service96.ru Open in urlscan Pro
185.41.160.219 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.service96.ru/
Effective URL:
http://service96.ru/
Submission: On April 04 via automatic, source certstream-suspicious (April 4th 2022, 5:06:10 am UTC) — Scanned from DE

Summary HTTP 61 Redirects Behaviour Indicators

Summary

This website contacted 16 IPs in 4 countries across 11 domains to perform 61 HTTP transactions. The main IP is 185.41.160.219, located in Russian Federation and belongs to INTERNET-PRO-AS, RU. The main domain is service96.ru.

This is the only time service96.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 12	185.41.160.219 185.41.160.219	44128 (INTERNET-...) (INTERNET-PRO-AS)
11	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
3 7	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638::b 2a02:2638::b	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.160 178.250.0.160	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
13	178.250.0.139 178.250.0.139	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.162 178.250.0.162	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
61	16

12 185.41.160.219 (Russian Federation) 1 redirects

ASN44128 (INTERNET-PRO-AS, RU)
PTR: vm-0495e67e.na4u.ru

www.service96.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
service96.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (YNDX, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	criteo.net static.criteo.net — Cisco Umbrella Rank: 631 pix.eu.criteo.net — Cisco Umbrella Rank: 7880 csm.eu.criteo.net — Cisco Umbrella Rank: 7886	271 KB
12	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 98 tpc.googlesyndication.com — Cisco Umbrella Rank: 125	205 KB
12	service96.ru 1 redirects www.service96.ru service96.ru	229 KB
5	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 9053	3 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 43	15 KB
3	criteo.com rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 11668 ads.eu.criteo.com — Cisco Umbrella Rank: 7887 cat.fr.eu.criteo.com — Cisco Umbrella Rank: 10325	56 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 76 www.google.com — Cisco Umbrella Rank: 7	2 KB
2	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 2894	50 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 169	37 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 8069	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 782	645 B
61	11

	Domain	Requested by
13	pix.eu.criteo.net	ads.eu.criteo.com
11	service96.ru	service96.ru
7	static.criteo.net	ads.eu.criteo.com
7	pagead2.googlesyndication.com	service96.ru pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
5	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
5	mc.yandex.com	2 redirects service96.ru
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	csm.eu.criteo.net	ads.eu.criteo.com
2	mc.yandex.ru	1 redirects service96.ru
1	www.google.com	tpc.googlesyndication.com
1	cat.fr.eu.criteo.com	ads.eu.criteo.com
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	rtb.nl.eu.criteo.com	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.service96.ru	1 redirects
61	18

This site contains no links.

Subject Issuer	Validity	Valid
mc.yandex.ru Yandex CA	`2021-12-22` - `2022-06-03`	5 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-15` - `2022-06-13`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-19` - `2022-06-18`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-02` - `2022-05-03`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-13` - `2022-06-09`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-03` - `2022-05-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh

This page contains 7 frames:

Primary Page: http://service96.ru/
Frame ID: 734779FD864252E44F693B0FAD035A68
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220330/r20190131/zrt_lookup.html
Frame ID: 5304D12C9CDBE32C6A68D211994FDE18
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7332001423162723&output=html&adk=1812271804&adf=3025194257&lmt=1649048765&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fservice96.ru%2F&ea=0&pra=5&wgl=1&dt=1649048765016&bpp=2&bdt=294&idt=357&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3436690887478&frm=20&pv=2&ga_vid=169376264.1649048765&ga_sid=1649048765&ga_hid=1419136236&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C182982000%2C182982200%2C31065972&oid=2&pvsid=3823942236187654&pem=152&tmod=525023949&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=373
Frame ID: 4D4E108F19E146CDEFFF4D223767021D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7332001423162723&output=html&h=280&slotname=4247864494&adk=1364232947&adf=1387179365&pi=t.ma~as.4247864494&w=705&fwrn=4&fwrnh=100&lmt=1649048765&rafmt=1&psa=0&format=705x280&url=http%3A%2F%2Fservice96.ru%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1649048765018&bpp=1&bdt=296&idt=375&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3436690887478&frm=20&pv=1&ga_vid=169376264.1649048765&ga_sid=1649048765&ga_hid=1419136236&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=568&ady=513&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C182982000%2C182982200%2C31065972&oid=2&pvsid=3823942236187654&pem=152&tmod=525023949&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=LssPOf5OOi&p=http%3A//service96.ru&dtd=380
Frame ID: 7EC752CFC0EB635751748521CDE008DE
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ykp8vQAG74YKmrDLAAM3NQ0TKA1VP3t1AXW_Eg&u=%7ClX3TLZGXcsWVBzMyougozonyYI5fzSzI6lS8ao6NXtc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wcjufa-rm1QUXI2NGVSi9d6ugHqtCoh_cAPvzVEamr7sa_DYlmRcmDck3XKsaTRxASMgygZ_75QkkakD4r3XIcnG72BUUcaF3tr-558mgTMLerUqFa0QBYRkrOVC7ABcrlEMkCSQBZR5CqsMB2onEZrU5gYJTyuQLxRAFooQ9rwYiBJJSmAx3rSGVUi1NMBSqY-r4BY4YLzUYI17vO-W5klMYPSj225AARbcO7TueX7MCngJsVRelLNTm9lv2ybOvtHvaofcxhE1Lk2OZdR86N8rul_YQy8T0wuvMkwN6zWKVs2CpJNJ4eUC1qahKmM4pKZsd-5SEjkmZI6xik3kuwfkerB_u0O0WF_mSCHDaWai2leyF_Oby5reNFbt__sYsk1iJvsfj9wA0HojL-YOoM4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuMn6vXxKYobfG8vh6gS17oyoB8me0rFczYbj1pMBwI23ARABIABgleKQgqAHggEXY2EtcHViLTczMzIwMDE0MjMxNjI3MjOgAdW20uoDyAEJqQLY4aKjCImyPqgDAaoEuwFP0Dt7atuLq3Nn4e3-kK_Ea7V5KjW4-QkBJR63kDPldkBtv-rSG1ITJmzpYR3VWeSATVK-MsXJDOiQXT99T7Au0zmxvVE1SgPfTkaCAIlWrY3ZhzJDcUKQa5KwOEJAdFMqikmxIsDUSwqaUZVAxgsDECodwstwlRk9kutflk1GGUBd-sGYM2I5qtPaOK4aAUi4NbDkngtLRyk1gTDvVodJH7zSYzwCZB5uThUXw42AE1CYk-CaA0ijQ29DgAaU2YjNm-S-lfABoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0teVxbPJr_GZlihQdF0373JxVyJg%26client%3Dca-pub-7332001423162723%26adurl%3D
Frame ID: 5E7AD0EFFE803100D9C4AC47E3F4636A
Requests: 24 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8D8A71434865CE83344D0BB7739C8CAA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3A71F85C0C2227757B1302FC19C2701B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Автосервис service96.ru - перебортовка, баллансировка, шинамонтаж, чистка форсунок, диагностика двигателя, замена масла, замена колодок, ремонт подвески и другие услуги автосервиса.

Page URL History Show full URLs

https://www.service96.ru/ HTTP 301
http://service96.ru/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

61
Requests

77 %
HTTPS

67 %
IPv6

11
Domains

18
Subdomains

16
IPs

4
Countries

865 kB
Transfer

1589 kB
Size

13
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.service96.ru/ HTTP 301
http://service96.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9598.b_r3TGkj_Xn40qkyplUutrcKuFnNGdEcyY2Q2hSZkyZ0DXu9O91ELKcyLDZBnVui.eTIb0P-sA2MrdwmGQSgxQPQXQzo%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9598.yqKhGFAaO475eEPboC0JfKt-Url3aF5KBIji9dkczv0RsU2jipOP0o3I2GAskL4T2eb3DVnmCpC0eyEYIaEbWA%2C%2C.cPDpliCqlnb12s0sumVLRM_TFEU%2C

Request Chain 16

https://mc.yandex.com/watch/46808037?wmode=7&page-url=http%3A%2F%2Fservice96.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1uynsm9oyo6zm0qabr2%3Afp%3A630%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A771%3Acn%3A1%3Adp%3A0%3Als%3A1039662332940%3Ahid%3A720325010%3Az%3A0%3Ai%3A20220404050605%3Aet%3A1649048765%3Ac%3A1%3Arn%3A1043747705%3Arqn%3A1%3Au%3A1649048765338852354%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1649048764275%3Ads%3A79%2C68%2C78%2C1%2C217%2C0%2C%2C175%2C0%2C%2C%2C%2C619%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1649048765%3At%3A%D0%90%D0%B2%D1%82%D0%BE%D1%81%D0%B5%D1%80%D0%B2%D0%B8%D1%81%20service96.ru%20-%20%D0%BF%D0%B5%D1%80%D0%B5%D0%B1%D0%BE%D1%80%D1%82%D0%BE%D0%B2%D0%BA%D0%B0%2C%20%D0%B1%D0%B0%D0%BB%D0%BB%D0%B0%D0%BD%D1%81%D0%B8%D1%80%D0%BE%D0%B2%D0%BA%D0%B0%2C%20%D1%88%D0%B8%D0%BD%D0%B0%D0%BC%D0%BE%D0%BD%D1%82%D0%B0%D0%B6%2C%20%D1%87%D0%B8%D1%81%D1%82%D0%BA%D0%B0%20%D1%84%D0%BE%D1%80%D1%81%D1%83%D0%BD%D0%BE%D0%BA%2C%20%D0%B4%D0%B8%D0%B0%D0%B3%D0%BD%D0%BE%D1%81%D1%82%D0%B8%D0%BA%D0%B0%20%D0%B4%D0%B2%D0%B8%D0%B3%D0%B0%D1%82%D0%B5%D0%BB%D1%8F%2C%20%D0%B7%D0%B0%D0%BC%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D0%BB%D0%B0%2C%20%D0%B7%D0%B0%D0%BC%D0%B5%D0%BD%D0%B0%20%D0%BA%D0%BE%D0%BB%D0%BE%D0%B4%D0%BE%D0%BA%2C%20%D1%80%D0%B5%D0%BC%D0%BE%D0%BD%D1%82%20%D0%BF%D0%BE%D0%B4%D0%B2%D0%B5%D1%81%D0%BA%D0%B8%20%D0%B8%20%D0%B4%D1%80%D1%83%D0%B3%D0%B8%D0%B5%20%D1%83%D1%81%D0%BB%D1%83%D0%B3%D0%B8%20%D0%B0%D0%B2%D1%82%D0%BE%D1%81%D0%B5%D1%80%D0%B2%D0%B8%D1%81%D0%B0.&t=gdpr(14)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/46808037/1?wmode=7&page-url=http%3A%2F%2Fservice96.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1uynsm9oyo6zm0qabr2%3Afp%3A630%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A771%3Acn%3A1%3Adp%3A0%3Als%3A1039662332940%3Ahid%3A720325010%3Az%3A0%3Ai%3A20220404050605%3Aet%3A1649048765%3Ac%3A1%3Arn%3A1043747705%3Arqn%3A1%3Au%3A1649048765338852354%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1649048764275%3Ads%3A79%2C68%2C78%2C1%2C217%2C0%2C%2C175%2C0%2C%2C%2C%2C619%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1649048765%3At%3A%D0%90%D0%B2%D1%82%D0%BE%D1%81%D0%B5%D1%80%D0%B2%D0%B8%D1%81%20service96.ru%20-%20%D0%BF%D0%B5%D1%80%D0%B5%D0%B1%D0%BE%D1%80%D1%82%D0%BE%D0%B2%D0%BA%D0%B0%2C%20%D0%B1%D0%B0%D0%BB%D0%BB%D0%B0%D0%BD%D1%81%D0%B8%D1%80%D0%BE%D0%B2%D0%BA%D0%B0%2C%20%D1%88%D0%B8%D0%BD%D0%B0%D0%BC%D0%BE%D0%BD%D1%82%D0%B0%D0%B6%2C%20%D1%87%D0%B8%D1%81%D1%82%D0%BA%D0%B0%20%D1%84%D0%BE%D1%80%D1%81%D1%83%D0%BD%D0%BE%D0%BA%2C%20%D0%B4%D0%B8%D0%B0%D0%B3%D0%BD%D0%BE%D1%81%D1%82%D0%B8%D0%BA%D0%B0%20%D0%B4%D0%B2%D0%B8%D0%B3%D0%B0%D1%82%D0%B5%D0%BB%D1%8F%2C%20%D0%B7%D0%B0%D0%BC%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D0%BB%D0%B0%2C%20%D0%B7%D0%B0%D0%BC%D0%B5%D0%BD%D0%B0%20%D0%BA%D0%BE%D0%BB%D0%BE%D0%B4%D0%BE%D0%BA%2C%20%D1%80%D0%B5%D0%BC%D0%BE%D0%BD%D1%82%20%D0%BF%D0%BE%D0%B4%D0%B2%D0%B5%D1%81%D0%BA%D0%B8%20%D0%B8%20%D0%B4%D1%80%D1%83%D0%B3%D0%B8%D0%B5%20%D1%83%D1%81%D0%BB%D1%83%D0%B3%D0%B8%20%D0%B0%D0%B2%D1%82%D0%BE%D1%81%D0%B5%D1%80%D0%B2%D0%B8%D1%81%D0%B0.&t=gdpr%2814%29aw%281%29ti%282%29

61 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
service96.ru/
Redirect Chain

https://www.service96.ru/
http://service96.ru/

28 KB
9 KB

225ms
78ms

Document
text/html

185.41.160.219
INTERNET-PRO-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://service96.ru/
Protocol: HTTP/1.1
Server: 185.41.160.219 , Russian Federation, ASN44128 (INTERNET-PRO-AS, RU),
Reverse DNS: vm-0495e67e.na4u.ru
Software: Apache/2.4.52 (Debian) /
Resource Hash: eeeaf57a09aff5c28c5b3620365c0cfa44c14640b545bfeebf409f6c7713d731

Request headers

Accept-Language: de-DE,de;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 8787
Content-Type: text/html; charset=UTF-8
Date: Mon, 04 Apr 2022 05:06:04 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Apache/2.4.52 (Debian)
Vary: Accept-Encoding

Redirect headers

Connection: Keep-Alive
Content-Length: 311
Content-Type: text/html; charset=iso-8859-1
Date: Mon, 04 Apr 2022 05:06:04 GMT
Keep-Alive: timeout=5, max=100
Location: http://service96.ru/
Server: Apache/2.4.52 (Debian)

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
53 KB 130ms
75ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: service96.ru
URL: http://service96.ru/

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

538436037efb1e9e46a1246e076795b46b763ab41b20d71f92761702536b638c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://service96.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Mon, 04 Apr 2022 05:06:04 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 2967331814342084262
Vary: Accept-Encoding, Origin
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 54032
X-XSS-Protection: 0
Expires: Mon, 04 Apr 2022 05:06:04 GMT

GET
H/1.1 200
OK reklama.css
service96.ru/templates/ 221 B
479 B 69ms
68ms Stylesheet
text/css 185.41.160.219
INTERNET-PRO-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://service96.ru/templates/reklama.css
Requested by: Host: service96.ru
URL: http://service96.ru/
Protocol: HTTP/1.1
Server: 185.41.160.219 , Russian Federation, ASN44128 (INTERNET-PRO-AS, RU),
Reverse DNS: vm-0495e67e.na4u.ru
Software: Apache/2.4.52 (Debian) /
Resource Hash: 97d3bac1cae0aca29ae58aee1417c1b5d77a5dee00502ebc5b4c9273efea5ada

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://service96.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Mon, 04 Apr 2022 05:06:04 GMT
Content-Encoding: gzip
Last-Modified: Sun, 15 Dec 2013 16:02:23 GMT
Server: Apache/2.4.52 (Debian)
ETag: "dd-4ed94d21e81c0-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 145

GET
H/1.1 200
OK links.js Show response
service96.ru/js/ 601 B
676 B 129ms
64ms Script
application/javascript 185.41.160.219
INTERNET-PRO-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://service96.ru/js/links.js
Requested by: Host: service96.ru
URL: http://service96.ru/
Protocol: HTTP/1.1
Server: 185.41.160.219 , Russian Federation, ASN44128 (INTERNET-PRO-AS, RU),
Reverse DNS: vm-0495e67e.na4u.ru
Software: Apache/2.4.52 (Debian) /
Resource Hash: 52ff3e4c6563214afa89cc08e3f8b83a63e5a16f63539e225ba77514deedd25f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://service96.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Mon, 04 Apr 2022 05:06:04 GMT
Content-Encoding: gzip
Last-Modified: Sun, 15 Dec 2013 14:38:45 GMT
Server: Apache/2.4.52 (Debian)
ETag: "259-4ed93a705e740-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 326

GET
H/1.1 200
OK style.css
service96.ru/ 3 KB
1 KB 124ms
62ms Stylesheet
text/css 185.41.160.219
INTERNET-PRO-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://service96.ru/style.css
Requested by: Host: service96.ru
URL: http://service96.ru/
Protocol: HTTP/1.1
Server: 185.41.160.219 , Russian Federation, ASN44128 (INTERNET-PRO-AS, RU),
Reverse DNS: vm-0495e67e.na4u.ru
Software: Apache/2.4.52 (Debian) /
Resource Hash: ea29e5b96406b9dac427a26d82fea01ff79915baefa2d5635c15aa3ece6de99d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://service96.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Mon, 04 Apr 2022 05:06:04 GMT
Content-Encoding: gzip
Last-Modified: Mon, 30 Jul 2012 03:08:34 GMT
Server: Apache/2.4.52 (Debian)
ETag: "c4f-4c603608e9080-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 900

GET
H/1.1 200
OK logo.jpg
service96.ru/img/ 9 KB
9 KB 64ms
64ms Image
image/jpeg 185.41.160.219
INTERNET-PRO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://service96.ru/img/logo.jpg
Requested by: Host: service96.ru
URL: http://service96.ru/
Protocol: HTTP/1.1
Server: 185.41.160.219 , Russian Federation, ASN44128 (INTERNET-PRO-AS, RU),
Reverse DNS: vm-0495e67e.na4u.ru
Software: Apache/2.4.52 (Debian) /
Resource Hash: 4dca09c308dd5c3be9b40580dac997575ab7e27480c9dc0045faa07d49f2db19

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://service96.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Mon, 04 Apr 2022 05:06:04 GMT
Last-Modified: Wed, 25 Jan 2012 05:58:41 GMT
Server: Apache/2.4.52 (Debian)
ETag: "245c-4b753f49de640"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 9308

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 139 KB
50 KB 130ms
62ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: service96.ru
URL: http://service96.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

2b4925fdd46a1f64dd4fd132df492eb66baafce87b3c3ef580193e716e5a61ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://service96.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 05:06:04 GMT
content-encoding: br
last-modified: Fri, 01 Apr 2022 11:13:49 GMT
etag: "6246b43d-c4e1"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 50401
expires: Mon, 04 Apr 2022 06:06:04 GMT

GET
H/1.1 200
OK phone.jpg
service96.ru/img/ 8 KB
8 KB 63ms
62ms Image
image/jpeg 185.41.160.219
INTERNET-PRO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://service96.ru/img/phone.jpg
Requested by: Host: service96.ru
URL: http://service96.ru/style.css
Protocol: HTTP/1.1
Server: 185.41.160.219 , Russian Federation, ASN44128 (INTERNET-PRO-AS, RU),
Reverse DNS: vm-0495e67e.na4u.ru
Software: Apache/2.4.52 (Debian) /
Resource Hash: 9f8d80428bb72c87624ac4dbecbc18b84690b65cf9b35f25599bb77ca58f4955

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://service96.ru/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Mon, 04 Apr 2022 05:06:04 GMT
Last-Modified: Tue, 10 Jan 2012 13:57:19 GMT
Server: Apache/2.4.52 (Debian)
ETag: "1f04-4b62ce4b92dc0"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 7940

GET
H/1.1 200
OK map.jpg
service96.ru/img/ 8 KB
9 KB 70ms
70ms Image
image/jpeg 185.41.160.219
INTERNET-PRO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://service96.ru/img/map.jpg
Requested by: Host: service96.ru
URL: http://service96.ru/style.css
Protocol: HTTP/1.1
Server: 185.41.160.219 , Russian Federation, ASN44128 (INTERNET-PRO-AS, RU),
Reverse DNS: vm-0495e67e.na4u.ru
Software: Apache/2.4.52 (Debian) /
Resource Hash: 4c34beebfa06582d12b3fd592c4fd15ad2b79644cb3704a2da26f475e66e96d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://service96.ru/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Mon, 04 Apr 2022 05:06:04 GMT
Last-Modified: Tue, 10 Jan 2012 13:57:19 GMT
Server: Apache/2.4.52 (Debian)
ETag: "20ee-4b62ce4b92dc0"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 8430

GET
H/1.1 200
OK head_img.jpg
service96.ru/img/ 167 KB
167 KB 131ms
65ms Image
image/jpeg 185.41.160.219
INTERNET-PRO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://service96.ru/img/head_img.jpg
Requested by: Host: service96.ru
URL: http://service96.ru/style.css
Protocol: HTTP/1.1
Server: 185.41.160.219 , Russian Federation, ASN44128 (INTERNET-PRO-AS, RU),
Reverse DNS: vm-0495e67e.na4u.ru
Software: Apache/2.4.52 (Debian) /
Resource Hash: 493e0f2cf234207a2109c97a22328107c3770c4137f4f6f5f2068c1193c733be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://service96.ru/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Mon, 04 Apr 2022 05:06:04 GMT
Last-Modified: Tue, 10 Jan 2012 13:57:23 GMT
Server: Apache/2.4.52 (Debian)
ETag: "29a4a-4b62ce4f636c0"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 170570

GET
H/1.1 200
OK clock.jpg
service96.ru/img/ 14 KB
14 KB 128ms
62ms Image
image/jpeg 185.41.160.219
INTERNET-PRO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://service96.ru/img/clock.jpg
Requested by: Host: service96.ru
URL: http://service96.ru/style.css
Protocol: HTTP/1.1
Server: 185.41.160.219 , Russian Federation, ASN44128 (INTERNET-PRO-AS, RU),
Reverse DNS: vm-0495e67e.na4u.ru
Software: Apache/2.4.52 (Debian) /
Resource Hash: 71170ca0d52948778312522f272d9a3e7f1bb0ac02e52da56ef29dead74db119

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://service96.ru/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Mon, 04 Apr 2022 05:06:04 GMT
Last-Modified: Tue, 10 Jan 2012 13:59:40 GMT
Server: Apache/2.4.52 (Debian)
ETag: "38b4-4b62ced20ab00"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 14516

GET
H/1.1 200
OK bot_menu_bg.jpg
service96.ru/img/ 2 KB
2 KB 114ms
64ms Image
image/jpeg 185.41.160.219
INTERNET-PRO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://service96.ru/img/bot_menu_bg.jpg
Requested by: Host: service96.ru
URL: http://service96.ru/style.css
Protocol: HTTP/1.1
Server: 185.41.160.219 , Russian Federation, ASN44128 (INTERNET-PRO-AS, RU),
Reverse DNS: vm-0495e67e.na4u.ru
Software: Apache/2.4.52 (Debian) /
Resource Hash: 871f32637f50c01b7b0a3119cc5a3fa6b72e2e069ea3272fedcc672e5600b996

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://service96.ru/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Mon, 04 Apr 2022 05:06:04 GMT
Last-Modified: Tue, 10 Jan 2012 14:20:52 GMT
Server: Apache/2.4.52 (Debian)
ETag: "75c-4b62d38f1d900"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1884

GET
H/1.1 200
OK logo_bottom.jpg
service96.ru/img/ 8 KB
8 KB 68ms
65ms Image
image/jpeg 185.41.160.219
INTERNET-PRO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://service96.ru/img/logo_bottom.jpg
Requested by: Host: service96.ru
URL: http://service96.ru/style.css
Protocol: HTTP/1.1
Server: 185.41.160.219 , Russian Federation, ASN44128 (INTERNET-PRO-AS, RU),
Reverse DNS: vm-0495e67e.na4u.ru
Software: Apache/2.4.52 (Debian) /
Resource Hash: 163cad37100deab1fe7c837816abda573edf0a1362c83b51d7e02437de7716e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://service96.ru/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Mon, 04 Apr 2022 05:06:04 GMT
Last-Modified: Tue, 10 Jan 2012 13:57:31 GMT
Server: Apache/2.4.52 (Debian)
ETag: "1e93-4b62ce57048c0"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 7827

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203290101/ 301 KB
108 KB 207ms
89ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7332001423162723&plah=service96.ru&bust=31065972

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a30f0c3d2793dfd3db9f51e71079e551d291822f5897525efb7a96663434f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://service96.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 05:06:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110228
x-xss-protection: 0
server: cafe
etag: 7108742092155207973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 04 Apr 2022 05:06:05 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220330/r20190131/ Frame 5304 10 KB
5 KB 177ms
55ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220330/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://service96.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age: 20376
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4502
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Apr 2022 23:26:29 GMT
etag: 4044455266028820542
expires: Sun, 17 Apr 2022 23:26:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9598.b_r3TGkj_Xn40qkyplUutrcKuFnNGdEcyY2Q2hSZkyZ0DXu9O91ELKcyLDZBnVui.eTIb0P-sA2MrdwmGQSgxQPQXQzo%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9598.yqKhGFAaO475eEPboC0JfKt-Url3aF5KBIji9dkczv0RsU2jipOP0o3I2GAskL4T2eb3DVnmCpC0eyEYIaEbWA%2C%2C.cPDpliCqlnb12s0sumVLRM_TFEU%2C

75 B
75 B

32ms
32ms

Image
text/html

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9598.yqKhGFAaO475eEPboC0JfKt-Url3aF5KBIji9dkczv0RsU2jipOP0o3I2GAskL4T2eb3DVnmCpC0eyEYIaEbWA%2C%2C.cPDpliCqlnb12s0sumVLRM_TFEU%2C

Requested by

Host: service96.ru
URL: http://service96.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://service96.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 05:06:05 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9598.yqKhGFAaO475eEPboC0JfKt-Url3aF5KBIji9dkczv0RsU2jipOP0o3I2GAskL4T2eb3DVnmCpC0eyEYIaEbWA%2C%2C.cPDpliCqlnb12s0sumVLRM_TFEU%2C
date: Mon, 04 Apr 2022 05:06:05 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
136 B 32ms
32ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: service96.ru
URL: http://service96.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://service96.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 05:06:05 GMT
last-modified: Fri, 01 Apr 2022 11:13:49 GMT
etag: "6246b43d-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Mon, 04 Apr 2022 06:06:05 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/46808037/
Redirect Chain

https://mc.yandex.com/watch/46808037?wmode=7&page-url=http%3A%2F%2Fservice96.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1uynsm9oyo6zm0qabr2%3Afp%3A630%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ae...
https://mc.yandex.com/watch/46808037/1?wmode=7&page-url=http%3A%2F%2Fservice96.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1uynsm9oyo6zm0qabr2%3Afp%3A630%3Afu%3A0%3Aen%3Autf-8%3Ala%3...

338 B
471 B

33ms
32ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/46808037/1?wmode=7&page-url=http%3A%2F%2Fservice96.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1uynsm9oyo6zm0qabr2%3Afp%3A630%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A771%3Acn%3A1%3Adp%3A0%3Als%3A1039662332940%3Ahid%3A720325010%3Az%3A0%3Ai%3A20220404050605%3Aet%3A1649048765%3Ac%3A1%3Arn%3A1043747705%3Arqn%3A1%3Au%3A1649048765338852354%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1649048764275%3Ads%3A79%2C68%2C78%2C1%2C217%2C0%2C%2C175%2C0%2C%2C%2C%2C619%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1649048765%3At%3A%D0%90%D0%B2%D1%82%D0%BE%D1%81%D0%B5%D1%80%D0%B2%D0%B8%D1%81%20service96.ru%20-%20%D0%BF%D0%B5%D1%80%D0%B5%D0%B1%D0%BE%D1%80%D1%82%D0%BE%D0%B2%D0%BA%D0%B0%2C%20%D0%B1%D0%B0%D0%BB%D0%BB%D0%B0%D0%BD%D1%81%D0%B8%D1%80%D0%BE%D0%B2%D0%BA%D0%B0%2C%20%D1%88%D0%B8%D0%BD%D0%B0%D0%BC%D0%BE%D0%BD%D1%82%D0%B0%D0%B6%2C%20%D1%87%D0%B8%D1%81%D1%82%D0%BA%D0%B0%20%D1%84%D0%BE%D1%80%D1%81%D1%83%D0%BD%D0%BE%D0%BA%2C%20%D0%B4%D0%B8%D0%B0%D0%B3%D0%BD%D0%BE%D1%81%D1%82%D0%B8%D0%BA%D0%B0%20%D0%B4%D0%B2%D0%B8%D0%B3%D0%B0%D1%82%D0%B5%D0%BB%D1%8F%2C%20%D0%B7%D0%B0%D0%BC%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D0%BB%D0%B0%2C%20%D0%B7%D0%B0%D0%BC%D0%B5%D0%BD%D0%B0%20%D0%BA%D0%BE%D0%BB%D0%BE%D0%B4%D0%BE%D0%BA%2C%20%D1%80%D0%B5%D0%BC%D0%BE%D0%BD%D1%82%20%D0%BF%D0%BE%D0%B4%D0%B2%D0%B5%D1%81%D0%BA%D0%B8%20%D0%B8%20%D0%B4%D1%80%D1%83%D0%B3%D0%B8%D0%B5%20%D1%83%D1%81%D0%BB%D1%83%D0%B3%D0%B8%20%D0%B0%D0%B2%D1%82%D0%BE%D1%81%D0%B5%D1%80%D0%B2%D0%B8%D1%81%D0%B0.&t=gdpr%2814%29aw%281%29ti%282%29

Requested by

Host: service96.ru
URL: http://service96.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

0b00ea42ccc76b7236fe2e0fe17f4b858d998a8c60315f65b04b5f8a367eec66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://service96.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 05:06:05 GMT
x-content-type-options: nosniff
last-modified: Mon, 04-Apr-2022 05:06:05 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: http://service96.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 338
x-xss-protection: 1; mode=block
expires: Mon, 04-Apr-2022 05:06:05 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Apr 2022 05:06:05 GMT
last-modified: Mon, 04-Apr-2022 05:06:05 GMT
location: /watch/46808037/1?wmode=7&page-url=http%3A%2F%2Fservice96.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1uynsm9oyo6zm0qabr2%3Afp%3A630%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A771%3Acn%3A1%3Adp%3A0%3Als%3A1039662332940%3Ahid%3A720325010%3Az%3A0%3Ai%3A20220404050605%3Aet%3A1649048765%3Ac%3A1%3Arn%3A1043747705%3Arqn%3A1%3Au%3A1649048765338852354%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1649048764275%3Ads%3A79%2C68%2C78%2C1%2C217%2C0%2C%2C175%2C0%2C%2C%2C%2C619%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1649048765%3At%3A%D0%90%D0%B2%D1%82%D0%BE%D1%81%D0%B5%D1%80%D0%B2%D0%B8%D1%81%20service96.ru%20-%20%D0%BF%D0%B5%D1%80%D0%B5%D0%B1%D0%BE%D1%80%D1%82%D0%BE%D0%B2%D0%BA%D0%B0%2C%20%D0%B1%D0%B0%D0%BB%D0%BB%D0%B0%D0%BD%D1%81%D0%B8%D1%80%D0%BE%D0%B2%D0%BA%D0%B0%2C%20%D1%88%D0%B8%D0%BD%D0%B0%D0%BC%D0%BE%D0%BD%D1%82%D0%B0%D0%B6%2C%20%D1%87%D0%B8%D1%81%D1%82%D0%BA%D0%B0%20%D1%84%D0%BE%D1%80%D1%81%D1%83%D0%BD%D0%BE%D0%BA%2C%20%D0%B4%D0%B8%D0%B0%D0%B3%D0%BD%D0%BE%D1%81%D1%82%D0%B8%D0%BA%D0%B0%20%D0%B4%D0%B2%D0%B8%D0%B3%D0%B0%D1%82%D0%B5%D0%BB%D1%8F%2C%20%D0%B7%D0%B0%D0%BC%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D0%BB%D0%B0%2C%20%D0%B7%D0%B0%D0%BC%D0%B5%D0%BD%D0%B0%20%D0%BA%D0%BE%D0%BB%D0%BE%D0%B4%D0%BE%D0%BA%2C%20%D1%80%D0%B5%D0%BC%D0%BE%D0%BD%D1%82%20%D0%BF%D0%BE%D0%B4%D0%B2%D0%B5%D1%81%D0%BA%D0%B8%20%D0%B8%20%D0%B4%D1%80%D1%83%D0%B3%D0%B8%D0%B5%20%D1%83%D1%81%D0%BB%D1%83%D0%B3%D0%B8%20%D0%B0%D0%B2%D1%82%D0%BE%D1%81%D0%B5%D1%80%D0%B2%D0%B8%D1%81%D0%B0.&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: http://service96.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 04-Apr-2022 05:06:05 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 216 B
645 B 111ms
38ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=service96.ru&callback=_gfp_s_&client=ca-pub-7332001423162723

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7332001423162723&plah=service96.ru&bust=31065972

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

6c342c29010384bff8f2b24cd5ebfea0401b2e052513a717ce43506ee5f6de0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://service96.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 05:06:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 201
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 195ms
67ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=service96.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://service96.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Apr 2022 05:06:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 179ms
66ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=service96.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://service96.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Apr 2022 05:06:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4D4E 0
179 B 110ms
109ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7332001423162723&output=html&adk=1812271804&adf=3025194257&lmt=1649048765&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fservice96.ru%2F&ea=0&pra=5&wgl=1&dt=1649048765016&bpp=2&bdt=294&idt=357&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3436690887478&frm=20&pv=2&ga_vid=169376264.1649048765&ga_sid=1649048765&ga_hid=1419136236&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C182982000%2C182982200%2C31065972&oid=2&pvsid=3823942236187654&pem=152&tmod=525023949&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=373

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://service96.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 05:06:05 GMT
expires: Mon, 04 Apr 2022 05:06:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7EC7 23 KB
10 KB 325ms
325ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7332001423162723&output=html&h=280&slotname=4247864494&adk=1364232947&adf=1387179365&pi=t.ma~as.4247864494&w=705&fwrn=4&fwrnh=100&lmt=1649048765&rafmt=1&psa=0&format=705x280&url=http%3A%2F%2Fservice96.ru%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1649048765018&bpp=1&bdt=296&idt=375&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3436690887478&frm=20&pv=1&ga_vid=169376264.1649048765&ga_sid=1649048765&ga_hid=1419136236&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=568&ady=513&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C182982000%2C182982200%2C31065972&oid=2&pvsid=3823942236187654&pem=152&tmod=525023949&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=LssPOf5OOi&p=http%3A//service96.ru&dtd=380

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

194fd8ffa7ad36fe2ef78ec1ed84b31dcbccdae7e475f5c49f6fd6b26590b10a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://service96.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9774
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 05:06:05 GMT
expires: Mon, 04 Apr 2022 05:06:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame 7EC7 2 KB
1 KB 178ms
60ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7332001423162723&output=html&h=280&slotname=4247864494&adk=1364232947&adf=1387179365&pi=t.ma~as.4247864494&w=705&fwrn=4&fwrnh=100&lmt=1649048765&rafmt=1&psa=0&format=705x280&url=http%3A%2F%2Fservice96.ru%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1649048765018&bpp=1&bdt=296&idt=375&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3436690887478&frm=20&pv=1&ga_vid=169376264.1649048765&ga_sid=1649048765&ga_hid=1419136236&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=568&ady=513&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C182982000%2C182982200%2C31065972&oid=2&pvsid=3823942236187654&pem=152&tmod=525023949&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=LssPOf5OOi&p=http%3A//service96.ru&dtd=380

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 05:02:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 216
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 05:02:29 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7EC7 119 KB
37 KB 199ms
74ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 05:06:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36916
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1648640521462251"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Apr 2022 05:06:05 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame 7EC7 15 KB
7 KB 174ms
57ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 04:54:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 683
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 04:54:42 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7EC7 0
0 74ms
74ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CraKUvXxKYobfG8vh6gS17oyoB8me0rFczYbj1pMBwI23ARABIABgleKQgqAHggEXY2EtcHViLTczMzIwMDE0MjMxNjI3MjOgAdW20uoDyAEJqQLY4aKjCImyPqgDAaoEuAFP0Dt7atuLq3Nn4e3-kK_Ea7V5KjW4-QkBJR63kDPldkBtv-rSG1ITJmzpYR3VWeSATVK-MsXJDOiQXT99T7Au0zmxvVE1SgPfTkaCAIlWrY3ZhzJDcUKQa5KwOEJAdFMqikmxIsDUSwqaUZVAxgsDECodwstwlRk9kutflk1GGUBd-sGYM2I5qtPaOK4aAUi4NfLmv5nMyLUmPqz79Vd0uUTbdza0bjB2zKHf_ityrE60i2Uwh1scgAaU2YjNm-S-lfABoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNzMzMjAwMTQyMzE2MjcyMxgA&sigh=I3BipkFF3KU&uach_m=[UACH]&cid=CAQSGwCNIrLMu9bCUBKE9Mf0Fcj3FPqK8b3OVGfOqxgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7332001423162723&output=html&h=280&slotname=4247864494&adk=1364232947&adf=1387179365&pi=t.ma~as.4247864494&w=705&fwrn=4&fwrnh=100&lmt=1649048765&rafmt=1&psa=0&format=705x280&url=http%3A%2F%2Fservice96.ru%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1649048765018&bpp=1&bdt=296&idt=375&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3436690887478&frm=20&pv=1&ga_vid=169376264.1649048765&ga_sid=1649048765&ga_hid=1419136236&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=568&ady=513&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C182982000%2C182982200%2C31065972&oid=2&pvsid=3823942236187654&pem=152&tmod=525023949&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=LssPOf5OOi&p=http%3A//service96.ru&dtd=380
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 04 Apr 2022 05:06:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 04 Apr 2022 05:06:05 GMT

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 7EC7 0
0 301ms
15ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=UNrxEsz6RMEFmAKdg2ICAgAAADMwFS2Q-ie4ELx8SmI3rgQpLzCVA1PhhgAS&wp=Ykp8vQAG74YKmrDLAAM3NQ0TKA1VP3t1AXW_Eg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 05:06:05 GMT
server: Kestrel
server-processing-duration-in-ticks: 234082
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 5E7A 223 KB
55 KB 164ms
130ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Ykp8vQAG74YKmrDLAAM3NQ0TKA1VP3t1AXW_Eg&u=%7ClX3TLZGXcsWVBzMyougozonyYI5fzSzI6lS8ao6NXtc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wcjufa-rm1QUXI2NGVSi9d6ugHqtCoh_cAPvzVEamr7sa_DYlmRcmDck3XKsaTRxASMgygZ_75QkkakD4r3XIcnG72BUUcaF3tr-558mgTMLerUqFa0QBYRkrOVC7ABcrlEMkCSQBZR5CqsMB2onEZrU5gYJTyuQLxRAFooQ9rwYiBJJSmAx3rSGVUi1NMBSqY-r4BY4YLzUYI17vO-W5klMYPSj225AARbcO7TueX7MCngJsVRelLNTm9lv2ybOvtHvaofcxhE1Lk2OZdR86N8rul_YQy8T0wuvMkwN6zWKVs2CpJNJ4eUC1qahKmM4pKZsd-5SEjkmZI6xik3kuwfkerB_u0O0WF_mSCHDaWai2leyF_Oby5reNFbt__sYsk1iJvsfj9wA0HojL-YOoM4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuMn6vXxKYobfG8vh6gS17oyoB8me0rFczYbj1pMBwI23ARABIABgleKQgqAHggEXY2EtcHViLTczMzIwMDE0MjMxNjI3MjOgAdW20uoDyAEJqQLY4aKjCImyPqgDAaoEuwFP0Dt7atuLq3Nn4e3-kK_Ea7V5KjW4-QkBJR63kDPldkBtv-rSG1ITJmzpYR3VWeSATVK-MsXJDOiQXT99T7Au0zmxvVE1SgPfTkaCAIlWrY3ZhzJDcUKQa5KwOEJAdFMqikmxIsDUSwqaUZVAxgsDECodwstwlRk9kutflk1GGUBd-sGYM2I5qtPaOK4aAUi4NbDkngtLRyk1gTDvVodJH7zSYzwCZB5uThUXw42AE1CYk-CaA0ijQ29DgAaU2YjNm-S-lfABoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0teVxbPJr_GZlihQdF0373JxVyJg%26client%3Dca-pub-7332001423162723%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6c45d45838da920297de7c737b9f27a6bfd2a25b7fc325a59f71a58a2e024d5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 05:06:05 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=JY01ZlSooiPra2pr0BMhUDIj3_yAxpRIahmdXDTWAQe9oF5xwTZSi3Y2qruq3udXdRvSqx6xuxZLI0_OwhpDq7G_Y57XfttnSu5nQ2KznM6Hqdl1gma6eX0l44UIJrcSNqmj5FpLkSZyA0ew_P_Rn3l2OJojExbE9PjBaTwez16_hGSX87wVpKMTT5sotCn8vZUS__WurwGLVUL009iyPloCiRX4C4fieWVqtfVMF-aRjwOB-REB_9ur1feKlXWqSFU3zQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 114006491
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 5E7A 2 KB
1 KB 56ms
17ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ykp8vQAG74YKmrDLAAM3NQ0TKA1VP3t1AXW_Eg&u=%7ClX3TLZGXcsWVBzMyougozonyYI5fzSzI6lS8ao6NXtc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wcjufa-rm1QUXI2NGVSi9d6ugHqtCoh_cAPvzVEamr7sa_DYlmRcmDck3XKsaTRxASMgygZ_75QkkakD4r3XIcnG72BUUcaF3tr-558mgTMLerUqFa0QBYRkrOVC7ABcrlEMkCSQBZR5CqsMB2onEZrU5gYJTyuQLxRAFooQ9rwYiBJJSmAx3rSGVUi1NMBSqY-r4BY4YLzUYI17vO-W5klMYPSj225AARbcO7TueX7MCngJsVRelLNTm9lv2ybOvtHvaofcxhE1Lk2OZdR86N8rul_YQy8T0wuvMkwN6zWKVs2CpJNJ4eUC1qahKmM4pKZsd-5SEjkmZI6xik3kuwfkerB_u0O0WF_mSCHDaWai2leyF_Oby5reNFbt__sYsk1iJvsfj9wA0HojL-YOoM4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuMn6vXxKYobfG8vh6gS17oyoB8me0rFczYbj1pMBwI23ARABIABgleKQgqAHggEXY2EtcHViLTczMzIwMDE0MjMxNjI3MjOgAdW20uoDyAEJqQLY4aKjCImyPqgDAaoEuwFP0Dt7atuLq3Nn4e3-kK_Ea7V5KjW4-QkBJR63kDPldkBtv-rSG1ITJmzpYR3VWeSATVK-MsXJDOiQXT99T7Au0zmxvVE1SgPfTkaCAIlWrY3ZhzJDcUKQa5KwOEJAdFMqikmxIsDUSwqaUZVAxgsDECodwstwlRk9kutflk1GGUBd-sGYM2I5qtPaOK4aAUi4NbDkngtLRyk1gTDvVodJH7zSYzwCZB5uThUXw42AE1CYk-CaA0ijQ29DgAaU2YjNm-S-lfABoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0teVxbPJr_GZlihQdF0373JxVyJg%26client%3Dca-pub-7332001423162723%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 05:06:06 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 30 Mar 2023 05:06:06 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 5E7A 2 KB
1 KB 58ms
19ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 05:06:06 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 30 Mar 2023 05:06:06 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 5E7A 308 B
636 B 51ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 05:06:06 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 30 Mar 2023 05:06:06 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame 5E7A 507 B
836 B 50ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 05:06:06 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Thu, 30 Mar 2023 05:06:06 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/m/delivery/ Frame 5E7A 43 B
348 B 396ms
19ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=4Vw-tVXTTd6DLqaonygvhYlShi5z-aaQo1-sgF7L6mZNw_cwbVgvzZHnyESnqiLWQge7whxf5842o3npiV-409_1UzJoMQIxUJgcTHtVF1TS2pytV-oV4xeHI5hSUuEzWc-epFSK_4YfzisgaNqzC0-uhjOxMxEA_cnE8UUbWwg0tz6Lz3B0batSU34n6GuoYzTu0BgvMl9VWfj3A_8DDssDt79KasQPYmwAmTolY1MBkNLfsTjbVeYkYBwAES8KAl92jiCB4JaPHZNktP99vDV562h21Bq5KCPYRB0MHkndAkoVE5GnDFW2uLNfC9Tl5a0DMIgLNtUWG6S5bDtXE7ZrC5SdMLsm-6jtjXOQ9MWjx9gc-m1ZB-NNRPP6wni35TiLem-TgwFN3dfR5J0dXBw1V_iJfo2SGLrD_T1Kexs-3VAtqei9adk55eoZdsbAjThowQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 05:06:05 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2618668
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 7EC7 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fce1e0b193d59fb548aa3a523e9d7ee589cf2b2b07d7ecaf6936e70c50796094

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 5E7A 12 KB
6 KB 35ms
15ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 05:06:06 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 30 Mar 2023 05:06:06 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 5E7A 2 KB
3 KB 129ms
26ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=556&m=0&partner=32517&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F32517%2F161005%2F3ff0bb1ca05c4f9cb0e79d86aa5244d3_logo.jpg&v=3&w=196&s=PgYUzNeIEy79JrJ-XOsuXyiy

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

2fb62e42c955493af8927d3c4456eee35815435a98b2420edcadb50a28e3f0f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 05:06:06 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29460800
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2330
expires: Sat, 11 Mar 2023 04:39:26 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 5E7A 14 KB
14 KB 129ms
27ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=32517&q=80&r=0&u=https%3A%2F%2Fwww.e-dessous.de%2Fimages%2Fdetailed%2F23%2FRingella_9541733_286.jpg&v=3&w=800&s=DQAxeg6fbx-oOE3oJp2zZExm&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

93774f63f2a4f34b2fa4578530aee197c78df25e7bd8271a3cbb131a16defff3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 05:06:05 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=890782
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 14404
expires: Thu, 14 Apr 2022 12:32:28 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 5E7A 17 KB
18 KB 158ms
55ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=32517&q=80&r=0&u=https%3A%2F%2Fwww.e-dessous.de%2Fimages%2Fdetailed%2F53%2Fkoszulka-donna-laura.jpg&v=3&w=800&s=NeptNigN7Xe-K0_QRgku2YfN&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

f71a64deefbf6445a0683b4f8506c00dc5f691c7c587479c13a572faff0b74f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 05:06:05 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=722521
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 17728
expires: Tue, 12 Apr 2022 13:48:07 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 5E7A 78 KB
79 KB 134ms
32ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=32517&q=80&r=0&u=https%3A%2F%2Fwww.e-dessous.de%2Fimages%2Fdetailed%2F21%2FAnita_5544_388_FS.jpg&v=3&w=800&s=2meN1oUB3FraZrhps60EtbiI&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

46716acb194be08f7d6b3bd551758222f52b0bc4ba9003ded5bc697da1ebe298

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 05:06:05 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1199959
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 80130
expires: Mon, 18 Apr 2022 02:25:25 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 5E7A 11 KB
11 KB 154ms
52ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=32517&q=80&r=0&u=https%3A%2F%2Fwww.e-dessous.de%2Fimages%2Fdetailed%2F22%2F20766scholler51701-550-pl-21461.jpg&v=3&w=800&s=54pFbtHt2iRzGdfWXIRr3LOd&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

a609e5510931bc9f05486d9609ec4d591e0d80d9651b203b3af633a2d633a1c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 05:06:05 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1204279
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 10848
expires: Mon, 18 Apr 2022 03:37:25 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 5E7A 25 KB
26 KB 143ms
41ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=32517&q=80&r=0&u=https%3A%2F%2Fwww.e-dessous.de%2Fimages%2Fdetailed%2F53%2Ffigi-gorsenia-k665-paradise.jpg&v=3&w=800&s=cxL1tG2ysSmHCFiZsiWqVuAj&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

66bacaf30b822db7a962312265ec5ed028a3cc51ce73ffc901d930b0afa256fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 05:06:05 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=268088
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 25986
expires: Thu, 07 Apr 2022 07:34:14 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 5E7A 9 KB
9 KB 40ms
39ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=32517&q=80&r=0&u=https%3A%2F%2Fwww.e-dessous.de%2Fimages%2Fdetailed%2F52%2Ffara_black2.jpg&v=3&w=800&s=jII9i9JznyOrpM7dy1tw7vYK&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

0b46f49ff1d53c60b5cf363bfb5cb1cf18498bc5358ab5a0766e9f5a81f39cbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 05:06:05 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=282833
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 9310
expires: Thu, 07 Apr 2022 11:39:59 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 5E7A 20 KB
20 KB 40ms
39ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=32517&q=80&r=0&u=https%3A%2F%2Fwww.e-dessous.de%2Fimages%2Fdetailed%2F20%2F181450_szary.jpg&v=3&w=800&s=5yvX6v_eCI7ijOk0K74XHzOb&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e72ca876774d5df1a1e1cd876e33fbf6b029c418ee326f2c06990f2bd7ff68e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 05:06:05 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1204279
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 20658
expires: Mon, 18 Apr 2022 03:37:25 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 5E7A 20 KB
20 KB 45ms
44ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=32517&q=80&r=0&u=https%3A%2F%2Fwww.e-dessous.de%2Fimages%2Fdetailed%2F51%2Fshelby_dusty_rose_p.jpg&v=3&w=800&s=CQqjG80QgiNZIyrNDB8o5ZvQ&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

f93636e52329dbffd17aec6d76072bccce8d64b43d67b9b41192a125621b9405

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 05:06:06 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=807511
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 20192
expires: Wed, 13 Apr 2022 13:24:37 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 5E7A 14 KB
14 KB 43ms
42ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=32517&q=80&r=0&u=https%3A%2F%2Fwww.e-dessous.de%2Fimages%2Fdetailed%2F51%2Fsharon_biaa.jpg&v=3&w=800&s=VsF3VLhROLiMp0wK1gDlVvSg&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

6d0995c16a1c0451419b12f3141a07eb779ff5adffc44263912be5ec66943bf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 05:06:05 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=436097
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 14274
expires: Sat, 09 Apr 2022 06:14:24 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 5E7A 13 KB
13 KB 47ms
46ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=32517&q=80&r=0&u=https%3A%2F%2Fwww.e-dessous.de%2Fimages%2Fdetailed%2F54%2Fszlafrok-dorota-fr-254-ecru.jpg&v=3&w=800&s=xC3XJEOXnel0OeAwxp8j26Zh&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

38314a8de1dc22c24f9ed8ce80e8158949a29917ae167089456a9607085e4621

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 05:06:05 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=290175
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 13300
expires: Thu, 07 Apr 2022 13:42:22 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 5E7A 17 KB
18 KB 45ms
44ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=32517&q=80&r=0&u=https%3A%2F%2Fwww.e-dessous.de%2Fimages%2Fdetailed%2F53%2Fkoszulka-babell-nata-czarny.jpg&v=3&w=800&s=T1HLe_T1zXqTXYVQwjbKJZ2f&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

c57ea72cb1061787485b34d00e66dabeeeea46482d73b12def4d248686bd3912

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 05:06:05 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=652578
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 17718
expires: Mon, 11 Apr 2022 18:22:24 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 5E7A 0
128 B 121ms
14ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=JY01ZlSooiPra2pr0BMhUDIj3_yAxpRIahmdXDTWAQe9oF5xwTZSi3Y2qruq3udXdRvSqx6xuxZLI0_OwhpDq7G_Y57XfttnSu5nQ2KznM6Hqdl1gma6eX0l44UIJrcSNqmj5FpLkSZyA0ew_P_Rn3l2OJojExbE9PjBaTwez16_hGSX87wVpKMTT5sotCn8vZUS__WurwGLVUL009iyPloCiRX4C4fieWVqtfVMF-aRjwOB-REB_9ur1feKlXWqSFU3zQ&sds=2&rev=80956&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 04 Apr 2022 05:06:05 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 5E7A 2 KB
1 KB 16ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 05:06:06 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 30 Mar 2023 05:06:06 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 5E7A 2 KB
1 KB 22ms
22ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 05:06:06 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 30 Mar 2023 05:06:06 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 130ms
69ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220330&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b081bacec22fa3b2b575b890649847131fd533d8d103ca29cf76735d177c9eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://service96.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Apr 2022 05:06:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10638
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 132ms
66ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://service96.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 05:06:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Apr 2022 05:06:06 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8D8A 13 KB
5 KB 56ms
56ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://service96.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
age: 45591
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 03 Apr 2022 16:26:15 GMT
expires: Mon, 03 Apr 2023 16:26:15 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3A71 783 B
1 KB 188ms
65ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ec84d5518ade6bdd8ce045af9e37ffc55dadfa3514cd8d56776a7ad14d010e19

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zzxQ8KUerFGVLwla2hfshg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://service96.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-zzxQ8KUerFGVLwla2hfshg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 05:06:06 GMT
expires: Mon, 04 Apr 2022 05:06:06 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js Show response
pagead2.googlesyndication.com/bg/ Frame 8D8A 35 KB
13 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddbf19b4a1dc1544982a2859a72c0a5480b20ed16c6a82f0a02b83c846627f29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 12:43:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 145355
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13770
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Apr 2023 12:43:31 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8D8A 0
9 B 55ms
54ms Image
text/plain 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?RxQOUA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 05:06:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3A71 0
0 110ms
110ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220330&jk=3823942236187654&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7EC7 42 B
64 B 74ms
74ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuNUq-7i4ECrMvSL0jh7tMTDxvUTobLO1obM2EOfFJAZRSpvOcVihtoz7BtoArbpzQhUG2omcCD-YBXfiGmY1Ruhw&sig=Cg0ArKJSzEEe7OKJV1ZJEAE&id=lidar2&mcvt=1000&p=0,0,280,705&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220330&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1364232947&rs=2&la=0&cr=0&vs=4&r=v&rst=1649048765399&rpt=632&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 05:06:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 5E7A 0
127 B 15ms
15ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 04 Apr 2022 05:06:06 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 94ms
93ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220330&jk=3823942236187654&bg=!EBOlE1fNAAZku-1yRLs7ACkAdvg8Wg1FgAM-2xXidek5Z__3s98D2e3FR8H1Vu1knGrS5x_fmeDCeQIAAABJUgAAAAJoAQcKAGbw1Jc4g4p_SnQGDLIwRWe343YSbd0NHV2c6qCVNW0TB1TYfU_1D3Aw3R_Sp1uIOmEjXKyjkOLZXWcHtEBK-eyveUYpj3OYHEQNokkzGuTkOTof50dJqbvc1C4lp5OIyHTQsZpSEviZAsloR8cDnip1wDG2seCBLQmxq37KA_CtPsyqszIp5CaLem2VJQWiBD70yv-SnzyDoppayveE68u4_m2nkGzblj7VYBJUOaea_I12cKZC5KrKBQ2fQ6yQx7xvf-EkvpP4PwYUE0zt8oySU94ctmN9o7tYHMNA3zEEbtCpFrcLEgQwZJ_p8lPEopdt3tjqrBYSWO9y48ZICwOpKerebo2de3YDXVB0e0ocJK15W9d4LUVfc2Anq9Ujusvaa0m1JVXkD4o579xR2dFckzJaLvD4jGqVPZsG2cuv8u_tpiXx82tB75muCpwZCnP9Ac1bFT6xa7RS-cEJzgfYPbWAk5Q6WLwWrppbTAd1HA7EXdj_KGgYkulaqzGigD2O11ErgVH8GgU_dewP1CrcM5CsmhduPbEJwOnG2aTP3x4Fit5tDGWx12MPiaxYRxRmZlT7tyyyboyiYgAN0M5HTq3d9PEQihekiE7nMSRNzpUyz2tzMp4iZqosk5l9dc7b8B_gaqY-89mgsZly-MRVlqfKdjCSyvEvUgCIEAjKYJXyc59EZNBfr-rukOFs6ivnoYJAxHGqwrxXKdaCRakw3K4PxbFa2iXS-nDyNRhZpLIchE2cHRZzSlXCSJXxuHdXOuqQcmWnZftYhv7xytHDV8X7SDesS3Phw2Xk5CB1sHNzp0bcezwZtr9s3x645agX5dFrx3QN_D1MzTpg_DJgmbOh7oINZeKBRlNg95rIFxSUxcdt-BBdMu56f7iuJzCGWO4YQ4Q5o0k14OK-h693BYe0-HSP3AgMsrkjdv5Gp_cGqqKev6sFbO6ea-cdRA2-dmLuV16XGGCN_j9FdxmmgA0UfR9adG7ydgNdgiE99KujfSVqh8GcNIHxmUjhwigKYR-ySrKfbFmFvjTzS9WK8YgbsVjuZpEaPYPnZCSBnhm0EoMi_Hq5w39RXmcsobEaWA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://service96.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 05:06:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 5E7A 14 KB
14 KB 16ms
16ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

93774f63f2a4f34b2fa4578530aee197c78df25e7bd8271a3cbb131a16defff3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 05:06:09 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=890778
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 14404
expires: Thu, 14 Apr 2022 12:32:28 GMT

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
service96.ru/	1969-12-31 23:59:59	Name: PHPSESSID Value: qus0iq2eb512ge1ju935l8qup4
.service96.ru/	1970-01-20 10:49:44	Name: _ym_uid Value: 1649048765338852354
.service96.ru/	1970-01-20 10:49:44	Name: _ym_d Value: 1649048765
.mc.yandex.com/	1970-01-20 02:04:09	Name: sync_cookie_csrf Value: 4288699645fake
.service96.ru/	1970-01-20 02:05:20	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 02:04:09	Name: sync_cookie_csrf Value: 1953438969fake
.yandex.com/	1970-01-20 10:49:44	Name: yandexuid Value: 7617068071649048765
.yandex.com/	1970-01-20 10:49:44	Name: yuidss Value: 7617068071649048765
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1140394451649048765
.yandex.com/	1970-01-23 17:40:08	Name: i Value: hINS/9L3sRmhyvFQEhpc+2XeHfjfhZSK9B/rCrqZtlscV8rx5Tg4WyPDyWUeJAC28+vm5S+MVYoWdRuH3uDI0NU0+JY=
.yandex.com/	1970-01-20 10:49:44	Name: ymex Value: 1680584765.yrts.1649048765#1680584765.yrtsi.1649048765
.service96.ru/	1970-01-20 11:25:44	Name: __gads Value: ID=28be14f1ed4bcdac-22cab4f46ccd00e4:T=1649048765:RT=1649048765:S=ALNI_MbIboMfagi_h7djXFjgsvS__tME3g
.doubleclick.net/	1970-01-20 11:25:44	Name: IDE Value: AHWqTUl83LF8xNjPj-n0Z99WAZpRaiIysaYG88C0rk2at0ztXj-mehpVy39rTtefbas

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9598.yqKhGFAaO475eEPboC0JfKt-Url3aF5KBIji9dkczv0RsU2jipOP0o3I2GAskL4T2eb3DVnmCpC0eyEYIaEbWA%2C%2C.cPDpliCqlnb12s0sumVLRM_TFEU%2C Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.com
adservice.google.de
cat.fr.eu.criteo.com
csm.eu.criteo.net
googleads.g.doubleclick.net
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
rtb.nl.eu.criteo.com
service96.ru
static.criteo.net
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.service96.ru
142.250.185.194
178.250.0.139
178.250.0.160
178.250.0.162
185.41.160.219
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2004
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:829::2002
2a00:1450:4001:830::2002
2a02:2638:1::2
2a02:2638::3
2a02:2638::b
2a02:6b8::1:119
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b00ea42ccc76b7236fe2e0fe17f4b858d998a8c60315f65b04b5f8a367eec66
0b46f49ff1d53c60b5cf363bfb5cb1cf18498bc5358ab5a0766e9f5a81f39cbe
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
163cad37100deab1fe7c837816abda573edf0a1362c83b51d7e02437de7716e0
194fd8ffa7ad36fe2ef78ec1ed84b31dcbccdae7e475f5c49f6fd6b26590b10a
1b081bacec22fa3b2b575b890649847131fd533d8d103ca29cf76735d177c9eb
2b4925fdd46a1f64dd4fd132df492eb66baafce87b3c3ef580193e716e5a61ec
2fb62e42c955493af8927d3c4456eee35815435a98b2420edcadb50a28e3f0f5
38314a8de1dc22c24f9ed8ce80e8158949a29917ae167089456a9607085e4621
46716acb194be08f7d6b3bd551758222f52b0bc4ba9003ded5bc697da1ebe298
493e0f2cf234207a2109c97a22328107c3770c4137f4f6f5f2068c1193c733be
4c34beebfa06582d12b3fd592c4fd15ad2b79644cb3704a2da26f475e66e96d3
4dca09c308dd5c3be9b40580dac997575ab7e27480c9dc0045faa07d49f2db19
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
52ff3e4c6563214afa89cc08e3f8b83a63e5a16f63539e225ba77514deedd25f
538436037efb1e9e46a1246e076795b46b763ab41b20d71f92761702536b638c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
66bacaf30b822db7a962312265ec5ed028a3cc51ce73ffc901d930b0afa256fe
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
6c342c29010384bff8f2b24cd5ebfea0401b2e052513a717ce43506ee5f6de0e
6c45d45838da920297de7c737b9f27a6bfd2a25b7fc325a59f71a58a2e024d5a
6d0995c16a1c0451419b12f3141a07eb779ff5adffc44263912be5ec66943bf8
71170ca0d52948778312522f272d9a3e7f1bb0ac02e52da56ef29dead74db119
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
871f32637f50c01b7b0a3119cc5a3fa6b72e2e069ea3272fedcc672e5600b996
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
93774f63f2a4f34b2fa4578530aee197c78df25e7bd8271a3cbb131a16defff3
97d3bac1cae0aca29ae58aee1417c1b5d77a5dee00502ebc5b4c9273efea5ada
9f8d80428bb72c87624ac4dbecbc18b84690b65cf9b35f25599bb77ca58f4955
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a609e5510931bc9f05486d9609ec4d591e0d80d9651b203b3af633a2d633a1c0
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
b4a30f0c3d2793dfd3db9f51e71079e551d291822f5897525efb7a96663434f5
c57ea72cb1061787485b34d00e66dabeeeea46482d73b12def4d248686bd3912
d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57
ddbf19b4a1dc1544982a2859a72c0a5480b20ed16c6a82f0a02b83c846627f29
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e72ca876774d5df1a1e1cd876e33fbf6b029c418ee326f2c06990f2bd7ff68e8
ea29e5b96406b9dac427a26d82fea01ff79915baefa2d5635c15aa3ece6de99d
ec84d5518ade6bdd8ce045af9e37ffc55dadfa3514cd8d56776a7ad14d010e19
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
eeeaf57a09aff5c28c5b3620365c0cfa44c14640b545bfeebf409f6c7713d731
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f71a64deefbf6445a0683b4f8506c00dc5f691c7c587479c13a572faff0b74f4
f93636e52329dbffd17aec6d76072bccce8d64b43d67b9b41192a125621b9405
fce1e0b193d59fb548aa3a523e9d7ee589cf2b2b07d7ecaf6936e70c50796094

service96.ru Open in urlscan Pro 185.41.160.219 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

61 Requests

77 %HTTPS

67 %IPv6

11 Domains

18 Subdomains

16 IPs

4 Countries

865 kBTransfer

1589 kBSize

13 Cookies

0 Outgoing links

Page URL History

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

service96.ru Open in urlscan Pro
185.41.160.219 Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

77 %
HTTPS

67 %
IPv6

11
Domains

18
Subdomains

16
IPs

4
Countries

865 kB
Transfer

1589 kB
Size

13
Cookies

61 HTTP transactions
1 data transactions