt.germany.ru/images/ 162 B
494 B 28ms
11ms Image
image/gif 138.201.192.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt.germany.ru/images/skinswitch_sunny.gif
Requested by: Host: my.germany.ru
URL: https://my.germany.ru/1356479
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.192.69 Apeldoorn, Netherlands, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxc.germany.ru
Software: nginx/1.18.0 /
Resource Hash: ea6df1376bc8f578fac029fc5b4a5606d64e45150165e4026087df1afd29eeb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Sun, 12 Feb 2023 18:03:54 GMT
Last-Modified: Sun, 01 May 2005 06:02:21 GMT
Server: nginx/1.18.0
ETag: "427470ed-a2"
Content-Type: image/gif
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 162
Expires: Tue, 14 Mar 2023 18:03:54 GMT

GET
H/1.1 200
OK skinswitch_yellow.gif
tt.germany.ru/images/ 87 B
418 B 12ms
12ms Image
image/gif 138.201.192.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt.germany.ru/images/skinswitch_yellow.gif
Requested by: Host: my.germany.ru
URL: https://my.germany.ru/1356479
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.192.69 Apeldoorn, Netherlands, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxc.germany.ru
Software: nginx/1.18.0 /
Resource Hash: 18d16743f29e1d988af192e45168077fa66d1c6bd25614ffc69b52fac81ea9ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Sun, 12 Feb 2023 18:03:54 GMT
Last-Modified: Tue, 29 Mar 2005 11:59:40 GMT
Server: nginx/1.18.0
ETag: "4249432c-57"
Content-Type: image/gif
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 87
Expires: Tue, 14 Mar 2023 18:03:54 GMT

GET
H/1.1 200
OK skinswitch_blue.gif
tt.germany.ru/images/ 87 B
418 B 13ms
12ms Image
image/gif 138.201.192.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt.germany.ru/images/skinswitch_blue.gif
Requested by: Host: my.germany.ru
URL: https://my.germany.ru/1356479
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.192.69 Apeldoorn, Netherlands, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxc.germany.ru
Software: nginx/1.18.0 /
Resource Hash: 702ee4eac991f18ce23e0784a03fa1663abf0f17ae76e83ddb049851c58173ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Sun, 12 Feb 2023 18:03:54 GMT
Last-Modified: Tue, 29 Mar 2005 11:59:37 GMT
Server: nginx/1.18.0
ETag: "42494329-57"
Content-Type: image/gif
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 87
Expires: Tue, 14 Mar 2023 18:03:54 GMT

GET
H/1.1 200
OK skinswitch_mini_on.gif
tt.germany.ru/images/ 120 B
452 B 20ms
12ms Image
image/gif 138.201.192.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt.germany.ru/images/skinswitch_mini_on.gif
Requested by: Host: my.germany.ru
URL: https://my.germany.ru/1356479
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.192.69 Apeldoorn, Netherlands, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxc.germany.ru
Software: nginx/1.18.0 /
Resource Hash: 4530759d970509ac35adaf25a108d10293ffc00185266279d499278b0744c77a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Sun, 12 Feb 2023 18:03:54 GMT
Last-Modified: Thu, 31 Mar 2005 15:29:04 GMT
Server: nginx/1.18.0
ETag: "424c1740-78"
Content-Type: image/gif
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 120
Expires: Tue, 14 Mar 2023 18:03:54 GMT

GET
H/1.1 200
OK skinswitch_matrix.gif
tt.germany.ru/images/ 248 B
580 B 20ms
12ms Image
image/gif 138.201.192.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt.germany.ru/images/skinswitch_matrix.gif
Requested by: Host: my.germany.ru
URL: https://my.germany.ru/1356479
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.192.69 Apeldoorn, Netherlands, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxc.germany.ru
Software: nginx/1.18.0 /
Resource Hash: 19b6345ef6f44bf3aab769ac231d4097e169bc3383c98e9e38e32816f2185f99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Sun, 12 Feb 2023 18:03:54 GMT
Last-Modified: Wed, 30 Mar 2005 15:04:36 GMT
Server: nginx/1.18.0
ETag: "424ac004-f8"
Content-Type: image/gif
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 248
Expires: Tue, 14 Mar 2023 18:03:54 GMT

GET
H/1.1 200
OK skinswitch_camomile.gif
tt.germany.ru/images/ 571 B
904 B 12ms
11ms Image
image/gif 138.201.192.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt.germany.ru/images/skinswitch_camomile.gif
Requested by: Host: my.germany.ru
URL: https://my.germany.ru/1356479
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.192.69 Apeldoorn, Netherlands, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxc.germany.ru
Software: nginx/1.18.0 /
Resource Hash: d621b11566f77cc82fdb433e6042b35e0b401edad822755f6c3085d4534b8a4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Sun, 12 Feb 2023 18:03:54 GMT
Last-Modified: Thu, 31 Mar 2005 15:29:04 GMT
Server: nginx/1.18.0
ETag: "424c1740-23b"
Content-Type: image/gif
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 571
Expires: Tue, 14 Mar 2023 18:03:54 GMT

GET
H/1.1 200
OK skinswitch_nostalgie.gif
tt.germany.ru/images/ 113 B
445 B 13ms
12ms Image
image/gif 138.201.192.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt.germany.ru/images/skinswitch_nostalgie.gif
Requested by: Host: my.germany.ru
URL: https://my.germany.ru/1356479
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.192.69 Apeldoorn, Netherlands, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxc.germany.ru
Software: nginx/1.18.0 /
Resource Hash: 72eb25e65a6cf11914e57ac9c72a128f144c193f2c21f75198e896e26a99c4a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Sun, 12 Feb 2023 18:03:54 GMT
Last-Modified: Mon, 25 Apr 2005 02:41:30 GMT
Server: nginx/1.18.0
ETag: "426c58da-71"
Content-Type: image/gif
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 113
Expires: Tue, 14 Mar 2023 18:03:54 GMT

GET
H/1.1 200
OK skinswitch_sea.gif
tt.germany.ru/images/ 367 B
700 B 14ms
13ms Image
image/gif 138.201.192.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt.germany.ru/images/skinswitch_sea.gif
Requested by: Host: my.germany.ru
URL: https://my.germany.ru/1356479
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.192.69 Apeldoorn, Netherlands, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxc.germany.ru
Software: nginx/1.18.0 /
Resource Hash: 132ae0a59d120b8eecc5def619efcdeb715fc5b003c927aaf37bddcccff96cd9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Sun, 12 Feb 2023 18:03:54 GMT
Last-Modified: Mon, 25 Apr 2005 02:41:29 GMT
Server: nginx/1.18.0
ETag: "426c58d9-16f"
Content-Type: image/gif
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 367
Expires: Tue, 14 Mar 2023 18:03:54 GMT

GET
H/1.1 200
OK skinswitch_lilac.gif
tt.germany.ru/images/ 130 B
462 B 14ms
13ms Image
image/gif 138.201.192.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt.germany.ru/images/skinswitch_lilac.gif
Requested by: Host: my.germany.ru
URL: https://my.germany.ru/1356479
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.192.69 Apeldoorn, Netherlands, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxc.germany.ru
Software: nginx/1.18.0 /
Resource Hash: 966adf353f5e4d8bc10f941bbb2e7daaf891dec113ba491dc5d435a20d2823fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Sun, 12 Feb 2023 18:03:54 GMT
Last-Modified: Sun, 01 May 2005 06:02:22 GMT
Server: nginx/1.18.0
ETag: "427470ee-82"
Content-Type: image/gif
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 130
Expires: Tue, 14 Mar 2023 18:03:54 GMT

GET
H/1.1 200
OK skinswitch_pen.gif
tt.germany.ru/images/ 107 B
439 B 11ms
11ms Image
image/gif 138.201.192.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt.germany.ru/images/skinswitch_pen.gif
Requested by: Host: my.germany.ru
URL: https://my.germany.ru/1356479
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.192.69 Apeldoorn, Netherlands, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxc.germany.ru
Software: nginx/1.18.0 /
Resource Hash: 2dd9e534b405733ef3eaef91bf0d4700c507b5a1dc694dad61f3d8f27ec44b03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Sun, 12 Feb 2023 18:03:54 GMT
Last-Modified: Thu, 07 Jul 2005 12:05:56 GMT
Server: nginx/1.18.0
ETag: "42cd1aa4-6b"
Content-Type: image/gif
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 107
Expires: Tue, 14 Mar 2023 18:03:54 GMT

GET
H/1.1 200
OK skinswitch_khaki.gif
tt.germany.ru/images/ 570 B
903 B 12ms
11ms Image
image/gif 138.201.192.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt.germany.ru/images/skinswitch_khaki.gif
Requested by: Host: my.germany.ru
URL: https://my.germany.ru/1356479
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.192.69 Apeldoorn, Netherlands, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxc.germany.ru
Software: nginx/1.18.0 /
Resource Hash: e08ecb85f947fd5f442332879a817ba5a3a645bee8ea7a3f39212348e50d97e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Sun, 12 Feb 2023 18:03:54 GMT
Last-Modified: Thu, 07 Jul 2005 12:05:53 GMT
Server: nginx/1.18.0
ETag: "42cd1aa1-23a"
Content-Type: image/gif
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 570
Expires: Tue, 14 Mar 2023 18:03:54 GMT

GET
H/1.1 200
OK skinswitch_night.gif
tt.germany.ru/images/ 562 B
895 B 12ms
12ms Image
image/gif 138.201.192.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt.germany.ru/images/skinswitch_night.gif
Requested by: Host: my.germany.ru
URL: https://my.germany.ru/1356479
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.192.69 Apeldoorn, Netherlands, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxc.germany.ru
Software: nginx/1.18.0 /
Resource Hash: df0afbcac71eda0e189a2b70c5241beae9d0e990074727542cb05a93650fb6de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Sun, 12 Feb 2023 18:03:54 GMT
Last-Modified: Thu, 07 Jul 2005 12:05:46 GMT
Server: nginx/1.18.0
ETag: "42cd1a9a-232"
Content-Type: image/gif
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 562
Expires: Tue, 14 Mar 2023 18:03:54 GMT

GET
H/1.1 200
OK skinswitch_tiger.gif
tt.germany.ru/images/ 250 B
582 B 12ms
12ms Image
image/gif 138.201.192.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt.germany.ru/images/skinswitch_tiger.gif
Requested by: Host: my.germany.ru
URL: https://my.germany.ru/1356479
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.192.69 Apeldoorn, Netherlands, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxc.germany.ru
Software: nginx/1.18.0 /
Resource Hash: 7623e3dabbcb4918185bdefe006d9ff2266b24d2bb244d97522df6d806f2832e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Sun, 12 Feb 2023 18:03:54 GMT
Last-Modified: Sat, 09 Jul 2005 12:09:32 GMT
Server: nginx/1.18.0
ETag: "42cfbe7c-fa"
Content-Type: image/gif
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 250
Expires: Tue, 14 Mar 2023 18:03:54 GMT

GET
H/1.1 200
OK skinswitch_winter.gif
tt.germany.ru/images/ 240 B
572 B 11ms
11ms Image
image/gif 138.201.192.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt.germany.ru/images/skinswitch_winter.gif
Requested by: Host: my.germany.ru
URL: https://my.germany.ru/1356479
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.192.69 Apeldoorn, Netherlands, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxc.germany.ru
Software: nginx/1.18.0 /
Resource Hash: 280f628fd9d0a6f780202257be7609d26865d9d61e9b9780be63169f2ebe1525

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Sun, 12 Feb 2023 18:03:54 GMT
Last-Modified: Sun, 11 Dec 2005 04:29:33 GMT
Server: nginx/1.18.0
ETag: "439bab2d-f0"
Content-Type: image/gif
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 240
Expires: Tue, 14 Mar 2023 18:03:54 GMT

GET
H/1.1 200
OK skinswitch_xmas.gif
tt.germany.ru/images/ 260 B
593 B 13ms
12ms Image
image/gif 138.201.192.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt.germany.ru/images/skinswitch_xmas.gif
Requested by: Host: my.germany.ru
URL: https://my.germany.ru/1356479
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.192.69 Apeldoorn, Netherlands, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxc.germany.ru
Software: nginx/1.18.0 /
Resource Hash: a377d904d0302671c6f45af9c57876759f5aa839266aee95515a3b1ceb17ee5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Sun, 12 Feb 2023 18:03:54 GMT
Last-Modified: Sun, 11 Dec 2005 04:29:35 GMT
Server: nginx/1.18.0
ETag: "439bab2f-104"
Content-Type: image/gif
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 260
Expires: Tue, 14 Mar 2023 18:03:54 GMT

GET
H/1.1 200
OK 1.gif
tt.germany.ru/images/ 43 B
374 B 11ms
11ms Image
image/gif 138.201.192.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt.germany.ru/images/1.gif
Requested by: Host: my.germany.ru
URL: https://my.germany.ru/1356479
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.192.69 Apeldoorn, Netherlands, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxc.germany.ru
Software: nginx/1.18.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Sun, 12 Feb 2023 18:03:54 GMT
Last-Modified: Mon, 25 Apr 2005 02:41:33 GMT
Server: nginx/1.18.0
ETag: "426c58dd-2b"
Content-Type: image/gif
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 14 Mar 2023 18:03:54 GMT

GET
H/1.1 200
OK g2.min.js Show response
ttn.germany.ru/assets/ 134 KB
47 KB 13ms
13ms Script
application/javascript 188.40.142.195
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ttn.germany.ru/assets/g2.min.js?4
Requested by: Host: my.germany.ru
URL: https://my.germany.ru/1356479
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.40.142.195 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxb.germany.ru
Software: nginx/1.7.10 /
Resource Hash: d9b8557c16ce78263c0cf25baef1e2e59956692bb26b55a0f1bcb7504ef8066a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Sun, 12 Feb 2023 18:03:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Apr 2018 16:52:09 GMT
Server: nginx/1.7.10
ETag: W/"5acb9a39-218a0"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Connection: keep-alive
Expires: Tue, 14 Mar 2023 18:03:54 GMT

GET
H/1.1 200
OK r.js Show response
h.germany.ru/abogat/r/ 776 B
739 B 17ms
11ms Script
application/javascript 138.201.192.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://h.germany.ru/abogat/r/r.js
Requested by: Host: my.germany.ru
URL: https://my.germany.ru/1356479
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.192.69 Apeldoorn, Netherlands, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxc.germany.ru
Software: nginx/1.18.0 /
Resource Hash: 827dfa5823a7da58bf9e8d3277f40011f2afed7fcc2f1a2e0ace062d9d6a3e87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Sun, 12 Feb 2023 18:03:54 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Dec 2015 19:43:33 GMT
Server: nginx/1.18.0
ETag: W/"567c4ae5-308"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Tue, 14 Mar 2023 18:03:54 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 48ms
13ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: my.germany.ru
URL: https://my.germany.ru/1356479

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 12 Feb 2023 16:13:14 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 6640
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sun, 12 Feb 2023 18:13:14 GMT

GET
H2 200 jizfRExUiTo99u79B_mh0OqtLQ0Z.woff2
fonts.gstatic.com/s/ptsans/v17/ 29 KB
30 KB 110ms
31ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0OqtLQ0Z.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700,400italic,700italic&subset=latin,cyrillic,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a045fdc088409e4e87d57617de7a9b613bf251c12997180910faeed8fa7aba1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://my.germany.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 20:42:27 GMT
x-content-type-options: nosniff
age: 163287
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29928
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:55:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Feb 2024 20:42:27 GMT

GET
H2 200 jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 44 KB
44 KB 139ms
60ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700,400italic,700italic&subset=latin,cyrillic,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://my.germany.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 15:21:09 GMT
x-content-type-options: nosniff
age: 441765
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45300
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Feb 2024 15:21:09 GMT

GET
H2 200 jizaRExUiTo99u79D0aExdGM.woff2
fonts.gstatic.com/s/ptsans/v17/ 28 KB
28 KB 180ms
104ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0aExdGM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700,400italic,700italic&subset=latin,cyrillic,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e9c22d02fc319b701844b334477a05fd32acee9668feb98672f6c27887f79cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://my.germany.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 04:37:37 GMT
x-content-type-options: nosniff
age: 134777
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28444
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:45:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Feb 2024 04:37:37 GMT

GET
H2 200 jizYRExUiTo99u79D0e0x8mI.woff2
fonts.gstatic.com/s/ptsans/v17/ 42 KB
42 KB 153ms
79ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizYRExUiTo99u79D0e0x8mI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700,400italic,700italic&subset=latin,cyrillic,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

595c14bd7589b069e4570ba658cfab8850611639e8a077ca84ef263bfa4671f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://my.germany.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 23:26:43 GMT
x-content-type-options: nosniff
age: 412631
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42500
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:01:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Feb 2024 23:26:43 GMT

GET
DATA 200
OK truncated
/ 808 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c18882a8a5fc37c7b487e11ef1d0f04bbec8df9f5001cac32630b0395f291612

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f6340047533842f4a5c575d504d8463d80845aabcf8086a0763c1c0571dc33f9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 46 KB
46 KB 157ms
93ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700,400italic,700italic&subset=latin,cyrillic,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://my.germany.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 15:53:30 GMT
x-content-type-options: nosniff
age: 180624
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47048
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:55:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Feb 2024 15:53:30 GMT

GET
H2 200 impr Show response
gaa.adscale.de/ 533 B
871 B 163ms
102ms Script
text/javascript 75.2.86.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gaa.adscale.de/impr?v=2&sid=NzI5Yzgw&nu=0&t=1676225034253&ssl=1&pos=above&ws=https%3A%2F%2Fmy.germany.ru%2F1356479&uuid=14c5c4e9-70dd-48ba-b7bf-3bd5cb437a5b
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/getads.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.86.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a3436eee63857ff41.awsglobalaccelerator.com
Software: /
Resource Hash: 4398ea7291a151cbd8392b8b5b6862b9ae3d3efd1a63964b6e130b10343c02c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

p3p: CP=NOI PSA OUR
date: Sun, 12 Feb 2023 18:03:54 GMT
cache-control: no-cache
x-robots-tag: none
content-length: 533
content-type: text/javascript

GET
H2 200 impr Show response
gaa.adscale.de/ 665 B
1005 B 134ms
84ms Script
text/javascript 75.2.86.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gaa.adscale.de/impr?v=2&sid=NzQ2YzAw&nu=0&t=1676225034259&ssl=1&pos=above&ws=https%3A%2F%2Fmy.germany.ru%2F1356479&uuid=0c3d6587-3296-4837-99ba-f1ad98506645
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/getads.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.86.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a3436eee63857ff41.awsglobalaccelerator.com
Software: /
Resource Hash: 51b3f24d652233d69d0c9e69da3d1173f5d5bff754103d062259fc0fdafa399e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

p3p: CP=NOI PSA OUR
date: Sun, 12 Feb 2023 18:03:54 GMT
cache-control: no-cache
x-robots-tag: none
content-length: 665
content-type: text/javascript

GET
H2 200 impr Show response
gaa.adscale.de/ 497 B
835 B 152ms
103ms Script
text/javascript 75.2.86.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gaa.adscale.de/impr?v=2&sid=YmRiYmMw&nu=0&t=1676225034260&ssl=1&pos=above&ws=https%3A%2F%2Fmy.germany.ru%2F1356479&uuid=bfb892f8-8a7d-4596-bc72-56b51e56124e
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/getads.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.86.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a3436eee63857ff41.awsglobalaccelerator.com
Software: /
Resource Hash: e4ba2238535ca1feb169b4d57ab6ec11d3d6e0c3309aa57e59866cea43259e99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

p3p: CP=NOI PSA OUR
date: Sun, 12 Feb 2023 18:03:54 GMT
cache-control: no-cache
x-robots-tag: none
content-length: 497
content-type: text/javascript

GET
H2 200 impr Show response
gaa.adscale.de/ 549 B
887 B 202ms
153ms Script
text/javascript 75.2.86.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gaa.adscale.de/impr?v=2&sid=YmRkNWMw&nu=0&t=1676225034261&ssl=1&pos=above&ws=https%3A%2F%2Fmy.germany.ru%2F1356479&uuid=b61844c2-fdb7-4306-9765-46a374eda473
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/getads.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.86.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a3436eee63857ff41.awsglobalaccelerator.com
Software: /
Resource Hash: ec836978f5b8719542d7769820f0f3c6d3b03bdfbb4fcc68d7401bc8fabe83ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

p3p: CP=NOI PSA OUR
date: Sun, 12 Feb 2023 18:03:54 GMT
cache-control: no-cache
x-robots-tag: none
content-length: 549
content-type: text/javascript

GET
H2 200 impr Show response
gaa.adscale.de/ 547 B
885 B 139ms
90ms Script
text/javascript 75.2.86.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gaa.adscale.de/impr?v=2&sid=NzYzNTQw&nu=0&t=1676225034262&ssl=1&pos=above&ws=https%3A%2F%2Fmy.germany.ru%2F1356479&uuid=745ce68a-4133-498b-a209-23cbc0f971a3
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/getads.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.86.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a3436eee63857ff41.awsglobalaccelerator.com
Software: /
Resource Hash: c6c5a0858c896086bade97776b401d28b9001003c07df729c04ff4c805c81ac1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

p3p: CP=NOI PSA OUR
date: Sun, 12 Feb 2023 18:03:54 GMT
cache-control: no-cache
x-robots-tag: none
content-length: 547
content-type: text/javascript

GET
H/1.1 200
OK lib.js Show response
h.germany.ru/abogat/r/ 8 KB
3 KB 13ms
13ms Script
application/javascript 138.201.192.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://h.germany.ru/abogat/r/lib.js
Requested by: Host: h.germany.ru
URL: https://h.germany.ru/abogat/r/r.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.192.69 Apeldoorn, Netherlands, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxc.germany.ru
Software: nginx/1.18.0 /
Resource Hash: d6395ae2c5192b156c0ad3a09d9f18f667d5637e590787feaf8f53d90587ef71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Sun, 12 Feb 2023 18:03:54 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Dec 2015 21:11:47 GMT
Server: nginx/1.18.0
ETag: W/"5669ea93-20f0"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Tue, 14 Mar 2023 18:03:54 GMT

GET
H/1.1 200
OK redactor.css
h.germany.ru/abogat/r/ 50 KB
21 KB 14ms
12ms Stylesheet
text/css 138.201.192.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://h.germany.ru/abogat/r/redactor.css
Requested by: Host: h.germany.ru
URL: https://h.germany.ru/abogat/r/r.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.192.69 Apeldoorn, Netherlands, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxc.germany.ru
Software: nginx/1.18.0 /
Resource Hash: 53029bd52ce68ef409d482286ed118409ad98821ad52ca971da9f98103821312

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Sun, 12 Feb 2023 18:03:54 GMT
Content-Encoding: gzip
Last-Modified: Tue, 27 Dec 2016 19:41:15 GMT
Server: nginx/1.18.0
ETag: W/"5862c3db-c672"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Tue, 14 Mar 2023 18:03:54 GMT

GET
H/1.1 200
OK redactor.js Show response
h.germany.ru/abogat/r/ 331 KB
85 KB 25ms
24ms Script
application/javascript 138.201.192.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://h.germany.ru/abogat/r/redactor.js
Requested by: Host: h.germany.ru
URL: https://h.germany.ru/abogat/r/r.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.192.69 Apeldoorn, Netherlands, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxc.germany.ru
Software: nginx/1.18.0 /
Resource Hash: 85dac06246c41e07cf74291618cb28e5b31a03fb2b7279368e85e8a931eb3a09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Sun, 12 Feb 2023 18:03:54 GMT
Content-Encoding: gzip
Last-Modified: Tue, 15 May 2018 18:34:11 GMT
Server: nginx/1.18.0
ETag: W/"5afb2823-52c82"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Tue, 14 Mar 2023 18:03:54 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
208 B 21ms
21ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1885137553&t=pageview&_s=1&dl=https%3A%2F%2Fmy.germany.ru%2F1356479&ul=en-us&de=UTF-8&dt=Mangola%20-%20Germany.ru&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1324210656&gjid=1051230464&cid=2002525937.1676225034&tid=UA-859178-1&_gid=1308761290.1676225034&_r=1&_slc=1&z=1792557294

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.germany.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 12 Feb 2023 18:03:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://my.germany.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
244 B 121ms
18ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-TP4BKXBP5N&gtm=45je3280&_p=1885137553&cid=2002525937.1676225034&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1676225034&sct=1&seg=0&dl=https%3A%2F%2Fmy.germany.ru%2F1356479&dt=Mangola%20-%20Germany.ru&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TP4BKXBP5N
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Feb 2023 18:03:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://my.germany.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302070101/ 362 KB
119 KB 77ms
77ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2481787217439354&plah=my.germany.ru&bust=31072271

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2f686b3f894543e047002a16feede7d5f492e024199cdc26d1f0fd9e61c4373

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121790
x-xss-protection: 0
server: cafe
etag: 2935657470590962321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 12 Feb 2023 18:03:54 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230207/r20190131/ Frame B06F 10 KB
5 KB 55ms
16ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://my.germany.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 73843
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 11 Feb 2023 21:33:11 GMT
etag: 10353107486223812946
expires: Sat, 25 Feb 2023 21:33:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 userconnect.js Show response
js.adscale.de/ 11 KB
4 KB 11ms
10ms Script
application/javascript 2600:9000:21f3:6400:f:4f64:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adscale.de/userconnect.js
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/getads.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:6400:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca38ab561201a1a68867f61d4fb3df9682756c8927fe80f047624e7ef662f0f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-amz-version-id: F1WLFslisf0rmwZuquiIwonyguD1GNFS
content-encoding: gzip
via: 1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
date: Sun, 12 Feb 2023 16:49:50 GMT
last-modified: Sun, 12 Feb 2023 12:49:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 4445
x-amz-server-side-encryption: AES256
etag: W/"988fbfb6c270a6080f89deb043243858"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=7200
x-amz-cf-id: SylOwmV4IzKC_WfHpi-vVWPayes9wCw_3ZIyeNQyWLn22RiKc59kWQ==

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 9532 143 KB
48 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: js.adscale.de
URL: https://js.adscale.de/getads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed1f3f185ce30c053aa9d7e8420a5360cf8fe9b48f0164ddc7359f836498a1ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49606
x-xss-protection: 0
server: cafe
etag: 6309690130712630683
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 12 Feb 2023 18:03:54 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 9532 143 KB
48 KB 97ms
62ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2481787217439354

Requested by

Host: js.adscale.de
URL: https://js.adscale.de/getads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a0c7b9202d89402f14f6858a6d6ad6f75cad44bb6de80a0ab250ad2b7ef2e0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://my.germany.ru/
Origin: https://my.germany.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49623
x-xss-protection: 0
server: cafe
etag: 11304758631496182004
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 12 Feb 2023 18:03:54 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame A8F3 143 KB
48 KB 167ms
166ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: js.adscale.de
URL: https://js.adscale.de/getads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b2f393d84a1ccf3661f64d86c69ecbe7fc5bfe2a7cb0669139c5f98403f71a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49586
x-xss-protection: 0
server: cafe
etag: 9955632448149702716
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 12 Feb 2023 18:03:54 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame A4A9 143 KB
48 KB 156ms
155ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: js.adscale.de
URL: https://js.adscale.de/getads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9bd38800c6cd48e26d7b8befa66b4652795ed59956f799260765a7add9a4fc65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49588
x-xss-protection: 0
server: cafe
etag: 4421947663678216748
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 12 Feb 2023 18:03:54 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame D545 143 KB
48 KB 139ms
139ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: js.adscale.de
URL: https://js.adscale.de/getads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

421ca725a49e2f08831dda6f2e2ac9db80de5c37f6b3b4f5c4c7d9051cf12c4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49585
x-xss-protection: 0
server: cafe
etag: 4816279914599640946
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 12 Feb 2023 18:03:54 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
348 B 59ms
19ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-859178-1&cid=2002525937.1676225034&jid=1324210656&gjid=1051230464&_gid=1308761290.1676225034&_u=IEBAAEAAAAAAACAAI~&z=317366981

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.germany.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 12 Feb 2023 18:03:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://my.germany.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 userconnect Show response
ih.adscale.de/ 23 B
98 B 50ms
8ms Script
application/javascript 3.120.61.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ih.adscale.de/userconnect?ssl=1&sid=YmRiYmMw&cbfn=stroeerCoreConnect&ts=1676225034504&umd=false&gdpr_err=CMP_CALL_FAILED
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.61.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-61-63.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: f41460caba986527812bbc0aca59a5991e94c63ad31c613f8a60658bbd0ce727

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:54 GMT
content-length: 23
content-type: application/javascript

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 36B9 143 KB
48 KB 121ms
121ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: js.adscale.de
URL: https://js.adscale.de/getads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac717aea7177fa17d3f2801da41de443db7113d4645e6cc7fb1ecec7cd08ba5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49601
x-xss-protection: 0
server: cafe
etag: 7620850687384326136
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 12 Feb 2023 18:03:54 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302080101/ Frame 9532 365 KB
120 KB 88ms
87ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2481787217439354&plah=my.germany.ru&bust=31072272

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

602bebccd3f9cac9e53280a9cbe665893556da58bd6cdb536cf1d4114377a86c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122941
x-xss-protection: 0
server: cafe
etag: 7025390013186360212
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 12 Feb 2023 18:03:54 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 92ms
52ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-859178-1&cid=2002525937.1676225034&jid=1324210656&_u=IEBAAEAAAAAAACAAI~&z=1901590201

Requested by

Host: my.germany.ru
URL: https://my.germany.ru/1356479

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Feb 2023 18:03:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 90ms
52ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-859178-1&cid=2002525937.1676225034&jid=1324210656&_u=IEBAAEAAAAAAACAAI~&z=1901590201

Requested by

Host: my.germany.ru
URL: https://my.germany.ru/1356479

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Feb 2023 18:03:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
0 49ms
49ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe&e=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2481787217439354&plah=my.germany.ru&bust=31072271

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Feb 2023 18:03:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302060101/ Frame D545 362 KB
119 KB 68ms
68ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2481787217439354&plah=my.germany.ru

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e5b7c5405a82a32e59de1283a2569a44698c084f5c0a6da0e5f59936a970174

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121759
x-xss-protection: 0
server: cafe
etag: 8307527425110955272
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 12 Feb 2023 18:03:54 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302060101/ Frame A8F3 362 KB
119 KB 113ms
112ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2481787217439354&plah=my.germany.ru

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

122e4507eed63f7201504f03fdf66194c3de110ed887824df649584e66d0fb26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121759
x-xss-protection: 0
server: cafe
etag: 16308391100142992445
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 12 Feb 2023 18:03:54 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302080101/ Frame 36B9 365 KB
120 KB 79ms
79ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2481787217439354&plah=my.germany.ru&bust=31072272

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7fd6a2dfb48b58ef68d24b0309e1e34ede3262dca1f93c9f5c4aa5ce0bde3e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122938
x-xss-protection: 0
server: cafe
etag: 4126639391980773331
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 12 Feb 2023 18:03:54 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302060101/ Frame A4A9 362 KB
119 KB 133ms
133ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2481787217439354&plah=my.germany.ru

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1288ecd2fa4fd5062c109f2037c1e40427cbaaaa98d6d6dec005435d7744a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121759
x-xss-protection: 0
server: cafe
etag: 4997190964651599480
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 12 Feb 2023 18:03:54 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 9532 387 B
603 B 116ms
22ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=my.germany.ru&callback=_gfp_s_&client=ca-pub-2481787217439354

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2481787217439354&plah=my.germany.ru&bust=31072272

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1d0de10a344b5e0f0dac7bc76c5afcafdd997a6fb996c5f3dc2157512e713f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 252
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 9532 107 B
531 B 108ms
24ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=my.germany.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 9532 107 B
456 B 88ms
26ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=my.germany.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8969 0
173 B 231ms
228ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2481787217439354&output=html&adk=1812271804&adf=2373185778&lmt=1676225034&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x540_l%7C308x540_r&format=0x0&url=https%3A%2F%2Fmy.germany.ru%2F1356479&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676225034572&bpp=3&bdt=126&idt=231&shv=r20230207&mjsv=m202302080101&ptt=9&saldr=aa&nras=1&correlator=616708576777&frm=23&ife=1&pv=2&ga_vid=2002525937.1676225034&ga_sid=1676225035&ga_hid=1491244668&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3625558336&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44773810%2C44759927%2C31072227%2C31072258%2C31072272%2C31072287&oid=2&pvsid=3440890330699800&tmod=1820146636&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.oul4tqfqnsf&fsb=1&dtd=279

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://my.germany.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 12 Feb 2023 18:03:55 GMT
expires: Sun, 12 Feb 2023 18:03:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 9532 14 KB
11 KB 64ms
62ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

162974afde6c5452587d6eee6a4d2481e0716788fcd049409498a0aba56dd99a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11033
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6B38 436 B
410 B 132ms
131ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2481787217439354&output=html&h=100&slotname=8174686189&adk=3660800153&adf=3279755396&pi=t.ma~as.8174686189&w=480&lmt=1676225034&format=480x100&url=https%3A%2F%2Fmy.germany.ru%2F1356479&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676225034575&bpp=2&bdt=129&idt=282&shv=r20230207&mjsv=m202302080101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=616708576777&frm=23&ife=1&pv=1&ga_vid=2002525937.1676225034&ga_sid=1676225035&ga_hid=1491244668&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3625558336&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44773810%2C44759927%2C31072227%2C31072258%2C31072272%2C31072287&oid=2&pvsid=3440890330699800&tmod=1820146636&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CEr%7C&abl=CS&pfx=0&fu=32772&bc=31&ifi=2&uci=2.oasx3zunnhci&fsb=1&dtd=288

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

003a64d89205d1628cdfd77f36463c6b24afff7cd75f4a0dfd855dd896b62164

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://my.germany.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 211
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 12 Feb 2023 18:03:54 GMT
expires: Sun, 12 Feb 2023 18:03:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame D545 387 B
317 B 36ms
31ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=my.germany.ru&callback=_gfp_s_&client=ca-pub-2481787217439354

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2481787217439354&plah=my.germany.ru

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

525ca152cdde9c1b9d266a5aafbf40510b32f4e5140c69d0019da321942185e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 252
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame D545 107 B
165 B 35ms
34ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=my.germany.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame D545 107 B
165 B 24ms
23ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=my.germany.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F698 23 KB
10 KB 205ms
204ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2481787217439354&output=html&h=600&slotname=7588654406&adk=2245745956&adf=3279755401&pi=t.ma~as.7588654406&w=300&lmt=1676225034&format=300x600&url=https%3A%2F%2Fmy.germany.ru%2F1356479&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676225034680&bpp=3&bdt=189&idt=223&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&correlator=616708576777&frm=23&ife=1&pv=1&ga_vid=2002525937.1676225034&ga_sid=1676225035&ga_hid=1323094820&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1290&ady=378&biw=1600&bih=1200&isw=0&ish=0&ifk=3625558336&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31072224%2C44779793%2C31071662&oid=2&pvsid=1592943485690680&tmod=717085120&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.a2qd127d2vju&fsb=1&dtd=246

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2eafef8685817920107164084a7f051cc733c8371cd4f227f361431a0c3e4318

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://my.germany.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 10015
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 12 Feb 2023 18:03:55 GMT
expires: Sun, 12 Feb 2023 18:03:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame D545 14 KB
11 KB 63ms
62ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25d5abd346cb3c925246ac85610c6d5629ba9f30a13b02b041718d1da9dc7b58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11150
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 9532 17 KB
7 KB 187ms
79ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 12 Feb 2023 18:03:55 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 36B9 387 B
318 B 25ms
24ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=my.germany.ru&callback=_gfp_s_&client=ca-pub-2481787217439354

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05f09f09f1a14aff15310438bdda8a7c26ca04caa12e305b665d5e48cc2253f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 250
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 36B9 107 B
165 B 25ms
24ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=my.germany.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 36B9 107 B
165 B 279ms
279ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=my.germany.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B992 23 KB
10 KB 234ms
233ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2481787217439354&output=html&h=280&slotname=2606245871&adk=3570679225&adf=3279755400&pi=t.ma~as.2606245871&w=970&fwrn=3&fwrnh=100&lmt=1676225034&rafmt=1&format=970x280&url=https%3A%2F%2Fmy.germany.ru%2F1356479&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676225034711&bpp=7&bdt=199&idt=240&shv=r20230207&mjsv=m202302080101&ptt=9&saldr=aa&correlator=616708576777&frm=23&ife=1&pv=1&ga_vid=2002525937.1676225034&ga_sid=1676225035&ga_hid=522534685&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=689&biw=1600&bih=1200&isw=970&ish=0&ifk=232895196&scr_x=0&scr_y=0&eid=44759837%2C44759926%2C44759875%2C31071756%2C31072272%2C31072288%2C44779793&oid=2&pvsid=645908094534508&tmod=116735299&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.e9y3lm44tm8n&fsb=1&dtd=258

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e6dee35a827763ee17121e5ff05a8cd36ae4c50525f0bfcb5b83364a446db96e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://my.germany.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 10008
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 12 Feb 2023 18:03:55 GMT
expires: Sun, 12 Feb 2023 18:03:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 36B9 14 KB
11 KB 59ms
59ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bfb80903aef5fd75e90d6af0538115bd5d2b524fc17e6fffc1e995e86e85f13e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11182
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame D545 17 KB
6 KB 183ms
140ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 12 Feb 2023 18:03:55 GMT

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame A4A9 12 B
53 B 24ms
23ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=my.germany.ru&callback=_gfp_s_&client=ca-pub-2481787217439354&cookie=ID%3Da0c2c402c8cb1fbd-225c15028bdc0063%3AT%3D1676225034%3ART%3D1676225034%3AS%3DALNI_MYxBwILpjSgAd_xzSdvdvFciwRyoQ&gpic=UID%3D00000bb503269a6a%3AT%3D1676225034%3ART%3D1676225034%3AS%3DALNI_MZ2J2oLRrCfyikZinyHGbyeHjR0Vw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame A4A9 107 B
122 B 24ms
24ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=my.germany.ru

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame A4A9 107 B
122 B 210ms
210ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=my.germany.ru

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8A86 26 KB
12 KB 256ms
255ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2481787217439354&output=html&h=90&slotname=2458072068&adk=2750932062&adf=3279755398&pi=t.ma~as.2458072068&w=728&lmt=1676225035&rafmt=12&format=728x90&url=https%3A%2F%2Fmy.germany.ru%2F1356479&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676225034733&bpp=5&bdt=251&idt=297&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&cookie=ID%3Da0c2c402c8cb1fbd-225c15028bdc0063%3AT%3D1676225034%3ART%3D1676225034%3AS%3DALNI_MYxBwILpjSgAd_xzSdvdvFciwRyoQ&gpic=UID%3D00000bb503269a6a%3AT%3D1676225034%3ART%3D1676225034%3AS%3DALNI_MZ2J2oLRrCfyikZinyHGbyeHjR0Vw&correlator=616708576777&frm=23&ife=1&pv=1&ga_vid=2002525937.1676225034&ga_sid=1676225035&ga_hid=2143776794&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=58&biw=1600&bih=1200&isw=0&ish=0&ifk=3625558336&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44773810%2C31072288&oid=2&pvsid=3592967760079115&tmod=826852182&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=260&bc=31&ifi=1&uci=1.9xc328x70tr&fsb=1&dtd=316

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731f1eb40315f0eb7928b43f3476f7b24896247ca790899fff074d2f1f633ba3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://my.germany.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 12389
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 12 Feb 2023 18:03:55 GMT
expires: Sun, 12 Feb 2023 18:03:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame A4A9 14 KB
11 KB 59ms
59ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5fe97e8d84a38b830d49111a32dde043021d93cd2c70b2373a862b2f99847183

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11191
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 36B9 17 KB
6 KB 129ms
129ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 12 Feb 2023 18:03:55 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame A4A9 17 KB
6 KB 135ms
135ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 12 Feb 2023 18:03:55 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8A7A 13 KB
5 KB 29ms
29ms Document
text/html 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://my.germany.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 181521
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Feb 2023 15:38:34 GMT
expires: Sat, 10 Feb 2024 15:38:34 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C71A 783 B
965 B 30ms
24ms Document
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

75984ff0b46d9fbe73e2ae13058996eb6d1372effebe7e42f670abc490adf152

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_VopEZoHGLosmiDF2Xraog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://my.germany.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 510
content-security-policy: script-src 'report-sample' 'nonce-_VopEZoHGLosmiDF2Xraog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 12 Feb 2023 18:03:55 GMT
expires: Sun, 12 Feb 2023 18:03:55 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame F698 3 KB
1 KB 35ms
34ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2481787217439354&output=html&h=600&slotname=7588654406&adk=2245745956&adf=3279755401&pi=t.ma~as.7588654406&w=300&lmt=1676225034&format=300x600&url=https%3A%2F%2Fmy.germany.ru%2F1356479&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676225034680&bpp=3&bdt=189&idt=223&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&correlator=616708576777&frm=23&ife=1&pv=1&ga_vid=2002525937.1676225034&ga_sid=1676225035&ga_hid=1323094820&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1290&ady=378&biw=1600&bih=1200&isw=0&ish=0&ifk=3625558336&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31072224%2C44779793%2C31071662&oid=2&pvsid=1592943485690680&tmod=717085120&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.a2qd127d2vju&fsb=1&dtd=246

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 15:23:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9641
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Feb 2023 15:23:14 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame F698 18 KB
8 KB 30ms
29ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95400c0abce893a943ceb22f1029b92506b3beda9415c0650bcfc3cb4e401868

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 15:23:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9641
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7626
x-xss-protection: 0
server: cafe
etag: 5262822293969176042
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Feb 2023 15:23:14 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F698 156 KB
48 KB 126ms
60ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b820dc122a80f08db00e452d97da2973b7e45407e11f2e97b043f97aa9a6bd3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48910
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675860536307976"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 12 Feb 2023 18:03:55 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F698 0
0 56ms
55ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CBbk-CirpY-PxO4abiQb064qoAcme0rFc1Z2R93DAjbcBEAEgAGCVwqaCsAeCARdjYS1wdWItMjQ4MTc4NzIxNzQzOTM1NMgBCakCn_vxDvLpsT6oAwGqBK8BT9AfEuFkTNIAzBx9XrycNyswZvXEQGEKz-vxbYp2BWFrqk_smHgLEUe3ukZWMYz5to3CJ14hgPFYvtnAIS6muy6zc7kE_UojT5qioQ02Q1hwGtqs6QrSlas9zw71jyqJnP7sDE9woRKtF0H9yJvryC-cclk3WnhydIxSiL52xTmgaMTrSvXRr6SawO0bNJPdC5s9FFTNujfdkSFVpNdqyRKD3siVGkz5DylbCvTmY4AGi76M3cCuk9raAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMjQ4MTc4NzIxNzQzOTM1NBgA&sigh=CmfMQToDuoo&uach_m=[UACH]&cid=CAQSGwDUE5ymufw8XLmIkVXgpU749xjFuopQxnemIRgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2481787217439354&output=html&h=600&slotname=7588654406&adk=2245745956&adf=3279755401&pi=t.ma~as.7588654406&w=300&lmt=1676225034&format=300x600&url=https%3A%2F%2Fmy.germany.ru%2F1356479&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676225034680&bpp=3&bdt=189&idt=223&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&correlator=616708576777&frm=23&ife=1&pv=1&ga_vid=2002525937.1676225034&ga_sid=1676225035&ga_hid=1323094820&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1290&ady=378&biw=1600&bih=1200&isw=0&ish=0&ifk=3625558336&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31072224%2C44779793%2C31071662&oid=2&pvsid=1592943485690680&tmod=717085120&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.a2qd127d2vju&fsb=1&dtd=246
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 12 Feb 2023 18:03:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 12 Feb 2023 18:03:55 GMT

GET
H2 204 notify
rtb.fr.eu.criteo.com/google/auction/ Frame F698 0
0 512ms
23ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kODuEt-BMKwC2ASdg2ICAgAAAC4wqN62E9vuEAoq6WM8pV8TZdL2t7Zr6QASAAAKDkFRVVJCUVlCQlFFQkJR&wp=Y-kqCgAO-OMKwk2GAAK19Mq9Po7TjqT1FAGkfQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 98BC 249 KB
63 KB 394ms
159ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y-kqCgAO-OMKwk2GAAK19Mq9Po7TjqT1FAGkfQ&u=%7CLGGW%2BsZ4wbrbdUmaI2V5LyFKdylForb8yNCPxpgagMw%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrSzdAvklCiymh-AmoIDed1ipUT25GSf4krQyHSRYdaHg7S2txPrKTY7bpRBgfvQocZuB6_pyCnVlqYd0wtap9CR5l2r8vxpr7NKO6nOB3fJSYDPKY-PrINStzgLy8sRvxq9HBwibteztoqclbsM8OakhTL3NoPVNRXu7DYIyKx6H6lTzBNItlm9RkrDo44IAY9zqovp6-JrnihiAFoxqlqq0_k6gasKIJhkK_mOCvhB-kUM2c-VB9GkrCykohgEqOEQlagoSDrvFm59mlgNKcun-UvtGYfop_QnjdPKbg-jWpuHThGR6yW_8wCJvySEbYlBhM0SL3dyWJ4CmaLN39GO-2hv3pWM6ISANKglVZVUz-bidIwocyViaIGeXlL9L1V4zj0ZtgriKxtFL3HGgc0QUEVzhmWed9bZRcvatlKwdfImO9E-87AUvck1un_eMUhU20C8HWpVSkv2OyYfqusFO4oPAsXVm-aLdrwpg27o-d9PXpv3srmdBI1h_Eazwl7dv7W7YAxlfjKQ48JKH8lgo3UogkEuLq6REIkWByCaw15Lp8Np_GxMi3GeZLfmjsbpKM96Whd9zfAI4zt2Od1aB-Tr1knc2ROQSkTWhhR7PFdPa6B4zZyQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMlfhCirpY-PxO4abiQb064qoAcme0rFc1Z2R93DAjbcBEAEgAGCVwqaCsAeCARdjYS1wdWItMjQ4MTc4NzIxNzQzOTM1NMgBCakCn_vxDvLpsT6oAwGqBLIBT9AfEuFkTNIAzBx9XrycNyswZvXEQGEKz-vxbYp2BWFrqk_smHgLEUe3ukZWMYz5to3CJ14hgPFYvtnAIS6muy6zc7kE_UojT5qioQ02Q1hwGtqs6QrSlas9zw71jyqJnP7sDE9woRKtF0H9yJvryC-cclk3WnhydIxSiL52xTmgaMTrSvXRr6TYwsyJsxxBGCShAPcdh5ElmDVfEt1E0ZA3FvUz6PPnIzHeoHD13PP2YIAGi76M3cCuk9raAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1hALhvOsyXwjFqP7O4Nlxa3t3MDA%26client%3Dca-pub-2481787217439354%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4fddc082f92a3994c8de58ded5f90589a939dbb2f97ed3b02e5f5cf41f7cc253

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 12 Feb 2023 18:03:55 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=xU-n8Q3Z7U4r67NeBdDGsgkr0oI1d6VUOIP5xTyW43JZqRUX_m-9lSha__2DsPiUWejpmOct8pFZpzJJNbInTxvAz4QTjhjpuU1TZNTzyPlgV-JkyAg5Gd3fp2xZilbJ8pOJhkiGftHriwAyvIqBGf1Gxx9-kqQeZPu8Z2DHg1D_1ZWE5-0aZHWicdl4nIwb3chRCaaUn5qHqxiXkDxgPxJ86yV4-lN3KVKJjt2PPfVZJMuS8UKw2hi20CU"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 133426596
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C71A 0
0 47ms
47ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230207&jk=3440890330699800&rc=
Requested by: Host: my.germany.ru
URL: https://my.germany.ru/1356479
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

GET
H3 200 fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js Show response
pagead2.googlesyndication.com/bg/ Frame 8A7A 36 KB
14 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 17:48:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 936
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14345
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 12 Feb 2024 17:48:19 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3D22 13 KB
5 KB 29ms
28ms Document
text/html 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://my.germany.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 181521
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Feb 2023 15:38:34 GMT
expires: Sat, 10 Feb 2024 15:38:34 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CE4C 783 B
532 B 28ms
27ms Document
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6c74bf413092070b534400ee1d148db470782d019a283142f598b09b93d998df

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TemzlgqnYkhhbUw9cevSEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://my.germany.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 510
content-security-policy: script-src 'report-sample' 'nonce-TemzlgqnYkhhbUw9cevSEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 12 Feb 2023 18:03:55 GMT
expires: Sun, 12 Feb 2023 18:03:55 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E1B2 13 KB
5 KB 31ms
30ms Document
text/html 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://my.germany.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 181521
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Feb 2023 15:38:34 GMT
expires: Sat, 10 Feb 2024 15:38:34 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E1D5 783 B
536 B 26ms
26ms Document
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

277530981cda7ad4b338913a16521b2c44d87614dedfa88c62c99319851ddc66

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CbFD_zggT-97x4MX6hi1iQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://my.germany.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-CbFD_zggT-97x4MX6hi1iQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 12 Feb 2023 18:03:55 GMT
expires: Sun, 12 Feb 2023 18:03:55 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame F698 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ddef41a126c776d129c10dea2d39cdbf28462b180ecf858d9dff226d49a449f3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame B992 3 KB
1 KB 32ms
30ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2481787217439354&output=html&h=280&slotname=2606245871&adk=3570679225&adf=3279755400&pi=t.ma~as.2606245871&w=970&fwrn=3&fwrnh=100&lmt=1676225034&rafmt=1&format=970x280&url=https%3A%2F%2Fmy.germany.ru%2F1356479&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676225034711&bpp=7&bdt=199&idt=240&shv=r20230207&mjsv=m202302080101&ptt=9&saldr=aa&correlator=616708576777&frm=23&ife=1&pv=1&ga_vid=2002525937.1676225034&ga_sid=1676225035&ga_hid=522534685&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=689&biw=1600&bih=1200&isw=970&ish=0&ifk=232895196&scr_x=0&scr_y=0&eid=44759837%2C44759926%2C44759875%2C31071756%2C31072272%2C31072288%2C44779793&oid=2&pvsid=645908094534508&tmod=116735299&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.e9y3lm44tm8n&fsb=1&dtd=258

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 15:23:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9641
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Feb 2023 15:23:14 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame B992 18 KB
7 KB 33ms
31ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95400c0abce893a943ceb22f1029b92506b3beda9415c0650bcfc3cb4e401868

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 15:23:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9641
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7626
x-xss-protection: 0
server: cafe
etag: 5262822293969176042
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Feb 2023 15:23:14 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B992 156 KB
48 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b820dc122a80f08db00e452d97da2973b7e45407e11f2e97b043f97aa9a6bd3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48910
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675860536307976"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 12 Feb 2023 18:03:55 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B992 0
0 56ms
55ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CLTmVCyrpY6vIAa2liQaajrDIB8me0rFczeGS93DAjbcBEAEgAGCVwqaCsAeCARdjYS1wdWItMjQ4MTc4NzIxNzQzOTM1NMgBCakCn_vxDvLpsT6oAwGqBK8BT9AvUKJF2JOBWj4CuPCIJz8RHHuwh-2rLnxbiXhjg8a15Gy4uNcy0o-5AW-MjnA7AdQfbb5wOMvZ5PUYhV7sFAv1LcF_udpFESofTDhEnkDqGBlNQJaCesNKqIY5MTHZcfrZD5DJW9vm5ZCJeVOotVejiNrNtVVjINe25XqSfLua6D0Xtvmglf0AbEk9_Zr9KPOI235j2E9Pk2G8PTZiWoAZs08HNkMz4Gt1Oab4MIAG87iU5Mv6z4f6AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMjQ4MTc4NzIxNzQzOTM1NBgA&sigh=bd4nNJsLWaM&uach_m=[UACH]&cid=CAQSGwDUE5ymDJALERj7z3xQJTwT4SYprFbM-UpXQxgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2481787217439354&output=html&h=280&slotname=2606245871&adk=3570679225&adf=3279755400&pi=t.ma~as.2606245871&w=970&fwrn=3&fwrnh=100&lmt=1676225034&rafmt=1&format=970x280&url=https%3A%2F%2Fmy.germany.ru%2F1356479&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676225034711&bpp=7&bdt=199&idt=240&shv=r20230207&mjsv=m202302080101&ptt=9&saldr=aa&correlator=616708576777&frm=23&ife=1&pv=1&ga_vid=2002525937.1676225034&ga_sid=1676225035&ga_hid=522534685&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=689&biw=1600&bih=1200&isw=970&ish=0&ifk=232895196&scr_x=0&scr_y=0&eid=44759837%2C44759926%2C44759875%2C31071756%2C31072272%2C31072288%2C44779793&oid=2&pvsid=645908094534508&tmod=116735299&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.e9y3lm44tm8n&fsb=1&dtd=258
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 12 Feb 2023 18:03:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame B992 0
0 352ms
18ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kK-YFcz6RMoHmAKdg2ICAgAAANWfA5wsbxIbEAoq6WOX4I9A678t2-tH5wASAAAKDkFRVUJCUVlCQlFFQkJR&wp=Y-kqCwAAZCsKwlKtAAwHGgVwlz2uYrkz1DzMJQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:55 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 234182
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 1BE5 119 KB
42 KB 171ms
93ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y-kqCwAAZCsKwlKtAAwHGgVwlz2uYrkz1DzMJQ&u=%7CLGGW%2BsZ4wbpefxfgy1A1rn8%2FwgdzWevAf8z7SahP7Sg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANf6ytq6cQxVnh9dES0_04hNaaUtAKgxz4DOK-6QdKLguKeI6vKkVpbxQR-quVPBEIMRqJWAAE7VOn6RwA_qs7bL4UTbbdp3gD7K0uKQ4NyH-ZJWVliKUMMn5-vmobq69qpSNJhrCk_6b-xcRhdXLU5DYOG7bi-USv5S58rrDmjRcUJ0AKy8yXyFLwBpehnZyoDK-8--Sz5b86g8EHko7dJAiU6tY0EGyGnYok6gMaR09ZYvHdEQEBYfryu4xgdfSOE49FB_kKEGt84QjnRKl7_L5AK7krZ7w7mlwRRYuJCFzqQrV5J9VLRkhfw1i0cpG0v4AnVAjKonM749-_nGdRawtxDukn2ZIh3mXmO0Vs4H0zR43z-CQjZ7yCeAK1DnQThMaYMZcU2ArbYM29ZNh2V2nIZyjq_UXKWt1N1-sVEmCUfCByZj34vWLke2Rpi0TRV61NSYBuN6sIrpKK1BVMFTQMzObZnREXvI2HWUUmX0qqJSQh_6oe4A2U74kPlS1g7LAV3jxirUmxMrhndHo6HzBclOWesYtdsISwnOIIk5OTeVLu3OLKUE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyd3qCyrpY6vIAa2liQaajrDIB8me0rFczeGS93DAjbcBEAEgAGCVwqaCsAeCARdjYS1wdWItMjQ4MTc4NzIxNzQzOTM1NMgBCakCn_vxDvLpsT6oAwGqBLIBT9AvUKJF2JOBWj4CuPCIJz8RHHuwh-2rLnxbiXhjg8a15Gy4uNcy0o-5AW-MjnA7AdQfbb5wOMvZ5PUYhV7sFAv1LcF_udpFESofTDhEnkDqGBlNQJaCesNKqIY5MTHZcfrZD5DJW9vm5ZCJeVOotVejiNrNtVVjINe25XqSfLua6D0Xtvmglf1CbmivehVhO0wUz92z5em3mnW2izxMQgKte3KhxPwtzHPwkyLrj3efqoAG87iU5Mv6z4f6AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1wunzBVF9w_66UrMmGsVvNOWd2_g%26client%3Dca-pub-2481787217439354%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0486ed69d3cb54a56ebde54c70116f76c8e11c535e0e15331b4b99c75b913703

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 12 Feb 2023 18:03:54 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=FoT5TQ3Z7U4r67NeIDBGtBW8W_LenUvzB1R8fbFyikfaO1jlGYqZ7DtqMgMCTT-xl70klgBzTJFZc9zHFdsJ0T9fFjBvtG7DiR343rhT6WUMIZGvMnmUGZZx1Ix_9zfgmyl4-ea3PwxuIOzmlUH64N7G6DLSwRzR9nx9vDOoaZT7mCV9JiGMiqB5ODJiqftOXz62tPEOBwaFngacf1v1tiA4Nww-n3bhPcmtn0XnTYyO3S-Ht9ZT-wl3j17gTecrPplt7w"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 73081193
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame 8A86 3 KB
2 KB 86ms
14ms Script
application/x-javascript 185.29.132.242
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTVdabE1XUmlaRGt0TWpjd05pMDRNVE5pTFRBd01EQXRNREF3TURBd01EQXdNREF3Lzc1NDIzODQ4MzIwNTM4MDA5MDIvNjYyMjMzMi80NTYyMzA2LzQvS3hmM2hodU8waVhhNGlINmh5V3o3TzRPOWcxa0tHWllycVpQdXlNNERiSS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC83NTQyMzg0ODMyMDUzODAwOTAyL3pyaC8wLzIyOS83OS85OTkvMzIyLzJhMDA6Yzk4OjIwNTA6Oi8wLjAwMC8xNjc2MjI1MDM1LzE2NzYyMzc2MzUvNC9wdWItMjQ4MTc4NzIxNzQzOTM1NC8/fRSK4NpY0EExdJnBZZf-T5Cnl0g&nodeid=3811&group=zrh&auctionid=7542384832053800902&pbs_auctionid=7542384832053800902&shardkey=7542384832053800902&sid=4562306&cid=6622332&bp=a_agiica&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.59&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5_xyCyrpY5TNBpK-ZuGYvPgHz4eOm1zAhtmCxgLAjbcBEAEgAGCVwqaCsAeCARdjYS1wdWItMjQ4MTc4NzIxNzQzOTM1NMgBCagDAaoEsQFP0DMHd9UxkveM-3t8yPWhHkJKZOXBanSP_10-glNuEkAjgt9U40fZOE8NQo9mTwjUKj1HamyihriT95twyaVU9zpA0GvdKeuWeh2jU-uLzhv-LvYyMqHQqx3-i3NJDZZcjwlMCpd1y81BOFOaXxmpi3WkPdm8QvOPflm93tbM4P8sB6E4CBy2YpB15Oenw29Whx3Pu1aCDPuS7NEQbUi1zYmklQE0LT0tzTdhBP5c51aABr7U1vzZmuidqAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1OZ6BAqaf_HBdR43KkoJdLN7TUbQ%26client%3Dca-pub-2481787217439354%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2481787217439354&output=html&h=90&slotname=2458072068&adk=2750932062&adf=3279755398&pi=t.ma~as.2458072068&w=728&lmt=1676225035&rafmt=12&format=728x90&url=https%3A%2F%2Fmy.germany.ru%2F1356479&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676225034733&bpp=5&bdt=251&idt=297&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&cookie=ID%3Da0c2c402c8cb1fbd-225c15028bdc0063%3AT%3D1676225034%3ART%3D1676225034%3AS%3DALNI_MYxBwILpjSgAd_xzSdvdvFciwRyoQ&gpic=UID%3D00000bb503269a6a%3AT%3D1676225034%3ART%3D1676225034%3AS%3DALNI_MZ2J2oLRrCfyikZinyHGbyeHjR0Vw&correlator=616708576777&frm=23&ife=1&pv=1&ga_vid=2002525937.1676225034&ga_sid=1676225035&ga_hid=2143776794&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=58&biw=1600&bih=1200&isw=0&ish=0&ifk=3625558336&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44773810%2C31072288&oid=2&pvsid=3592967760079115&tmod=826852182&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=260&bc=31&ifi=1&uci=1.9xc328x70tr&fsb=1&dtd=316
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.380.0 /
Resource Hash: 76dc3426252df044483944bc2e779e3c5050984db9259c2d766eebea67a48236

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Sun, 12 Feb 2023 18:03:55 GMT
x-mm-nodeid: 3811
Content-Encoding: gzip
x-mm-bid-request-time: 1676225035
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection: close
x-mm-handled-by-owner: true
Last-Modified: Sun, 12 Feb 2023 18:03:55 GMT
Server: MMBD/3.380.0
x-mm-latency: 2 (1)
Content-Type: application/x-javascript; charset=UTF-8
x-mm-dbg: NotCount
Cache-Control: no-cache
x-mm-host: zrh-router-x38, zrh-bidder-x73
x-mm-lag: 0
Expires: Sun, 12 Feb 2023 18:03:54 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame 8A86 3 KB
1 KB 30ms
30ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2481787217439354&output=html&h=90&slotname=2458072068&adk=2750932062&adf=3279755398&pi=t.ma~as.2458072068&w=728&lmt=1676225035&rafmt=12&format=728x90&url=https%3A%2F%2Fmy.germany.ru%2F1356479&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676225034733&bpp=5&bdt=251&idt=297&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&cookie=ID%3Da0c2c402c8cb1fbd-225c15028bdc0063%3AT%3D1676225034%3ART%3D1676225034%3AS%3DALNI_MYxBwILpjSgAd_xzSdvdvFciwRyoQ&gpic=UID%3D00000bb503269a6a%3AT%3D1676225034%3ART%3D1676225034%3AS%3DALNI_MZ2J2oLRrCfyikZinyHGbyeHjR0Vw&correlator=616708576777&frm=23&ife=1&pv=1&ga_vid=2002525937.1676225034&ga_sid=1676225035&ga_hid=2143776794&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=58&biw=1600&bih=1200&isw=0&ish=0&ifk=3625558336&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44773810%2C31072288&oid=2&pvsid=3592967760079115&tmod=826852182&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=260&bc=31&ifi=1&uci=1.9xc328x70tr&fsb=1&dtd=316

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 15:23:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9641
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Feb 2023 15:23:14 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame 8A86 18 KB
7 KB 30ms
30ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95400c0abce893a943ceb22f1029b92506b3beda9415c0650bcfc3cb4e401868

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 15:23:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9641
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7626
x-xss-protection: 0
server: cafe
etag: 5262822293969176042
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Feb 2023 15:23:14 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8A86 0
0 22ms
22ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTIk-rIUJl57nQbdEXCYclvnmE4mO2OeFw7NhvtsujYINsF-ZIBhy2VAmnC_dBZ6eVJrAd7mGgnfjV7W0IhwsTuELgeUQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2481787217439354&output=html&h=90&slotname=2458072068&adk=2750932062&adf=3279755398&pi=t.ma~as.2458072068&w=728&lmt=1676225035&rafmt=12&format=728x90&url=https%3A%2F%2Fmy.germany.ru%2F1356479&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676225034733&bpp=5&bdt=251&idt=297&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&cookie=ID%3Da0c2c402c8cb1fbd-225c15028bdc0063%3AT%3D1676225034%3ART%3D1676225034%3AS%3DALNI_MYxBwILpjSgAd_xzSdvdvFciwRyoQ&gpic=UID%3D00000bb503269a6a%3AT%3D1676225034%3ART%3D1676225034%3AS%3DALNI_MZ2J2oLRrCfyikZinyHGbyeHjR0Vw&correlator=616708576777&frm=23&ife=1&pv=1&ga_vid=2002525937.1676225034&ga_sid=1676225035&ga_hid=2143776794&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=58&biw=1600&bih=1200&isw=0&ish=0&ifk=3625558336&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44773810%2C31072288&oid=2&pvsid=3592967760079115&tmod=826852182&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=260&bc=31&ifi=1&uci=1.9xc328x70tr&fsb=1&dtd=316
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8A86 156 KB
48 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b820dc122a80f08db00e452d97da2973b7e45407e11f2e97b043f97aa9a6bd3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48910
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675860536307976"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 12 Feb 2023 18:03:55 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 331C 13 KB
5 KB 30ms
28ms Document
text/html 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://my.germany.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 181521
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Feb 2023 15:38:34 GMT
expires: Sat, 10 Feb 2024 15:38:34 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9D87 783 B
531 B 26ms
25ms Document
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cb9e9ee07b0961e737bdac42f4d39f91621f28ce2ab326f040b0144e358560ce

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nYDkoea0neoSg1JBhSeASg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://my.germany.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 509
content-security-policy: script-src 'report-sample' 'nonce-nYDkoea0neoSg1JBhSeASg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 12 Feb 2023 18:03:55 GMT
expires: Sun, 12 Feb 2023 18:03:55 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8A86 0
0 56ms
55ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CFn4wCyrpY5TNBpK-ZuGYvPgHz4eOm1zAhtmCxgLAjbcBEAEgAGCVwqaCsAeCARdjYS1wdWItMjQ4MTc4NzIxNzQzOTM1NMgBCagDAaoErgFP0DMHd9UxkveM-3t8yPWhHkJKZOXBanSP_10-glNuEkAjgt9U40fZOE8NQo9mTwjUKj1HamyihriT95twyaVU9zpA0GvdKeuWeh2jU-uLzhv-LvYyMqHQqx3-i3NJDZZcjwlMCpd1y81BOFOaXxmpi3WkPdm8QvOPflm93tbM4P8sB6E4CBy2IJJUdksbZ2jbI1VkYxYt_OaG5m0aQ1BUcEnkOvuVMxE1Y67dA3OABr7U1vzZmuidqAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTI0ODE3ODcyMTc0MzkzNTQYAA&sigh=zB0wKPJas-8&uach_m=[UACH]&cid=CAQSPADUE5ymFO_42U1qOQdGD58GCQuEG2hJQ7WZM-hE3UV2ooQzmaaN93Kl_0oufO_L9rMTEMhbYYwV9Y6VChgB&tpd=AGWhJmsZKm_XxX3ZY-OB8rjxO4J2W0_mD2lbxE9K_fPuh0mqJ3fu1oCB0sDoXqaN2_t5uBai7vcA-YKvAlAOtMqfoYZpj1kIzBW_OaZA0KU5OknpGza4lkTAvAVpR5KECXV7DUPcJDkIDj0qn2Rfz330mbbJV3D5hmpitcgb0wDyzTm3JjzC_4rmbnteof6fdbmmKWJgHewWDKoHyqQUzN2asNcE4R9JxkHzZnLXJUJykJGGk4C7KOryWMTu4z4ohmYoiQeokHImZyKHW8XDvKdvs_r5-TxFgXi-ilKDbzWTwHr9672WahRnJD1NhtqpUojbJmOzfgaFgMMCadbfqC6wqApCL3jm5JyHSKt6e-8wa54RoMJAjngQN6ICc89CHJb_DZUnSi6I3eTNpFynt50OZSqpb-UE-BYSK45TErYzIaR6GI6KRsV6cU_LZaaPLCNnDFBZry81yAUxI50953d5hJTQDzI0ka5Jp09nqHMBYu0nKQt3OSToIJJoXrAJ8Bcl-aExXMKkAzAqWtxgo6lgTjl4sc3v9KD8sHh9UfXshrIOcqZSMIG0_bVDayKBzCnIHDJIaUpf2TdT7VMxErW9bwNbEY5h856SC4Kwk1vlhKR_z1jek3Sgem6lVpXkYMqOS7bj0B358e0UDtonRUdn6k8Cg1_WGXO4HVt331Fr-fjsqdJtR6pzfuzvLgygMKR80MsmaK_LuYdmpVmWwXL44WuB9_7i3tvVFur2XZtXSxrqQ_esHMlZoIQHijzFmCLsoveGmRQJGzObAhR6ogrqy4VDd3f4xz3kgdoNFuhL3by3ujZj_EFQyskXgDwpvoomCQCbIdsVtqGHNHxkJq1YN6qI1Tl_WcdkSFRafDvWXS9ycuIuPvV9dowkwlYWwYgIydq_lbdXAtZ6x7WjF85vcPQJKbN-m_41Sv4PKQRasn2s4cl1_jzqjbkI9iyzqgmMGSEDl5LH1ncbHVMxGKZRy0RM0R4LBdMP54sLiesBQzn5xbhPX9kYRQ3JcaE6TMvGPQkJN1e_FJKstG-W6AccZcI-CVdF21In4hP8z6AEbi99-U07lYwmwsDQIdEE60TgGsofGHDhDHj6GfG08p8q7_YXgK4Q18wx1SCbFfwr4JU6O7wCaKDg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2481787217439354&output=html&h=90&slotname=2458072068&adk=2750932062&adf=3279755398&pi=t.ma~as.2458072068&w=728&lmt=1676225035&rafmt=12&format=728x90&url=https%3A%2F%2Fmy.germany.ru%2F1356479&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676225034733&bpp=5&bdt=251&idt=297&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&cookie=ID%3Da0c2c402c8cb1fbd-225c15028bdc0063%3AT%3D1676225034%3ART%3D1676225034%3AS%3DALNI_MYxBwILpjSgAd_xzSdvdvFciwRyoQ&gpic=UID%3D00000bb503269a6a%3AT%3D1676225034%3ART%3D1676225034%3AS%3DALNI_MZ2J2oLRrCfyikZinyHGbyeHjR0Vw&correlator=616708576777&frm=23&ife=1&pv=1&ga_vid=2002525937.1676225034&ga_sid=1676225035&ga_hid=2143776794&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=58&biw=1600&bih=1200&isw=0&ish=0&ifk=3625558336&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44773810%2C31072288&oid=2&pvsid=3592967760079115&tmod=826852182&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=260&bc=31&ifi=1&uci=1.9xc328x70tr&fsb=1&dtd=316
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 12 Feb 2023 18:03:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CE4C 0
0 48ms
48ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230207&jk=1592943485690680&rc=
Requested by: Host: my.germany.ru
URL: https://my.germany.ru/1356479
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E1D5 0
0 47ms
46ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230207&jk=645908094534508&rc=
Requested by: Host: my.germany.ru
URL: https://my.germany.ru/1356479
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame B992 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c047dfa9953d95dccd8475fb52b8c5f80b93042b01408c0f941231fe0aa24667

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js Show response
pagead2.googlesyndication.com/bg/ Frame 3D22 36 KB
14 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 17:48:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 936
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14345
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 12 Feb 2024 17:48:19 GMT

GET
H3 200 fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js Show response
pagead2.googlesyndication.com/bg/ Frame E1B2 36 KB
14 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 17:48:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 936
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14345
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 12 Feb 2024 17:48:19 GMT

GET
H/1.1 200
OK ajk4xlebn4mw Show response
hal9000.redintelligence.net/zone/ Frame 8A86 10 KB
3 KB 79ms
12ms Script
text/html 78.46.111.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/ajk4xlebn4mw?subid=&gdpr=1&gdpr_consent=li&rnd=7542384832053800902&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DGsKq-FKvwM0Kdn3gvuBy9A%26exch_seat%3D20035004448%26mt_aid%3D7542384832053800902%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dfd5263e9-2a0b-4c01-8da2-19ea7d6c670f%26mt_cid%3Dfd5263e9-2a0b-4c01-8da2-19ea7d6c670f%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC5_xyCyrpY5TNBpK-ZuGYvPgHz4eOm1zAhtmCxgLAjbcBEAEgAGCVwqaCsAeCARdjYS1wdWItMjQ4MTc4NzIxNzQzOTM1NMgBCagDAaoEsQFP0DMHd9UxkveM-3t8yPWhHkJKZOXBanSP_10-glNuEkAjgt9U40fZOE8NQo9mTwjUKj1HamyihriT95twyaVU9zpA0GvdKeuWeh2jU-uLzhv-LvYyMqHQqx3-i3NJDZZcjwlMCpd1y81BOFOaXxmpi3WkPdm8QvOPflm93tbM4P8sB6E4CBy2YpB15Oenw29Whx3Pu1aCDPuS7NEQbUi1zYmklQE0LT0tzTdhBP5c51aABr7U1vzZmuidqAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1OZ6BAqaf_HBdR43KkoJdLN7TUbQ%2526client%253Dca-pub-2481787217439354%2526adurl%253D%26redirect%3D
Requested by: Host: my.germany.ru
URL: https://my.germany.ru/1356479
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.111.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 6459caed1e4d404efd9914cb9d605afadcc90ad103c37854bb0ddd13c08b20c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Sun, 12 Feb 2023 18:03:55 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3304
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame 8A86 49 B
329 B 41ms
14ms Image
image/gif 185.29.132.242
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=7542384832053800902&node_id=3811&exch_id=4
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTVdabE1XUmlaRGt0TWpjd05pMDRNVE5pTFRBd01EQXRNREF3TURBd01EQXdNREF3Lzc1NDIzODQ4MzIwNTM4MDA5MDIvNjYyMjMzMi80NTYyMzA2LzQvS3hmM2hodU8waVhhNGlINmh5V3o3TzRPOWcxa0tHWllycVpQdXlNNERiSS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC83NTQyMzg0ODMyMDUzODAwOTAyL3pyaC8wLzIyOS83OS85OTkvMzIyLzJhMDA6Yzk4OjIwNTA6Oi8wLjAwMC8xNjc2MjI1MDM1LzE2NzYyMzc2MzUvNC9wdWItMjQ4MTc4NzIxNzQzOTM1NC8/fRSK4NpY0EExdJnBZZf-T5Cnl0g&nodeid=3811&group=zrh&auctionid=7542384832053800902&pbs_auctionid=7542384832053800902&shardkey=7542384832053800902&sid=4562306&cid=6622332&bp=a_agiica&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.59&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5_xyCyrpY5TNBpK-ZuGYvPgHz4eOm1zAhtmCxgLAjbcBEAEgAGCVwqaCsAeCARdjYS1wdWItMjQ4MTc4NzIxNzQzOTM1NMgBCagDAaoEsQFP0DMHd9UxkveM-3t8yPWhHkJKZOXBanSP_10-glNuEkAjgt9U40fZOE8NQo9mTwjUKj1HamyihriT95twyaVU9zpA0GvdKeuWeh2jU-uLzhv-LvYyMqHQqx3-i3NJDZZcjwlMCpd1y81BOFOaXxmpi3WkPdm8QvOPflm93tbM4P8sB6E4CBy2YpB15Oenw29Whx3Pu1aCDPuS7NEQbUi1zYmklQE0LT0tzTdhBP5c51aABr7U1vzZmuidqAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1OZ6BAqaf_HBdR43KkoJdLN7TUbQ%26client%3Dca-pub-2481787217439354%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.380.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Sun, 12 Feb 2023 18:03:55 GMT
Server: MMBD/3.380.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x74, zrh-bidder-x73
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Sun, 12 Feb 2023 18:03:54 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame 8A86 43 B
404 B 111ms
39ms Image
image/gif 92.123.37.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=7542384832053800902&v3=651871&v4=4562306&v5=6622332&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTVdabE1XUmlaRGt0TWpjd05pMDRNVE5pTFRBd01EQXRNREF3TURBd01EQXdNREF3Lzc1NDIzODQ4MzIwNTM4MDA5MDIvNjYyMjMzMi80NTYyMzA2LzQvS3hmM2hodU8waVhhNGlINmh5V3o3TzRPOWcxa0tHWllycVpQdXlNNERiSS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC83NTQyMzg0ODMyMDUzODAwOTAyL3pyaC8wLzIyOS83OS85OTkvMzIyLzJhMDA6Yzk4OjIwNTA6Oi8wLjAwMC8xNjc2MjI1MDM1LzE2NzYyMzc2MzUvNC9wdWItMjQ4MTc4NzIxNzQzOTM1NC8/fRSK4NpY0EExdJnBZZf-T5Cnl0g&nodeid=3811&group=zrh&auctionid=7542384832053800902&pbs_auctionid=7542384832053800902&shardkey=7542384832053800902&sid=4562306&cid=6622332&bp=a_agiica&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.59&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5_xyCyrpY5TNBpK-ZuGYvPgHz4eOm1zAhtmCxgLAjbcBEAEgAGCVwqaCsAeCARdjYS1wdWItMjQ4MTc4NzIxNzQzOTM1NMgBCagDAaoEsQFP0DMHd9UxkveM-3t8yPWhHkJKZOXBanSP_10-glNuEkAjgt9U40fZOE8NQo9mTwjUKj1HamyihriT95twyaVU9zpA0GvdKeuWeh2jU-uLzhv-LvYyMqHQqx3-i3NJDZZcjwlMCpd1y81BOFOaXxmpi3WkPdm8QvOPflm93tbM4P8sB6E4CBy2YpB15Oenw29Whx3Pu1aCDPuS7NEQbUi1zYmklQE0LT0tzTdhBP5c51aABr7U1vzZmuidqAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1OZ6BAqaf_HBdR43KkoJdLN7TUbQ%26client%3Dca-pub-2481787217439354%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.37.164 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-37-164.deploy.static.akamaitechnologies.com
Software: MT3 457 2362390 master zrh-pixel-x11 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Sun, 12 Feb 2023 18:03:55 GMT
Server: MT3 457 2362390 master zrh-pixel-x11 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Sun, 12 Feb 2023 18:03:54 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame 8A86 49 B
329 B 39ms
12ms Image
image/gif 185.29.132.242
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=7542384832053800902&st=4562306&time=1676225035&nodeid=3811
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTVdabE1XUmlaRGt0TWpjd05pMDRNVE5pTFRBd01EQXRNREF3TURBd01EQXdNREF3Lzc1NDIzODQ4MzIwNTM4MDA5MDIvNjYyMjMzMi80NTYyMzA2LzQvS3hmM2hodU8waVhhNGlINmh5V3o3TzRPOWcxa0tHWllycVpQdXlNNERiSS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC83NTQyMzg0ODMyMDUzODAwOTAyL3pyaC8wLzIyOS83OS85OTkvMzIyLzJhMDA6Yzk4OjIwNTA6Oi8wLjAwMC8xNjc2MjI1MDM1LzE2NzYyMzc2MzUvNC9wdWItMjQ4MTc4NzIxNzQzOTM1NC8/fRSK4NpY0EExdJnBZZf-T5Cnl0g&nodeid=3811&group=zrh&auctionid=7542384832053800902&pbs_auctionid=7542384832053800902&shardkey=7542384832053800902&sid=4562306&cid=6622332&bp=a_agiica&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.59&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5_xyCyrpY5TNBpK-ZuGYvPgHz4eOm1zAhtmCxgLAjbcBEAEgAGCVwqaCsAeCARdjYS1wdWItMjQ4MTc4NzIxNzQzOTM1NMgBCagDAaoEsQFP0DMHd9UxkveM-3t8yPWhHkJKZOXBanSP_10-glNuEkAjgt9U40fZOE8NQo9mTwjUKj1HamyihriT95twyaVU9zpA0GvdKeuWeh2jU-uLzhv-LvYyMqHQqx3-i3NJDZZcjwlMCpd1y81BOFOaXxmpi3WkPdm8QvOPflm93tbM4P8sB6E4CBy2YpB15Oenw29Whx3Pu1aCDPuS7NEQbUi1zYmklQE0LT0tzTdhBP5c51aABr7U1vzZmuidqAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1OZ6BAqaf_HBdR43KkoJdLN7TUbQ%26client%3Dca-pub-2481787217439354%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.380.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Sun, 12 Feb 2023 18:03:55 GMT
Server: MMBD/3.380.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x83, zrh-bidder-x73
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Sun, 12 Feb 2023 18:03:54 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9D87 0
0 48ms
47ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230207&jk=3592967760079115&rc=
Requested by: Host: my.germany.ru
URL: https://my.germany.ru/1356479
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

GET
H3 200 fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js Show response
pagead2.googlesyndication.com/bg/ Frame 331C 36 KB
14 KB 21ms
13ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 17:48:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 936
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14345
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 12 Feb 2024 17:48:19 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8A7A 0
10 B 32ms
30ms Image
text/plain 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?bHC6LQ
Requested by: Host: my.germany.ru
URL: https://my.germany.ru/1356479
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:55 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 1BE5 2 KB
1 KB 69ms
13ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y-kqCwAAZCsKwlKtAAwHGgVwlz2uYrkz1DzMJQ&u=%7CLGGW%2BsZ4wbpefxfgy1A1rn8%2FwgdzWevAf8z7SahP7Sg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANf6ytq6cQxVnh9dES0_04hNaaUtAKgxz4DOK-6QdKLguKeI6vKkVpbxQR-quVPBEIMRqJWAAE7VOn6RwA_qs7bL4UTbbdp3gD7K0uKQ4NyH-ZJWVliKUMMn5-vmobq69qpSNJhrCk_6b-xcRhdXLU5DYOG7bi-USv5S58rrDmjRcUJ0AKy8yXyFLwBpehnZyoDK-8--Sz5b86g8EHko7dJAiU6tY0EGyGnYok6gMaR09ZYvHdEQEBYfryu4xgdfSOE49FB_kKEGt84QjnRKl7_L5AK7krZ7w7mlwRRYuJCFzqQrV5J9VLRkhfw1i0cpG0v4AnVAjKonM749-_nGdRawtxDukn2ZIh3mXmO0Vs4H0zR43z-CQjZ7yCeAK1DnQThMaYMZcU2ArbYM29ZNh2V2nIZyjq_UXKWt1N1-sVEmCUfCByZj34vWLke2Rpi0TRV61NSYBuN6sIrpKK1BVMFTQMzObZnREXvI2HWUUmX0qqJSQh_6oe4A2U74kPlS1g7LAV3jxirUmxMrhndHo6HzBclOWesYtdsISwnOIIk5OTeVLu3OLKUE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyd3qCyrpY6vIAa2liQaajrDIB8me0rFczeGS93DAjbcBEAEgAGCVwqaCsAeCARdjYS1wdWItMjQ4MTc4NzIxNzQzOTM1NMgBCakCn_vxDvLpsT6oAwGqBLIBT9AvUKJF2JOBWj4CuPCIJz8RHHuwh-2rLnxbiXhjg8a15Gy4uNcy0o-5AW-MjnA7AdQfbb5wOMvZ5PUYhV7sFAv1LcF_udpFESofTDhEnkDqGBlNQJaCesNKqIY5MTHZcfrZD5DJW9vm5ZCJeVOotVejiNrNtVVjINe25XqSfLua6D0Xtvmglf1CbmivehVhO0wUz92z5em3mnW2izxMQgKte3KhxPwtzHPwkyLrj3efqoAG87iU5Mv6z4f6AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1wunzBVF9w_66UrMmGsVvNOWd2_g%26client%3Dca-pub-2481787217439354%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 07 Feb 2024 18:03:55 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 1BE5 2 KB
1 KB 70ms
15ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 07 Feb 2024 18:03:55 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 1BE5 308 B
637 B 58ms
13ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 07 Feb 2024 18:03:55 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 1BE5 293 B
621 B 60ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 07 Feb 2024 18:03:55 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 1BE5 43 B
348 B 74ms
21ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=E6Xbh_wtdzvRIeZ9MvaJ2CQ7WisOnaQ1cnzRRpHNcEV9ubfNaglEkVnXxpA95-LHiyLLwDz5fDDRVOA3FlCvoLBVqGTHeORsvW2plFhtMxESMOssZEHiRUxoRw-1TLZVaGyellDgtUzBcZ3KJw6uJH7xZI295fOXqI1ItYGSDAIOBxl39Tw0TOET_TjSCZqZhgVhkdOdmCLx76qWrHWhhtImyxL0MKWZ4yRo3DGpH82FI7rkpDdsT59EWMHVrJ1Ab8XR07DbfaAd83ngIY-XODUeZH7_9RetuyAGuwAa-8x4GGqmQn54mt1b2_YZKz-VUJk_CFldDcgKta1oUJKDt3f6qt8TIVhF4wHmWGFo2Ct-NflDPF6do-64rjlj6m_HgTkaMorFTlciAoqffIY5mRuyq2FcXl2fFsABf3JaMQFzb_ec

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Feb 2023 18:03:55 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3106868
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

/
cs.mytheresa.com/mix/v3/ Frame 1BE5
Redirect Chain

https://cs.mytheresa.com/mix/v3/?tcs=3504&rand=63e92a0ae0ed4af47d7660eadaec0149&chn=display_pro&src=criteo&cmp=criteo_de&tarea=de&ptyp=dynamic&gdpr=1&gdpr_consent=
https://mix-phoenix.commander1.com/mix/v3/?TC_CHECK_COOKIES_SUPPORT=1&tc_first=cs.mytheresa.com&tcs=3504&rand=63e92a0ae0ed4af47d7660eadaec0149&chn=display_pro&src=criteo&cmp=criteo_de&tarea=de&ptyp...
https://cs.mytheresa.com/mix/v3/?tc_id=2023021219035510879533057&tcs=3504&rand=63e92a0ae0ed4af47d7660eadaec0149&chn=display_pro&src=criteo&cmp=criteo_de&tarea=de&ptyp=dynamic&gdpr=1&gdpr_consent=

43 B
989 B

21ms
21ms

Image
image/gif

35.181.77.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.mytheresa.com/mix/v3/?tc_id=2023021219035510879533057&tcs=3504&rand=63e92a0ae0ed4af47d7660eadaec0149&chn=display_pro&src=criteo&cmp=criteo_de&tarea=de&ptyp=dynamic&gdpr=1&gdpr_consent=
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y-kqCwAAZCsKwlKtAAwHGgVwlz2uYrkz1DzMJQ&u=%7CLGGW%2BsZ4wbpefxfgy1A1rn8%2FwgdzWevAf8z7SahP7Sg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANf6ytq6cQxVnh9dES0_04hNaaUtAKgxz4DOK-6QdKLguKeI6vKkVpbxQR-quVPBEIMRqJWAAE7VOn6RwA_qs7bL4UTbbdp3gD7K0uKQ4NyH-ZJWVliKUMMn5-vmobq69qpSNJhrCk_6b-xcRhdXLU5DYOG7bi-USv5S58rrDmjRcUJ0AKy8yXyFLwBpehnZyoDK-8--Sz5b86g8EHko7dJAiU6tY0EGyGnYok6gMaR09ZYvHdEQEBYfryu4xgdfSOE49FB_kKEGt84QjnRKl7_L5AK7krZ7w7mlwRRYuJCFzqQrV5J9VLRkhfw1i0cpG0v4AnVAjKonM749-_nGdRawtxDukn2ZIh3mXmO0Vs4H0zR43z-CQjZ7yCeAK1DnQThMaYMZcU2ArbYM29ZNh2V2nIZyjq_UXKWt1N1-sVEmCUfCByZj34vWLke2Rpi0TRV61NSYBuN6sIrpKK1BVMFTQMzObZnREXvI2HWUUmX0qqJSQh_6oe4A2U74kPlS1g7LAV3jxirUmxMrhndHo6HzBclOWesYtdsISwnOIIk5OTeVLu3OLKUE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyd3qCyrpY6vIAa2liQaajrDIB8me0rFczeGS93DAjbcBEAEgAGCVwqaCsAeCARdjYS1wdWItMjQ4MTc4NzIxNzQzOTM1NMgBCakCn_vxDvLpsT6oAwGqBLIBT9AvUKJF2JOBWj4CuPCIJz8RHHuwh-2rLnxbiXhjg8a15Gy4uNcy0o-5AW-MjnA7AdQfbb5wOMvZ5PUYhV7sFAv1LcF_udpFESofTDhEnkDqGBlNQJaCesNKqIY5MTHZcfrZD5DJW9vm5ZCJeVOotVejiNrNtVVjINe25XqSfLua6D0Xtvmglf1CbmivehVhO0wUz92z5em3mnW2izxMQgKte3KhxPwtzHPwkyLrj3efqoAG87iU5Mv6z4f6AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1wunzBVF9w_66UrMmGsVvNOWd2_g%26client%3Dca-pub-2481787217439354%26adurl%3D
Protocol: HTTP/1.1
Server: 35.181.77.138 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-181-77-138.eu-west-3.compute.amazonaws.com
Software: web /
Resource Hash: 546c5cf136073615afda5cab173feff341171a26a848cf7ce09bb8bd8b07ce89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: private
Date: Sun, 12 Feb 2023 18:03:55 GMT
Content-Encoding: gzip
Server: web
Transfer-Encoding: chunked
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=486000, pre-check=486000
Expires: Sat, 13 May 23 19:03:55 +0200

Redirect headers

Pragma: private
Date: Sun, 12 Feb 2023 18:03:55 GMT
Server: web
Transfer-Encoding: chunked
Content-Type: text/html
location: https://cs.mytheresa.com/mix/v3/?tc_id=2023021219035510879533057&tcs=3504&rand=63e92a0ae0ed4af47d7660eadaec0149&chn=display_pro&src=criteo&cmp=criteo_de&tarea=de&ptyp=dynamic&gdpr=1&gdpr_consent=
Access-Control-Allow-Origin: *
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Cache-Control: private, max-age=486000, pre-check=486000
Expires: Sat, 13 May 23 19:03:55 +0200

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 1BE5 12 KB
5 KB 36ms
18ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 259469
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gIFzw3NAcEhG40hjrl9HiIH9wak35BL5DtEZjgoXEdYOB28fk8EwrLZt3Mm5tuBpMkTKt7DCHAB8Mz%2F5P%2BROXEGVj0OiqZcQx2K1vSbDm%2F9D1VhbnF892ThJJv94rwAcHWyMOf8ec9%2BiftMndBJkp1GC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79873e683fe09b83-FRA
expires: Fri, 02 Feb 2024 18:03:55 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 1BE5 12 KB
6 KB 66ms
63ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 07 Feb 2024 18:03:55 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 1BE5 3 KB
3 KB 104ms
15ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=556&m=0&partner=35288&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F35146%2F190426%2F40f3df68d2e84269b53096a8b46958ea_logo_n_vertical.jpg&v=3&w=452&s=BgBrl2irAymo2hNRaZMCmmdj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e5b947215501ffb292d5b85ad9c976f687f2e3cd8af7fcc1b8574276e9625b3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29939061
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2600
expires: Thu, 25 Jan 2024 06:28:17 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 1BE5 4 KB
4 KB 104ms
16ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=35288&q=80&r=0&u=https%3A%2F%2Fimg.mytheresa.com%2F1000%2F1000%2F95%2Fjpeg%2Fcatalog%2Fproduct%2Fdf%2FP00712048.jpg&v=3&w=400&s=LD6xXIaED3CzuhZPCs0zyOFR&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e6a407dc18a07c29b1844cafc753c0f98f6f44da75eaa30b7ef106280a5187fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=16472
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3942
expires: Sun, 12 Feb 2023 22:38:27 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 1BE5 8 KB
8 KB 114ms
25ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=35288&q=80&r=0&u=https%3A%2F%2Fimg.mytheresa.com%2F1000%2F1000%2F95%2Fjpeg%2Fcatalog%2Fproduct%2Fc0%2FP00727553.jpg&v=3&w=400&s=LsCh6Sj1MqjIzm-ospJZTk1p&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

01bcd7a112aebb95ac0c244360c89d2e23f9517e40c890bfb26e72883e919992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=34636
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7868
expires: Mon, 13 Feb 2023 03:41:12 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 1BE5 10 KB
10 KB 119ms
31ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=35288&q=80&r=0&u=https%3A%2F%2Fimg.mytheresa.com%2F1000%2F1000%2F95%2Fjpeg%2Fcatalog%2Fproduct%2Fce%2FP00714876.jpg&v=3&w=400&s=lKlbJfUXTCNfnTLd4La7KrpV&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

4ba8103810190351d8e8a449e03d0e5a479c65a51066a26e8fbdbce77dce91ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=4896
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 10474
expires: Sun, 12 Feb 2023 19:25:32 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 1BE5 22 KB
22 KB 127ms
39ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=35288&q=80&r=0&u=https%3A%2F%2Fimg.mytheresa.com%2F1000%2F1000%2F95%2Fjpeg%2Fcatalog%2Fproduct%2F3f%2FP00688502.jpg&v=3&w=400&s=Jugt6WnRkTYsk7mFM8fQTHvk&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

27c282d8bf0c2b50371403ed5fc0002023719ac41f4ecd8688e610801a6e97a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=4679
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 22266
expires: Sun, 12 Feb 2023 19:21:55 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 1BE5 0
128 B 59ms
14ms Ping
text/plain 2a02:2638:1::17
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=FoT5TQ3Z7U4r67NeIDBGtBW8W_LenUvzB1R8fbFyikfaO1jlGYqZ7DtqMgMCTT-xl70klgBzTJFZc9zHFdsJ0T9fFjBvtG7DiR343rhT6WUMIZGvMnmUGZZx1Ix_9zfgmyl4-ea3PwxuIOzmlUH64N7G6DLSwRzR9nx9vDOoaZT7mCV9JiGMiqB5ODJiqftOXz62tPEOBwaFngacf1v1tiA4Nww-n3bhPcmtn0XnTYyO3S-Ht9ZT-wl3j17gTecrPplt7w&sds=2&rev=84699&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 12 Feb 2023 18:03:55 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 1BE5 2 KB
1 KB 14ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 07 Feb 2024 18:03:55 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 1BE5 2 KB
1 KB 17ms
17ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 07 Feb 2024 18:03:55 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 98BC 2 KB
1 KB 13ms
13ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y-kqCgAO-OMKwk2GAAK19Mq9Po7TjqT1FAGkfQ&u=%7CLGGW%2BsZ4wbrbdUmaI2V5LyFKdylForb8yNCPxpgagMw%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrSzdAvklCiymh-AmoIDed1ipUT25GSf4krQyHSRYdaHg7S2txPrKTY7bpRBgfvQocZuB6_pyCnVlqYd0wtap9CR5l2r8vxpr7NKO6nOB3fJSYDPKY-PrINStzgLy8sRvxq9HBwibteztoqclbsM8OakhTL3NoPVNRXu7DYIyKx6H6lTzBNItlm9RkrDo44IAY9zqovp6-JrnihiAFoxqlqq0_k6gasKIJhkK_mOCvhB-kUM2c-VB9GkrCykohgEqOEQlagoSDrvFm59mlgNKcun-UvtGYfop_QnjdPKbg-jWpuHThGR6yW_8wCJvySEbYlBhM0SL3dyWJ4CmaLN39GO-2hv3pWM6ISANKglVZVUz-bidIwocyViaIGeXlL9L1V4zj0ZtgriKxtFL3HGgc0QUEVzhmWed9bZRcvatlKwdfImO9E-87AUvck1un_eMUhU20C8HWpVSkv2OyYfqusFO4oPAsXVm-aLdrwpg27o-d9PXpv3srmdBI1h_Eazwl7dv7W7YAxlfjKQ48JKH8lgo3UogkEuLq6REIkWByCaw15Lp8Np_GxMi3GeZLfmjsbpKM96Whd9zfAI4zt2Od1aB-Tr1knc2ROQSkTWhhR7PFdPa6B4zZyQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMlfhCirpY-PxO4abiQb064qoAcme0rFc1Z2R93DAjbcBEAEgAGCVwqaCsAeCARdjYS1wdWItMjQ4MTc4NzIxNzQzOTM1NMgBCakCn_vxDvLpsT6oAwGqBLIBT9AfEuFkTNIAzBx9XrycNyswZvXEQGEKz-vxbYp2BWFrqk_smHgLEUe3ukZWMYz5to3CJ14hgPFYvtnAIS6muy6zc7kE_UojT5qioQ02Q1hwGtqs6QrSlas9zw71jyqJnP7sDE9woRKtF0H9yJvryC-cclk3WnhydIxSiL52xTmgaMTrSvXRr6TYwsyJsxxBGCShAPcdh5ElmDVfEt1E0ZA3FvUz6PPnIzHeoHD13PP2YIAGi76M3cCuk9raAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1hALhvOsyXwjFqP7O4Nlxa3t3MDA%26client%3Dca-pub-2481787217439354%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 07 Feb 2024 18:03:55 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 98BC 2 KB
1 KB 19ms
19ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 07 Feb 2024 18:03:55 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 98BC 308 B
636 B 62ms
60ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 07 Feb 2024 18:03:55 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 98BC 293 B
621 B 18ms
17ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 07 Feb 2024 18:03:55 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 98BC 43 B
347 B 19ms
18ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=gWQKeqeV-o0Hle63dupJ2Km4Ua95SQhchpbZzICKci6wXNn5UR46uRbM00GWZ3G2hXeDW32LmuWFRzdbH9DgYUfhDAj_hmayg2j-9svwabQ6I8QFas8SwvHyjtbi0TMVo-AQ_KqIvywEILeVzB_kCf7EAyxsK04WrDzrhStHE1dyvxaSWSFsVVj2sVJ717Eh7OCeTmyPTVgYIhaA_b7JHt93PU-tR4YKe4_7LUzcyPGHSrIQcnyAIPz0Q1l2N9QU1KsmRQTiCgLWa7UVyMfb8PBDMoMcx8gH4vO1pk6uyalubxFaGrfRdeRwXQCJJB8TqCi6XhhiAdHET5zG-To9XA8TL9nxWj5qwryPZKvGEpsvq3uJB-hdmi0XArhguj7XfDi3nSqY_qtWCdHPxWqRygVdHvtvmcEQGMK7WuDRK6JKs_z7

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Feb 2023 18:03:55 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2928836
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK request.php Show response
hal900017.redintelligence.net/ Frame 8A86 3 KB
2 KB 179ms
120ms Script
application/x-javascript 159.69.70.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900017.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=0628944d0e&subid=&uid=7f5f82d6e12d2b75&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DGsKq-FKvwM0Kdn3gvuBy9A%26exch_seat%3D20035004448%26mt_aid%3D7542384832053800902%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dfd5263e9-2a0b-4c01-8da2-19ea7d6c670f%26mt_cid%3Dfd5263e9-2a0b-4c01-8da2-19ea7d6c670f%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC5_xyCyrpY5TNBpK-ZuGYvPgHz4eOm1zAhtmCxgLAjbcBEAEgAGCVwqaCsAeCARdjYS1wdWItMjQ4MTc4NzIxNzQzOTM1NMgBCagDAaoEsQFP0DMHd9UxkveM-3t8yPWhHkJKZOXBanSP_10-glNuEkAjgt9U40fZOE8NQo9mTwjUKj1HamyihriT95twyaVU9zpA0GvdKeuWeh2jU-uLzhv-LvYyMqHQqx3-i3NJDZZcjwlMCpd1y81BOFOaXxmpi3WkPdm8QvOPflm93tbM4P8sB6E4CBy2YpB15Oenw29Whx3Pu1aCDPuS7NEQbUi1zYmklQE0LT0tzTdhBP5c51aABr7U1vzZmuidqAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1OZ6BAqaf_HBdR43KkoJdLN7TUbQ%2526client%253Dca-pub-2481787217439354%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2481787217439354%26output%3Dhtml%26h%3D90%26slotname%3D2458072068%26adk%3D2750932062%26adf%3D3279755398%26pi%3Dt.ma~as.2458072068%26w%3D728%26lmt%3D1676225035%26rafmt%3D12%26format%3D728x90%26url%3Dhttps%253A%252F%252Fmy.germany.ru%252F1356479%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1676225034733%26bpp%3D5%26bdt%3D251%26idt%3D297%26shv%3Dr20230207%26mjsv%3Dm202302060101%26ptt%3D9%26saldr%3Daa%26cookie%3DID%253Da0c2c402c8cb1fbd-225c15028bdc0063%253AT%253D1676225034%253ART%253D1676225034%253AS%253DALNI_MYxBwILpjSgAd_xzSdvdvFciwRyoQ%26gpic%3DUID%253D00000bb503269a6a%253AT%253D1676225034%253ART%253D1676225034%253AS%253DALNI_MZ2J2oLRrCfyikZinyHGbyeHjR0Vw%26correlator%3D616708576777%26frm%3D23%26ife%3D1%26pv%3D1%26ga_vid%3D2002525937.1676225034%26ga_sid%3D1676225035%26ga_hid%3D2143776794%26ga_fc%3D1%26nhd%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D315%26ady%3D58%26biw%3D1600%26bih%3D1200%26isw%3D0%26ish%3D0%26ifk%3D3625558336%26scr_x%3D0%26scr_y%3D0%26eid%3D44759842%252C44759875%252C44759926%252C44773810%252C31072288%26oid%3D2%26pvsid%3D3592967760079115%26tmod%3D826852182%26uas%3D0%26nvt%3D1%26eae%3D2%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C0%252C0%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D260%26bc%3D31%26ifi%3D1%26uci%3D1.9xc328x70tr%26fsb%3D1%26dtd%3D316&ancestorOrigins=null&random=1135940840729&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/ajk4xlebn4mw?subid=&gdpr=1&gdpr_consent=li&rnd=7542384832053800902&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DGsKq-FKvwM0Kdn3gvuBy9A%26exch_seat%3D20035004448%26mt_aid%3D7542384832053800902%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dfd5263e9-2a0b-4c01-8da2-19ea7d6c670f%26mt_cid%3Dfd5263e9-2a0b-4c01-8da2-19ea7d6c670f%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC5_xyCyrpY5TNBpK-ZuGYvPgHz4eOm1zAhtmCxgLAjbcBEAEgAGCVwqaCsAeCARdjYS1wdWItMjQ4MTc4NzIxNzQzOTM1NMgBCagDAaoEsQFP0DMHd9UxkveM-3t8yPWhHkJKZOXBanSP_10-glNuEkAjgt9U40fZOE8NQo9mTwjUKj1HamyihriT95twyaVU9zpA0GvdKeuWeh2jU-uLzhv-LvYyMqHQqx3-i3NJDZZcjwlMCpd1y81BOFOaXxmpi3WkPdm8QvOPflm93tbM4P8sB6E4CBy2YpB15Oenw29Whx3Pu1aCDPuS7NEQbUi1zYmklQE0LT0tzTdhBP5c51aABr7U1vzZmuidqAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1OZ6BAqaf_HBdR43KkoJdLN7TUbQ%2526client%253Dca-pub-2481787217439354%2526adurl%253D%26redirect%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.70.9 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.9.70.69.159.clients.your-server.de
Software: Apache /
Resource Hash: 275a69ee1a5974eb99fb056eceff7b84bcf13d7bac9588e5080bc62a790f9779

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 12 Feb 2023 18:03:55 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 25929400118688500951389012233017
Connection: close
Content-Length: 1092
Expires: Sun, 12 Feb 2023 18:03:55 +0100

GET
H2 200 a13f5a089b9f4fa68a01887fffacd2e9_futurastdbook.woff
static.criteo.net/design/dt/ Frame 1BE5 16 KB
16 KB 53ms
26ms Font
application/octet-stream 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/a13f5a089b9f4fa68a01887fffacd2e9_futurastdbook.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f9854564eea51b88c56b7da87ae2606311a8bc5b5f4fe6c07536ffc6d59873ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Jun 2018 14:45:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5b34f4a7-3fb8"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 07 Feb 2024 18:03:55 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 98BC 12 KB
5 KB 12ms
12ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 259469
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CgSnEM%2F60qXvyqvTzdEG%2BPTmcWGYAbEWbkPRA%2BJjLWkL%2FU%2F0TQB1TU%2FaJPcCR4D5I9tUhD%2BwOY2ImwW%2BTdr%2FAE6Hk0n5f071%2BsXOibpHjDvHQpWPqcrBVyIxVfuTTTHirAhvh%2FDmQNln6mPXOIEYoXF6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79873e696a189b83-FRA
expires: Fri, 02 Feb 2024 18:03:55 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 98BC 12 KB
6 KB 18ms
17ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 07 Feb 2024 18:03:55 GMT

GET
H2 200 b113c14be1be4dbda4ef71cee8de4dfc_casanspro_regular.woff
static.criteo.net/design/dt/ Frame 98BC 56 KB
56 KB 46ms
46ms Font
application/octet-stream 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/b113c14be1be4dbda4ef71cee8de4dfc_casanspro_regular.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ba98e735ce0f8021ed850e1cfd1e5f20049e17ac90b3bea352b04324d045c233

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 24 May 2018 07:59:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5b0670fe-dec4"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 07 Feb 2024 18:03:55 GMT

GET
H2 200 7e8aad33febb4921b3e1204c9924fd57_casanspro_bold.woff
static.criteo.net/design/dt/ Frame 98BC 56 KB
56 KB 32ms
30ms Font
application/octet-stream 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/7e8aad33febb4921b3e1204c9924fd57_casanspro_bold.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

069ac261a5bec6cac5978302a18ae038b0e052511723603810566a6d5213a6b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 24 May 2018 07:59:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5b0670fe-df40"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 07 Feb 2024 18:03:55 GMT

GET
H2 200 5a9414d7032845298cf142efb83ff42a_cpn_300x600_1.gif
static.criteo.net/design/dt/942/221223/ Frame 98BC 91 KB
92 KB 28ms
24ms Image
image/gif 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/942/221223/5a9414d7032845298cf142efb83ff42a_cpn_300x600_1.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

490fa1eba6da36b04ea4dc2c1192e9870fb7c73a63f1c3126d8e10ff40417a7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 23 Dec 2022 13:09:15 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "63a5a87b-16cdd"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 93405
expires: Wed, 07 Feb 2024 18:03:55 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 98BC 8 KB
8 KB 62ms
59ms Image
image/png 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=104&m=0&partner=942&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F942%2F221114%2F3e662a3152a94345aa90f59c068fa0bd_c-a_logo_black.png&v=3&w=596&s=YnL7trDEu5Ve2RoJWi1HabmK

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

896e5e481f11aca94ea033a17b81dcc44af0c5ce19fe4c459d5503638312366b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=28635236
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7830
expires: Wed, 10 Jan 2024 04:17:52 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 98BC 26 KB
27 KB 21ms
18ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=942&q=80&r=0&u=https%3A%2F%2Fwww.c-and-a.com%2Fproductimages%2Fc_scale%2Cc_scale%2Cif_ih_gt_iw%2Cw_700%2Cq_95%2Ce_sharpen%3A70%2Fif_iw_gt_ih%2Ch_700%2Cq_95%2Ce_sharpen%3A70%2Fv1674289747%2F2167843-1-08.jpg&v=3&w=800&s=xGSGuHOz5iIQLTNOhWlzm3L8&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

47f91d432682570e31c146ac504f5bb13441bb8d244685709f466051fb0be81b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29966757
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 27024
expires: Thu, 25 Jan 2024 14:09:53 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 98BC 26 KB
26 KB 60ms
57ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=942&q=80&r=0&u=https%3A%2F%2Fwww.c-and-a.com%2Fproductimages%2Fc_scale%2Cc_scale%2Cif_ih_gt_iw%2Cw_700%2Cq_95%2Ce_sharpen%3A70%2Fif_iw_gt_ih%2Ch_700%2Cq_95%2Ce_sharpen%3A70%2Fv1664356051%2F2177698-2-01.jpg&v=3&w=800&s=yPEoS17pdqCTStRmGcDkalzi&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

d1f4dc1b9e68fc6db831a17f9c2eb67175c36bec79cd4d29ec4eb7ab61840a05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31089922
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 26358
expires: Wed, 07 Feb 2024 14:09:18 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 98BC 17 KB
17 KB 24ms
21ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=942&q=80&r=0&u=https%3A%2F%2Fwww.c-and-a.com%2Fproductimages%2Fc_scale%2Cc_scale%2Cif_ih_gt_iw%2Cw_700%2Cq_95%2Ce_sharpen%3A70%2Fif_iw_gt_ih%2Ch_700%2Cq_95%2Ce_sharpen%3A70%2Fv1676033071%2F2167843-2-01.jpg&v=3&w=800&s=nMxOvFe0dfXLEXrjL2LVeL7d&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

c666026184af1594f499ab1608df2f7640ec128c65ceb4575fe1e917a80685d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31480402
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 17620
expires: Mon, 12 Feb 2024 02:37:18 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 98BC 28 KB
28 KB 28ms
26ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=942&q=80&r=0&u=https%3A%2F%2Fwww.c-and-a.com%2Fproductimages%2Fc_scale%2Cc_scale%2Cif_ih_gt_iw%2Cw_700%2Cq_95%2Ce_sharpen%3A70%2Fif_iw_gt_ih%2Ch_700%2Cq_95%2Ce_sharpen%3A70%2Fv1664356052%2F2177698-4-01.jpg&v=3&w=800&s=QjBQmrz6flOW6Qrwd4Z-gYc7&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

345359057bdcfc5cdbb74bf6002a339f5a6df9632e78d8dd32383fa351c8a81f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31089141
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 28446
expires: Wed, 07 Feb 2024 13:56:17 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 98BC 28 KB
28 KB 37ms
34ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=942&q=80&r=0&u=https%3A%2F%2Fwww.c-and-a.com%2Fproductimages%2Fc_scale%2Cc_scale%2Cif_ih_gt_iw%2Cw_700%2Cq_95%2Ce_sharpen%3A70%2Fif_iw_gt_ih%2Ch_700%2Cq_95%2Ce_sharpen%3A70%2Fv1676036654%2F2167843-4-01.jpg&v=3&w=800&s=EZhIXvjHeN3WW-aXSlML0_TM&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

abb6937342832a254ee8f50572c1311bb5c509dc9326193d7a030e339d2d2c85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31477305
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 28486
expires: Mon, 12 Feb 2024 01:45:40 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 98BC 14 KB
14 KB 34ms
32ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=942&q=80&r=0&u=https%3A%2F%2Fwww.c-and-a.com%2Fproductimages%2Fc_scale%2Cc_scale%2Cif_ih_gt_iw%2Cw_700%2Cq_95%2Ce_sharpen%3A70%2Fif_iw_gt_ih%2Ch_700%2Cq_95%2Ce_sharpen%3A70%2Fv1660300647%2F2179400-1-01.jpg&v=3&w=800&s=LdaFz1T1x47nsaMYCMNfwX1o&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

522451fd75cf09c6212095e4f1c197c4bbba37e475af48c1565dd8fd0ac711bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31424623
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 14104
expires: Sun, 11 Feb 2024 11:07:39 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 98BC 49 KB
49 KB 43ms
41ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=942&q=80&r=0&u=https%3A%2F%2Fwww.c-and-a.com%2Fproductimages%2Fc_scale%2Cc_scale%2Cif_ih_gt_iw%2Cw_700%2Cq_95%2Ce_sharpen%3A70%2Fif_iw_gt_ih%2Ch_700%2Cq_95%2Ce_sharpen%3A70%2Fv1662468718%2F2179367-4-01.jpg&v=3&w=800&s=V9QyIN0LMc1gguDva27-k6ii&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

5fc22c4e8568dbceadaffcd69e8fefccef154165ed4dcbbea63f34e7c9b2e17b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=28775198
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 50366
expires: Thu, 11 Jan 2024 19:10:34 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 98BC 14 KB
14 KB 44ms
42ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=942&q=80&r=0&u=https%3A%2F%2Fwww.c-and-a.com%2Fproductimages%2Fc_scale%2Cc_scale%2Cif_ih_gt_iw%2Cw_700%2Cq_95%2Ce_sharpen%3A70%2Fif_iw_gt_ih%2Ch_700%2Cq_95%2Ce_sharpen%3A70%2Fv1664874796%2F2178662-3-01.jpg&v=3&w=800&s=Yr4E9wWjx90_wAMRIELRrCWM&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

1ccc98018fd6355ad8a4354ecd1ad556fb9551f4868f3318238d80ac2ad5284a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=28775178
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 14238
expires: Thu, 11 Jan 2024 19:10:13 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 98BC 57 KB
57 KB 38ms
36ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=942&q=80&r=0&u=https%3A%2F%2Fwww.c-and-a.com%2Fproductimages%2Fc_scale%2Cc_scale%2Cif_ih_gt_iw%2Cw_700%2Cq_95%2Ce_sharpen%3A70%2Fif_iw_gt_ih%2Ch_700%2Cq_95%2Ce_sharpen%3A70%2Fv1665479820%2F2187309-1-01.jpg&v=3&w=800&s=BcxaM7-ldux40OfIi5-xadUY&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ff392030680f7164f94364c8d5ce16468cf87fd0e83f2fa0ffe7e22ded44ca86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=28775139
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 58304
expires: Thu, 11 Jan 2024 19:09:35 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 98BC 14 KB
14 KB 52ms
50ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=942&q=80&r=0&u=https%3A%2F%2Fwww.c-and-a.com%2Fproductimages%2Fc_scale%2Cc_scale%2Cif_ih_gt_iw%2Cw_700%2Cq_95%2Ce_sharpen%3A70%2Fif_iw_gt_ih%2Ch_700%2Cq_95%2Ce_sharpen%3A70%2Fv1674210553%2F2194340-1-01.jpg&v=3&w=800&s=0PRbfqApgqcLNsXrtGvYkFP0&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

24beede3646ee0eedae211cf0fea2535b4e454ae9b57f0c39609cde46d663adf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31011628
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 14498
expires: Tue, 06 Feb 2024 16:24:23 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 98BC 15 KB
15 KB 45ms
43ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=942&q=80&r=0&u=https%3A%2F%2Fwww.c-and-a.com%2Fproductimages%2Fc_scale%2Cc_scale%2Cif_ih_gt_iw%2Cw_700%2Cq_95%2Ce_sharpen%3A70%2Fif_iw_gt_ih%2Ch_700%2Cq_95%2Ce_sharpen%3A70%2Fv1674462674%2F2188646-2-01.jpg&v=3&w=800&s=mZdi-SwS7SH4FuGkyARz6ncM&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

8a1942009e5cf6587f01f8c22680fa8d8a87ccdd2128bc3f1e94776780d2cebb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29985578
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 15212
expires: Thu, 25 Jan 2024 19:23:34 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 98BC 32 KB
33 KB 53ms
52ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=942&q=80&r=0&u=https%3A%2F%2Fwww.c-and-a.com%2Fproductimages%2Fc_scale%2Cc_scale%2Cif_ih_gt_iw%2Cw_700%2Cq_95%2Ce_sharpen%3A70%2Fif_iw_gt_ih%2Ch_700%2Cq_95%2Ce_sharpen%3A70%2Fv1673508257%2F2189474-2-01.jpg&v=3&w=800&s=_4Yy0RHVEId6OpMToQQNnzct&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ea25c8cdeb8cc992455c1dadb6b83753ab3c752d534821aef44bb32e45d17a49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30937022
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 33254
expires: Mon, 05 Feb 2024 19:40:58 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 98BC 0
127 B 13ms
13ms Ping
text/plain 2a02:2638:1::17
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=xU-n8Q3Z7U4r67NeBdDGsgkr0oI1d6VUOIP5xTyW43JZqRUX_m-9lSha__2DsPiUWejpmOct8pFZpzJJNbInTxvAz4QTjhjpuU1TZNTzyPlgV-JkyAg5Gd3fp2xZilbJ8pOJhkiGftHriwAyvIqBGf1Gxx9-kqQeZPu8Z2DHg1D_1ZWE5-0aZHWicdl4nIwb3chRCaaUn5qHqxiXkDxgPxJ86yV4-lN3KVKJjt2PPfVZJMuS8UKw2hi20CU&sds=2&rev=84699&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 12 Feb 2023 18:03:55 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 98BC 2 KB
1 KB 14ms
13ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 07 Feb 2024 18:03:55 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 98BC 2 KB
1 KB 13ms
12ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 07 Feb 2024 18:03:55 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3D22 0
10 B 29ms
28ms Image
text/plain 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?c8VI_Q
Requested by: Host: my.germany.ru
URL: https://my.germany.ru/1356479
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:55 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame 11EE
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=25929400118688500951389012233017&t=htlp
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=25929400118688500951389012233017&actionid=981741&produktid=&dt_url=

0
629 B

95ms
36ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=25929400118688500951389012233017&actionid=981741&produktid=&dt_url=

Requested by

Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=0628944d0e&subid=&uid=7f5f82d6e12d2b75&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DGsKq-FKvwM0Kdn3gvuBy9A%26exch_seat%3D20035004448%26mt_aid%3D7542384832053800902%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dfd5263e9-2a0b-4c01-8da2-19ea7d6c670f%26mt_cid%3Dfd5263e9-2a0b-4c01-8da2-19ea7d6c670f%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC5_xyCyrpY5TNBpK-ZuGYvPgHz4eOm1zAhtmCxgLAjbcBEAEgAGCVwqaCsAeCARdjYS1wdWItMjQ4MTc4NzIxNzQzOTM1NMgBCagDAaoEsQFP0DMHd9UxkveM-3t8yPWhHkJKZOXBanSP_10-glNuEkAjgt9U40fZOE8NQo9mTwjUKj1HamyihriT95twyaVU9zpA0GvdKeuWeh2jU-uLzhv-LvYyMqHQqx3-i3NJDZZcjwlMCpd1y81BOFOaXxmpi3WkPdm8QvOPflm93tbM4P8sB6E4CBy2YpB15Oenw29Whx3Pu1aCDPuS7NEQbUi1zYmklQE0LT0tzTdhBP5c51aABr7U1vzZmuidqAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1OZ6BAqaf_HBdR43KkoJdLN7TUbQ%2526client%253Dca-pub-2481787217439354%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2481787217439354%26output%3Dhtml%26h%3D90%26slotname%3D2458072068%26adk%3D2750932062%26adf%3D3279755398%26pi%3Dt.ma~as.2458072068%26w%3D728%26lmt%3D1676225035%26rafmt%3D12%26format%3D728x90%26url%3Dhttps%253A%252F%252Fmy.germany.ru%252F1356479%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1676225034733%26bpp%3D5%26bdt%3D251%26idt%3D297%26shv%3Dr20230207%26mjsv%3Dm202302060101%26ptt%3D9%26saldr%3Daa%26cookie%3DID%253Da0c2c402c8cb1fbd-225c15028bdc0063%253AT%253D1676225034%253ART%253D1676225034%253AS%253DALNI_MYxBwILpjSgAd_xzSdvdvFciwRyoQ%26gpic%3DUID%253D00000bb503269a6a%253AT%253D1676225034%253ART%253D1676225034%253AS%253DALNI_MZ2J2oLRrCfyikZinyHGbyeHjR0Vw%26correlator%3D616708576777%26frm%3D23%26ife%3D1%26pv%3D1%26ga_vid%3D2002525937.1676225034%26ga_sid%3D1676225035%26ga_hid%3D2143776794%26ga_fc%3D1%26nhd%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D315%26ady%3D58%26biw%3D1600%26bih%3D1200%26isw%3D0%26ish%3D0%26ifk%3D3625558336%26scr_x%3D0%26scr_y%3D0%26eid%3D44759842%252C44759875%252C44759926%252C44773810%252C31072288%26oid%3D2%26pvsid%3D3592967760079115%26tmod%3D826852182%26uas%3D0%26nvt%3D1%26eae%3D2%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C0%252C0%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D260%26bc%3D31%26ifi%3D1%26uci%3D1.9xc328x70tr%26fsb%3D1%26dtd%3D316&ancestorOrigins=null&random=1135940840729&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 12 Feb 2023 18:03:55 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Sun, 12 Feb 2023 07:03:55 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

Content-Length: 0
Content-Type: application/javascript
Date: Sun, 12 Feb 2023 18:03:56 GMT
Host: pv.medialead.de
Keep-Alive: timeout=20
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=25929400118688500951389012233017&actionid=981741&produktid=&dt_url=
Proxy-Host: pv.medialead.de
Server: nginx/1.17.5
Strict-Transport-Security: max-age=15768000
X-IPLB-Instance: 40028
X-IPLB-Request-ID: B2A2D18E:AC74_91EFC182:01BB_63E92A0B_1AFFF7AB:11271

GET
H2 200 / Show response
adv.office-partner.de/ Frame 9B81 930 B
931 B 127ms
17ms Document
text/html 2a0b:4d07:401::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=0628944d0e&subid=&uid=7f5f82d6e12d2b75&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DGsKq-FKvwM0Kdn3gvuBy9A%26exch_seat%3D20035004448%26mt_aid%3D7542384832053800902%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dfd5263e9-2a0b-4c01-8da2-19ea7d6c670f%26mt_cid%3Dfd5263e9-2a0b-4c01-8da2-19ea7d6c670f%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC5_xyCyrpY5TNBpK-ZuGYvPgHz4eOm1zAhtmCxgLAjbcBEAEgAGCVwqaCsAeCARdjYS1wdWItMjQ4MTc4NzIxNzQzOTM1NMgBCagDAaoEsQFP0DMHd9UxkveM-3t8yPWhHkJKZOXBanSP_10-glNuEkAjgt9U40fZOE8NQo9mTwjUKj1HamyihriT95twyaVU9zpA0GvdKeuWeh2jU-uLzhv-LvYyMqHQqx3-i3NJDZZcjwlMCpd1y81BOFOaXxmpi3WkPdm8QvOPflm93tbM4P8sB6E4CBy2YpB15Oenw29Whx3Pu1aCDPuS7NEQbUi1zYmklQE0LT0tzTdhBP5c51aABr7U1vzZmuidqAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1OZ6BAqaf_HBdR43KkoJdLN7TUbQ%2526client%253Dca-pub-2481787217439354%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2481787217439354%26output%3Dhtml%26h%3D90%26slotname%3D2458072068%26adk%3D2750932062%26adf%3D3279755398%26pi%3Dt.ma~as.2458072068%26w%3D728%26lmt%3D1676225035%26rafmt%3D12%26format%3D728x90%26url%3Dhttps%253A%252F%252Fmy.germany.ru%252F1356479%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1676225034733%26bpp%3D5%26bdt%3D251%26idt%3D297%26shv%3Dr20230207%26mjsv%3Dm202302060101%26ptt%3D9%26saldr%3Daa%26cookie%3DID%253Da0c2c402c8cb1fbd-225c15028bdc0063%253AT%253D1676225034%253ART%253D1676225034%253AS%253DALNI_MYxBwILpjSgAd_xzSdvdvFciwRyoQ%26gpic%3DUID%253D00000bb503269a6a%253AT%253D1676225034%253ART%253D1676225034%253AS%253DALNI_MZ2J2oLRrCfyikZinyHGbyeHjR0Vw%26correlator%3D616708576777%26frm%3D23%26ife%3D1%26pv%3D1%26ga_vid%3D2002525937.1676225034%26ga_sid%3D1676225035%26ga_hid%3D2143776794%26ga_fc%3D1%26nhd%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D315%26ady%3D58%26biw%3D1600%26bih%3D1200%26isw%3D0%26ish%3D0%26ifk%3D3625558336%26scr_x%3D0%26scr_y%3D0%26eid%3D44759842%252C44759875%252C44759926%252C44773810%252C31072288%26oid%3D2%26pvsid%3D3592967760079115%26tmod%3D826852182%26uas%3D0%26nvt%3D1%26eae%3D2%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C0%252C0%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D260%26bc%3D31%26ifi%3D1%26uci%3D1.9xc328x70tr%26fsb%3D1%26dtd%3D316&ancestorOrigins=null&random=1135940840729&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Sun, 12 Feb 2023 18:03:55 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Sun, 19 Feb 2023 18:03:55 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn-engine
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: atvi

GET
H2

200

htlp Show response
futalis.de/ Frame 01A8
Redirect Chain

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=25929400118688500951389012233017&ra_cnt_active=1&ra_cnt=1
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2243793815

350 B
401 B

94ms
13ms

Document
text/html

49.12.22.42
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2243793815
Requested by: Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=0628944d0e&subid=&uid=7f5f82d6e12d2b75&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DGsKq-FKvwM0Kdn3gvuBy9A%26exch_seat%3D20035004448%26mt_aid%3D7542384832053800902%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dfd5263e9-2a0b-4c01-8da2-19ea7d6c670f%26mt_cid%3Dfd5263e9-2a0b-4c01-8da2-19ea7d6c670f%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC5_xyCyrpY5TNBpK-ZuGYvPgHz4eOm1zAhtmCxgLAjbcBEAEgAGCVwqaCsAeCARdjYS1wdWItMjQ4MTc4NzIxNzQzOTM1NMgBCagDAaoEsQFP0DMHd9UxkveM-3t8yPWhHkJKZOXBanSP_10-glNuEkAjgt9U40fZOE8NQo9mTwjUKj1HamyihriT95twyaVU9zpA0GvdKeuWeh2jU-uLzhv-LvYyMqHQqx3-i3NJDZZcjwlMCpd1y81BOFOaXxmpi3WkPdm8QvOPflm93tbM4P8sB6E4CBy2YpB15Oenw29Whx3Pu1aCDPuS7NEQbUi1zYmklQE0LT0tzTdhBP5c51aABr7U1vzZmuidqAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1OZ6BAqaf_HBdR43KkoJdLN7TUbQ%2526client%253Dca-pub-2481787217439354%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2481787217439354%26output%3Dhtml%26h%3D90%26slotname%3D2458072068%26adk%3D2750932062%26adf%3D3279755398%26pi%3Dt.ma~as.2458072068%26w%3D728%26lmt%3D1676225035%26rafmt%3D12%26format%3D728x90%26url%3Dhttps%253A%252F%252Fmy.germany.ru%252F1356479%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1676225034733%26bpp%3D5%26bdt%3D251%26idt%3D297%26shv%3Dr20230207%26mjsv%3Dm202302060101%26ptt%3D9%26saldr%3Daa%26cookie%3DID%253Da0c2c402c8cb1fbd-225c15028bdc0063%253AT%253D1676225034%253ART%253D1676225034%253AS%253DALNI_MYxBwILpjSgAd_xzSdvdvFciwRyoQ%26gpic%3DUID%253D00000bb503269a6a%253AT%253D1676225034%253ART%253D1676225034%253AS%253DALNI_MZ2J2oLRrCfyikZinyHGbyeHjR0Vw%26correlator%3D616708576777%26frm%3D23%26ife%3D1%26pv%3D1%26ga_vid%3D2002525937.1676225034%26ga_sid%3D1676225035%26ga_hid%3D2143776794%26ga_fc%3D1%26nhd%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D315%26ady%3D58%26biw%3D1600%26bih%3D1200%26isw%3D0%26ish%3D0%26ifk%3D3625558336%26scr_x%3D0%26scr_y%3D0%26eid%3D44759842%252C44759875%252C44759926%252C44773810%252C31072288%26oid%3D2%26pvsid%3D3592967760079115%26tmod%3D826852182%26uas%3D0%26nvt%3D1%26eae%3D2%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C0%252C0%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D260%26bc%3D31%26ifi%3D1%26uci%3D1.9xc328x70tr%26fsb%3D1%26dtd%3D316&ancestorOrigins=null&random=1135940840729&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 49.12.22.42 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb-3.futalis.de
Software: /
Resource Hash: 582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 350
content-type: text/html; charset=utf-8

Redirect headers

content-length: 0
content-type: text/html; charset=utf-8
date: Sun, 12 Feb 2023 18:03:55 GMT
location: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2243793815
p3p: policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server: Apache
xphp81: true

GET
H2 200 link.html Show response
track.webgains.com/ Frame 8A86 2 KB
2 KB 181ms
76ms Script
text/html 13.42.68.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=25929400118688500951389012233017&nw=1
Requested by: Host: my.germany.ru
URL: https://my.germany.ru/1356479
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.42.68.116 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-42-68-116.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 8f7ce50876bcdc5c3d6ed2693e7e493a00b43392976b07db4b62ea64b8240805

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:56 GMT
last-modified: Sun, 12 Feb 2023 18:03:55 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Sun, 12 Feb 2023 18:04:55 GMT

GET
H/1.1 200
OK request_content.php Show response
hal900017.redintelligence.net/ Frame 90F5 7 KB
2 KB 37ms
12ms Document
text/html 159.69.70.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900017.redintelligence.net/request_content.php?s=25929400118688500951389012233017&a=3f163fda
Requested by: Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=0628944d0e&subid=&uid=7f5f82d6e12d2b75&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DGsKq-FKvwM0Kdn3gvuBy9A%26exch_seat%3D20035004448%26mt_aid%3D7542384832053800902%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dfd5263e9-2a0b-4c01-8da2-19ea7d6c670f%26mt_cid%3Dfd5263e9-2a0b-4c01-8da2-19ea7d6c670f%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC5_xyCyrpY5TNBpK-ZuGYvPgHz4eOm1zAhtmCxgLAjbcBEAEgAGCVwqaCsAeCARdjYS1wdWItMjQ4MTc4NzIxNzQzOTM1NMgBCagDAaoEsQFP0DMHd9UxkveM-3t8yPWhHkJKZOXBanSP_10-glNuEkAjgt9U40fZOE8NQo9mTwjUKj1HamyihriT95twyaVU9zpA0GvdKeuWeh2jU-uLzhv-LvYyMqHQqx3-i3NJDZZcjwlMCpd1y81BOFOaXxmpi3WkPdm8QvOPflm93tbM4P8sB6E4CBy2YpB15Oenw29Whx3Pu1aCDPuS7NEQbUi1zYmklQE0LT0tzTdhBP5c51aABr7U1vzZmuidqAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1OZ6BAqaf_HBdR43KkoJdLN7TUbQ%2526client%253Dca-pub-2481787217439354%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2481787217439354%26output%3Dhtml%26h%3D90%26slotname%3D2458072068%26adk%3D2750932062%26adf%3D3279755398%26pi%3Dt.ma~as.2458072068%26w%3D728%26lmt%3D1676225035%26rafmt%3D12%26format%3D728x90%26url%3Dhttps%253A%252F%252Fmy.germany.ru%252F1356479%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1676225034733%26bpp%3D5%26bdt%3D251%26idt%3D297%26shv%3Dr20230207%26mjsv%3Dm202302060101%26ptt%3D9%26saldr%3Daa%26cookie%3DID%253Da0c2c402c8cb1fbd-225c15028bdc0063%253AT%253D1676225034%253ART%253D1676225034%253AS%253DALNI_MYxBwILpjSgAd_xzSdvdvFciwRyoQ%26gpic%3DUID%253D00000bb503269a6a%253AT%253D1676225034%253ART%253D1676225034%253AS%253DALNI_MZ2J2oLRrCfyikZinyHGbyeHjR0Vw%26correlator%3D616708576777%26frm%3D23%26ife%3D1%26pv%3D1%26ga_vid%3D2002525937.1676225034%26ga_sid%3D1676225035%26ga_hid%3D2143776794%26ga_fc%3D1%26nhd%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D315%26ady%3D58%26biw%3D1600%26bih%3D1200%26isw%3D0%26ish%3D0%26ifk%3D3625558336%26scr_x%3D0%26scr_y%3D0%26eid%3D44759842%252C44759875%252C44759926%252C44773810%252C31072288%26oid%3D2%26pvsid%3D3592967760079115%26tmod%3D826852182%26uas%3D0%26nvt%3D1%26eae%3D2%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C0%252C0%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D260%26bc%3D31%26ifi%3D1%26uci%3D1.9xc328x70tr%26fsb%3D1%26dtd%3D316&ancestorOrigins=null&random=1135940840729&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.70.9 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.9.70.69.159.clients.your-server.de
Software: Apache /
Resource Hash: e60afaff5ca418d54e55f309e91e509093ac8e1840a173013b1dea4f616a5ac3

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2060
Content-Type: text/html; charset=utf-8
Date: Sun, 12 Feb 2023 18:03:55 GMT
Expires: Sun, 12 Feb 2023 18:03:55 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1

200
OK

native.png
ad-server.eu/wm/pb/ Frame 8A86
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=25929400118688500951389012233017
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=25929400118688500951389012233017
https://ad-server.eu/wm/pb/native.png

68 B
312 B

225ms
29ms

Image
image/png

54.76.176.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-server.eu/wm/pb/native.png
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2481787217439354&output=html&h=90&slotname=2458072068&adk=2750932062&adf=3279755398&pi=t.ma~as.2458072068&w=728&lmt=1676225035&rafmt=12&format=728x90&url=https%3A%2F%2Fmy.germany.ru%2F1356479&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676225034733&bpp=5&bdt=251&idt=297&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&cookie=ID%3Da0c2c402c8cb1fbd-225c15028bdc0063%3AT%3D1676225034%3ART%3D1676225034%3AS%3DALNI_MYxBwILpjSgAd_xzSdvdvFciwRyoQ&gpic=UID%3D00000bb503269a6a%3AT%3D1676225034%3ART%3D1676225034%3AS%3DALNI_MZ2J2oLRrCfyikZinyHGbyeHjR0Vw&correlator=616708576777&frm=23&ife=1&pv=1&ga_vid=2002525937.1676225034&ga_sid=1676225035&ga_hid=2143776794&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=58&biw=1600&bih=1200&isw=0&ish=0&ifk=3625558336&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44773810%2C31072288&oid=2&pvsid=3592967760079115&tmod=826852182&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=260&bc=31&ifi=1&uci=1.9xc328x70tr&fsb=1&dtd=316
Protocol: HTTP/1.1
Server: 54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Sun, 12 Feb 2023 18:06:44 GMT
Last-Modified: Sat, 21 Dec 2019 23:06:59 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5dfea593-44"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68

Redirect headers

Date: Sun, 12 Feb 2023 18:03:56 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: B2A2D18E:AC74_91EFC182:01BB_63E92A0C_1AFFF7BF:11271
X-IPLB-Instance: 40028
Content-Type: application/go
Location: https://ad-server.eu/wm/pb/native.png
Keep-Alive: timeout=20
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E1B2 0
10 B 30ms
30ms Image
text/plain 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ME5ZEw
Requested by: Host: my.germany.ru
URL: https://my.germany.ru/1356479
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:55 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 334A 1 KB
643 B 15ms
13ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 12038
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 12 Feb 2023 14:43:17 GMT
etag: 48472445140208031
expires: Mon, 13 Feb 2023 14:43:17 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8A86 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b55a48fa0db13c7bf8d1232280b3fe19895cb0b6ef58a9b5e77eaad53fc7d6b5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame 90F5 1 KB
515 B 23ms
22ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web:400,700

Requested by

Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request_content.php?s=25929400118688500951389012233017&a=3f163fda

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7f24d5e431e274a8d8c196752f7ab87ff9c636de1a7bc3d9c44729c1a87570a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900017.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 12 Feb 2023 18:03:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 12 Feb 2023 17:48:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 12 Feb 2023 18:03:56 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 90F5 9 KB
9 KB 39ms
16ms Image
image/png 78.46.111.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_627x627.jpg
Requested by: Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request_content.php?s=25929400118688500951389012233017&a=3f163fda
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.111.46.78.clients.your-server.de
Software: Apache /
Resource Hash: c4d662721a6b8a97635c701ce6ed96517836e1ccf93df52554ced95a7f142770

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900017.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Sun, 12 Feb 2023 18:03:56 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 9364
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 90F5 9 KB
9 KB 42ms
12ms Image
image/png 78.46.111.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/627x627_Office-Partner.jpg
Requested by: Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request_content.php?s=25929400118688500951389012233017&a=3f163fda
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.111.46.78.clients.your-server.de
Software: Apache /
Resource Hash: d1f1af70e42ce7d9ff7c08555781c2b3da8feff3d8e5b7c6f5d0b38a19b7f730

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900017.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Sun, 12 Feb 2023 18:03:56 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 9286
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 90F5 7 KB
8 KB 42ms
13ms Image
image/png 78.46.111.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/627x627.jpg
Requested by: Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request_content.php?s=25929400118688500951389012233017&a=3f163fda
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.111.46.78.clients.your-server.de
Software: Apache /
Resource Hash: caf03fbfdb340f4699d25c24246b23159946c9c228ae726b9c7556ad8de501a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900017.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Sun, 12 Feb 2023 18:03:56 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 7648
Vary: Accept-Encoding
Content-Type: image/png

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 331C 0
10 B 33ms
31ms Image
text/plain 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?JFS-Wg
Requested by: Host: my.germany.ru
URL: https://my.germany.ru/1356479
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:56 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 9B81 103 KB
40 KB 27ms
22ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b63735925efc2153f68cfdee6f846fd6d0277a5925639180fb72686ea92302cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 40730
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 12 Feb 2023 18:03:56 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 334A
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEL2yJ14nv0304BVmRfCgn-c&google_cver=1&google_push=Aa02lx9aZOl0H0Aarfc-S5qRC6UIgz2QkgD37VMZ6CVoqinMdhM5v9LDEqWeQDI5U31oi-gl5sY8xRK3ulRh_RVQnWqzcIHuiUv9
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8ADC7F90E83F4EE7B49CB97693D39E5B&google_push=Aa02lx9aZOl0H0Aarfc-S5qRC6UIgz2QkgD37VMZ6CVoqinMdhM5v9LDEqWeQDI5U31oi-gl5sY8xRK3ulRh_RV...

170 B
232 B

23ms
23ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8ADC7F90E83F4EE7B49CB97693D39E5B&google_push=Aa02lx9aZOl0H0Aarfc-S5qRC6UIgz2QkgD37VMZ6CVoqinMdhM5v9LDEqWeQDI5U31oi-gl5sY8xRK3ulRh_RVQnWqzcIHuiUv9

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Feb 2023 18:03:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 12 Feb 2023 18:03:56 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8ADC7F90E83F4EE7B49CB97693D39E5B&google_push=Aa02lx9aZOl0H0Aarfc-S5qRC6UIgz2QkgD37VMZ6CVoqinMdhM5v9LDEqWeQDI5U31oi-gl5sY8xRK3ulRh_RVQnWqzcIHuiUv9
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 11 Feb 2023 18:03:56 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 334A 0
191 B 96ms
14ms Image
text/plain 98.98.134.241
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEPiX3MFhda0U8wqtSfWNp9Y&google_cver=1&google_push=Aa02lx_WCvpwc-3QdcMkXx7eBBFMnDrjRr7bcVru-iyMz37PvJCEIXANyMtumgdUlTQegGkpUTYC0nwHgLlIKr2o7xQuiTaig5FuJw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2481787217439354&output=html&h=90&slotname=2458072068&adk=2750932062&adf=3279755398&pi=t.ma~as.2458072068&w=728&lmt=1676225035&rafmt=12&format=728x90&url=https%3A%2F%2Fmy.germany.ru%2F1356479&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676225034733&bpp=5&bdt=251&idt=297&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&cookie=ID%3Da0c2c402c8cb1fbd-225c15028bdc0063%3AT%3D1676225034%3ART%3D1676225034%3AS%3DALNI_MYxBwILpjSgAd_xzSdvdvFciwRyoQ&gpic=UID%3D00000bb503269a6a%3AT%3D1676225034%3ART%3D1676225034%3AS%3DALNI_MZ2J2oLRrCfyikZinyHGbyeHjR0Vw&correlator=616708576777&frm=23&ife=1&pv=1&ga_vid=2002525937.1676225034&ga_sid=1676225035&ga_hid=2143776794&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=58&biw=1600&bih=1200&isw=0&ish=0&ifk=3625558336&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44773810%2C31072288&oid=2&pvsid=3592967760079115&tmod=826852182&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=260&bc=31&ifi=1&uci=1.9xc328x70tr&fsb=1&dtd=316
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Sun, 12 Feb 2023 18:03:55 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 334A
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEPRbj9q9bEZyNdUi-SJDObg&google_cver=1&google_push=Aa02lx8dPjkR7qQcpYGB2nNZmzAvPjBzBUgPglxMgqC9Jg-0w_fNDMKtIsw-Ibhnw0aUWF3PiPOkFfjxo0mOogdxRLXCe3A...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEPRbj9q9bEZyNdUi-SJDObg&google_cver=1&google_push=Aa02lx8dPjkR7qQcpYGB2nNZmzAvPjBzBUgPglxMgqC9Jg-0w_fNDMKtIsw-Ibhnw0aUWF3PiPOkFfjxo0mOogdxRLXCe...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx8dPjkR7qQcpYGB2nNZmzAvPjBzBUgPglxMgqC9Jg-0w_fNDMKtIsw-Ibhnw0aUWF3PiPOkFfjxo0mOogdxRLXCe3A2uGYD

170 B
188 B

26ms
25ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx8dPjkR7qQcpYGB2nNZmzAvPjBzBUgPglxMgqC9Jg-0w_fNDMKtIsw-Ibhnw0aUWF3PiPOkFfjxo0mOogdxRLXCe3A2uGYD

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Feb 2023 18:03:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx8dPjkR7qQcpYGB2nNZmzAvPjBzBUgPglxMgqC9Jg-0w_fNDMKtIsw-Ibhnw0aUWF3PiPOkFfjxo0mOogdxRLXCe3A2uGYD
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 334A
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEAHToMyYR2CV4adHxHl1-XA&google_cver=1&google_push=Aa02lx96CnWkgnT0LXXlLt1ENg6sBvALmkfpEPUNDBDlWqm0gSSpp_dkULCV8vv9p_7RIG9hIns705jnNR42DMBp...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx96CnWkgnT0LXXlLt1ENg6sBvALmkfpEPUNDBDlWqm0gSSpp_dkULCV8vv9p_7RIG9hIns705jnNR42DMBpnTfkbp2VYK0S

170 B
329 B

26ms
25ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx96CnWkgnT0LXXlLt1ENg6sBvALmkfpEPUNDBDlWqm0gSSpp_dkULCV8vv9p_7RIG9hIns705jnNR42DMBpnTfkbp2VYK0S

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Feb 2023 18:03:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 12 Feb 2023 18:03:56 GMT
via: 1.1 4ca98b546b8d71c72caf6a3d8f75dc24.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: VIE50-C2
x-cache: GeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx96CnWkgnT0LXXlLt1ENg6sBvALmkfpEPUNDBDlWqm0gSSpp_dkULCV8vv9p_7RIG9hIns705jnNR42DMBpnTfkbp2VYK0S
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: gUISO43Ul0fEHcV3bTbgoYMGbLq3FlFVQwFU3U6rFStY0bNa7Hkndw==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 334A
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESENIf6NA5f5FqJhGMFLgtuPY&google_cver=1&google_push=Aa02lx9BW4Sgaf-K7cFYFpf4psUMkv_odYD-Z50UdwBjB-XLZSDx6-zLXEjebDhucNuz4jJSWTRxHdzPWTciqXgGspkqUw...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESENIf6NA5f5FqJhGMFLgtuPY&google_cver=1&google_push=Aa02lx9BW4Sgaf-K7cFYFpf4psUMkv_odYD-Z50UdwBjB-XLZSDx6-zLXEjebDhucNuz4jJSWTRxHdzPWTciqXgG...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=hvW_otKaT7OfJiWdld02vw&google_push=Aa02lx9BW4Sgaf-K7cFYFpf4psUMkv_odYD-Z50UdwBjB-XLZSDx6-zLXEjebDhucNuz4jJSWTRxHdzPWTciqXg...

170 B
188 B

24ms
23ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=hvW_otKaT7OfJiWdld02vw&google_push=Aa02lx9BW4Sgaf-K7cFYFpf4psUMkv_odYD-Z50UdwBjB-XLZSDx6-zLXEjebDhucNuz4jJSWTRxHdzPWTciqXgGspkqUwTDwz1QIg

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Feb 2023 18:03:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=hvW_otKaT7OfJiWdld02vw&google_push=Aa02lx9BW4Sgaf-K7cFYFpf4psUMkv_odYD-Z50UdwBjB-XLZSDx6-zLXEjebDhucNuz4jJSWTRxHdzPWTciqXgGspkqUwTDwz1QIg
access-control-allow-origin: *
date: Sun, 12 Feb 2023 18:03:56 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 334A
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEMMPUFyaot638DDAVwyXjmw&google_cver=1&google_push=Aa02lx8z3zij9IQx4AfL4UM4n2a6OUVLP6wO1LR-SKUDr9VNdqCAzlmQ7EGg5Ayf9_jHTVxZxq...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEMMPUFyaot638DDAVwyXjmw&google_cver=1&google_push=Aa02lx8z3zij9IQx4AfL4UM4n2a6OUVLP6wO1LR-SKUDr9VNdqCAzlmQ7EGg5Ayf9_jHTVxZxq...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0xNndtTW94RTJ1RWZfMURtSmtmSXpOYzVBaThYS0gxen5B&google_push=Aa02lx8z3zij9IQx4AfL4UM4n2a6OUVLP6wO1LR-SKUDr9VNdqCAzlmQ7...

170 B
188 B

24ms
23ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0xNndtTW94RTJ1RWZfMURtSmtmSXpOYzVBaThYS0gxen5B&google_push=Aa02lx8z3zij9IQx4AfL4UM4n2a6OUVLP6wO1LR-SKUDr9VNdqCAzlmQ7EGg5Ayf9_jHTVxZxq3GNYZ13_KpmqJdxa2P3PLpTQlRSEM

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Feb 2023 18:03:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0xNndtTW94RTJ1RWZfMURtSmtmSXpOYzVBaThYS0gxen5B&google_push=Aa02lx8z3zij9IQx4AfL4UM4n2a6OUVLP6wO1LR-SKUDr9VNdqCAzlmQ7EGg5Ayf9_jHTVxZxq3GNYZ13_KpmqJdxa2P3PLpTQlRSEM
date: Sun, 12 Feb 2023 18:03:56 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 334A
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEBph-KA0z...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEBp...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=4d0a2809-db1b-41fd-ae53-dea2aaf20fdd&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

23ms
23ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=4d0a2809-db1b-41fd-ae53-dea2aaf20fdd&%%GOOGLE_PUSH_PAIR%%

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Feb 2023 18:03:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=4d0a2809-db1b-41fd-ae53-dea2aaf20fdd&%%GOOGLE_PUSH_PAIR%%
date: Sun, 12 Feb 2023 18:03:56 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 334A 0
130 B 75ms
24ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Je_aL3JljI8-auQS-1UsAHjCF3EJcgagOCBvwf8Fh6V185GzwlvQ4dmYb3tpBehLmd_V0xT0A

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:56 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK viewability Show response
hal900017.redintelligence.net/ Frame 90F5 0
150 B 37ms
13ms Script
text/html 159.69.70.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900017.redintelligence.net/viewability?s=25929400118688500951389012233017&a=76e36c0a&vb=m
Requested by: Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request_content.php?s=25929400118688500951389012233017&a=3f163fda
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.70.9 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.9.70.69.159.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900017.redintelligence.net/request_content.php?s=25929400118688500951389012233017&a=3f163fda
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Sun, 12 Feb 2023 18:03:56 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 ts.js Show response
cdn.retailads.net/ Frame 01A8 5 KB
5 KB 10ms
10ms Script
application/javascript 2a01:4f8:d0a:2321::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.retailads.net/ts.js
Requested by: Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2243793815
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2321::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: c45a84e5e0ff6ed83afd426788be38a5cbc442dc6cce4631bfd5c22fdd1fc8df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://futalis.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:56 GMT
last-modified: Fri, 21 Jan 2022 14:35:51 GMT
server: Apache
etag: "14aa-5d6188919baaa"
content-type: application/javascript
xphp81: true
accept-ranges: bytes
content-length: 5290

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 8A86 85 KB
31 KB 65ms
8ms Script
application/javascript 13.224.189.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=25929400118688500951389012233017&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-29.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 08:15:15 GMT
content-encoding: gzip
via: 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
last-modified: Fri, 09 Dec 2022 10:53:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 35322
etag: W/"0d5045593d14c9612a5d5576928a5209"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: zD12mkJ3ZbEc7GTABXfx3cdFhECw2OdmaixElqjHO4TkLdQqlkz5kw==

GET
H2 200 1x1.png
cdn.track.production.webgains.team/7121/ Frame 8A86 3 KB
3 KB 45ms
8ms Image
image/png 99.86.4.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.png?Expires=1676225336&Signature=Sq32wrIVMECYWBozmqCN8oN5VCbaYPIOLcCdxOEeYqJemToxidAWNFaH5FlcNidCv-yyzaTZ2fFtoDmd-qOKob3I0nUBfP4nuGDzPug4RT3gh5a0A8WCK4A5jBzNLj-cXnMHu9g81pBcwCGVfN9Iot9od6Bxa4waqrFcNljpS3eZK2Nlu6ljo7AtYOqomRrQrm~x14eYNCKtX0aHS1xu9npJJsRywn~P94JHS~fKDsCxz9Cn43FFROaTqWGckxVNLDD48pc9l35yWC1cIkKj~x86zdN5OBY4~8OIDuf1XtnF4G5gwXd1~PX5u~66FLgcOKdHe8T4Kn53tnuE18hViA__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2481787217439354&output=html&h=90&slotname=2458072068&adk=2750932062&adf=3279755398&pi=t.ma~as.2458072068&w=728&lmt=1676225035&rafmt=12&format=728x90&url=https%3A%2F%2Fmy.germany.ru%2F1356479&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676225034733&bpp=5&bdt=251&idt=297&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&cookie=ID%3Da0c2c402c8cb1fbd-225c15028bdc0063%3AT%3D1676225034%3ART%3D1676225034%3AS%3DALNI_MYxBwILpjSgAd_xzSdvdvFciwRyoQ&gpic=UID%3D00000bb503269a6a%3AT%3D1676225034%3ART%3D1676225034%3AS%3DALNI_MZ2J2oLRrCfyikZinyHGbyeHjR0Vw&correlator=616708576777&frm=23&ife=1&pv=1&ga_vid=2002525937.1676225034&ga_sid=1676225035&ga_hid=2143776794&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=58&biw=1600&bih=1200&isw=0&ish=0&ifk=3625558336&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44773810%2C31072288&oid=2&pvsid=3592967760079115&tmod=826852182&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=260&bc=31&ifi=1&uci=1.9xc328x70tr&fsb=1&dtd=316
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-52.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-amz-version-id: null
date: Sun, 12 Feb 2023 02:32:13 GMT
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 55918
etag: "4e57de0506fbdb487ffcd53b450caee1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2808
x-amz-cf-id: 2aIjQPib7AZZCBSjyBnSeqeqLip9s1HvihAjwcZytYG-_ccEHQsbiA==

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9532 0
0 51ms
51ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230207&jk=3440890330699800&bg=!XV6lXgrNAAaq5O5FiuQ7ADkAdvg8WhuofQekKhnKQ77jCwXKG8-_FESiqwiWlTc1t1hCRrrF5070o740XpNgKY3A7Xx1lFtSWQgCAAABnlIAAAACaAEHmQKrqyIZ4bf-6_KBnlMro__8tUpP1_Pnb4-9gsYjA60OSF_-pdFjRzOTUpkgtg-20sjNUCZKUXmPtQbhFjf-d8qdfwi_7KepMD0QD_Or2jmSdrh3LZKGeM5exyenGae6zWI2CClWDotAYHniGEfQ60vcKt1t07W7GcmWZZNCZKE7zdHgOuRBzEMcoorBEtGYnNpMMPbBPmgnVN4QeJ7efZefkOxubS3_A5nLc3uDyGcIzvVs_J9PYHcDZH68UbdeNe9RRpxGki-kjixvMDS5XjDJ4I1RDxw0FDK5q-2NS-_PJqdrLv7_XkU1U7ABxEp_vp8uOJRWxiEGgo4MPQ1ooFpqp8SnhHgiUUjF5nDnR7tDGzs8Bla9luBiIva1J6JbXr8O1DJtvIXzNDvAl8tXWa2CxUdDTAEa91-6QkdPJRB2RTkLKVaJ5ehIGApuL9g1nlXVBkXK7vvtBZ21QT_AOc05eHGRQFOc_jgcqipOjxK4KIsJju6ht3IN1Zojnzx9BAky6BgJkHc9KubsjoVG5A0f3aamGmAzYCeiXOxgAMC05vQ-KhgTP6BjSE-nv_TqMc2d0KDyKb-LTrOhP-91XxXV-u4dtgrGvMZ9Asr5LAGGRGxmGwkY3z-5fVk7LxK3F7qhBRYvu2yz20bkG2ut548Ia-xRPSqdyeWZMHt2MzeP3nHVwjx6SQkMLJCr6QL5VOXMGZ19eUJKFiAHQ8ov7MbsYyAdPikjJZkVZwNQI5Fok2VOtu7WFjWJ-DtjgBHlevDnHwnT_QWS4snf4r0K2EiYN4ActMNNubyRQ7TFv7o4WJ65AapulaVcFGb8KUgK_i7lgusDfSoGTzI9CcAgwFUpJhBSj4jAq7wPc2Mf0PUBJHHO1haWRqS6I5U8pA8GqXidklPACVlXt0s5SjU
Requested by: Host: my.germany.ru
URL: https://my.germany.ru/1356479
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D545 0
0 51ms
50ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230207&jk=1592943485690680&bg=!srGlseXNAAaq5O5FiuQ7ADkAdvg8WtMsEXPOU_A0yExO0ptK-m12ZMPNwBqVGluzuo4uh1seg9h2jBxQNcGPggqUF_TpQe_Z71sCAAAB91IAAAACaAEHmQLDA2xb0l1p9gR0tbNMKCHveX8iEnR8w4j5cXHsW_QcyDOyTGtuFmvH5-UgIXnjuM-wVddgNnPnkx-OSkzUKKMKH6y43frNpdPe3PTt9H9VDathw2rxOTEqz4BgJUvzaWErY__dPnlnNkx7Fg1qLzdGi8tw-GwIjJ-G-oG8_3vExC7nbwrAh5L6Ohca3_nzackXQgZzYKrY_SE0UxWRwHzo__GyewulPYwwjwFzNRIAHTBP3k85p27KqYnZWE3HEnLGZEyW0LBOA1aXTIzXZy_KwYvGHpwL3ddOjtfmFtDYc37nUCaXNz_w9i3i8UjPrISsKY5aFHON6mWvhoi6SiA0GVSfVG0GIfmF4GSGjiHyTqT5a-AMpf_vJWkN_tyNd3KmIn3AcIizDIggRxN-z4QNhDKGf74O5RDnoZrC0hTORCMZTGM16-4UtsV_808rNyvvBxCokR_B6S06fwQop85FhGApiibtbe_fm66AXfymB2XdRXTBLhNWq_VszVReTJm0NTaL5GVrgEbeav9WuOPH5ER-3G5MIHLXYW42Bh3JiXcdNbk4jeD09QIKsmGERGbaPcowkjB8s5BDS1v8JBpbnJXzhK2ugtYTgw74fVTXtGFm-pXn6BfjFIGJwSqdm20Hy0tyZke73JMe9bCODrUlxn7NcD8QtZ9-TtFvIS8R_ZkgCxXZnzjpPB9obBVrc1gH8C9zo4o0DNA8q6K7NNTwc_4im6vcktA1o3Uyq0j_qz_A4zPupOk8GWjVDGIcLPBx8QyUyYiWyhMkqBTx4wAE1oob4gGYCA2iavg77AG6LTMfgtkPAgGjIQm5nfaVaY-iQ48i-WfecYtMy19uxE-QotyThx7vglbF1kT0poxW3D58clBsxAguZigk8Spopdo_2l7ySuvjdCfyiiEhwQ5sCmrmhGA6HrUEkKiYdMPle34O8kI
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 36B9 0
0 51ms
51ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230207&jk=645908094534508&bg=!5uWl5bHNAAaq5O5FiuQ7ADkAdvg8Wg3NvX0y5RT-vRqiDZW0hUJ61TF5tDJqzPQo5LD47S57r9-htXWzHQS1uJ3zKYPfASL9NrsCAAAB5lIAAAADaAEHmQLHD9J9WDYnE_YMX_RQYZ4V3IUro7g05bkQq-AS58ljdYSKCo75dSXVE18h_cfVb6grKptIIeeW0ZClZgAKkpTUuToM8J4ADHHjJ81uhs0xUkNArxEyxqJ4wbVmlV0sbI4hZ_z0Hk3Bt6X0aKlEl0B9w4Xr503Q_dfIWUIxnKq3a8OX_2iFCDMnkxBt6WOhy_F8e3jlYf3xqD4HsgTCi0ua_2CxX1cBekjX40Wcy0qQR9d8z-eQrK7Y67CBaRJUfcOtAJ3AdDm1Lqk9Fuw6HUAI898hUQPMMAReYCD6-AotNKLjxMm5LOXszmUzvBFz12nPtNUcoxhLJ8Ys_MmAh7qMlu88suW-i4pYGNlJivdXc7UpEJ3UgayCC1tUrimUHTUPVslyj3_89Fc5lJFaQYr61y0-AkaEsxcHRuXJetwOOVd_46KxWJwZMm3ji1Wxqnq0qZ1hKGKgXXhh-ImyiAvZNUL1w39mpDt8zXfwY1jOCiWy0-6Q8El1fd3wHcNW2uq3tdfCZ_hl9j__91NUVT3OssQNJ6-_WjvtVxFkVudQX6txkxqnyrpqeF5LHjoX4LKW9_LZf0MI5s-mVHCI92Nr34OzF6n-0jKjC1bwbhvLb1NwJFimRhA4QtHGzlaG8BLg1JWcE1I38YUG-iDFBtzR9MEhr7FOT8Ra8dKezG0vje3noqK8QBs34bXOfXGRzBq1oz4xlX8-vIp1YvZYHIOpWtCBNdMGkCPxPdoUkZPfKx9mgZcOfv4A4edHkKI6vr5bb9YKIAAan5wKdLvRSUeW6DqHfvDF_ZG2AEpFUdN8t6SNvBzC9It6GtHV1klH-ZmanWno1Al3PZVGLORAt5W-RMyJYSuXrLKqzpBepSpbOWdIhhGbuC62yMPc62ZvzdW0R5l1AeNwd8eScWXtHRZ-kIoDm14r0pdrgDZDpjdpE7ucFQB0RmA_
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B992 42 B
64 B 49ms
48ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsupF8NPMjFC2u4Z0A3HGvX8vWfjG59WWEUZZBbEUNz8clO9NRz_5U_mcPtUUdzfXGgF_jeij4qduKxF8J0V3CPrBWo&sig=Cg0ArKJSzCgBm6XUc0ScEAE&id=lidar2&mcvt=1001&p=0,0,280,970&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&v=20230208&bin=7&avms=nio&bs=0,0&mc=0.73&if=1&vu=1&app=0&itpl=20&adk=3570679225&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1676225034971&rpt=444&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Feb 2023 18:03:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F698 42 B
64 B 47ms
47ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvZZdg1xoJdRuiB0kjzs2UdIO-7NSoJOELVeBOG-a1mc4GZ4fBW0RyOgHV3vwcm-BVEBs6ctizK5X8ZcCWTUKEVjPk&sig=Cg0ArKJSzJ5nSH4OlhM5EAE&id=lidar2&mcvt=1004&p=0,0,600,300&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20230208&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2245745956&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1676225034928&rpt=448&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Feb 2023 18:03:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A4A9 0
0 50ms
50ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230207&jk=3592967760079115&bg=!z8ylzJjNAAaq5O5FiuQ7ADkAdvg8WoUU7cHP0EiNMquGoznYuzlmfj3q_lLq9dL1DnMuRcFJGf5muL8oDn0_xRUJ648o_9xIvZUCAAABtlIAAAADaAEHmQK1uBLac01nX0OEMLG0ZT_fAd-H_9xoMIfvhejXRYQ4OR-JwunVH7VzON5Zs1C41XeZtHUsodPnhYiHKG7hmvZlVY4lfuS7AybEd2ZXV9KIFlONr1cz6PnmVtXh6X5t1Bnw35Fjq_Fw92DegZjVGqigZcRmcWfNsc1D75sZmeS0VqRqjYftbWR54V1xxVMgfsc11SL0haR5hL28esFwc8_q6OPJEMa5i2TyMVoMdf8-EXuH9yOQgnfoR5XF8_Q2b9D48kyb5vP1m4BpW9xNguCQqlF1sGNvR4eiZM5myfrewSKiVwZN9k_A9b6xo6nndx7Nt8FuxuKt3H5MOF-we7Njy4ehPyt3Fn9OCcc8iVNPHZ1v9LcfowxtzWmmj2SIm9If5FQVwk87rl8ijol9cruine3GEfRgq4LdYTA6a2VNSNB4PKYuKnpvkRDr65323uLF5N6Wgv0MFPqdqJSrA4_fXw6ILpvE--6pwBwHrXrM-IxLVEOQuZfBvlE5UVp6BD4-Y9UBWiI2sSWZznYQW82v-dwKd9tUEia0k9xZZvugf_XgRwGxz3GXewIJTLYa9qrCTpEjKqsPZ2kH6k25AyO2I_jaFklUdB_Cj_m01OIYRbTIDAcTAIf67YREk7elwsAcES945dBRVwi2ndkcT0CSTJUtSAW6hQIKPuEKxAhJqGp78HOpyjUHh7zCxCLxwlCUDSPGIlkYqd1m3CZ8Q5YYPDEloUPdZQHHwex9jZJ_xxwrdbeVMAwW3hb-qKNpS4b9nTmgr6JtZI-fYXVyBXCLihrPgSwcHnUa_IrVn9T75DHvqNYmkRSBC7dtpggx1iW2ONfNlLPbeKjt4I9ZrUeEbMhoZu0BxO-Gd6GH5zZrl0Su2CPkknKo3cbG60JOibhzriVQ6DfoRXtBGtNCBl87So6ME-_U
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

POST
H2 200 all
csm.eu.criteo.net/ Frame 1BE5 0
127 B 14ms
13ms Ping
text/plain 2a02:2638:1::17
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 12 Feb 2023 18:03:55 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

POST
H2 200 all
csm.eu.criteo.net/ Frame 98BC 0
127 B 14ms
13ms Ping
text/plain 2a02:2638:1::17
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 12 Feb 2023 18:03:56 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 8A86 16 B
232 B 73ms
72ms Fetch
application/json 18.169.219.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.169.219.247 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-169-219-247.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 12 Feb 2023 18:03:57 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 127ms
20ms Preflight 18.169.219.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.169.219.247 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-169-219-247.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Sun, 12 Feb 2023 18:03:57 GMT
server: nginx

GET
H/1.1 200
OK viewability Show response
hal900017.redintelligence.net/ Frame 90F5 0
150 B 36ms
13ms Script
text/html 159.69.70.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900017.redintelligence.net/viewability?s=25929400118688500951389012233017&a=76e36c0a&vb=v
Requested by: Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request_content.php?s=25929400118688500951389012233017&a=3f163fda
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.70.9 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.9.70.69.159.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900017.redintelligence.net/request_content.php?s=25929400118688500951389012233017&a=3f163fda
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Sun, 12 Feb 2023 18:03:57 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 5a9414d7032845298cf142efb83ff42a_cpn_300x600_1.gif
static.criteo.net/design/dt/942/221223/ Frame 98BC 91 KB
92 KB 21ms
20ms Image
image/gif 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/942/221223/5a9414d7032845298cf142efb83ff42a_cpn_300x600_1.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

490fa1eba6da36b04ea4dc2c1192e9870fb7c73a63f1c3126d8e10ff40417a7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 23 Dec 2022 13:09:15 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "63a5a87b-16cdd"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 93405
expires: Wed, 07 Feb 2024 18:03:59 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 16ms
16ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-TP4BKXBP5N&gtm=45je3280&_p=1885137553&cid=2002525937.1676225034&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1676225034&sct=1&seg=0&dl=https%3A%2F%2Fmy.germany.ru%2F1356479&dt=Mangola%20-%20Germany.ru&en=scroll&epn.percent_scrolled=90&_et=8
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TP4BKXBP5N
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Feb 2023 18:03:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://my.germany.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.germany.ru/	1970-01-20 19:13:05	Name: language Value: russian
.germany.ru/	1970-01-20 19:13:05	Name: skin Value: 0
.germany.ru/	1970-01-20 19:13:05	Name: track Value: sqthaDdNAxdrTg476504
.germany.ru/	1970-01-20 09:38:31	Name: _gid Value: GA1.2.1308761290.1676225034
.germany.ru/	1970-01-20 09:37:05	Name: _gat Value: 1
.germany.ru/	1970-01-20 19:13:05	Name: _ga Value: GA1.1.2002525937.1676225034
.germany.ru/	1970-01-20 19:13:05	Name: _ga_TP4BKXBP5N Value: GS1.1.1676225034.1.0.1676225034.0.0.0
.adscale.de/	1970-01-20 18:19:21	Name: cct Value: 1676225034497
.adscale.de/	1970-01-20 18:19:21	Name: uu Value: cbcd34ba0d814767b29c9bfd68ba6ba1
.germany.ru/	1970-01-20 18:58:41	Name: __gads Value: ID=a0c2c402c8cb1fbd-225c15028bdc0063:T=1676225034:RT=1676225034:S=ALNI_MYxBwILpjSgAd_xzSdvdvFciwRyoQ
.germany.ru/	1970-01-20 18:58:41	Name: __gpi Value: UID=00000bb503269a6a:T=1676225034:RT=1676225034:S=ALNI_MZ2J2oLRrCfyikZinyHGbyeHjR0Vw
.doubleclick.net/	1970-01-20 18:58:41	Name: IDE Value: AHWqTUkkzh9miqS762HsIQDUqBCNHLpxqt-0UywqNvjUnmcd43SH6uEQjJXmTUu5pVY
.mathtag.com/	1970-01-20 18:22:41	Name: uuid Value: fd5263e9-2a0b-4c01-8da2-19ea7d6c670f
.mytheresa.com/	1970-01-20 18:22:41	Name: tc_cj_v2 Value: ~%24.%2B%27%7B4y%2B-%2AZZZ%7D-%24%2F%20%2AZZZKPQPLLOJMOJJJZZZpc_q
.mytheresa.com/	1970-01-20 18:22:41	Name: tc_cj_v2_cmp Value: %7D-%24%2F%20%2Ay~%20
.mytheresa.com/	1969-12-31 23:59:59	Name: TC_CHECK_COOKIES_SUPPORT Value: 1
.mix-phoenix.commander1.com/	1970-01-20 18:22:41	Name: tc_cj_v2 Value: ~%24.%2B%27%7B4y%2B-%2AZZZ%7D-%24%2F%20%2AZZZKPQPLLOJMOJJJZZZpc_q
.mix-phoenix.commander1.com/	1970-01-20 18:22:41	Name: tc_cj_v2_cmp Value: %7D-%24%2F%20%2Ay~%20
.commander1.com/	1970-01-20 18:22:41	Name: TCID Value: 2023021219035510879533057
.mytheresa.com/	1970-01-20 18:22:41	Name: CAID Value: 2023021219035510879533057
.retailads.net/	1970-01-20 10:20:17	Name: ppb2172 Value: 2243793815
.futalis.de/	1970-01-20 11:03:29	Name: raSIDb Value: 2243793815
.office-partner.de/	1970-01-20 19:13:05	Name: source Value: {"webgains_webgains":{"timestamp":1676225036112,"clickCookie":false}}
.simpli.fi/	1970-01-20 18:24:07	Name: suid Value: 8ADC7F90E83F4EE7B49CB97693D39E5B
.yahoo.com/	1970-01-20 18:23:02	Name: A3 Value: d=AQABBAwq6WMCED6UozP3OuGyJlcN4LflovYFEgEBAQF76mPzYwAAAAAA_eMAAA&S=AQAAAsd52kdKYpe8Txnq4E6EoWs
.de17a.com/	1970-01-20 18:15:29	Name: guid Value: 1.270765128917450104
pb.media01.eu/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 3mwmrhxhgifnmorqd3twhamp
pb.media01.eu/	1970-01-20 19:13:05	Name: DTU Value: AB230E6AD8F8C5233F4315E0531582EF
.analytics.yahoo.com/	1970-01-20 18:22:41	Name: IDSYNC Value: 18yx~29yi
.360yield.com/	1970-01-20 11:46:41	Name: tuuid Value: 86f5bfa2-d29a-4fb3-9f26-259d95dd36bf
.360yield.com/	1970-01-20 11:46:41	Name: tuuid_lu Value: 1676225036
.bidswitch.net/	1970-01-20 18:22:41	Name: tuuid Value: 4d0a2809-db1b-41fd-ae53-dea2aaf20fdd
.bidswitch.net/	1970-01-20 18:22:41	Name: c Value: 1676225036
.bidswitch.net/	1970-01-20 18:22:41	Name: tuuid_lu Value: 1676225036

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2481787217439354&output=html&h=600&slotname=7588654406&adk=2245745956&adf=3279755401&pi=t.ma~as.7588654406&w=300&lmt=1676225034&format=300x600&url=https%3A%2F%2Fmy.germany.ru%2F1356479&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676225034680&bpp=3&bdt=189&idt=223&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&correlator=616708576777&frm=23&ife=1&pv=1&ga_vid=2002525937.1676225034&ga_sid=1676225035&ga_hid=1323094820&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1290&ady=378&biw=1600&bih=1200&isw=0&ish=0&ifk=3625558336&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31072224%2C44779793%2C31071662&oid=2&pvsid=1592943485690680&tmod=717085120&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.a2qd127d2vju&fsb=1&dtd=246 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-server.eu
ads.eu.criteo.com
adservice.google.com
adservice.google.de
adv.office-partner.de
analytics.webgains.io
api.webgains.io
cat.nl.eu.criteo.com
cdn.retailads.net
cdn.track.production.webgains.team
cdnjs.cloudflare.com
cm.g.doubleclick.net
code.jquery.com
cs.mytheresa.com
csm.eu.criteo.net
d5p.de17a.com
fonts.googleapis.com
fonts.gstatic.com
futalis.de
gaa.adscale.de
googleads.g.doubleclick.net
h.germany.ru
hal9000.redintelligence.net
hal900017.redintelligence.net
ih.adscale.de
js.adscale.de
mangola.strana.de
match.360yield.com
medialead.de
mix-phoenix.commander1.com
my.germany.ru
pagead2.googlesyndication.com
partner.googleadservices.com
pb.media01.eu
pix.eu.criteo.net
pixel-sync.sitescout.com
pixel.mathtag.com
pv.medialead.de
region1.google-analytics.com
rtb.fr.eu.criteo.com
s.ad.smaato.net
static.criteo.net
stats.g.doubleclick.net
tags.mathtag.com
tpc.googlesyndication.com
track.webgains.com
tt.germany.ru
ttn.germany.ru
um.simpli.fi
ups.analytics.yahoo.com
www.germany.ru
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
13.224.189.29
13.42.68.116
138.201.192.69
142.250.186.66
145.239.193.130
159.69.70.9
178.250.2.148
18.156.94.30
18.169.219.247
185.29.132.242
188.40.142.195
2001:4860:4802:32::36
2001:4de0:ac18::1:a:2b
213.155.156.164
2600:9000:211a:2000:1b:5138:8a40:93a1
2600:9000:21f3:6400:f:4f64:8940:93a1
2606:4700::6811:190e
2a00:1450:4001:801::2002
2a00:1450:4001:802::2004
2a00:1450:4001:806::2003
2a00:1450:4001:808::200a
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::200e
2a00:1450:400c:c00::9c
2a00:1450:400d:803::2001
2a00:1450:400d:80a::2003
2a01:4f8:d0a:2321::2
2a02:2638:1::17
2a02:2638:1::3
2a02:2638:1::4
2a02:2638::2
2a02:2638::c
2a0b:4d07:401::1
3.120.61.63
3.126.56.137
35.156.135.89
35.181.77.138
35.204.74.118
49.12.22.42
54.76.176.197
75.2.86.129
78.46.111.106
88.198.250.30
92.123.37.164
94.23.99.218
98.98.134.241
99.86.4.52
003a64d89205d1628cdfd77f36463c6b24afff7cd75f4a0dfd855dd896b62164
00a40e4ac0b401477d09c9432475d9d5044a854bc4afe251bbc99483a20f3c68
01bcd7a112aebb95ac0c244360c89d2e23f9517e40c890bfb26e72883e919992
0486ed69d3cb54a56ebde54c70116f76c8e11c535e0e15331b4b99c75b913703
05f09f09f1a14aff15310438bdda8a7c26ca04caa12e305b665d5e48cc2253f7
0608d892b555cefe4060c238303a8261673da704a7707808dd5d8af703792f2e
069ac261a5bec6cac5978302a18ae038b0e052511723603810566a6d5213a6b6
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
122e4507eed63f7201504f03fdf66194c3de110ed887824df649584e66d0fb26
132ae0a59d120b8eecc5def619efcdeb715fc5b003c927aaf37bddcccff96cd9
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
162974afde6c5452587d6eee6a4d2481e0716788fcd049409498a0aba56dd99a
18d16743f29e1d988af192e45168077fa66d1c6bd25614ffc69b52fac81ea9ab
19b6345ef6f44bf3aab769ac231d4097e169bc3383c98e9e38e32816f2185f99
1a045fdc088409e4e87d57617de7a9b613bf251c12997180910faeed8fa7aba1
1ccc98018fd6355ad8a4354ecd1ad556fb9551f4868f3318238d80ac2ad5284a
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
24beede3646ee0eedae211cf0fea2535b4e454ae9b57f0c39609cde46d663adf
25d5abd346cb3c925246ac85610c6d5629ba9f30a13b02b041718d1da9dc7b58
275a69ee1a5974eb99fb056eceff7b84bcf13d7bac9588e5080bc62a790f9779
277530981cda7ad4b338913a16521b2c44d87614dedfa88c62c99319851ddc66
27c282d8bf0c2b50371403ed5fc0002023719ac41f4ecd8688e610801a6e97a6
280f628fd9d0a6f780202257be7609d26865d9d61e9b9780be63169f2ebe1525
2cdd5ac8a3c2e35476af241001b3e3f33bab75dedb3926aaaee71d71eeac0c28
2dd9e534b405733ef3eaef91bf0d4700c507b5a1dc694dad61f3d8f27ec44b03
2eafef8685817920107164084a7f051cc733c8371cd4f227f361431a0c3e4318
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
345359057bdcfc5cdbb74bf6002a339f5a6df9632e78d8dd32383fa351c8a81f
3676c7e1de77b00773b81fa4ccf5bb1ddbc32f0c80e91303d7973dc7ac77321e
37c741a1dc667159251aca3d56bb63f4d7e624075f4fd1eede6068ed0104dc6e
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
3ea71896c74dc9df5844e6eafc42d49534c6e0e05ac3d35a1a105613a8b09324
421ca725a49e2f08831dda6f2e2ac9db80de5c37f6b3b4f5c4c7d9051cf12c4c
4398ea7291a151cbd8392b8b5b6862b9ae3d3efd1a63964b6e130b10343c02c3
4530759d970509ac35adaf25a108d10293ffc00185266279d499278b0744c77a
47f91d432682570e31c146ac504f5bb13441bb8d244685709f466051fb0be81b
490fa1eba6da36b04ea4dc2c1192e9870fb7c73a63f1c3126d8e10ff40417a7f
4a0c7b9202d89402f14f6858a6d6ad6f75cad44bb6de80a0ab250ad2b7ef2e0d
4ba8103810190351d8e8a449e03d0e5a479c65a51066a26e8fbdbce77dce91ec
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fddc082f92a3994c8de58ded5f90589a939dbb2f97ed3b02e5f5cf41f7cc253
51b3f24d652233d69d0c9e69da3d1173f5d5bff754103d062259fc0fdafa399e
522451fd75cf09c6212095e4f1c197c4bbba37e475af48c1565dd8fd0ac711bf
525ca152cdde9c1b9d266a5aafbf40510b32f4e5140c69d0019da321942185e3
53029bd52ce68ef409d482286ed118409ad98821ad52ca971da9f98103821312
53168bac7c57cb3c8a748a4a9473c29799bd27c8ca0287b40dff75e01905f798
546c5cf136073615afda5cab173feff341171a26a848cf7ce09bb8bd8b07ce89
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
595c14bd7589b069e4570ba658cfab8850611639e8a077ca84ef263bfa4671f9
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5aa346301f5ffcad8db21102cad33892f9f107b209b1d0c08df861b6c8cfb8e7
5e5b7c5405a82a32e59de1283a2569a44698c084f5c0a6da0e5f59936a970174
5fc22c4e8568dbceadaffcd69e8fefccef154165ed4dcbbea63f34e7c9b2e17b
5fe97e8d84a38b830d49111a32dde043021d93cd2c70b2373a862b2f99847183
602bebccd3f9cac9e53280a9cbe665893556da58bd6cdb536cf1d4114377a86c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6459caed1e4d404efd9914cb9d605afadcc90ad103c37854bb0ddd13c08b20c3
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
67d8f00d442f5c27bc4a9cd4d9a9414a7fc888124c49b78bee26719ecf92ce52
6b2f393d84a1ccf3661f64d86c69ecbe7fc5bfe2a7cb0669139c5f98403f71a3
6c74bf413092070b534400ee1d148db470782d019a283142f598b09b93d998df
702ee4eac991f18ce23e0784a03fa1663abf0f17ae76e83ddb049851c58173ef
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72eb25e65a6cf11914e57ac9c72a128f144c193f2c21f75198e896e26a99c4a1
731f1eb40315f0eb7928b43f3476f7b24896247ca790899fff074d2f1f633ba3
75984ff0b46d9fbe73e2ae13058996eb6d1372effebe7e42f670abc490adf152
7623e3dabbcb4918185bdefe006d9ff2266b24d2bb244d97522df6d806f2832e
76dc3426252df044483944bc2e779e3c5050984db9259c2d766eebea67a48236
7b1747bec52ea01f3de75a9201120dafe45b6a72734a87624cd5d5107afd2c36
7e5be3da581cb25ab7e553a7fc547508bd79de95435107484f24a8e9049d6c07
7e9c22d02fc319b701844b334477a05fd32acee9668feb98672f6c27887f79cf
7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc
7f24d5e431e274a8d8c196752f7ab87ff9c636de1a7bc3d9c44729c1a87570a2
7fd4b9696a19d1e8b521192f799bd2885a6943977005afd74d839503e1dcda6f
827dfa5823a7da58bf9e8d3277f40011f2afed7fcc2f1a2e0ace062d9d6a3e87
8422c8819355110736e326e8a4c974f3cba9b4c15cfe1fdfa562f020b659271c
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85dac06246c41e07cf74291618cb28e5b31a03fb2b7279368e85e8a931eb3a09
896e5e481f11aca94ea033a17b81dcc44af0c5ce19fe4c459d5503638312366b
8a1942009e5cf6587f01f8c22680fa8d8a87ccdd2128bc3f1e94776780d2cebb
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f7ce50876bcdc5c3d6ed2693e7e493a00b43392976b07db4b62ea64b8240805
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
95400c0abce893a943ceb22f1029b92506b3beda9415c0650bcfc3cb4e401868
966adf353f5e4d8bc10f941bbb2e7daaf891dec113ba491dc5d435a20d2823fe
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bd38800c6cd48e26d7b8befa66b4652795ed59956f799260765a7add9a4fc65
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9f3852b186cca1eb720e5988afd6173c8cc7025846381f7b723f84cb8dfefb25
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1288ecd2fa4fd5062c109f2037c1e40427cbaaaa98d6d6dec005435d7744a39
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a377d904d0302671c6f45af9c57876759f5aa839266aee95515a3b1ceb17ee5d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
abb6937342832a254ee8f50572c1311bb5c509dc9326193d7a030e339d2d2c85
ac717aea7177fa17d3f2801da41de443db7113d4645e6cc7fb1ecec7cd08ba5d
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1d0de10a344b5e0f0dac7bc76c5afcafdd997a6fb996c5f3dc2157512e713f6
b2f686b3f894543e047002a16feede7d5f492e024199cdc26d1f0fd9e61c4373
b55a48fa0db13c7bf8d1232280b3fe19895cb0b6ef58a9b5e77eaad53fc7d6b5
b63735925efc2153f68cfdee6f846fd6d0277a5925639180fb72686ea92302cc
b7fd6a2dfb48b58ef68d24b0309e1e34ede3262dca1f93c9f5c4aa5ce0bde3e2
b820dc122a80f08db00e452d97da2973b7e45407e11f2e97b043f97aa9a6bd3c
ba98e735ce0f8021ed850e1cfd1e5f20049e17ac90b3bea352b04324d045c233
bfb80903aef5fd75e90d6af0538115bd5d2b524fc17e6fffc1e995e86e85f13e
c047dfa9953d95dccd8475fb52b8c5f80b93042b01408c0f941231fe0aa24667
c0a3d5e5cb50046cbdcfbe76c0c3b3bef8134d706d9d75e8e6bb3e1511030aac
c18882a8a5fc37c7b487e11ef1d0f04bbec8df9f5001cac32630b0395f291612
c45a84e5e0ff6ed83afd426788be38a5cbc442dc6cce4631bfd5c22fdd1fc8df
c4d662721a6b8a97635c701ce6ed96517836e1ccf93df52554ced95a7f142770
c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c
c666026184af1594f499ab1608df2f7640ec128c65ceb4575fe1e917a80685d7
c6c5a0858c896086bade97776b401d28b9001003c07df729c04ff4c805c81ac1
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca38ab561201a1a68867f61d4fb3df9682756c8927fe80f047624e7ef662f0f3
caf03fbfdb340f4699d25c24246b23159946c9c228ae726b9c7556ad8de501a0
cb9e9ee07b0961e737bdac42f4d39f91621f28ce2ab326f040b0144e358560ce
cd3604873a59f3aa2958cc0547094e0b283d7f267a4594e704aaac6872c03e83
d1f1af70e42ce7d9ff7c08555781c2b3da8feff3d8e5b7c6f5d0b38a19b7f730
d1f4dc1b9e68fc6db831a17f9c2eb67175c36bec79cd4d29ec4eb7ab61840a05
d5ee82a3fc08cc41cbd860ad2f38d45bc309db3a19846c8c0e822743d6730f65
d621b11566f77cc82fdb433e6042b35e0b401edad822755f6c3085d4534b8a4e
d6395ae2c5192b156c0ad3a09d9f18f667d5637e590787feaf8f53d90587ef71
d9b8557c16ce78263c0cf25baef1e2e59956692bb26b55a0f1bcb7504ef8066a
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
ddef41a126c776d129c10dea2d39cdbf28462b180ecf858d9dff226d49a449f3
df0afbcac71eda0e189a2b70c5241beae9d0e990074727542cb05a93650fb6de
e08ecb85f947fd5f442332879a817ba5a3a645bee8ea7a3f39212348e50d97e0
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4ba2238535ca1feb169b4d57ab6ec11d3d6e0c3309aa57e59866cea43259e99
e5b947215501ffb292d5b85ad9c976f687f2e3cd8af7fcc1b8574276e9625b3a
e60afaff5ca418d54e55f309e91e509093ac8e1840a173013b1dea4f616a5ac3
e6a407dc18a07c29b1844cafc753c0f98f6f44da75eaa30b7ef106280a5187fb
e6dee35a827763ee17121e5ff05a8cd36ae4c50525f0bfcb5b83364a446db96e
e863b80083f3553afa2fe3cf46fd966d881365056e43908cbb42613ac91906b5
ea25c8cdeb8cc992455c1dadb6b83753ab3c752d534821aef44bb32e45d17a49
ea6df1376bc8f578fac029fc5b4a5606d64e45150165e4026087df1afd29eeb0
ec836978f5b8719542d7769820f0f3c6d3b03bdfbb4fcc68d7401bc8fabe83ca
ed1f3f185ce30c053aa9d7e8420a5360cf8fe9b48f0164ddc7359f836498a1ca
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130
f41460caba986527812bbc0aca59a5991e94c63ad31c613f8a60658bbd0ce727
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f6340047533842f4a5c575d504d8463d80845aabcf8086a0763c1c0571dc33f9
f9854564eea51b88c56b7da87ae2606311a8bc5b5f4fe6c07536ffc6d59873ea
ff392030680f7164f94364c8d5ce16468cf87fd0e83f2fa0ffe7e22ded44ca86

my.germany.ru Open in urlscan Pro 138.201.192.69 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

223 Requests

96 %HTTPS

50 %IPv6

37 Domains

57 Subdomains

45 IPs

10 Countries

3063 kBTransfer

7236 kBSize

34 Cookies

29 Outgoing links

Page URL History

Redirected requests

223 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

my.germany.ru Open in urlscan Pro
138.201.192.69 Public Scan

Screenshot
Live screenshot

Full Image

223
Requests

96 %
HTTPS

50 %
IPv6

37
Domains

57
Subdomains

45
IPs

10
Countries

3063 kB
Transfer

7236 kB
Size

34
Cookies

223 HTTP transactions
5 data transactions