www.germany.ru Open in urlscan Pro
138.201.192.69 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.germany.ru/cgi-bin/portal/login_form.cgi?login=delvaux
Submission: On May 21 via api (May 21st 2022, 5:43:53 pm UTC) from BE — Scanned from DE

Summary HTTP 195 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 30 IPs in 10 countries across 22 domains to perform 195 HTTP transactions. The main IP is 138.201.192.69, located in Germany and belongs to HETZNER-AS, DE. The main domain is www.germany.ru.
TLS certificate: Issued by R3 on March 15th 2022. Valid for: 3 months.

This is the only time www.germany.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
30	138.201.192.69 138.201.192.69	24940 (HETZNER-AS) (HETZNER-AS)
4	188.40.142.195 188.40.142.195	24940 (HETZNER-AS) (HETZNER-AS)
2	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (STACKPATH...) (STACKPATH-CDN)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
40	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
3	2600:9000:206... 2600:9000:206f:2200:f:4f64:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
4	99.83.169.100 99.83.169.100	16509 (AMAZON-02) (AMAZON-02)
11	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
12	18.157.192.56 18.157.192.56	16509 (AMAZON-02) (AMAZON-02)
4	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206f:b600:1f:a1b:34c0:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:401... 2a00:1450:4016:80a::2003	15169 (GOOGLE) (GOOGLE)
1 1	62.209.227.211 62.209.227.211	13036 (TMOBILE-) (TMOBILE-)
16	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:1::4 2a02:2638:1::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	104.102.29.65 104.102.29.65	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
14	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2600:9000:206... 2600:9000:206f:f200:1e:a43d:b640:93a1	16509 (AMAZON-02) (AMAZON-02)
2	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
14	178.250.2.135 178.250.2.135	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	178.250.2.150 178.250.2.150	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	37.157.4.40 37.157.4.40	198622 (ADFORM) (ADFORM)
1 1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
2 2	3.124.13.195 3.124.13.195	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:224... 2600:9000:224a:1e00:8:5c85:cdc0:93a1	16509 (AMAZON-02) (AMAZON-02)
195	30

30 138.201.192.69 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: pxc.germany.ru

www.germany.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tt.germany.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
h.germany.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
katalogui.germany.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 188.40.142.195 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: pxb.germany.ru

ttn.germany.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:206f:2200:f:4f64:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 99.83.169.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: a3436eee63857ff41.awsglobalaccelerator.com

gaa.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 18.157.192.56 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-192-56.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:b600:1f:a1b:34c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

nugmw.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4016:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.209.227.211 (Kostany, Czech Republic) 1 redirects

ASN13036 (TMOBILE-, CZ)
PTR: bbnautid2.ibillboard.com

bbnaut.ibillboard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.102.29.65 (Milan, Italy) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-102-29-65.deploy.static.akamaitechnologies.com

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206f:f200:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.132.245 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 178.250.2.135 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.am5.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.40 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.124.13.195 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-13-195.eu-central-1.compute.amazonaws.com

tracking.m6r.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tracking-a.dsp.m6r.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:224a:1e00:8:5c85:cdc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

sak.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
56	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 95 tpc.googlesyndication.com — Cisco Umbrella Rank: 130	1 MB
34	germany.ru www.germany.ru tt.germany.ru ttn.germany.ru h.germany.ru katalogui.germany.ru	409 KB
32	criteo.net static.criteo.net — Cisco Umbrella Rank: 621 pix.eu.criteo.net — Cisco Umbrella Rank: 7541 csm.eu.criteo.net — Cisco Umbrella Rank: 7580	65 KB
19	adscale.de js.adscale.de — Cisco Umbrella Rank: 7301 gaa.adscale.de — Cisco Umbrella Rank: 172297 ih.adscale.de — Cisco Umbrella Rank: 5643	26 KB
11	google.com adservice.google.com — Cisco Umbrella Rank: 74 www.google.com — Cisco Umbrella Rank: 7	3 KB
10	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 stats.g.doubleclick.net — Cisco Umbrella Rank: 92 cm.g.doubleclick.net — Cisco Umbrella Rank: 212	26 KB
7	criteo.com 1 redirects rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 11299 ads.eu.criteo.com — Cisco Umbrella Rank: 7544 rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 12919 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 9672 dis.criteo.com — Cisco Umbrella Rank: 725	99 KB
5	google.de adservice.google.de — Cisco Umbrella Rank: 7678 www.google.de — Cisco Umbrella Rank: 5483	2 KB
5	gstatic.com fonts.gstatic.com	190 KB
4	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 789	803 B
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
2	m6r.eu 2 redirects tracking.m6r.eu — Cisco Umbrella Rank: 13455 tracking-a.dsp.m6r.eu — Cisco Umbrella Rank: 867287	1 KB
2	adform.net 2 redirects track.adform.net — Cisco Umbrella Rank: 3865	1 KB
2	mathtag.com 2 redirects sync.mathtag.com — Cisco Umbrella Rank: 444	1 KB
2	imrworldwide.com secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1382	1 KB
2	casalemedia.com 2 redirects ssum.casalemedia.com — Cisco Umbrella Rank: 1323	2 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 175	84 KB
2	userreport.com nugmw.userreport.com — Cisco Umbrella Rank: 55981 sak.userreport.com — Cisco Umbrella Rank: 23637	31 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 660	96 KB
1	ibillboard.com 1 redirects bbnaut.ibillboard.com — Cisco Umbrella Rank: 18966	352 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	69 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	1 KB
195	22

	Domain	Requested by
40	pagead2.googlesyndication.com	www.germany.ru pagead2.googlesyndication.com js.adscale.de tpc.googlesyndication.com www.googletagservices.com
22	tt.germany.ru	www.germany.ru
16	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.germany.ru
14	pix.eu.criteo.net	ads.eu.criteo.com
14	static.criteo.net	ads.eu.criteo.com
12	ih.adscale.de	js.adscale.de www.germany.ru ih.adscale.de
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
7	www.google.com	www.germany.ru tpc.googlesyndication.com googleads.g.doubleclick.net
6	h.germany.ru	www.germany.ru h.germany.ru
5	fonts.gstatic.com	fonts.googleapis.com
4	csm.eu.criteo.net	ads.eu.criteo.com
4	adservice.google.com	pagead2.googlesyndication.com
4	adservice.google.de	pagead2.googlesyndication.com
4	partner.googleadservices.com	pagead2.googlesyndication.com
4	gaa.adscale.de	js.adscale.de
4	www.google-analytics.com	www.germany.ru www.googletagmanager.com www.google-analytics.com
4	ttn.germany.ru	www.germany.ru
3	js.adscale.de	www.germany.ru js.adscale.de ih.adscale.de
2	track.adform.net	2 redirects
2	sync.mathtag.com	2 redirects
2	cat.nl.eu.criteo.com	ads.eu.criteo.com
2	secure-gl.imrworldwide.com	ads.eu.criteo.com
2	ssum.casalemedia.com	2 redirects
2	ads.eu.criteo.com	googleads.g.doubleclick.net
2	www.googletagservices.com	googleads.g.doubleclick.net
2	code.jquery.com	www.germany.ru
1	sak.userreport.com	nugmw.userreport.com
1	tracking-a.dsp.m6r.eu	1 redirects
1	tracking.m6r.eu	1 redirects
1	cm.g.doubleclick.net	1 redirects
1	dis.criteo.com	1 redirects
1	rtb.fr.eu.criteo.com	googleads.g.doubleclick.net
1	rtb.nl.eu.criteo.com	googleads.g.doubleclick.net
1	bbnaut.ibillboard.com	1 redirects
1	www.google.de	www.germany.ru
1	nugmw.userreport.com	js.adscale.de
1	stats.g.doubleclick.net	www.google-analytics.com
1	katalogui.germany.ru	www.germany.ru
1	www.googletagmanager.com	www.germany.ru
1	fonts.googleapis.com	www.germany.ru
1	www.germany.ru
195	41

This site contains links to these domains. Also see Links.

Domain
help.germany.ru
events.germany.ru
love.germany.ru
foto.germany.ru
foren.germany.ru
groups.germany.ru
chat.germany.ru
katalog.germany.ru
annonce.germany.ru

Subject Issuer	Validity	Valid
*.germany.ru R3	`2022-03-15` - `2022-06-13`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.adscale.de Amazon	`2021-08-08` - `2022-09-06`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.userreport.com Amazon	`2022-01-20` - `2023-02-18`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-15` - `2022-06-13`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-19` - `2022-06-18`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-05-18` - `2022-08-13`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-13`	3 months	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-04` - `2023-02-03`	a year	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-10` - `2022-07-04`	3 months	crt.sh

This page contains 22 frames:

Primary Page: https://www.germany.ru/cgi-bin/portal/login_form.cgi?login=delvaux
Frame ID: EB69A8B4595A7014FB53EFFB54DB7487
Requests: 70 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20190131/zrt_lookup.html
Frame ID: B353E68D6D81F610A1C6E292C78AB12F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: 3BD1AFB1CC5B02A8C9B8BB728F7539BF
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: 13614C3E07A5CF22E5DF50DCF8EB33B5
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: E6D62F1FB87C02F5A4269EEB283255CD
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: 4EA8B6AB52D58001C9550BDF9EF2CC56
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr_consent=tcunavailable&tcfe=3&client=ca-pub-2481787217439354&output=html&adk=1812271804&adf=3025194257&lmt=1653155028&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.germany.ru%2Fcgi-bin%2Fportal%2Flogin_form.cgi%3Flogin%3Ddelvaux&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653155028159&bpp=2&bdt=437&idt=105&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6074221592809&frm=20&pv=2&ga_vid=1859434887.1653155028&ga_sid=1653155028&ga_hid=38198425&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067417%2C31064018%2C31067525&oid=2&pvsid=2427230675030458&pem=225&tmod=1356469770&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=122
Frame ID: 80706ED8FFC177C4CE1B9E665B3CD397
Requests: 1 HTTP requests in this frame

Frame: https://ih.adscale.de/map?format=display&ssl=1
Frame ID: 1AE975C2DC0455A3CE87B29AF749E555
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2481787217439354&output=html&h=280&slotname=2606245871&adk=3570679225&adf=3279755398&pi=t.ma~as.2606245871&w=970&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.germany.ru%2Fcgi-bin%2Fportal%2Flogin_form.cgi%3Flogin%3Ddelvaux&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653155028340&bpp=3&bdt=119&idt=150&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&cookie=ID%3D2440bac3c623bdb6-227b529999cd0006%3AT%3D1653155029%3ART%3D1653155029%3AS%3DALNI_Mb8ItSpNtxxonHGOtJ4wxP8vjiOmQ&correlator=6074221592809&frm=23&ife=1&pv=1&ga_vid=1859434887.1653155028&ga_sid=1653155028&ga_hid=1360663336&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=731&biw=1600&bih=1200&isw=970&ish=0&ifk=1118313999&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763951&oid=2&pvsid=204603319168219&pem=225&tmod=1598844984&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.3h732g7m5a5r&fsb=1&dtd=160
Frame ID: 527AA80E5428B836406106CAB4FA535C
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2481787217439354&output=html&h=90&slotname=2458072068&adk=2750932062&adf=3279755401&pi=t.ma~as.2458072068&w=728&rafmt=12&psa=0&format=728x90&url=https%3A%2F%2Fwww.germany.ru%2Fcgi-bin%2Fportal%2Flogin_form.cgi%3Flogin%3Ddelvaux&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653155028413&bpp=3&bdt=183&idt=109&shv=r20220518&mjsv=m202205180101&ptt=9&saldr=aa&cookie=ID%3D2440bac3c623bdb6-227b529999cd0006%3AT%3D1653155029%3ART%3D1653155029%3AS%3DALNI_Mb8ItSpNtxxonHGOtJ4wxP8vjiOmQ&correlator=6074221592809&frm=23&ife=1&pv=1&ga_vid=1859434887.1653155028&ga_sid=1653155029&ga_hid=1348017606&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=58&biw=1600&bih=1200&isw=0&ish=0&ifk=1215017051&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C42531556%2C31067698%2C31067525&oid=2&pvsid=214284471957362&pem=225&tmod=1541592303&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=260&bc=31&ifi=1&uci=1.wn9yhbudm2uo&fsb=1&dtd=124
Frame ID: 7CA6BAEF20384E5BEFFA0DCD6E1555A5
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2481787217439354&output=html&adk=1812271804&adf=2373185779&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.germany.ru%2Fcgi-bin%2Fportal%2Flogin_form.cgi%3Flogin%3Ddelvaux&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653155028429&bpp=3&bdt=220&idt=123&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&cookie=ID%3D2440bac3c623bdb6-227b529999cd0006%3AT%3D1653155029%3ART%3D1653155029%3AS%3DALNI_Mb8ItSpNtxxonHGOtJ4wxP8vjiOmQ&nras=1&correlator=6074221592809&frm=23&ife=1&pv=1&ga_vid=1859434887.1653155028&ga_sid=1653155029&ga_hid=1490647274&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=1215017051&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531557%2C31067628%2C31067720&oid=2&pvsid=907818329171025&pem=225&tmod=891929304&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.fhshwkacydza&fsb=1&dtd=139
Frame ID: 96115EF34C6CB9BDDC170AB304025A59
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2481787217439354&output=html&h=100&slotname=8174686189&adk=3660800153&adf=3279755399&pi=t.ma~as.8174686189&w=480&fwrn=3&psa=0&format=480x100&url=https%3A%2F%2Fwww.germany.ru%2Fcgi-bin%2Fportal%2Flogin_form.cgi%3Flogin%3Ddelvaux&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653155028432&bpp=1&bdt=223&idt=152&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&cookie=ID%3D2440bac3c623bdb6-227b529999cd0006%3AT%3D1653155029%3ART%3D1653155029%3AS%3DALNI_Mb8ItSpNtxxonHGOtJ4wxP8vjiOmQ&prev_fmts=0x0&nras=1&correlator=6074221592809&frm=23&ife=1&pv=1&ga_vid=1859434887.1653155028&ga_sid=1653155029&ga_hid=1490647274&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=1215017051&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531557%2C31067628%2C31067720&oid=2&pvsid=907818329171025&pem=225&tmod=891929304&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CEr%7C&abl=CS&pfx=0&fu=32772&bc=31&ifi=2&uci=2.i2le6jhd5yun&fsb=1&dtd=157
Frame ID: 230CD410B15F5CE8BF056423373064C1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8D15CF059DB22741EF4B5B00A6AFF506
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BDC7ECCC02F3729DA5F6B3A696ECFBD1
Requests: 2 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yokk1QAImA8KcaoyAAE0dzXEtY2e7GgrNJ1Eew&u=%7CjM5V6pjyCU%2Fqw82AGEgAHoweHPywuChIqT9FoJXcvHQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi62Uq0SId7qsK-cxqNcffHGttzpq0iVZ8t7yzmIDNwu_FBXOsUFAtRqkLvHfacxShd_YtNVgdPlGp3Ua3rVzC9OMJC6oIQ8rOuRSAEE4oObcwwuCzePjXk9ErD5Rqk8Lamxz4Dz35QLdELUnNUNjPgB-OYpG3ubnnt5QX4RGMrmD9-f2AXiaONeTA4hltSnaSGy6DHW8RZruWiN2GJgcTqrETZ524mQNxLMkibHPxcbdss3GpSiP2fiE7ufVB4mgtTbm0CLwIzOZ8ejPBQwG1oO8oco-Y4_eCZWPFbN8FqTU5Mx6hrzij835MPo2D1OneNhpf1pLhvRjNQVup-l8QTP2fEq0rRtAq2AR3a-R9KzYPJ4u4AgMLAnKZDokKqrzZGtKO1RABcUK92cBMwewOKi8UgAWBCKG4xQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIWlJ1SSJYo-wIrLUxgP36ITIAcme0rFc9dqW93DAjbcBEAEgAGCVypmCrAeCARdjYS1wdWItMjQ4MTc4NzIxNzQzOTM1NKAB1bbS6gPIAQmpAoC9yAzHuLE-qAMBqgToAU_Q-n5w2Z4HYx-SdSg3aXvqg45ONNRVA0wD2SBOjXPn1yJl4rv8RlLIaXDsn5NEeP2j1rG79M7umZe1wDIE1X5RqTsmCcm0VTM4FCyLdAODDsSLL0i1SJH5cVlkP_E4I38b_hMG-ho456IZ0ppWVOlyT2J49UaMOER2xnjerrJQM_b-OxamOYIK-b-gNpCQ9d4dKL8L57Fi1Ud_pm0suegQqO2HCemdCrXVoyZR4gqXJS_XJ4RMgKh32kLAVBcBBFb0yNCEStSwTBJ_jpbgflSESL_UeP9-ILM76sDsVidZnWLyp01Jz8KABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0f2-HyC35dCXf7XxQteGvWXXqEOg%26client%3Dca-pub-2481787217439354%26adurl%3D
Frame ID: 8D4B2D665A378B22DFB2B15445461C36
Requests: 22 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7186C33795B171E76DC130179B575CC9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1E7EFED0960481A1D30EFF65CC47B294
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3E2D9FFB7CDCA0ED6545E34A10B9913E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F697F39B3DE99AFE862D3AAFC6B4B1A4
Requests: 2 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yokk1QAJMTUIFWqaAAM1l3LUesW2tZHXFJQuqw&u=%7CjM5V6pjyCU%2BI3mTCn9LFXSlvjwFUq1n%2BegZ%2BsBDn1n8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at-ue5TMI33i_ZEQiHZh9zpwT1NOTvSdVjwcBd3NMPvH-YulvP3IANMwT0KZV02e23JiHaZVhN0OGCo0YEHWpPX5QKBy78QafL2AxBpq2VFnj2axBf2zIxrenvImmva549bmoFsSJeZvjBPMoFS5gvFgzPcVcApopeQJWSJGWySI8E_5FKek450hCWCgFoWWmaJOTV9LQEhbakxdRy3p5J4r77k0zRvdmGRwUmfFiD4bLq8yRO33Md3YWJnjElllLouyyFu2pIm5aw5EOeAwKMHxUy7SaP5UIZZ-j7EI-csIs75_Jn_ZYAqLjgyBV8mrAeyL8brGjt7h-1bo8tC7ivg8oLDLxwIWP8K-6fMo7zpYnySxahg3lk3NlXoHrK5bCxjO0Ro3w9FJ4JdgnzHIpOSgwzngFqRkLLpaO5pQtZMG8g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXfD-1SSJYrXiJJrV1fAPl-uMiAjJntKxXNWdkfdwwI23ARABIABglcqZgqwHggEXY2EtcHViLTI0ODE3ODcyMTc0MzkzNTSgAdW20uoDyAEJqQKAvcgMx7ixPqgDAaoE5gFP0GfbGDYYRLAw6HgajT8Lky58u1iylCBKByRTq5o-pP-U4_aYPqD5TOcqSUTSPEh7dznICThqFMtaDZjzAw6w2sOs3Ea2-8Su94-cbC4WiLd8fQVwkgqZKDuvkdSgEOiVOVZ6zr_89VyuB9arqfbkb9rZjLdZ6dbVUHfX8iHo5jYv_rro0gx4PygY3igFogsuuTUijXljlAX04VJdgQ_zesr4g8VDtInzoMo-jU5rDgRopF7n3xEGfQ893mMCada8BH7GjhVLG6E9Pn5T7uD8CZTfR8zx0b9nSzBL5XmHVS8n16h9LIAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0CEYAAznhAowWjwOiAU6JnWdxRPQ%26client%3Dca-pub-2481787217439354%26adurl%3D
Frame ID: A88A6951293512E5216DB6564E1EFF7F
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3E0A64759861380493233903AAB1729F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7BF0A1BF77E3C674D84E279DF696124E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Germany.ru

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

195
Requests

96 %
HTTPS

58 %
IPv6

22
Domains

41
Subdomains

30
IPs

10
Countries

2168 kB
Transfer

5524 kB
Size

27
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://help.germany.ru/index.php?action=artikel&cat=5&id=160&artlang=ru
Title: Mehr Informationen

Search URL Search Domain Scan URL

URL: https://events.germany.ru/
Title: Афиша

Search URL Search Domain Scan URL

URL: https://love.germany.ru/
Title: Знакомства

Search URL Search Domain Scan URL

URL: https://foto.germany.ru/
Title: Фото

Search URL Search Domain Scan URL

URL: https://foren.germany.ru/
Title: Форумы

Search URL Search Domain Scan URL

URL: https://groups.germany.ru/
Title: Группы

Search URL Search Domain Scan URL

URL: https://chat.germany.ru/
Title: Чат

Search URL Search Domain Scan URL

URL: https://katalog.germany.ru/
Title: Фирмы и услуги

Search URL Search Domain Scan URL

URL: https://annonce.germany.ru/
Title: Объявления NEW

Search URL Search Domain Scan URL

URL: https://katalog.germany.ru/cgi-bin/discount/add.cgi
Title: Реклама

Search URL Search Domain Scan URL

URL: https://katalog.germany.ru/2776?from=banner240x240

Search URL Search Domain Scan URL

URL: https://help.germany.ru/
Title: Помощь

Search URL Search Domain Scan URL

URL: https://help.germany.ru/index.php?action=artikel&cat=5&id=160&artlang=ru&lang=russian
Title: Datenschutz

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 95

https://bbnaut.ibillboard.com/match/AdScale?partneruid=7a314eb3402f47db81f98065b9a8c892&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F0fcc27d7a12a427f9fbd092664fe526e%2F1653155029372%2F0%2Fimg%3Ftpid%3D101%26tpuid%3DIBB_USER_ID HTTP 302
https://ih.adscale.de/sium/0fcc27d7a12a427f9fbd092664fe526e/1653155029372/0/img?tpid=101&tpuid=BBID-01-03278690296747642-16608600

Request Chain 116

https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=17f9dfda81ae2ce9dbcbda3494bf94e97147321a4af63b21a165b9430cb7544a&tpid=63&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F0fcc27d7a12a427f9fbd092664fe526e%2F1653155029372%2F0%2Fimg HTTP 302
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F0fcc27d7a12a427f9fbd092664fe526e%2F1653155029372%2F0%2Fimg&s=183592&tpid=63&uid=17f9dfda81ae2ce9dbcbda3494bf94e97147321a4af63b21a165b9430cb7544a&C=1 HTTP 302
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=Yokk1cDNBA2cLXtPUnpnbgAA%261164

Request Chain 148

https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D108%26tpuid%3D%5BMM_UUID%5D&uid=710329e145e919c1f1b3756c8110652f80552496bc37999cc06de829f63638f6&tpid=108&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F0fcc27d7a12a427f9fbd092664fe526e%2F1653155029372%2F0%2Fimg HTTP 302
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=97106289-24d6-4000-b714-8ba074a7ff62

Request Chain 175

https://track.adform.net/serving/cookie/match/?party=9&uid=969536d8d7a2828e9bcf621ba48cccb216b023acc57ba5ce2fa464f7872f7373&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F0fcc27d7a12a427f9fbd092664fe526e%2F1653155029372%2F0%2Fimg HTTP 302
https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=969536d8d7a2828e9bcf621ba48cccb216b023acc57ba5ce2fa464f7872f7373&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F0fcc27d7a12a427f9fbd092664fe526e%2F1653155029372%2F0%2Fimg HTTP 302
https://ih.adscale.de/sium/0fcc27d7a12a427f9fbd092664fe526e/1653155029372/0/img?tpid=42&tpuid=3429764444055319894

Request Chain 179

https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&uid=2c595b2d55fce3e71158cb7726dac6d3e7abc3bd3caf3c63a33737b32d1a3ba9&tpid=40&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F0fcc27d7a12a427f9fbd092664fe526e%2F1653155029372%2F0%2Fimg HTTP 302
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=bb1d5463-42b7-4355-a740-ca2c645c1850

Request Chain 180

https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=640b49dd56f3eed41649c420e9a17e77e0dc334216616fe4c2903e061a3d2a07&tpid=39&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F0fcc27d7a12a427f9fbd092664fe526e%2F1653155029372%2F0%2Fimg HTTP 302
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=97106289-24d6-4000-b714-8ba074a7ff62

Request Chain 181

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=b6304598f2d392ffaf89d4f271a7d628ed4b961d5c57b33bea2dd94ca1313294&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F0fcc27d7a12a427f9fbd092664fe526e%2F1653155029372%2F0%2Fimg HTTP 302
https://ih.adscale.de/sium/0fcc27d7a12a427f9fbd092664fe526e/1653155029372/0/img?uid=b6304598f2d392ffaf89d4f271a7d628ed4b961d5c57b33bea2dd94ca1313294&tpid=38&tpuid=CAESEA_LCRd-g10kiRuzPIi1mS8&google_cver=1

Request Chain 186

https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=262b7580ebf1daa0bcc7e5cb4b79cdb37832dfcf3f030826829eff8575303228&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F0fcc27d7a12a427f9fbd092664fe526e%2F1653155029372%2F0%2Fjs HTTP 302
https://tracking-a.dsp.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=262b7580ebf1daa0bcc7e5cb4b79cdb37832dfcf3f030826829eff8575303228&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F0fcc27d7a12a427f9fbd092664fe526e%2F1653155029372%2F0%2Fjs&checkcookies=true HTTP 302
https://ih.adscale.de/sium/0fcc27d7a12a427f9fbd092664fe526e/1653155029372/0/js?tpid=48&tpuid=eb3df0903b04b508907c1c07a1c30f93

195 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request login_form.cgi Show response
www.germany.ru/cgi-bin/portal/ 16 KB
5 KB 242ms
165ms Document
text/html 138.201.192.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.germany.ru/cgi-bin/portal/login_form.cgi?login=delvaux
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.192.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxc.germany.ru
Software: nginx/1.18.0 /
Resource Hash: 8d1381b4d04e5bfcbd3eddb73fa50a02e3e881618345624d5c4d44a2c7309f6a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Sat, 21 May 2022 17:43:48 GMT
Server: nginx/1.18.0
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK germany_ru_common.css
tt.germany.ru/css/ 7 KB
3 KB 102ms
26ms Stylesheet
text/css 138.201.192.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.germany.ru/css/germany_ru_common.css
Requested by: Host: www.germany.ru
URL: https://www.germany.ru/cgi-bin/portal/login_form.cgi?login=delvaux
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.192.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxc.germany.ru
Software: nginx/1.18.0 /
Resource Hash: 7fd4b9696a19d1e8b521192f799bd2885a6943977005afd74d839503e1dcda6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sat, 21 May 2022 17:43:48 GMT
Content-Encoding: gzip
Server: nginx/1.18.0
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000, public
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 20 Jun 2022 17:43:48 GMT

GET
H/1.1 200
OK germany_ru_skin_mini.css
tt.germany.ru/css/ 12 KB
3 KB 104ms
28ms Stylesheet
text/css 138.201.192.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.germany.ru/css/germany_ru_skin_mini.css
Requested by: Host: www.germany.ru
URL: https://www.germany.ru/cgi-bin/portal/login_form.cgi?login=delvaux
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.192.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxc.germany.ru
Software: nginx/1.18.0 /
Resource Hash: 9f3852b186cca1eb720e5988afd6173c8cc7025846381f7b723f84cb8dfefb25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sat, 21 May 2022 17:43:48 GMT
Content-Encoding: gzip
Server: nginx/1.18.0
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000, public
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 20 Jun 2022 17:43:48 GMT

GET
H/1.1 200
OK basic.css
ttn.germany.ru/css/ 159 KB
47 KB 127ms
29ms Stylesheet
text/css 188.40.142.195
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ttn.germany.ru/css/basic.css
Requested by: Host: www.germany.ru
URL: https://www.germany.ru/cgi-bin/portal/login_form.cgi?login=delvaux
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.40.142.195 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxb.germany.ru
Software: nginx/1.7.10 /
Resource Hash: e863b80083f3553afa2fe3cf46fd966d881365056e43908cbb42613ac91906b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sat, 21 May 2022 17:43:48 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Apr 2019 19:13:23 GMT
Server: nginx/1.7.10
ETag: W/"5caceed3-27ad5"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000, public
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 20 Jun 2022 17:43:48 GMT

GET
H/1.1 200
OK mini.css
ttn.germany.ru/css/ 14 KB
6 KB 129ms
30ms Stylesheet
text/css 188.40.142.195
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ttn.germany.ru/css/mini.css
Requested by: Host: www.germany.ru
URL: https://www.germany.ru/cgi-bin/portal/login_form.cgi?login=delvaux
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.40.142.195 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxb.germany.ru
Software: nginx/1.7.10 /
Resource Hash: 7b1747bec52ea01f3de75a9201120dafe45b6a72734a87624cd5d5107afd2c36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sat, 21 May 2022 17:43:48 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Apr 2016 14:20:19 GMT
Server: nginx/1.7.10
ETag: W/"5714ed23-3679"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000, public
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 20 Jun 2022 17:43:48 GMT

GET
H/1.1 200
OK germany_ru_common.css
ttn.germany.ru/css/ 165 KB
53 KB 130ms
30ms Stylesheet
text/css 188.40.142.195
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ttn.germany.ru/css/germany_ru_common.css?2
Requested by: Host: www.germany.ru
URL: https://www.germany.ru/cgi-bin/portal/login_form.cgi?login=delvaux
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.40.142.195 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxb.germany.ru
Software: nginx/1.7.10 /
Resource Hash: 3676c7e1de77b00773b81fa4ccf5bb1ddbc32f0c80e91303d7973dc7ac77321e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sat, 21 May 2022 17:43:48 GMT
Content-Encoding: gzip
Last-Modified: Mon, 22 Jul 2019 17:42:14 GMT
Server: nginx/1.7.10
ETag: W/"5d35f576-2959b"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000, public
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 20 Jun 2022 17:43:48 GMT

GET
H/1.1 200
OK interactivetable.js Show response
tt.germany.ru/js/ 677 B
592 B 28ms
28ms Script
application/javascript 138.201.192.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.germany.ru/js/interactivetable.js
Requested by: Host: www.germany.ru
URL: https://www.germany.ru/cgi-bin/portal/login_form.cgi?login=delvaux
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.192.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxc.germany.ru
Software: nginx/1.18.0 /
Resource Hash: 53168bac7c57cb3c8a748a4a9473c29799bd27c8ca0287b40dff75e01905f798

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sat, 21 May 2022 17:43:48 GMT
Content-Encoding: gzip
Last-Modified: Wed, 25 Apr 2007 12:00:03 GMT
Server: nginx/1.18.0
ETag: W/"462f42c3-2a5"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 20 Jun 2022 17:43:48 GMT

GET
H2 200 jquery-1.12.4.min.js Show response
code.jquery.com/ 95 KB
33 KB 89ms
26ms Script
application/javascript 2001:4de0:ac18::1:a:3b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.12.4.min.js
Requested by: Host: www.germany.ru
URL: https://www.germany.ru/cgi-bin/portal/login_form.cgi?login=delvaux
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:48 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-17b8b"
vary: Accept-Encoding
x-hw: 1653155028.dop242.fr8.t,1653155028.cds278.fr8.hn,1653155028.cds167.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 33738

GET
H2 200 jquery-ui.min.js Show response
code.jquery.com/ui/1.11.4/ 235 KB
63 KB 110ms
48ms Script
application/javascript 2001:4de0:ac18::1:a:3b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.11.4/jquery-ui.min.js
Requested by: Host: www.germany.ru
URL: https://www.germany.ru/cgi-bin/portal/login_form.cgi?login=delvaux
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:48 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:54 GMT
server: nginx
etag: W/"611feaca-3ab2b"
vary: Accept-Encoding
x-hw: 1653155028.dop242.fr8.t,1653155028.cds278.fr8.hn,1653155028.cds159.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 64296

GET
H/1.1 200
OK b.js Show response
h.germany.ru/abogat/r/ 0
319 B 98ms
27ms Script
application/javascript 138.201.192.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://h.germany.ru/abogat/r/b.js
Requested by: Host: www.germany.ru
URL: https://www.germany.ru/cgi-bin/portal/login_form.cgi?login=delvaux
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.192.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxc.germany.ru
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sat, 21 May 2022 17:43:48 GMT
Last-Modified: Tue, 27 Dec 2016 13:58:35 GMT
Server: nginx/1.18.0
ETag: "5862738b-0"
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0
Expires: Mon, 20 Jun 2022 17:43:48 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 83ms
31ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans:400,700,400italic,700italic&subset=latin,cyrillic,latin-ext

Requested by

Host: www.germany.ru
URL: https://www.germany.ru/cgi-bin/portal/login_form.cgi?login=delvaux

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b658c2d79d7059538f2b2a216d334ecc6b0e062516c704817074db10a3f0b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 21 May 2022 17:30:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 21 May 2022 17:43:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 21 May 2022 17:43:48 GMT

GET
H/1.1 200
OK jquery.cookieBar.min.css
tt.germany.ru/css/ 3 KB
1 KB 103ms
27ms Stylesheet
text/css 138.201.192.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.germany.ru/css/jquery.cookieBar.min.css
Requested by: Host: www.germany.ru
URL: https://www.germany.ru/cgi-bin/portal/login_form.cgi?login=delvaux
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.192.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxc.germany.ru
Software: nginx/1.18.0 /
Resource Hash: cd3604873a59f3aa2958cc0547094e0b283d7f267a4594e704aaac6872c03e83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sat, 21 May 2022 17:43:48 GMT
Content-Encoding: gzip
Server: nginx/1.18.0
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000, public
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 20 Jun 2022 17:43:48 GMT

GET
H/1.1 200
OK jquery.cookieBarG.min.js Show response
tt.germany.ru/js/ 5 KB
3 KB 104ms
28ms Script
application/javascript 138.201.192.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.germany.ru/js/jquery.cookieBarG.min.js
Requested by: Host: www.germany.ru
URL: https://www.germany.ru/cgi-bin/portal/login_form.cgi?login=delvaux
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.192.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxc.germany.ru
Software: nginx/1.18.0 /
Resource Hash: 7e5be3da581cb25ab7e553a7fc547508bd79de95435107484f24a8e9049d6c07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sat, 21 May 2022 17:43:48 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Apr 2019 17:20:14 GMT
Server: nginx/1.18.0
ETag: W/"5cab82ce-14e1"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 20 Jun 2022 17:43:48 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 192 KB
69 KB 89ms
33ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TP4BKXBP5N

Requested by

Host: www.germany.ru
URL: https://www.germany.ru/cgi-bin/portal/login_form.cgi?login=delvaux

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b1bef9eeeef1f212636bbc9e61613f6de8d1ae1226873f2166fba33fbf27b98d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:49 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70225
x-xss-protection: 0
expires: Sat, 21 May 2022 17:43:49 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 159 KB
56 KB 108ms
43ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.germany.ru
URL: https://www.germany.ru/cgi-bin/portal/login_form.cgi?login=delvaux

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ead500f0db56cc5a405166cebf63b855c8b4af6fdeb401f27cd669e08e22fcb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56464
x-xss-protection: 0
server: cafe
etag: 10834146524691041392
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 21 May 2022 17:43:49 GMT

GET
H2 200 getads.js Show response
js.adscale.de/ 25 KB
9 KB 86ms
22ms Script
application/javascript 2600:9000:206f:2200:f:4f64:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adscale.de/getads.js
Requested by: Host: www.germany.ru
URL: https://www.germany.ru/cgi-bin/portal/login_form.cgi?login=delvaux
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:2200:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e1f53c1526b0c1a40515d13589438d653e65bc5c0ac76962a779b374637e3468

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: tjGu30Fal473h3TijNr7iMAIP6KXS56W
content-encoding: gzip
last-modified: Fri, 20 May 2022 06:59:32 GMT
server: AmazonS3
age: 4943
etag: W/"573b2fa650fa4d1d5cac4579388412f9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
cache-control: max-age=7200
date: Sat, 21 May 2022 16:21:26 GMT
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: -LQWDMDna43kg4mq1YV7OH-Kw-nl8yvMptm31uUxQKDhNauoCcYNSA==

GET
H/1.1 200
OK x-track.cgi
h.germany.ru/cgi-bin/ 43 B
500 B 87ms
29ms Image
image/gif 138.201.192.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h.germany.ru/cgi-bin/x-track.cgi?mLbBHXsTdQUj7D446863
Requested by: Host: www.germany.ru
URL: https://www.germany.ru/cgi-bin/portal/login_form.cgi?login=delvaux
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.192.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxc.germany.ru
Software: nginx/1.18.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sat, 21 May 2022 17:43:49 GMT
Server: nginx/1.18.0
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H/1.1 200
OK 2776.gif
katalogui.germany.ru/discount/pictures/extra200/ 122 KB
122 KB 99ms
28ms Image
image/gif 138.201.192.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://katalogui.germany.ru/discount/pictures/extra200/2776.gif
Requested by: Host: www.germany.ru
URL: https://www.germany.ru/cgi-bin/portal/login_form.cgi?login=delvaux
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.192.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxc.germany.ru
Software: nginx/1.18.0 /
Resource Hash: 42214d63c876bc657e5242489b66db912451a7f9cec29f6131b332911ead2b47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sat, 21 May 2022 17:43:49 GMT
Last-Modified: Fri, 10 Aug 2018 12:41:35 GMT
Server: nginx/1.18.0
ETag: "5b6d87ff-1e6b4"
Content-Type: image/gif
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 124596
Expires: Mon, 20 Jun 2022 17:43:49 GMT

GET
H/1.1 200
OK skinswitch_mini.gif
tt.germany.ru/images/ 108 B
440 B 29ms
27ms Image
image/gif 138.201.192.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt.germany.ru/images/skinswitch_mini.gif
Requested by: Host: www.germany.ru
URL: https://www.germany.ru/cgi-bin/portal/login_form.cgi?login=delvaux
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.192.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxc.germany.ru
Software: nginx/1.18.0 /
Resource Hash: 3ea71896c74dc9df5844e6eafc42d49534c6e0e05ac3d35a1a105613a8b09324

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sat, 21 May 2022 17:43:48 GMT
Last-Modified: Thu, 31 Mar 2005 15:30:16 GMT
Server: nginx/1.18.0
ETag: "424c1788-6c"
Content-Type: image/gif
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 108
Expires: Mon, 20 Jun 2022 17:43:48 GMT

GET
H/1.1 200
OK skinswitch_sunny.gif
tt.germany.ru/images/ 162 B
494 B 30ms
27ms Image
image/gif 138.201.192.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt.germany.ru/images/skinswitch_sunny.gif
Requested by: Host: www.germany.ru
URL: https://www.germany.ru/cgi-bin/portal/login_form.cgi?login=delvaux
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.192.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxc.germany.ru
Software: nginx/1.18.0 /
Resource Hash: ea6df1376bc8f578fac029fc5b4a5606d64e45150165e4026087df1afd29eeb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sat, 21 May 2022 17:43:48 GMT
Last-Modified: Sun, 01 May 2005 06:02:21 GMT
Server: nginx/1.18.0
ETag: "427470ed-a2"
Content-Type: image/gif
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 162
Expires: Mon, 20 Jun 2022 17:43:48 GMT

GET
H/1.1 200
OK skinswitch_yellow.gif
tt.germany.ru/images/ 87 B
418 B 30ms
28ms Image
image/gif 138.201.192.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt.germany.ru/images/skinswitch_yellow.gif
Requested by: Host: www.germany.ru
URL: https://www.germany.ru/cgi-bin/portal/login_form.cgi?login=delvaux
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.192.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxc.germany.ru
Software: nginx/1.18.0 /
Resource Hash: 18d16743f29e1d988af192e45168077fa66d1c6bd25614ffc69b52fac81ea9ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sat, 21 May 2022 17:43:48 GMT
Last-Modified: Tue, 29 Mar 2005 11:59:40 GMT
Server: nginx/1.18.0
ETag: "4249432c-57"
Content-Type: image/gif
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 87
Expires: Mon, 20 Jun 2022 17:43:48 GMT

GET
H/1.1 200
OK skinswitch_blue.gif
tt.germany.ru/images/ 87 B
418 B 28ms
26ms Image
image/gif 138.201.192.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt.germany.ru/images/skinswitch_blue.gif
Requested by: Host: www.germany.ru
URL: https://www.germany.ru/cgi-bin/portal/login_form.cgi?login=delvaux
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.192.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxc.germany.ru
Software: nginx/1.18.0 /
Resource Hash: 702ee4eac991f18ce23e0784a03fa1663abf0f17ae76e83ddb049851c58173ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sat, 21 May 2022 17:43:48 GMT
Last-Modified: Tue, 29 Mar 2005 11:59:37 GMT
Server: nginx/1.18.0
ETag: "42494329-57"
Content-Type: image/gif
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 87
Expires: Mon, 20 Jun 2022 17:43:48 GMT

GET
H/1.1 200
OK skinswitch_mini_on.gif
tt.germany.ru/images/ 120 B
452 B 55ms
26ms Image
image/gif 138.201.192.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt.germany.ru/images/skinswitch_mini_on.gif
Requested by: Host: www.germany.ru
URL: https://www.germany.ru/cgi-bin/portal/login_form.cgi?login=delvaux
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.192.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxc.germany.ru
Software: nginx/1.18.0 /
Resource Hash: 4530759d970509ac35adaf25a108d10293ffc00185266279d499278b0744c77a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sat, 21 May 2022 17:43:48 GMT
Last-Modified: Thu, 31 Mar 2005 15:29:04 GMT
Server: nginx/1.18.0
ETag: "424c1740-78"
Content-Type: image/gif
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 120
Expires: Mon, 20 Jun 2022 17:43:48 GMT

GET
H/1.1 200
OK skinswitch_matrix.gif
tt.germany.ru/images/ 248 B
580 B 30ms
28ms Image
image/gif 138.201.192.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt.germany.ru/images/skinswitch_matrix.gif
Requested by: Host: www.germany.ru
URL: https://www.germany.ru/cgi-bin/portal/login_form.cgi?login=delvaux
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.192.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxc.germany.ru
Software: nginx/1.18.0 /
Resource Hash: 19b6345ef6f44bf3aab769ac231d4097e169bc3383c98e9e38e32816f2185f99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sat, 21 May 2022 17:43:48 GMT
Last-Modified: Wed, 30 Mar 2005 15:04:36 GMT
Server: nginx/1.18.0
ETag: "424ac004-f8"
Content-Type: image/gif
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 248
Expires: Mon, 20 Jun 2022 17:43:48 GMT

GET
H/1.1 200
OK skinswitch_camomile.gif
tt.germany.ru/images/ 571 B
904 B 30ms
28ms Image
image/gif 138.201.192.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt.germany.ru/images/skinswitch_camomile.gif
Requested by: Host: www.germany.ru
URL: https://www.germany.ru/cgi-bin/portal/login_form.cgi?login=delvaux
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.192.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxc.germany.ru
Software: nginx/1.18.0 /
Resource Hash: d621b11566f77cc82fdb433e6042b35e0b401edad822755f6c3085d4534b8a4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sat, 21 May 2022 17:43:48 GMT
Last-Modified: Thu, 31 Mar 2005 15:29:04 GMT
Server: nginx/1.18.0
ETag: "424c1740-23b"
Content-Type: image/gif
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 571
Expires: Mon, 20 Jun 2022 17:43:48 GMT

GET
H/1.1 200
OK skinswitch_nostalgie.gif
tt.germany.ru/images/ 113 B
445 B 28ms
28ms Image
image/gif 138.201.192.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt.germany.ru/images/skinswitch_nostalgie.gif
Requested by: Host: www.germany.ru
URL: https://www.germany.ru/cgi-bin/portal/login_form.cgi?login=delvaux
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.192.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxc.germany.ru
Software: nginx/1.18.0 /
Resource Hash: 72eb25e65a6cf11914e57ac9c72a128f144c193f2c21f75198e896e26a99c4a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sat, 21 May 2022 17:43:48 GMT
Last-Modified: Mon, 25 Apr 2005 02:41:30 GMT
Server: nginx/1.18.0
ETag: "426c58da-71"
Content-Type: image/gif
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 113
Expires: Mon, 20 Jun 2022 17:43:48 GMT

GET
H/1.1 200
OK skinswitch_sea.gif
tt.germany.ru/images/ 367 B
700 B 52ms
26ms Image
image/gif 138.201.192.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt.germany.ru/images/skinswitch_sea.gif
Requested by: Host: www.germany.ru
URL: https://www.germany.ru/cgi-bin/portal/login_form.cgi?login=delvaux
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.192.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxc.germany.ru
Software: nginx/1.18.0 /
Resource Hash: 132ae0a59d120b8eecc5def619efcdeb715fc5b003c927aaf37bddcccff96cd9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sat, 21 May 2022 17:43:49 GMT
Last-Modified: Mon, 25 Apr 2005 02:41:29 GMT
Server: nginx/1.18.0
ETag: "426c58d9-16f"
Content-Type: image/gif
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 367
Expires: Mon, 20 Jun 2022 17:43:49 GMT

GET
H/1.1 200
OK skinswitch_lilac.gif
tt.germany.ru/images/ 130 B
462 B 54ms
27ms Image
image/gif 138.201.192.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt.germany.ru/images/skinswitch_lilac.gif
Requested by: Host: www.germany.ru
URL: https://www.germany.ru/cgi-bin/portal/login_form.cgi?login=delvaux
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.192.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxc.germany.ru
Software: nginx/1.18.0 /
Resource Hash: 966adf353f5e4d8bc10f941bbb2e7daaf891dec113ba491dc5d435a20d2823fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sat, 21 May 2022 17:43:49 GMT
Last-Modified: Sun, 01 May 2005 06:02:22 GMT
Server: nginx/1.18.0
ETag: "427470ee-82"
Content-Type: image/gif
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 130
Expires: Mon, 20 Jun 2022 17:43:49 GMT

GET
H/1.1 200
OK skinswitch_pen.gif
tt.germany.ru/images/ 107 B
439 B 32ms
27ms Image
image/gif 138.201.192.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt.germany.ru/images/skinswitch_pen.gif
Requested by: Host: www.germany.ru
URL: https://www.germany.ru/cgi-bin/portal/login_form.cgi?login=delvaux
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.192.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxc.germany.ru
Software: nginx/1.18.0 /
Resource Hash: 2dd9e534b405733ef3eaef91bf0d4700c507b5a1dc694dad61f3d8f27ec44b03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sat, 21 May 2022 17:43:49 GMT
Last-Modified: Thu, 07 Jul 2005 12:05:56 GMT
Server: nginx/1.18.0
ETag: "42cd1aa4-6b"
Content-Type: image/gif
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 107
Expires: Mon, 20 Jun 2022 17:43:49 GMT

GET
H/1.1 200
OK skinswitch_khaki.gif
tt.germany.ru/images/ 570 B
903 B 28ms
27ms Image
image/gif 138.201.192.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt.germany.ru/images/skinswitch_khaki.gif
Requested by: Host: www.germany.ru
URL: https://www.germany.ru/cgi-bin/portal/login_form.cgi?login=delvaux
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.192.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxc.germany.ru
Software: nginx/1.18.0 /
Resource Hash: e08ecb85f947fd5f442332879a817ba5a3a645bee8ea7a3f39212348e50d97e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sat, 21 May 2022 17:43:49 GMT
Last-Modified: Thu, 07 Jul 2005 12:05:53 GMT
Server: nginx/1.18.0
ETag: "42cd1aa1-23a"
Content-Type: image/gif
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 570
Expires: Mon, 20 Jun 2022 17:43:49 GMT

GET
H/1.1 200
OK skinswitch_night.gif
tt.germany.ru/images/ 562 B
895 B 29ms
28ms Image
image/gif 138.201.192.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt.germany.ru/images/skinswitch_night.gif
Requested by: Host: www.germany.ru
URL: https://www.germany.ru/cgi-bin/portal/login_form.cgi?login=delvaux
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.192.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxc.germany.ru
Software: nginx/1.18.0 /
Resource Hash: df0afbcac71eda0e189a2b70c5241beae9d0e990074727542cb05a93650fb6de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sat, 21 May 2022 17:43:49 GMT
Last-Modified: Thu, 07 Jul 2005 12:05:46 GMT
Server: nginx/1.18.0
ETag: "42cd1a9a-232"
Content-Type: image/gif
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 562
Expires: Mon, 20 Jun 2022 17:43:49 GMT

GET
H/1.1 200
OK skinswitch_tiger.gif
tt.germany.ru/images/ 250 B
582 B 47ms
26ms Image
image/gif 138.201.192.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt.germany.ru/images/skinswitch_tiger.gif
Requested by: Host: www.germany.ru
URL: https://www.germany.ru/cgi-bin/portal/login_form.cgi?login=delvaux
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.192.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxc.germany.ru
Software: nginx/1.18.0 /
Resource Hash: 7623e3dabbcb4918185bdefe006d9ff2266b24d2bb244d97522df6d806f2832e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sat, 21 May 2022 17:43:49 GMT
Last-Modified: Sat, 09 Jul 2005 12:09:32 GMT
Server: nginx/1.18.0
ETag: "42cfbe7c-fa"
Content-Type: image/gif
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 250
Expires: Mon, 20 Jun 2022 17:43:49 GMT

GET
H/1.1 200
OK skinswitch_winter.gif
tt.germany.ru/images/ 240 B
572 B 27ms
26ms Image
image/gif 138.201.192.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt.germany.ru/images/skinswitch_winter.gif
Requested by: Host: www.germany.ru
URL: https://www.germany.ru/cgi-bin/portal/login_form.cgi?login=delvaux
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.192.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxc.germany.ru
Software: nginx/1.18.0 /
Resource Hash: 280f628fd9d0a6f780202257be7609d26865d9d61e9b9780be63169f2ebe1525

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sat, 21 May 2022 17:43:49 GMT
Last-Modified: Sun, 11 Dec 2005 04:29:33 GMT
Server: nginx/1.18.0
ETag: "439bab2d-f0"
Content-Type: image/gif
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 240
Expires: Mon, 20 Jun 2022 17:43:49 GMT

GET
H/1.1 200
OK skinswitch_xmas.gif
tt.germany.ru/images/ 260 B
593 B 29ms
29ms Image
image/gif 138.201.192.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt.germany.ru/images/skinswitch_xmas.gif
Requested by: Host: www.germany.ru
URL: https://www.germany.ru/cgi-bin/portal/login_form.cgi?login=delvaux
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.192.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxc.germany.ru
Software: nginx/1.18.0 /
Resource Hash: a377d904d0302671c6f45af9c57876759f5aa839266aee95515a3b1ceb17ee5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sat, 21 May 2022 17:43:49 GMT
Last-Modified: Sun, 11 Dec 2005 04:29:35 GMT
Server: nginx/1.18.0
ETag: "439bab2f-104"
Content-Type: image/gif
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 260
Expires: Mon, 20 Jun 2022 17:43:49 GMT

GET
H/1.1 200
OK 1.gif
tt.germany.ru/images/ 43 B
374 B 30ms
29ms Image
image/gif 138.201.192.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt.germany.ru/images/1.gif
Requested by: Host: www.germany.ru
URL: https://www.germany.ru/cgi-bin/portal/login_form.cgi?login=delvaux
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.192.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxc.germany.ru
Software: nginx/1.18.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sat, 21 May 2022 17:43:49 GMT
Last-Modified: Mon, 25 Apr 2005 02:41:33 GMT
Server: nginx/1.18.0
ETag: "426c58dd-2b"
Content-Type: image/gif
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Mon, 20 Jun 2022 17:43:49 GMT

GET
H/1.1 200
OK g2.min.js Show response
ttn.germany.ru/assets/ 134 KB
47 KB 30ms
29ms Script
application/javascript 188.40.142.195
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ttn.germany.ru/assets/g2.min.js?4
Requested by: Host: www.germany.ru
URL: https://www.germany.ru/cgi-bin/portal/login_form.cgi?login=delvaux
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.40.142.195 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxb.germany.ru
Software: nginx/1.7.10 /
Resource Hash: d9b8557c16ce78263c0cf25baef1e2e59956692bb26b55a0f1bcb7504ef8066a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sat, 21 May 2022 17:43:49 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Apr 2018 16:52:09 GMT
Server: nginx/1.7.10
ETag: W/"5acb9a39-218a0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 20 Jun 2022 17:43:49 GMT

GET
H/1.1 200
OK r.js Show response
h.germany.ru/abogat/r/ 776 B
739 B 30ms
29ms Script
application/javascript 138.201.192.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://h.germany.ru/abogat/r/r.js
Requested by: Host: www.germany.ru
URL: https://www.germany.ru/cgi-bin/portal/login_form.cgi?login=delvaux
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.192.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxc.germany.ru
Software: nginx/1.18.0 /
Resource Hash: 827dfa5823a7da58bf9e8d3277f40011f2afed7fcc2f1a2e0ace062d9d6a3e87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sat, 21 May 2022 17:43:49 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Dec 2015 19:43:33 GMT
Server: nginx/1.18.0
ETag: W/"567c4ae5-308"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 20 Jun 2022 17:43:49 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 78ms
21ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.germany.ru
URL: https://www.germany.ru/cgi-bin/portal/login_form.cgi?login=delvaux

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5081
date: Sat, 21 May 2022 16:19:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 21 May 2022 18:19:08 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 498a2dbe268367b46a0c149340d447116a6ae18634b866e7775787e434d54c59

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d203199167f264d0f4a282a25897f209bddc13793cfb01a40bc6062ea1f3eaf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 jizfRExUiTo99u79B_mh0OqtLQ0Z.woff2
fonts.gstatic.com/s/ptsans/v17/ 29 KB
29 KB 122ms
68ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0OqtLQ0Z.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700,400italic,700italic&subset=latin,cyrillic,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a045fdc088409e4e87d57617de7a9b613bf251c12997180910faeed8fa7aba1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.germany.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 19:27:09 GMT
x-content-type-options: nosniff
age: 253000
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29928
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:55:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 May 2023 19:27:09 GMT

GET
H2 200 jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 44 KB
45 KB 77ms
23ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700,400italic,700italic&subset=latin,cyrillic,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.germany.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 19:26:32 GMT
x-content-type-options: nosniff
age: 253037
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45300
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 May 2023 19:26:32 GMT

GET
H2 200 jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 46 KB
46 KB 108ms
54ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700,400italic,700italic&subset=latin,cyrillic,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.germany.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 19:26:54 GMT
x-content-type-options: nosniff
age: 253015
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47048
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:55:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 May 2023 19:26:54 GMT

GET
H2 200 jizaRExUiTo99u79D0aExdGM.woff2
fonts.gstatic.com/s/ptsans/v17/ 28 KB
28 KB 124ms
77ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0aExdGM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700,400italic,700italic&subset=latin,cyrillic,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e9c22d02fc319b701844b334477a05fd32acee9668feb98672f6c27887f79cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.germany.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 19:26:33 GMT
x-content-type-options: nosniff
age: 253036
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28444
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:45:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 May 2023 19:26:33 GMT

GET
H2 200 jizYRExUiTo99u79D0e0x8mI.woff2
fonts.gstatic.com/s/ptsans/v17/ 42 KB
42 KB 127ms
85ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizYRExUiTo99u79D0e0x8mI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700,400italic,700italic&subset=latin,cyrillic,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

595c14bd7589b069e4570ba658cfab8850611639e8a077ca84ef263bfa4671f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.germany.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 19:26:57 GMT
x-content-type-options: nosniff
age: 253012
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42500
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:01:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 May 2023 19:26:57 GMT

GET
H2 200 impr Show response
gaa.adscale.de/ 533 B
871 B 212ms
151ms Script
text/javascript 99.83.169.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gaa.adscale.de/impr?v=2&sid=NzI5Yzgw&nu=0&t=1653155027985&ssl=1&pos=above&ws=https%3A%2F%2Fwww.germany.ru%2Fcgi-bin%2Fportal%2Flogin_form.cgi%3Flogin%3Ddelvaux&uuid=5250917a-c1a1-48d4-8895-c733bb538382
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/getads.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.169.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a3436eee63857ff41.awsglobalaccelerator.com
Software: /
Resource Hash: 4398ea7291a151cbd8392b8b5b6862b9ae3d3efd1a63964b6e130b10343c02c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:49 GMT
cache-control: no-cache
p3p: CP=NOI PSA OUR
x-robots-tag: none
content-length: 533
content-type: text/javascript

GET
H2 200 impr Show response
gaa.adscale.de/ 665 B
1003 B 112ms
111ms Script
text/javascript 99.83.169.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gaa.adscale.de/impr?v=2&sid=NzQ2YzAw&nu=0&t=1653155027992&ssl=1&pos=above&ws=https%3A%2F%2Fwww.germany.ru%2Fcgi-bin%2Fportal%2Flogin_form.cgi%3Flogin%3Ddelvaux&uuid=13988f3d-4a31-4668-b1b7-3e3accdef8c4
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/getads.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.169.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a3436eee63857ff41.awsglobalaccelerator.com
Software: /
Resource Hash: 51b3f24d652233d69d0c9e69da3d1173f5d5bff754103d062259fc0fdafa399e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:49 GMT
cache-control: no-cache
p3p: CP=NOI PSA OUR
x-robots-tag: none
content-length: 665
content-type: text/javascript

GET
H2 200 impr Show response
gaa.adscale.de/ 549 B
887 B 126ms
125ms Script
text/javascript 99.83.169.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gaa.adscale.de/impr?v=2&sid=YmRkNWMw&nu=0&t=1653155027992&ssl=1&pos=above&ws=https%3A%2F%2Fwww.germany.ru%2Fcgi-bin%2Fportal%2Flogin_form.cgi%3Flogin%3Ddelvaux&uuid=2cc0e5eb-4a09-4bac-a2bf-a883e9373606
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/getads.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.169.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a3436eee63857ff41.awsglobalaccelerator.com
Software: /
Resource Hash: ec836978f5b8719542d7769820f0f3c6d3b03bdfbb4fcc68d7401bc8fabe83ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:49 GMT
cache-control: no-cache
p3p: CP=NOI PSA OUR
x-robots-tag: none
content-length: 549
content-type: text/javascript

GET
H2 200 impr Show response
gaa.adscale.de/ 547 B
886 B 103ms
102ms Script
text/javascript 99.83.169.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gaa.adscale.de/impr?v=2&sid=NzYzNTQw&nu=0&t=1653155027993&ssl=1&pos=above&ws=https%3A%2F%2Fwww.germany.ru%2Fcgi-bin%2Fportal%2Flogin_form.cgi%3Flogin%3Ddelvaux&uuid=91fc7ed2-6f84-48b8-ac20-204e97fde5a8
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/getads.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.169.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a3436eee63857ff41.awsglobalaccelerator.com
Software: /
Resource Hash: c6c5a0858c896086bade97776b401d28b9001003c07df729c04ff4c805c81ac1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:49 GMT
cache-control: no-cache
p3p: CP=NOI PSA OUR
x-robots-tag: none
content-length: 547
content-type: text/javascript

POST
H2 204 collect
www.google-analytics.com/g/ 0
162 B 29ms
28ms Ping
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-TP4BKXBP5N&gtm=2oe5b0&_p=38198425&_z=ccd.tfB&cid=1859434887.1653155028&ul=en-us&sr=1600x1200&_s=1&sid=1653155028&sct=1&seg=0&dl=https%3A%2F%2Fwww.germany.ru%2Fcgi-bin%2Fportal%2Flogin_form.cgi%3Flogin%3Ddelvaux&dt=Germany.ru&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TP4BKXBP5N
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 May 2022 17:43:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.germany.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK lib.js Show response
h.germany.ru/abogat/r/ 8 KB
3 KB 28ms
28ms Script
application/javascript 138.201.192.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://h.germany.ru/abogat/r/lib.js
Requested by: Host: h.germany.ru
URL: https://h.germany.ru/abogat/r/r.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.192.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxc.germany.ru
Software: nginx/1.18.0 /
Resource Hash: d6395ae2c5192b156c0ad3a09d9f18f667d5637e590787feaf8f53d90587ef71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sat, 21 May 2022 17:43:49 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Dec 2015 21:11:47 GMT
Server: nginx/1.18.0
ETag: W/"5669ea93-20f0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 20 Jun 2022 17:43:49 GMT

GET
H/1.1 200
OK redactor.css
h.germany.ru/abogat/r/ 50 KB
21 KB 29ms
28ms Stylesheet
text/css 138.201.192.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://h.germany.ru/abogat/r/redactor.css
Requested by: Host: h.germany.ru
URL: https://h.germany.ru/abogat/r/r.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.192.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxc.germany.ru
Software: nginx/1.18.0 /
Resource Hash: 53029bd52ce68ef409d482286ed118409ad98821ad52ca971da9f98103821312

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sat, 21 May 2022 17:43:49 GMT
Content-Encoding: gzip
Last-Modified: Tue, 27 Dec 2016 19:41:15 GMT
Server: nginx/1.18.0
ETag: W/"5862c3db-c672"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 20 Jun 2022 17:43:49 GMT

GET
H/1.1 200
OK redactor.js Show response
h.germany.ru/abogat/r/ 331 KB
85 KB 59ms
30ms Script
application/javascript 138.201.192.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://h.germany.ru/abogat/r/redactor.js
Requested by: Host: h.germany.ru
URL: https://h.germany.ru/abogat/r/r.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.192.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: pxc.germany.ru
Software: nginx/1.18.0 /
Resource Hash: 85dac06246c41e07cf74291618cb28e5b31a03fb2b7279368e85e8a931eb3a09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sat, 21 May 2022 17:43:49 GMT
Content-Encoding: gzip
Last-Modified: Tue, 15 May 2018 18:34:11 GMT
Server: nginx/1.18.0
ETag: W/"5afb2823-52c82"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 20 Jun 2022 17:43:49 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205170101/ 310 KB
111 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2481787217439354&plah=www.germany.ru

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d299a969e1ba8a952652362a480f80d0e8d89d6917e6b162f8220f88d9270970

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113360
x-xss-protection: 0
server: cafe
etag: 17458397974093805954
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 21 May 2022 17:43:49 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220518/r20190131/ Frame B353 10 KB
5 KB 101ms
21ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220518/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.germany.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 78325
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4421
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 20 May 2022 19:58:24 GMT
etag: 1428802124239944296
expires: Fri, 03 Jun 2022 19:58:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
94 B 29ms
28ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=38198425&t=pageview&_s=1&dl=https%3A%2F%2Fwww.germany.ru%2Fcgi-bin%2Fportal%2Flogin_form.cgi%3Flogin%3Ddelvaux&ul=en-us&de=UTF-8&dt=Germany.ru&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAAAAC~&jid=1295343144&gjid=477334484&cid=1859434887.1653155028&tid=UA-859178-1&_gid=843213370.1653155028&_r=1&_slc=1&z=995083336

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.germany.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 21 May 2022 17:43:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.germany.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 userconnect.js Show response
js.adscale.de/ 11 KB
4 KB 21ms
21ms Script
application/javascript 2600:9000:206f:2200:f:4f64:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adscale.de/userconnect.js
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/getads.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:2200:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca38ab561201a1a68867f61d4fb3df9682756c8927fe80f047624e7ef662f0f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: Byir_E0CYOUzkNk2AEI4MYKYdNAc1ZB0
content-encoding: br
last-modified: Fri, 20 May 2022 06:59:32 GMT
server: AmazonS3
age: 6868
etag: W/"988fbfb6c270a6080f89deb043243858"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
cache-control: max-age=7200
date: Sat, 21 May 2022 15:49:22 GMT
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: WH7qwHneQbEe5sE7azr1CQ6gqD8X0RX9GlnI8S_B6XuMsn8mbebHww==

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 3BD1 159 KB
55 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: js.adscale.de
URL: https://js.adscale.de/getads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

311e63b3c7172672cbf475f800d435f73f6fd10557a01c723f9ba98507609627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56518
x-xss-protection: 0
server: cafe
etag: 8840605733903111434
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 21 May 2022 17:43:49 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 1361 159 KB
55 KB 87ms
87ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: js.adscale.de
URL: https://js.adscale.de/getads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc1f6c6128caa15d6e10943cb80044cb5e689beed4428062a064c9932091e11e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56464
x-xss-protection: 0
server: cafe
etag: 8226283090308175370
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 21 May 2022 17:43:49 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 1361 159 KB
55 KB 92ms
46ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2481787217439354

Requested by

Host: js.adscale.de
URL: https://js.adscale.de/getads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b05c27c25dcad4d9088456a23a729efb70b3e397c94e74d8739a64c7e8d02fb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.germany.ru/
Origin: https://www.germany.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56444
x-xss-protection: 0
server: cafe
etag: 9273688276146763340
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 21 May 2022 17:43:49 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame E6D6 159 KB
55 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: js.adscale.de
URL: https://js.adscale.de/getads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5330d77fb9977c51ef913d23d007041ab6d15224ad63e5675d1550fe836a7b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56462
x-xss-protection: 0
server: cafe
etag: 13426811532766619524
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 21 May 2022 17:43:49 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 4EA8 159 KB
55 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: js.adscale.de
URL: https://js.adscale.de/getads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75e0914b4feef36a682e74712f6e7a6e6fc90570a3f77144b3a60c3568e4c4dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56525
x-xss-protection: 0
server: cafe
etag: 13483526032946418458
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 21 May 2022 17:43:49 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 99ms
28ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-859178-1&cid=1859434887.1653155028&jid=1295343144&gjid=477334484&_gid=843213370.1653155028&_u=IADAAEAAAAAAAC~&z=65578149

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.germany.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 21 May 2022 17:43:49 GMT
content-type: text/plain
access-control-allow-origin: https://www.germany.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 userconnect Show response
ih.adscale.de/ 214 B
375 B 76ms
23ms Script
application/javascript 18.157.192.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ih.adscale.de/userconnect?ssl=1&sid=NzI5Yzgw&cbfn=stroeerCoreConnect&ts=1653155028243&umd=false&gdpr_err=CMP_CALL_FAILED
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.157.192.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-192-56.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bd2164fcd86275603353afdeddf2ba2174c0bb2e9a0a6a09fc66b3f4a4ce845c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:49 GMT
content-length: 214
content-type: application/javascript

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 214 B
644 B 99ms
30ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.germany.ru&callback=_gfp_s_&client=ca-pub-2481787217439354

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2481787217439354&plah=www.germany.ru

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

dcfdb60d6b356e87d9b0f18792bd491a26720e680b1300da4f98255ce2467005

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 199
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 104ms
33ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.germany.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 May 2022 17:43:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 97ms
30ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.germany.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 May 2022 17:43:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8070 0
16 B 94ms
49ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr_consent=tcunavailable&tcfe=3&client=ca-pub-2481787217439354&output=html&adk=1812271804&adf=3025194257&lmt=1653155028&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.germany.ru%2Fcgi-bin%2Fportal%2Flogin_form.cgi%3Flogin%3Ddelvaux&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653155028159&bpp=2&bdt=437&idt=105&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6074221592809&frm=20&pv=2&ga_vid=1859434887.1653155028&ga_sid=1653155028&ga_hid=38198425&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067417%2C31064018%2C31067525&oid=2&pvsid=2427230675030458&pem=225&tmod=1356469770&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=122

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.germany.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 21 May 2022 17:43:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205180101/ Frame 3BD1 315 KB
112 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205180101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2481787217439354&plah=www.germany.ru&bust=31067698

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a330a08f7518181d5914d6e8a1afabfb7e7fa827c9f89fa9f1d32c4b9a2e1df7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 115122
x-xss-protection: 0
server: cafe
etag: 17995358476444987867
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 21 May 2022 17:43:49 GMT

GET
H2 200 map Show response
ih.adscale.de/ Frame 1AE9 3 KB
3 KB 34ms
33ms Document
text/html 18.157.192.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ih.adscale.de/map?format=display&ssl=1
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.157.192.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-192-56.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: f03d4a96a478aa1ea4e909af4e661b696f6dd97fe72230538a6487d5b63da0f2

Request headers

Referer: https://www.germany.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 2736
content-type: text/html;charset=ISO-8859-1
date: Sat, 21 May 2022 17:43:49 GMT

GET
H2 200 nuggad Show response
nugmw.userreport.com/rc-ap/0/si.nuggad.net/ 2 KB
2 KB 98ms
30ms Script
text/javascript 2600:9000:206f:b600:1f:a1b:34c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nugmw.userreport.com/rc-ap/0/si.nuggad.net/nuggad?nuggn=571289945&nuggsid=1029839715
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:b600:1f:a1b:34c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.20.0 /
Resource Hash: 18fde910b0372eb5c77bb291dbf42520da4ecdb5b2ec4b47e7c76c945fe71c38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:49 GMT
via: 1.1 6def1f0ddc805dce17407cce01d5b32c.cloudfront.net (CloudFront)
server: nginx/1.20.0
x-amz-cf-pop: FRA56-C1
access-control-allow-methods: get, post, options
content-type: text/javascript
cache-control: s-maxage=0, max-age=0
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: accept
content-length: 1902
x-amz-cf-id: j9mw8b1ybQB5teuB1XNAmt1FRmfD8E2duM1yGohsQ_Ul_ZPVbIBO6Q==

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205170101/ Frame E6D6 310 KB
111 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2481787217439354&plah=www.germany.ru

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d299a969e1ba8a952652362a480f80d0e8d89d6917e6b162f8220f88d9270970

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113360
x-xss-protection: 0
server: cafe
etag: 17458397974093805954
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 21 May 2022 17:43:49 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E6D6 0
20 B 55ms
54ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=new_abg_tag&value=false&frequency=0.01&eid=44759876%2C44759927%2C44759842

Requested by

Host: www.germany.ru
URL: https://www.germany.ru/cgi-bin/portal/login_form.cgi?login=delvaux

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 May 2022 17:43:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E6D6 0
20 B 55ms
54ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=predictive_abg&a_c=ca-pub-2481787217439354&p_c=ca-pub-2481787217439354&b_v=r20220518&eid=44759876%2C44759927%2C44759842

Requested by

Host: www.germany.ru
URL: https://www.germany.ru/cgi-bin/portal/login_form.cgi?login=delvaux

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 May 2022 17:43:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E6D6 0
20 B 55ms
55ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=modern_js&fy=2019&supports=true&eid=44759876%2C44759927%2C44759842

Requested by

Host: www.germany.ru
URL: https://www.germany.ru/cgi-bin/portal/login_form.cgi?login=delvaux

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 May 2022 17:43:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 102ms
48ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-859178-1&cid=1859434887.1653155028&jid=1295343144&_u=IADAAEAAAAAAAC~&z=1262499753

Requested by

Host: www.germany.ru
URL: https://www.germany.ru/cgi-bin/portal/login_form.cgi?login=delvaux

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 May 2022 17:43:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 139ms
63ms Image
image/gif 2a00:1450:4016:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-859178-1&cid=1859434887.1653155028&jid=1295343144&_u=IADAAEAAAAAAAC~&z=1262499753

Requested by

Host: www.germany.ru
URL: https://www.germany.ru/cgi-bin/portal/login_form.cgi?login=delvaux

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4016:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 May 2022 17:43:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205180101/ Frame 4EA8 315 KB
112 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205180101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2481787217439354&plah=www.germany.ru&bust=31067698

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7b61caa3b2d160d2b4a313fe6eb36abef28aa61ef1ec2c7db5558bcf499c172

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 115122
x-xss-protection: 0
server: cafe
etag: 14897952410897142337
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 21 May 2022 17:43:49 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205170101/ Frame 1361 310 KB
111 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2481787217439354&plah=www.germany.ru

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3c9acbf47cea0a6f707523784f5b04a68dcc76dfd35381df28a481b8221f2f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113360
x-xss-protection: 0
server: cafe
etag: 14569730527890935213
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 21 May 2022 17:43:49 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1361 0
20 B 56ms
56ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=new_abg_tag&value=false&frequency=0.01&eid=44759875%2C44759926%2C44759842%2C42531557%2C31067628%2C31067720

Requested by

Host: www.germany.ru
URL: https://www.germany.ru/cgi-bin/portal/login_form.cgi?login=delvaux

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 May 2022 17:43:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1361 0
20 B 56ms
55ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=predictive_abg&a_c=ca-pub-2481787217439354&p_c=ca-pub-2481787217439354&b_v=r20220518&eid=44759875%2C44759926%2C44759842%2C42531557%2C31067628%2C31067720

Requested by

Host: www.germany.ru
URL: https://www.germany.ru/cgi-bin/portal/login_form.cgi?login=delvaux

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 May 2022 17:43:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1361 0
20 B 56ms
56ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=abg::amalserr&status=ok&guarding=true&timeout=50&rate=0.01&eid=44759875%2C44759926%2C44759842%2C42531557%2C31067628%2C31067720

Requested by

Host: www.germany.ru
URL: https://www.germany.ru/cgi-bin/portal/login_form.cgi?login=delvaux

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 May 2022 17:43:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1361 0
20 B 57ms
56ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=modern_js&fy=2019&supports=true&eid=44759875%2C44759926%2C44759842%2C42531557%2C31067628%2C31067720

Requested by

Host: www.germany.ru
URL: https://www.germany.ru/cgi-bin/portal/login_form.cgi?login=delvaux

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 May 2022 17:43:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 match.js Show response
js.adscale.de/ Frame 1AE9 4 KB
2 KB 21ms
21ms Script
application/javascript 2600:9000:206f:2200:f:4f64:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adscale.de/match.js
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:2200:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 45767d3452a56be0180eed18ff44acd5e688dc5bbde2b77e1da29b326a180416

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: Cwu3l44QxZ0xqe3HR97ooSjHQWKkMv4f
content-encoding: br
last-modified: Fri, 20 May 2022 06:59:32 GMT
server: AmazonS3
age: 2652
etag: W/"ff7cce9128150bd82f1a709c03692e3d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
cache-control: max-age=7200
date: Sat, 21 May 2022 16:59:38 GMT
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: HU5A9zaigkjNSNpppny_btNh1DeQHPYS9EdwR99BQ5uaDKvf-d7njw==

GET
H2 200 nuggad
ih.adscale.de/ 49 B
266 B 24ms
22ms Image
image/gif 18.157.192.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/nuggad?/nvars/d7=1&d10=2&d2=3&d4=1&d11=5&d8=1&d9=3&d12=4&d1=1&d3=1
Requested by: Host: www.germany.ru
URL: https://www.germany.ru/cgi-bin/portal/login_form.cgi?login=delvaux
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.157.192.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-192-56.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:49 GMT
p3p: CP=NOI PSA OUR
content-length: 49
content-type: image/gif

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E6D6 0
20 B 54ms
54ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=afc_etu&etus=4&sig=1&tms=200&eid=44759876%2C44759927%2C44759842%2C44763951

Requested by

Host: www.germany.ru
URL: https://www.germany.ru/cgi-bin/portal/login_form.cgi?login=delvaux

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 May 2022 17:43:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame E6D6 12 B
53 B 86ms
39ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.germany.ru&callback=_gfp_s_&client=ca-pub-2481787217439354&cookie=ID%3D2440bac3c623bdb6-227b529999cd0006%3AT%3D1653155029%3ART%3D1653155029%3AS%3DALNI_Mb8ItSpNtxxonHGOtJ4wxP8vjiOmQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame E6D6 107 B
122 B 86ms
40ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.germany.ru

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 May 2022 17:43:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame E6D6 107 B
122 B 87ms
40ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.germany.ru

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 May 2022 17:43:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 527A 24 KB
10 KB 183ms
183ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2481787217439354&output=html&h=280&slotname=2606245871&adk=3570679225&adf=3279755398&pi=t.ma~as.2606245871&w=970&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.germany.ru%2Fcgi-bin%2Fportal%2Flogin_form.cgi%3Flogin%3Ddelvaux&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653155028340&bpp=3&bdt=119&idt=150&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&cookie=ID%3D2440bac3c623bdb6-227b529999cd0006%3AT%3D1653155029%3ART%3D1653155029%3AS%3DALNI_Mb8ItSpNtxxonHGOtJ4wxP8vjiOmQ&correlator=6074221592809&frm=23&ife=1&pv=1&ga_vid=1859434887.1653155028&ga_sid=1653155028&ga_hid=1360663336&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=731&biw=1600&bih=1200&isw=970&ish=0&ifk=1118313999&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763951&oid=2&pvsid=204603319168219&pem=225&tmod=1598844984&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.3h732g7m5a5r&fsb=1&dtd=160

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c52313b6ba57be518be73e00fa18db7e11d89eb15d27beec18e29a96a2da4ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.germany.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9988
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 21 May 2022 17:43:49 GMT
expires: Sat, 21 May 2022 17:43:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame E6D6 14 KB
10 KB 39ms
38ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220518&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cfe5907dc5a8a0afe360a124813888d3800bc9c824234cea869f506d1bb7f8db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 May 2022 17:43:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10628
x-xss-protection: 0

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 4EA8 12 B
53 B 42ms
31ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205180101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2481787217439354&plah=www.germany.ru&bust=31067698

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 4EA8 107 B
122 B 42ms
32ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.germany.ru

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 May 2022 17:43:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 4EA8 107 B
122 B 43ms
31ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.germany.ru

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 May 2022 17:43:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7CA6 24 KB
10 KB 163ms
161ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2481787217439354&output=html&h=90&slotname=2458072068&adk=2750932062&adf=3279755401&pi=t.ma~as.2458072068&w=728&rafmt=12&psa=0&format=728x90&url=https%3A%2F%2Fwww.germany.ru%2Fcgi-bin%2Fportal%2Flogin_form.cgi%3Flogin%3Ddelvaux&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653155028413&bpp=3&bdt=183&idt=109&shv=r20220518&mjsv=m202205180101&ptt=9&saldr=aa&cookie=ID%3D2440bac3c623bdb6-227b529999cd0006%3AT%3D1653155029%3ART%3D1653155029%3AS%3DALNI_Mb8ItSpNtxxonHGOtJ4wxP8vjiOmQ&correlator=6074221592809&frm=23&ife=1&pv=1&ga_vid=1859434887.1653155028&ga_sid=1653155029&ga_hid=1348017606&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=58&biw=1600&bih=1200&isw=0&ish=0&ifk=1215017051&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C42531556%2C31067698%2C31067525&oid=2&pvsid=214284471957362&pem=225&tmod=1541592303&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=260&bc=31&ifi=1&uci=1.wn9yhbudm2uo&fsb=1&dtd=124

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce5bfade1c92a8acd00fb6f49c40641403d01f002f56db2404f956aff3348f09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.germany.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9972
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 21 May 2022 17:43:49 GMT
expires: Sat, 21 May 2022 17:43:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4EA8 14 KB
10 KB 47ms
43ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220518&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0839a4961347bfa8529c80cda5c76e95bc5e7dbfb60898ccc879a958a7cca7cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 May 2022 17:43:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10640
x-xss-protection: 0

GET
H2

200

img
ih.adscale.de/sium/0fcc27d7a12a427f9fbd092664fe526e/1653155029372/0/ Frame 1AE9
Redirect Chain

https://bbnaut.ibillboard.com/match/AdScale?partneruid=7a314eb3402f47db81f98065b9a8c892&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F0fcc27d7a12a427f9fbd092664fe526e%2F1653155029372%2F0%2Fimg%3Ftpid%...
https://ih.adscale.de/sium/0fcc27d7a12a427f9fbd092664fe526e/1653155029372/0/img?tpid=101&tpuid=BBID-01-03278690296747642-16608600

49 B
463 B

28ms
27ms

Image
image/gif

18.157.192.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/0fcc27d7a12a427f9fbd092664fe526e/1653155029372/0/img?tpid=101&tpuid=BBID-01-03278690296747642-16608600
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1
Protocol: H2
Server: 18.157.192.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-192-56.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:49 GMT
p3p: CP=NOI PSA OUR
content-length: 49
content-type: image/gif

Redirect headers

Location: https://ih.adscale.de/sium/0fcc27d7a12a427f9fbd092664fe526e/1653155029372/0/img?tpid=101&tpuid=BBID-01-03278690296747642-16608600
Date: Sat, 21 May 2022 17:43:49 GMT
Cache-Control: private, max-age=3600
Access-Control-Allow-Credentials: true
Server: nginx
Connection: close
Transfer-Encoding: chunked

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1361 0
20 B 56ms
56ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=afc_etu&etus=4&sig=1&tms=200&eid=44759875%2C44759926%2C44759842%2C42531557%2C31067628%2C31067720

Requested by

Host: www.germany.ru
URL: https://www.germany.ru/cgi-bin/portal/login_form.cgi?login=delvaux

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 May 2022 17:43:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 1361 12 B
53 B 31ms
30ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 1361 107 B
122 B 30ms
30ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.germany.ru

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 May 2022 17:43:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 1361 107 B
122 B 32ms
32ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.germany.ru

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 May 2022 17:43:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9611 0
19 B 79ms
78ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2481787217439354&output=html&adk=1812271804&adf=2373185779&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.germany.ru%2Fcgi-bin%2Fportal%2Flogin_form.cgi%3Flogin%3Ddelvaux&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653155028429&bpp=3&bdt=220&idt=123&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&cookie=ID%3D2440bac3c623bdb6-227b529999cd0006%3AT%3D1653155029%3ART%3D1653155029%3AS%3DALNI_Mb8ItSpNtxxonHGOtJ4wxP8vjiOmQ&nras=1&correlator=6074221592809&frm=23&ife=1&pv=1&ga_vid=1859434887.1653155028&ga_sid=1653155029&ga_hid=1490647274&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=1215017051&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531557%2C31067628%2C31067720&oid=2&pvsid=907818329171025&pem=225&tmod=891929304&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.fhshwkacydza&fsb=1&dtd=139

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.germany.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 21 May 2022 17:43:49 GMT
expires: Sat, 21 May 2022 17:43:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 1361 14 KB
10 KB 38ms
38ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220518&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58a968212f47698b1dac86f8ccdead909be03295b891da6a85d67c4b5ba29918

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 May 2022 17:43:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10621
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame E6D6 17 KB
7 KB 92ms
32ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 21 May 2022 17:43:49 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1361 0
20 B 55ms
54ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=afc_etu&etus=4&sig=0&tms=200&eid=44759875%2C44759926%2C44759842%2C42531557%2C31067628%2C31067720

Requested by

Host: www.germany.ru
URL: https://www.germany.ru/cgi-bin/portal/login_form.cgi?login=delvaux

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 May 2022 17:43:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 230C 436 B
234 B 453ms
453ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2481787217439354&output=html&h=100&slotname=8174686189&adk=3660800153&adf=3279755399&pi=t.ma~as.8174686189&w=480&fwrn=3&psa=0&format=480x100&url=https%3A%2F%2Fwww.germany.ru%2Fcgi-bin%2Fportal%2Flogin_form.cgi%3Flogin%3Ddelvaux&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653155028432&bpp=1&bdt=223&idt=152&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&cookie=ID%3D2440bac3c623bdb6-227b529999cd0006%3AT%3D1653155029%3ART%3D1653155029%3AS%3DALNI_Mb8ItSpNtxxonHGOtJ4wxP8vjiOmQ&prev_fmts=0x0&nras=1&correlator=6074221592809&frm=23&ife=1&pv=1&ga_vid=1859434887.1653155028&ga_sid=1653155029&ga_hid=1490647274&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=1215017051&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531557%2C31067628%2C31067720&oid=2&pvsid=907818329171025&pem=225&tmod=891929304&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CEr%7C&abl=CS&pfx=0&fu=32772&bc=31&ifi=2&uci=2.i2le6jhd5yun&fsb=1&dtd=157

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66b805fbc4d13121af1e13dc3badc4e7076571a40c558d144be6f87ca6e0c84e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.germany.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 211
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 21 May 2022 17:43:50 GMT
expires: Sat, 21 May 2022 17:43:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 4EA8 17 KB
6 KB 95ms
56ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 21 May 2022 17:43:49 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 1361 17 KB
6 KB 80ms
59ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 21 May 2022 17:43:49 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8D15 13 KB
5 KB 78ms
30ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.germany.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2052
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 21 May 2022 17:09:37 GMT
expires: Sun, 21 May 2023 17:09:37 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame BDC7 783 B
535 B 85ms
35ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

efd5e7875e480a9c8a913b7589c7a191cc1244c741a9239944c810d8fb290a59

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-roPKwuglRWoUMI6i_RRXxQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.germany.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-roPKwuglRWoUMI6i_RRXxQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 21 May 2022 17:43:49 GMT
expires: Sat, 21 May 2022 17:43:49 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 527A 3 KB
1 KB 67ms
39ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2481787217439354&output=html&h=280&slotname=2606245871&adk=3570679225&adf=3279755398&pi=t.ma~as.2606245871&w=970&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.germany.ru%2Fcgi-bin%2Fportal%2Flogin_form.cgi%3Flogin%3Ddelvaux&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653155028340&bpp=3&bdt=119&idt=150&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&cookie=ID%3D2440bac3c623bdb6-227b529999cd0006%3AT%3D1653155029%3ART%3D1653155029%3AS%3DALNI_Mb8ItSpNtxxonHGOtJ4wxP8vjiOmQ&correlator=6074221592809&frm=23&ife=1&pv=1&ga_vid=1859434887.1653155028&ga_sid=1653155028&ga_hid=1360663336&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=731&biw=1600&bih=1200&isw=970&ish=0&ifk=1118313999&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763951&oid=2&pvsid=204603319168219&pem=225&tmod=1598844984&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.3h732g7m5a5r&fsb=1&dtd=160

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:36:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 457
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Jun 2022 17:36:12 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 527A 135 KB
42 KB 118ms
39ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 21 May 2022 17:43:49 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 527A 17 KB
7 KB 49ms
22ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:36:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 432
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7211
x-xss-protection: 0
server: cafe
etag: 2988716039725867132
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Jun 2022 17:36:37 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 527A 0
0 61ms
32ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRoYzQ3qU7a2c378V_ad5ombUli630yXdIovue2IqYBAzUQwOkAKHVYRQzcBOwIvjA_33YoOSbw1RWoLo8grjmXxVc5tQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2481787217439354&output=html&h=280&slotname=2606245871&adk=3570679225&adf=3279755398&pi=t.ma~as.2606245871&w=970&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.germany.ru%2Fcgi-bin%2Fportal%2Flogin_form.cgi%3Flogin%3Ddelvaux&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653155028340&bpp=3&bdt=119&idt=150&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&cookie=ID%3D2440bac3c623bdb6-227b529999cd0006%3AT%3D1653155029%3ART%3D1653155029%3AS%3DALNI_Mb8ItSpNtxxonHGOtJ4wxP8vjiOmQ&correlator=6074221592809&frm=23&ife=1&pv=1&ga_vid=1859434887.1653155028&ga_sid=1653155028&ga_hid=1360663336&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=731&biw=1600&bih=1200&isw=970&ish=0&ifk=1118313999&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763951&oid=2&pvsid=204603319168219&pem=225&tmod=1598844984&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.3h732g7m5a5r&fsb=1&dtd=160
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 527A 0
0 64ms
64ms Fetch
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CXtto1SSJYo-wIrLUxgP36ITIAcme0rFc9dqW93DAjbcBEAEgAGCVypmCrAeCARdjYS1wdWItMjQ4MTc4NzIxNzQzOTM1NKAB1bbS6gPIAQmpAoC9yAzHuLE-qAMBqgTlAU_Q-n5w2Z4HYx-SdSg3aXvqg45ONNRVA0wD2SBOjXPn1yJl4rv8RlLIaXDsn5NEeP2j1rG79M7umZe1wDIE1X5RqTsmCcm0VTM4FCyLdAODDsSLL0i1SJH5cVlkP_E4I38b_hMG-ho456IZ0ppWVOlyT2J49UaMOER2xnjerrJQM_b-OxamOYIK-b-gNpCQ9d4dKL8L57Fi1Ud_pm0suegQqO2HCemdCrXVoyZR4gqXJS_XJ4RMgKh32kLAVBcBRlTVWlcL1scP0AbcXqtGhl2QQgneVuf8lHsGTDJTSAtBGMh2tPKABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTI0ODE3ODcyMTc0MzkzNTQYAA&sigh=Xy2qhbBggSA&uach_m=[UACH]&cid=CAQSPgCNIrLM4F0W1cO_I1N8dv5Q2oxtG5zA7yWRSSXnvEAr8UlEzPQKMioCysfITBJI_IhX05ttaEEX_botUfBYGAE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2481787217439354&output=html&h=280&slotname=2606245871&adk=3570679225&adf=3279755398&pi=t.ma~as.2606245871&w=970&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.germany.ru%2Fcgi-bin%2Fportal%2Flogin_form.cgi%3Flogin%3Ddelvaux&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653155028340&bpp=3&bdt=119&idt=150&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&cookie=ID%3D2440bac3c623bdb6-227b529999cd0006%3AT%3D1653155029%3ART%3D1653155029%3AS%3DALNI_Mb8ItSpNtxxonHGOtJ4wxP8vjiOmQ&correlator=6074221592809&frm=23&ife=1&pv=1&ga_vid=1859434887.1653155028&ga_sid=1653155028&ga_hid=1360663336&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=731&biw=1600&bih=1200&isw=970&ish=0&ifk=1118313999&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763951&oid=2&pvsid=204603319168219&pem=225&tmod=1598844984&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.3h732g7m5a5r&fsb=1&dtd=160
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 21 May 2022 17:43:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 21 May 2022 17:43:49 GMT

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 527A 0
0 131ms
39ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kOb8EMz6RMoHmAKdg2ICAgAAANWfA5wsbxIbENUkiWLInDqosHSbyVEIdQASAAA&wp=Yokk1QAImA8KcaoyAAE0dzXEtY2e7GgrNJ1Eew

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:49 GMT
server: Kestrel
server-processing-duration-in-ticks: 225296
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 8D4B 175 KB
55 KB 313ms
225ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Yokk1QAImA8KcaoyAAE0dzXEtY2e7GgrNJ1Eew&u=%7CjM5V6pjyCU%2Fqw82AGEgAHoweHPywuChIqT9FoJXcvHQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi62Uq0SId7qsK-cxqNcffHGttzpq0iVZ8t7yzmIDNwu_FBXOsUFAtRqkLvHfacxShd_YtNVgdPlGp3Ua3rVzC9OMJC6oIQ8rOuRSAEE4oObcwwuCzePjXk9ErD5Rqk8Lamxz4Dz35QLdELUnNUNjPgB-OYpG3ubnnt5QX4RGMrmD9-f2AXiaONeTA4hltSnaSGy6DHW8RZruWiN2GJgcTqrETZ524mQNxLMkibHPxcbdss3GpSiP2fiE7ufVB4mgtTbm0CLwIzOZ8ejPBQwG1oO8oco-Y4_eCZWPFbN8FqTU5Mx6hrzij835MPo2D1OneNhpf1pLhvRjNQVup-l8QTP2fEq0rRtAq2AR3a-R9KzYPJ4u4AgMLAnKZDokKqrzZGtKO1RABcUK92cBMwewOKi8UgAWBCKG4xQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIWlJ1SSJYo-wIrLUxgP36ITIAcme0rFc9dqW93DAjbcBEAEgAGCVypmCrAeCARdjYS1wdWItMjQ4MTc4NzIxNzQzOTM1NKAB1bbS6gPIAQmpAoC9yAzHuLE-qAMBqgToAU_Q-n5w2Z4HYx-SdSg3aXvqg45ONNRVA0wD2SBOjXPn1yJl4rv8RlLIaXDsn5NEeP2j1rG79M7umZe1wDIE1X5RqTsmCcm0VTM4FCyLdAODDsSLL0i1SJH5cVlkP_E4I38b_hMG-ho456IZ0ppWVOlyT2J49UaMOER2xnjerrJQM_b-OxamOYIK-b-gNpCQ9d4dKL8L57Fi1Ud_pm0suegQqO2HCemdCrXVoyZR4gqXJS_XJ4RMgKh32kLAVBcBBFb0yNCEStSwTBJ_jpbgflSESL_UeP9-ILM76sDsVidZnWLyp01Jz8KABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0f2-HyC35dCXf7XxQteGvWXXqEOg%26client%3Dca-pub-2481787217439354%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3f17c5a20099caaf54cca706e204464808476207a7bfc59a4f774f5efcb9bbe3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sat, 21 May 2022 17:43:49 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=aAcEyAat0Qq3k3x4chB5TUDdrFiU4rZIEJENNdJm_nPjn1sG2rxEhNeGCzECA3kvt65pikVo2Znp6i4vh61IxDPBCNkSchl56bVWdHUT0mLdaDOG6sUfCZZz4NoUe-dm36HOOTZhFsQikk4HVydq7ZcWGg7555iKyQq7SryFwnx1GLVsFrIEI_nSPSAvvB55o0n1V2PPlGAgm93gbnMLP7TrvzSZrd2Zcd2h7OH-0qvoB1KSet15qX2aMaObQANYwE60Ag"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 145058962
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 1AE9
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=17f9dfda81ae2ce9dbcbda349...
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&cburl=https%3A%2F%2Fih.adscale.de%2Fsi...
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=Yokk1cDNBA2cLXtPUnpnbgAA%261164

49 B
481 B

23ms
23ms

Image
image/gif

18.157.192.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=Yokk1cDNBA2cLXtPUnpnbgAA%261164
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1
Protocol: H2
Server: 18.157.192.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-192-56.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:50 GMT
p3p: CP=NOI PSA OUR
content-length: 49
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Sat, 21 May 2022 17:43:49 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=Yokk1cDNBA2cLXtPUnpnbgAA%261164
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 299
Expires: Sat, 21 May 2022 17:43:49 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7186 13 KB
5 KB 44ms
24ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.germany.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2052
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 21 May 2022 17:09:37 GMT
expires: Sun, 21 May 2023 17:09:37 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1E7E 783 B
534 B 56ms
34ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fa86b31ffa06fc298d939ff4cc7afcaa82e6fc5563a1d9c6b80dc5e8c8ba3420

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DWsi5yDhmoxs-Nji3q1-YQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.germany.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-DWsi5yDhmoxs-Nji3q1-YQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 21 May 2022 17:43:49 GMT
expires: Sat, 21 May 2022 17:43:49 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3E2D 13 KB
5 KB 42ms
26ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.germany.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2052
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 21 May 2022 17:09:37 GMT
expires: Sun, 21 May 2023 17:09:37 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F697 783 B
535 B 53ms
34ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0c94f011226f03b1e9efc3aeae1c5c06e3f8253ded52ebd23f587089083c4a8e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yGa2Av7T-cF3R7yRzdtLvw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.germany.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-yGa2Av7T-cF3R7yRzdtLvw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 21 May 2022 17:43:49 GMT
expires: Sat, 21 May 2022 17:43:49 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 7CA6 3 KB
1 KB 44ms
37ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2481787217439354&output=html&h=90&slotname=2458072068&adk=2750932062&adf=3279755401&pi=t.ma~as.2458072068&w=728&rafmt=12&psa=0&format=728x90&url=https%3A%2F%2Fwww.germany.ru%2Fcgi-bin%2Fportal%2Flogin_form.cgi%3Flogin%3Ddelvaux&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653155028413&bpp=3&bdt=183&idt=109&shv=r20220518&mjsv=m202205180101&ptt=9&saldr=aa&cookie=ID%3D2440bac3c623bdb6-227b529999cd0006%3AT%3D1653155029%3ART%3D1653155029%3AS%3DALNI_Mb8ItSpNtxxonHGOtJ4wxP8vjiOmQ&correlator=6074221592809&frm=23&ife=1&pv=1&ga_vid=1859434887.1653155028&ga_sid=1653155029&ga_hid=1348017606&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=58&biw=1600&bih=1200&isw=0&ish=0&ifk=1215017051&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C42531556%2C31067698%2C31067525&oid=2&pvsid=214284471957362&pem=225&tmod=1541592303&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=260&bc=31&ifi=1&uci=1.wn9yhbudm2uo&fsb=1&dtd=124

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:36:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 457
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Jun 2022 17:36:12 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7CA6 135 KB
41 KB 128ms
69ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 21 May 2022 17:43:49 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 7CA6 17 KB
7 KB 37ms
31ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:36:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 432
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7211
x-xss-protection: 0
server: cafe
etag: 2988716039725867132
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Jun 2022 17:36:37 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7CA6 0
0 41ms
32ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTjheGJf-wAoUkS4B7V7l4q-LpESet8QKI53yHYc4MBjgnWu_FSuQLVt1ugNcyCp_XVplJc0Xpc5rEr2O7VItV_tRDrSA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2481787217439354&output=html&h=90&slotname=2458072068&adk=2750932062&adf=3279755401&pi=t.ma~as.2458072068&w=728&rafmt=12&psa=0&format=728x90&url=https%3A%2F%2Fwww.germany.ru%2Fcgi-bin%2Fportal%2Flogin_form.cgi%3Flogin%3Ddelvaux&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653155028413&bpp=3&bdt=183&idt=109&shv=r20220518&mjsv=m202205180101&ptt=9&saldr=aa&cookie=ID%3D2440bac3c623bdb6-227b529999cd0006%3AT%3D1653155029%3ART%3D1653155029%3AS%3DALNI_Mb8ItSpNtxxonHGOtJ4wxP8vjiOmQ&correlator=6074221592809&frm=23&ife=1&pv=1&ga_vid=1859434887.1653155028&ga_sid=1653155029&ga_hid=1348017606&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=58&biw=1600&bih=1200&isw=0&ish=0&ifk=1215017051&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C42531556%2C31067698%2C31067525&oid=2&pvsid=214284471957362&pem=225&tmod=1541592303&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=260&bc=31&ifi=1&uci=1.wn9yhbudm2uo&fsb=1&dtd=124
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7CA6 0
0 66ms
65ms Fetch
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ctk6a1SSJYrXiJJrV1fAPl-uMiAjJntKxXNWdkfdwwI23ARABIABglcqZgqwHggEXY2EtcHViLTI0ODE3ODcyMTc0MzkzNTSgAdW20uoDyAEJqQKAvcgMx7ixPqgDAaoE4wFP0GfbGDYYRLAw6HgajT8Lky58u1iylCBKByRTq5o-pP-U4_aYPqD5TOcqSUTSPEh7dznICThqFMtaDZjzAw6w2sOs3Ea2-8Su94-cbC4WiLd8fQVwkgqZKDuvkdSgEOiVOVZ6zr_89VyuB9arqfbkb9rZjLdZ6dbVUHfX8iHo5jYv_rro0gx4PygY3igFogsuuTUijXljlAX04VJdgQ_zesr4g8VDtInzoMo-jU5rDgRopF7n3xEGfQ893mNAa_cug_FanarXDwLtA9ir5_T2v57xX05FGYLBuY9VyWEC_6s0aIAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMjQ4MTc4NzIxNzQzOTM1NBgA&sigh=P_27_VqJoLI&uach_m=[UACH]&cid=CAQSPgCNIrLMJnTYGl7kb1dob6WWuejTiMfUle2RnW0JdzR5zkp1RaiKe1oSq-3x3UX7-UYL9B23rJLTKyvQ695_GAE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2481787217439354&output=html&h=90&slotname=2458072068&adk=2750932062&adf=3279755401&pi=t.ma~as.2458072068&w=728&rafmt=12&psa=0&format=728x90&url=https%3A%2F%2Fwww.germany.ru%2Fcgi-bin%2Fportal%2Flogin_form.cgi%3Flogin%3Ddelvaux&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653155028413&bpp=3&bdt=183&idt=109&shv=r20220518&mjsv=m202205180101&ptt=9&saldr=aa&cookie=ID%3D2440bac3c623bdb6-227b529999cd0006%3AT%3D1653155029%3ART%3D1653155029%3AS%3DALNI_Mb8ItSpNtxxonHGOtJ4wxP8vjiOmQ&correlator=6074221592809&frm=23&ife=1&pv=1&ga_vid=1859434887.1653155028&ga_sid=1653155029&ga_hid=1348017606&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=58&biw=1600&bih=1200&isw=0&ish=0&ifk=1215017051&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C42531556%2C31067698%2C31067525&oid=2&pvsid=214284471957362&pem=225&tmod=1541592303&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=260&bc=31&ifi=1&uci=1.wn9yhbudm2uo&fsb=1&dtd=124
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 21 May 2022 17:43:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 21 May 2022 17:43:49 GMT

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 7CA6 0
0 113ms
37ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kOb8EN6BMNgFWp2DYgICAAAA1w9dhtF2cP4Q1SSJYh9zAMesZ7RhPDLqABIAAA&wp=Yokk1QAJMTUIFWqaAAM1l3LUesW2tZHXFJQuqw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:49 GMT
server: Kestrel
server-processing-duration-in-ticks: 252663
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame A88A 122 KB
43 KB 213ms
147ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Yokk1QAJMTUIFWqaAAM1l3LUesW2tZHXFJQuqw&u=%7CjM5V6pjyCU%2BI3mTCn9LFXSlvjwFUq1n%2BegZ%2BsBDn1n8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at-ue5TMI33i_ZEQiHZh9zpwT1NOTvSdVjwcBd3NMPvH-YulvP3IANMwT0KZV02e23JiHaZVhN0OGCo0YEHWpPX5QKBy78QafL2AxBpq2VFnj2axBf2zIxrenvImmva549bmoFsSJeZvjBPMoFS5gvFgzPcVcApopeQJWSJGWySI8E_5FKek450hCWCgFoWWmaJOTV9LQEhbakxdRy3p5J4r77k0zRvdmGRwUmfFiD4bLq8yRO33Md3YWJnjElllLouyyFu2pIm5aw5EOeAwKMHxUy7SaP5UIZZ-j7EI-csIs75_Jn_ZYAqLjgyBV8mrAeyL8brGjt7h-1bo8tC7ivg8oLDLxwIWP8K-6fMo7zpYnySxahg3lk3NlXoHrK5bCxjO0Ro3w9FJ4JdgnzHIpOSgwzngFqRkLLpaO5pQtZMG8g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXfD-1SSJYrXiJJrV1fAPl-uMiAjJntKxXNWdkfdwwI23ARABIABglcqZgqwHggEXY2EtcHViLTI0ODE3ODcyMTc0MzkzNTSgAdW20uoDyAEJqQKAvcgMx7ixPqgDAaoE5gFP0GfbGDYYRLAw6HgajT8Lky58u1iylCBKByRTq5o-pP-U4_aYPqD5TOcqSUTSPEh7dznICThqFMtaDZjzAw6w2sOs3Ea2-8Su94-cbC4WiLd8fQVwkgqZKDuvkdSgEOiVOVZ6zr_89VyuB9arqfbkb9rZjLdZ6dbVUHfX8iHo5jYv_rro0gx4PygY3igFogsuuTUijXljlAX04VJdgQ_zesr4g8VDtInzoMo-jU5rDgRopF7n3xEGfQ893mMCada8BH7GjhVLG6E9Pn5T7uD8CZTfR8zx0b9nSzBL5XmHVS8n16h9LIAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0CEYAAznhAowWjwOiAU6JnWdxRPQ%26client%3Dca-pub-2481787217439354%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

00d606469b5a1c19c0168c191ce299b39540251d32e3fbe34505df14c2262c7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sat, 21 May 2022 17:43:49 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=BNfvzAat0Qq3k3x4CpO-SdNU2g6_wF1wYmsaw54rGEnFhOGxjfNDCDTePfMDMaJsNFmv92KVlwEMHw12HSDjv7sh43Lbi7TNH6Tj4gLjeZj8P55a-IZlggj8Vhq0yd8V37mkN6US8llrV_gi6l64g8N7qiDHzmDZKyTcgytrcGI03fEX_NQ8bSnNIGUt6MDEbVJ6COdqs94QcNL6FZ4GbThxwo0CNvQbEYOj2WUebucli5_brzkEXL5gJu8vTmgp6ReXJQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 107339991
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1E7E 0
0 70ms
69ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220518&jk=214284471957362&rc=
Requested by: Host: www.germany.ru
URL: https://www.germany.ru/cgi-bin/portal/login_form.cgi?login=delvaux
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F697 0
0 70ms
70ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220518&jk=907818329171025&rc=
Requested by: Host: www.germany.ru
URL: https://www.germany.ru/cgi-bin/portal/login_form.cgi?login=delvaux
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BDC7 0
0 61ms
61ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220518&jk=204603319168219&rc=
Requested by: Host: www.germany.ru
URL: https://www.germany.ru/cgi-bin/portal/login_form.cgi?login=delvaux
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js Show response
pagead2.googlesyndication.com/bg/ Frame 7186 35 KB
13 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea76c98ae3087db3370ab358fad0c88f209d7498ac48a70ef595a9fac54920d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 21:06:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74263
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13771
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 May 2023 21:06:06 GMT

GET
H3 200 6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js Show response
pagead2.googlesyndication.com/bg/ Frame 3E2D 35 KB
13 KB 25ms
23ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea76c98ae3087db3370ab358fad0c88f209d7498ac48a70ef595a9fac54920d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 21:06:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74263
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13771
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 May 2023 21:06:06 GMT

GET
H3 200 6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js Show response
pagead2.googlesyndication.com/bg/ Frame 8D15 35 KB
13 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea76c98ae3087db3370ab358fad0c88f209d7498ac48a70ef595a9fac54920d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 21:06:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74263
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13771
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 May 2023 21:06:06 GMT

GET
DATA 200
OK truncated
/ Frame 527A 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52716454b0dd9642fecea7f45fe7a924686d8ea0ea78ba7a4ceaefc1f643d70a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 7CA6 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a73ecd7a1de9d7be56630c4f8f8ed41558ee9eee2de0073ee86be6426f9d956a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame A88A 2 KB
1 KB 223ms
31ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yokk1QAJMTUIFWqaAAM1l3LUesW2tZHXFJQuqw&u=%7CjM5V6pjyCU%2BI3mTCn9LFXSlvjwFUq1n%2BegZ%2BsBDn1n8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at-ue5TMI33i_ZEQiHZh9zpwT1NOTvSdVjwcBd3NMPvH-YulvP3IANMwT0KZV02e23JiHaZVhN0OGCo0YEHWpPX5QKBy78QafL2AxBpq2VFnj2axBf2zIxrenvImmva549bmoFsSJeZvjBPMoFS5gvFgzPcVcApopeQJWSJGWySI8E_5FKek450hCWCgFoWWmaJOTV9LQEhbakxdRy3p5J4r77k0zRvdmGRwUmfFiD4bLq8yRO33Md3YWJnjElllLouyyFu2pIm5aw5EOeAwKMHxUy7SaP5UIZZ-j7EI-csIs75_Jn_ZYAqLjgyBV8mrAeyL8brGjt7h-1bo8tC7ivg8oLDLxwIWP8K-6fMo7zpYnySxahg3lk3NlXoHrK5bCxjO0Ro3w9FJ4JdgnzHIpOSgwzngFqRkLLpaO5pQtZMG8g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXfD-1SSJYrXiJJrV1fAPl-uMiAjJntKxXNWdkfdwwI23ARABIABglcqZgqwHggEXY2EtcHViLTI0ODE3ODcyMTc0MzkzNTSgAdW20uoDyAEJqQKAvcgMx7ixPqgDAaoE5gFP0GfbGDYYRLAw6HgajT8Lky58u1iylCBKByRTq5o-pP-U4_aYPqD5TOcqSUTSPEh7dznICThqFMtaDZjzAw6w2sOs3Ea2-8Su94-cbC4WiLd8fQVwkgqZKDuvkdSgEOiVOVZ6zr_89VyuB9arqfbkb9rZjLdZ6dbVUHfX8iHo5jYv_rro0gx4PygY3igFogsuuTUijXljlAX04VJdgQ_zesr4g8VDtInzoMo-jU5rDgRopF7n3xEGfQ893mMCada8BH7GjhVLG6E9Pn5T7uD8CZTfR8zx0b9nSzBL5XmHVS8n16h9LIAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0CEYAAznhAowWjwOiAU6JnWdxRPQ%26client%3Dca-pub-2481787217439354%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:50 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 16 May 2023 17:43:50 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame A88A 2 KB
1 KB 250ms
58ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:50 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 16 May 2023 17:43:50 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame A88A 308 B
636 B 199ms
32ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:50 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Tue, 16 May 2023 17:43:50 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame A88A 293 B
621 B 199ms
32ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:50 GMT
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Tue, 16 May 2023 17:43:50 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame A88A 0
690 B 387ms
292ms Image
text/plain 2600:9000:206f:f200:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1653155029
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yokk1QAJMTUIFWqaAAM1l3LUesW2tZHXFJQuqw&u=%7CjM5V6pjyCU%2BI3mTCn9LFXSlvjwFUq1n%2BegZ%2BsBDn1n8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at-ue5TMI33i_ZEQiHZh9zpwT1NOTvSdVjwcBd3NMPvH-YulvP3IANMwT0KZV02e23JiHaZVhN0OGCo0YEHWpPX5QKBy78QafL2AxBpq2VFnj2axBf2zIxrenvImmva549bmoFsSJeZvjBPMoFS5gvFgzPcVcApopeQJWSJGWySI8E_5FKek450hCWCgFoWWmaJOTV9LQEhbakxdRy3p5J4r77k0zRvdmGRwUmfFiD4bLq8yRO33Md3YWJnjElllLouyyFu2pIm5aw5EOeAwKMHxUy7SaP5UIZZ-j7EI-csIs75_Jn_ZYAqLjgyBV8mrAeyL8brGjt7h-1bo8tC7ivg8oLDLxwIWP8K-6fMo7zpYnySxahg3lk3NlXoHrK5bCxjO0Ro3w9FJ4JdgnzHIpOSgwzngFqRkLLpaO5pQtZMG8g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXfD-1SSJYrXiJJrV1fAPl-uMiAjJntKxXNWdkfdwwI23ARABIABglcqZgqwHggEXY2EtcHViLTI0ODE3ODcyMTc0MzkzNTSgAdW20uoDyAEJqQKAvcgMx7ixPqgDAaoE5gFP0GfbGDYYRLAw6HgajT8Lky58u1iylCBKByRTq5o-pP-U4_aYPqD5TOcqSUTSPEh7dznICThqFMtaDZjzAw6w2sOs3Ea2-8Su94-cbC4WiLd8fQVwkgqZKDuvkdSgEOiVOVZ6zr_89VyuB9arqfbkb9rZjLdZ6dbVUHfX8iHo5jYv_rro0gx4PygY3igFogsuuTUijXljlAX04VJdgQ_zesr4g8VDtInzoMo-jU5rDgRopF7n3xEGfQ893mMCada8BH7GjhVLG6E9Pn5T7uD8CZTfR8zx0b9nSzBL5XmHVS8n16h9LIAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0CEYAAznhAowWjwOiAU6JnWdxRPQ%26client%3Dca-pub-2481787217439354%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:f200:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 May 2022 17:43:50 GMT
via: 1.1 7e513424eee237ee26467e8fd5656ec0.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-C1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
x-cache: Miss from cloudfront
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length: 0
x-amz-cf-id: FpPw2C8T88B6RbDw2PtBReTPWHgRB89b0EVIxZkkhSB3eNP-gluz3w==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame A88A 43 B
348 B 180ms
31ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=Q-wLCPdilEUGzUYjtvasR3GqREews9LE6qiiSowm6RqibAF6mPMXijMSh2CtLUaY8hmvUSJcI0pRsEu5oLZHu209ey4OITi7t18gH1AaJ_un0Ki5-VkosemdXwvS7E9s_5hgeeZcFhwwGKKARRR-oZn8Lzs1xZz6O2xS7U_5umwM7sZ02hkVwb5Rgfx9H9_m0ljrgGX039gkLsPjqoWkys5p0TMxp4SxHTeJjx8GG8vj-zlae_g9f1Nu9gO-R2CuGH7ktpC3R60zA0LEcF-PJXqox8ZFZ17ycC60_oVHJJF8yv2hc3J-Q50L6NVZFx_9jhr8RQqo_H6wqNPhSxGvLf1g5RPi43nK3RY3nEMzsjE3RW31fVvC1N8Q-Q1Lf88TMlcY-kas0zilDOhG9rl0FW6hSboN2UsCJ1VmmuIhGnsXvzIqKJb-VvL5B8aGR0jYptjS7g

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 May 2022 17:43:49 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3145035
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 8D4B 2 KB
1 KB 182ms
31ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yokk1QAImA8KcaoyAAE0dzXEtY2e7GgrNJ1Eew&u=%7CjM5V6pjyCU%2Fqw82AGEgAHoweHPywuChIqT9FoJXcvHQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi62Uq0SId7qsK-cxqNcffHGttzpq0iVZ8t7yzmIDNwu_FBXOsUFAtRqkLvHfacxShd_YtNVgdPlGp3Ua3rVzC9OMJC6oIQ8rOuRSAEE4oObcwwuCzePjXk9ErD5Rqk8Lamxz4Dz35QLdELUnNUNjPgB-OYpG3ubnnt5QX4RGMrmD9-f2AXiaONeTA4hltSnaSGy6DHW8RZruWiN2GJgcTqrETZ524mQNxLMkibHPxcbdss3GpSiP2fiE7ufVB4mgtTbm0CLwIzOZ8ejPBQwG1oO8oco-Y4_eCZWPFbN8FqTU5Mx6hrzij835MPo2D1OneNhpf1pLhvRjNQVup-l8QTP2fEq0rRtAq2AR3a-R9KzYPJ4u4AgMLAnKZDokKqrzZGtKO1RABcUK92cBMwewOKi8UgAWBCKG4xQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIWlJ1SSJYo-wIrLUxgP36ITIAcme0rFc9dqW93DAjbcBEAEgAGCVypmCrAeCARdjYS1wdWItMjQ4MTc4NzIxNzQzOTM1NKAB1bbS6gPIAQmpAoC9yAzHuLE-qAMBqgToAU_Q-n5w2Z4HYx-SdSg3aXvqg45ONNRVA0wD2SBOjXPn1yJl4rv8RlLIaXDsn5NEeP2j1rG79M7umZe1wDIE1X5RqTsmCcm0VTM4FCyLdAODDsSLL0i1SJH5cVlkP_E4I38b_hMG-ho456IZ0ppWVOlyT2J49UaMOER2xnjerrJQM_b-OxamOYIK-b-gNpCQ9d4dKL8L57Fi1Ud_pm0suegQqO2HCemdCrXVoyZR4gqXJS_XJ4RMgKh32kLAVBcBBFb0yNCEStSwTBJ_jpbgflSESL_UeP9-ILM76sDsVidZnWLyp01Jz8KABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0f2-HyC35dCXf7XxQteGvWXXqEOg%26client%3Dca-pub-2481787217439354%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:50 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 16 May 2023 17:43:50 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 8D4B 2 KB
1 KB 209ms
59ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:50 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 16 May 2023 17:43:50 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 8D4B 308 B
636 B 143ms
32ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:50 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Tue, 16 May 2023 17:43:50 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 8D4B 293 B
621 B 170ms
59ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:50 GMT
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Tue, 16 May 2023 17:43:50 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame 8D4B 0
689 B 330ms
291ms Image
text/plain 2600:9000:206f:f200:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1653155029
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yokk1QAImA8KcaoyAAE0dzXEtY2e7GgrNJ1Eew&u=%7CjM5V6pjyCU%2Fqw82AGEgAHoweHPywuChIqT9FoJXcvHQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi62Uq0SId7qsK-cxqNcffHGttzpq0iVZ8t7yzmIDNwu_FBXOsUFAtRqkLvHfacxShd_YtNVgdPlGp3Ua3rVzC9OMJC6oIQ8rOuRSAEE4oObcwwuCzePjXk9ErD5Rqk8Lamxz4Dz35QLdELUnNUNjPgB-OYpG3ubnnt5QX4RGMrmD9-f2AXiaONeTA4hltSnaSGy6DHW8RZruWiN2GJgcTqrETZ524mQNxLMkibHPxcbdss3GpSiP2fiE7ufVB4mgtTbm0CLwIzOZ8ejPBQwG1oO8oco-Y4_eCZWPFbN8FqTU5Mx6hrzij835MPo2D1OneNhpf1pLhvRjNQVup-l8QTP2fEq0rRtAq2AR3a-R9KzYPJ4u4AgMLAnKZDokKqrzZGtKO1RABcUK92cBMwewOKi8UgAWBCKG4xQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIWlJ1SSJYo-wIrLUxgP36ITIAcme0rFc9dqW93DAjbcBEAEgAGCVypmCrAeCARdjYS1wdWItMjQ4MTc4NzIxNzQzOTM1NKAB1bbS6gPIAQmpAoC9yAzHuLE-qAMBqgToAU_Q-n5w2Z4HYx-SdSg3aXvqg45ONNRVA0wD2SBOjXPn1yJl4rv8RlLIaXDsn5NEeP2j1rG79M7umZe1wDIE1X5RqTsmCcm0VTM4FCyLdAODDsSLL0i1SJH5cVlkP_E4I38b_hMG-ho456IZ0ppWVOlyT2J49UaMOER2xnjerrJQM_b-OxamOYIK-b-gNpCQ9d4dKL8L57Fi1Ud_pm0suegQqO2HCemdCrXVoyZR4gqXJS_XJ4RMgKh32kLAVBcBBFb0yNCEStSwTBJ_jpbgflSESL_UeP9-ILM76sDsVidZnWLyp01Jz8KABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0f2-HyC35dCXf7XxQteGvWXXqEOg%26client%3Dca-pub-2481787217439354%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:f200:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 May 2022 17:43:50 GMT
via: 1.1 7e513424eee237ee26467e8fd5656ec0.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-C1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
x-cache: Miss from cloudfront
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length: 0
x-amz-cf-id: v8u7CVx33txFPTDYhTygOf16azx-kyC4c_CsUemwgvAN63jLfOik2A==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 8D4B 43 B
347 B 125ms
31ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=FjAvkqIgar3PdS5R9BM-mVDRxQX6s7TDewGIBzMeJz0bpmNwd9Q0NH68EmN9jVyNUAtZdhcRlJ1JvOC52dw9gwWTi_gSUGYjX433hL1o5kQ78_nl4LWSVmWeLVMTx6NtqusSmu87PJcCEm74E6XgRO-GV8dCYBn65Akti_mjVW7wDOm5oeQ7StudZJgqar_cNLL4XIjxKQ1OjzKSaX4YsScZHHQYuBSchHqEhQM4HxYN4Ca_PNltxtCrEE3wJiFUw-z63CJ1obiVpjV0Q9zUrkZdCG1oPn7Ri0MVHClWbcRkhZG5bw3juUg5MPTeZIkFNdwqwP2MbeIFescx3FfCl6fqfkXTdCYeDp4xXTtIw9C6ZRJgnFR0ZWvv8it81pttlDsIqwcvpeqjAXngx44ZmWEV0IKQQocqp81MsXSjjboUduk1bEBh3xrKOrvgrm1mXr4lBA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 May 2022 17:43:49 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3240021
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 1AE9
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D108%26tpuid%3D%5BMM_UUID%5D&uid=710329e145e919c1f1b3756...
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=97106289-24d6-4000-b714-8ba074a7ff62

49 B
505 B

26ms
25ms

Image
image/gif

18.157.192.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=97106289-24d6-4000-b714-8ba074a7ff62
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1
Protocol: H2
Server: 18.157.192.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-192-56.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:50 GMT
p3p: CP=NOI PSA OUR
content-length: 49
content-type: image/gif

Redirect headers

Date: Sat, 21 May 2022 17:43:50 GMT
Server: MT3 4419 e1034d5 master zrh-pixel-x26 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=97106289-24d6-4000-b714-8ba074a7ff62
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 21 May 2022 17:43:49 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame A88A 12 KB
6 KB 174ms
33ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:50 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 16 May 2023 17:43:50 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame A88A 7 KB
7 KB 104ms
29ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=176&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=256&s=Ztz4HcK_1CUe8izFWU-TMUXT

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

2a29e79bd75cc83eade181c4acc1c198786539997766b648bc21ed5aa7698408

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:48 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=28724824
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 7142
expires: Wed, 19 Apr 2023 04:50:53 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame A88A 1 KB
1 KB 104ms
30ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoBKA_Bundeskriminalamt_4558DE.gif%3Feb%3D1&v=3&w=400&s=GVnKI3ywx2pDN-sz0JRgKSSP&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e4b58a351151e4da3ebfac8c923fc7c19c7bbbd6696d716a2f3465bf869f1138

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:49 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1335620
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1266
expires: Mon, 06 Jun 2022 04:44:10 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame A88A 1 KB
1 KB 154ms
79ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F7%2FlogoEuropean-Homecare-GmbH-156368DE.gif%3Feb%3D1&v=3&w=400&s=mo2oCsFGNis8aguGF46d-YB8&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e94e8badb63667a8c13ceba0867502abec046a0f26d6c33048cd9f95a51b7a90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:48 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=184
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1110
expires: Sat, 21 May 2022 17:46:52 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame A88A 0
128 B 89ms
27ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=BNfvzAat0Qq3k3x4CpO-SdNU2g6_wF1wYmsaw54rGEnFhOGxjfNDCDTePfMDMaJsNFmv92KVlwEMHw12HSDjv7sh43Lbi7TNH6Tj4gLjeZj8P55a-IZlggj8Vhq0yd8V37mkN6US8llrV_gi6l64g8N7qiDHzmDZKyTcgytrcGI03fEX_NQ8bSnNIGUt6MDEbVJ6COdqs94QcNL6FZ4GbThxwo0CNvQbEYOj2WUebucli5_brzkEXL5gJu8vTmgp6ReXJQ&sds=2&rev=81571&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 21 May 2022 17:43:50 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame A88A 2 KB
1 KB 175ms
60ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:50 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 16 May 2023 17:43:50 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame A88A 2 KB
1 KB 46ms
45ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:50 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 16 May 2023 17:43:50 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1361 0
20 B 54ms
54ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=resize&scrl=0&adk=3660800153&adf=3279755399&fmt=480x100&str=true&ad_y=0&vph=1200&r_nh=0&r_ifr=true&qid=CNGeubKS8fcCFUaMpwodfvMN6g&w=0&h=0&nh=0&rsz=%7C%7Ce%7C&abl=CS&frsz=false&err=0&url=https%3A%2F%2Fwww.germany.ru%2Fcgi-bin%2Fportal%2Flogin_form.cgi%3Flogin%3Ddelvaux&eid=44759875%2C44759926%2C44759842%2C42531557%2C31067628%2C31067720

Requested by

Host: www.germany.ru
URL: https://www.germany.ru/cgi-bin/portal/login_form.cgi?login=delvaux

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 May 2022 17:43:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 8D4B 12 KB
6 KB 107ms
61ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:50 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 16 May 2023 17:43:50 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 8D4B 1 KB
1 KB 30ms
29ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e4b58a351151e4da3ebfac8c923fc7c19c7bbbd6696d716a2f3465bf869f1138

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:49 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1335620
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1266
expires: Mon, 06 Jun 2022 04:44:10 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 8D4B 5 KB
5 KB 30ms
28ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=556&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=196&s=WVunQn1urfIF5n-zpdjitqDp

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

080069b2dce01872cbc2bfcc0b6a2cd9b9a5b9fbb22fc1683ece0cea17aac96f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:49 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=28724823
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 5106
expires: Wed, 19 Apr 2023 04:50:53 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 8D4B 1 KB
2 KB 33ms
31ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F8%2FlogoZenjob-GmbH-Extern-253922DE-2205131531.gif%3Feb%3D1&v=3&w=400&s=lp0pCR0WxEkaS3DzcFeHomIL&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

8ab72c25d71e12f99d7b3588afdbf14c8766294a33871a3484698cfe05605b97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:50 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1908509
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1480
expires: Sun, 12 Jun 2022 19:52:19 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 8D4B 4 KB
5 KB 37ms
36ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F5%2FlogoKurpark-Hotel-Bad-Salzuflen-276732DE-2109071458.gif%3Feb%3D1&v=3&w=400&s=KgFmNXU-xgyUbK1HTVuDe64X&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

11684e32291991f92abb8ab0ed5593425273840577b4c40e9d9937c81a35e726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:48 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=1187011
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 4572
expires: Sat, 04 Jun 2022 11:27:20 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 8D4B 490 B
752 B 43ms
41ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FF%2FlogoBoender-Beutel-GmbH-153348DE.gif%3Feb%3D1&v=3&w=400&s=nPzZT81CxBviKQmgoFiImUS7&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

71f3f42ef0779c9c5c588ff6d572d832678708d49c01a3e403278a119609e782

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:49 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=10049
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 490
expires: Sat, 21 May 2022 20:31:20 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 8D4B 3 KB
3 KB 33ms
32ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F1%2FlogoStepStone-sucht-fur-das-Deutsche-Rote-Kreuz-295856DE-2203290822.gif%3Feb%3D1&v=3&w=400&s=Sub1ufbkaEPVL_nnvgia_tmB&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e29ffeda170cb0752b062928f22de04adc1c9177706f50b9c6a9c96dc706bf61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:47 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=698739
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2742
expires: Sun, 29 May 2022 19:49:27 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 8D4B 3 KB
3 KB 42ms
40ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoConcentrix-Germany-169413DE.gif%3Feb%3D1&v=3&w=400&s=MLCPOuNtUjk_FrjlqcdavKOt&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

c38e076da21dc997a97ba46c2464b656b9ab308a34318c250fb42b77e0588172

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:49 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2038072
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 3064
expires: Tue, 14 Jun 2022 07:51:42 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 8D4B 2 KB
2 KB 42ms
41ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F3%2FlogoEPOS-Personaldienstleistungen-GmbH-Dusseldorf-49675DE.gif%3Feb%3D1&v=3&w=400&s=JOzEeJ82FRrycABly8GCa1zb&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

608236698997be623ff56d4fd114e4cd8a114eb8552404e30f2fa81a52c36342

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:49 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1356909
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1622
expires: Mon, 06 Jun 2022 10:38:59 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 8D4B 4 KB
4 KB 42ms
42ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoJuwo-Kita-gGmbH-57100DE.gif%3Feb%3D1&v=3&w=400&s=aDVTscByFP0w6nN33oFAmhrj&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

330b67e0a517ddc18c7b34bc2f07bac211a559391d475bec0846c882187a1886

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:49 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=392234
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 4326
expires: Thu, 26 May 2022 06:41:04 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 8D4B 0
127 B 28ms
27ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=aAcEyAat0Qq3k3x4chB5TUDdrFiU4rZIEJENNdJm_nPjn1sG2rxEhNeGCzECA3kvt65pikVo2Znp6i4vh61IxDPBCNkSchl56bVWdHUT0mLdaDOG6sUfCZZz4NoUe-dm36HOOTZhFsQikk4HVydq7ZcWGg7555iKyQq7SryFwnx1GLVsFrIEI_nSPSAvvB55o0n1V2PPlGAgm93gbnMLP7TrvzSZrd2Zcd2h7OH-0qvoB1KSet15qX2aMaObQANYwE60Ag&sds=2&rev=81571&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 21 May 2022 17:43:50 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 8D4B 2 KB
1 KB 67ms
60ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:50 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 16 May 2023 17:43:50 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 8D4B 2 KB
1 KB 47ms
46ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:50 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 16 May 2023 17:43:50 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3E2D 0
9 B 22ms
22ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?785wig
Requested by: Host: www.germany.ru
URL: https://www.germany.ru/cgi-bin/portal/login_form.cgi?login=delvaux
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8D15 0
9 B 22ms
22ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?qpIUdQ
Requested by: Host: www.germany.ru
URL: https://www.germany.ru/cgi-bin/portal/login_form.cgi?login=delvaux
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 img
pix.eu.criteo.net/img/ Frame A88A 1 KB
1 KB 29ms
28ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e4b58a351151e4da3ebfac8c923fc7c19c7bbbd6696d716a2f3465bf869f1138

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:49 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1335620
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1266
expires: Mon, 06 Jun 2022 04:44:10 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7186 0
9 B 23ms
22ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?cx9pOg
Requested by: Host: www.germany.ru
URL: https://www.germany.ru/cgi-bin/portal/login_form.cgi?login=delvaux
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 8D4B 1 KB
1 KB 29ms
29ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e4b58a351151e4da3ebfac8c923fc7c19c7bbbd6696d716a2f3465bf869f1138

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:50 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1335620
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1266
expires: Mon, 06 Jun 2022 04:44:10 GMT

GET
H2

200

img
ih.adscale.de/sium/0fcc27d7a12a427f9fbd092664fe526e/1653155029372/0/ Frame 1AE9
Redirect Chain

https://track.adform.net/serving/cookie/match/?party=9&uid=969536d8d7a2828e9bcf621ba48cccb216b023acc57ba5ce2fa464f7872f7373&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F0fcc27d7a12a427f9fbd09...
https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=969536d8d7a2828e9bcf621ba48cccb216b023acc57ba5ce2fa464f7872f7373&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F0fcc27d7a12a427f9...
https://ih.adscale.de/sium/0fcc27d7a12a427f9fbd092664fe526e/1653155029372/0/img?tpid=42&tpuid=3429764444055319894

49 B
515 B

28ms
28ms

Image
image/gif

18.157.192.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/0fcc27d7a12a427f9fbd092664fe526e/1653155029372/0/img?tpid=42&tpuid=3429764444055319894
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1
Protocol: H2
Server: 18.157.192.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-192-56.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:50 GMT
p3p: CP=NOI PSA OUR
content-length: 49
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 21 May 2022 17:43:50 GMT
server: nginx
location: https://ih.adscale.de/sium/0fcc27d7a12a427f9fbd092664fe526e/1653155029372/0/img?tpid=42&tpuid=3429764444055319894
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1361 0
0 74ms
74ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220518&jk=907818329171025&bg=!YmGlYSXNAAZ4vKt9WLw7ACkAdvg8WkNKO_HRAa2rXFiBR1z6u-DF8pPrbilrf2JTG3-Br0j7TkwELQIAAAFuUgAAAAVoAQcKAC5DQhKfBAZgJRSmV8PyhybPso1lduDlo1sy657BC5KmIqXBJdte3jouNInCkrFkmQK3QOhjc8ptMa8rHR28uPLEphEzQYQ6FESEeK55zHHXwgIiZNW8NyabRPCtxbtecnHi1c-9CKyh4OoopFYrGWcL3h4vRcAHJqM9oLPkCs5AZ_MDMKlsQAwLIn5a7SC97IvLb0yXJeTmnBNQrJZ8brcHhXNn6IuN97XYGoVGYYk1aFEtMVF6U9RVNv6pzziVbgBuqE7d-YzhDkk7YIJi2l-uLfNKQItrZsMvj4OjhGaGhumML6B0YFyfN8nOiYhD-6EM0CCHBAijevM_gsKlc1LpIEjqRvclxkqet1HuGrEw_xURzO2KOCFV4CnErjbhWAK2TswA7Mx2D4JOejOiquE2EvUhvavMC8pFGhpKElfjTWWSuBQtGKBud6bu7lwmUkqEPba-kfCt0j-ERnm-tuPS1d93g4WdEkys_z28gDKShDMD-5g7HmZMtKiNw0PviP90TTv51ltKtBgvJvnZzB61fxwRZGT46S9lnm7J7Nv2RY3Shoae1bX9zANpAEmHA_A-TWF_TrQty-1QtlYB2hsy2w8jcqf6RxrlRn7QSwO0YMt3L2gFFF2jWYIpEmmuhH6CtbEm8bQe7kwRu2R2kpIWTIvCr6omCPbN1gq0OwbLc6vtAs1KlvaMmlGM6tdQs8aZFaOP6wUR2GuMC9vheEUDqpaeOg7h0aeI2Em2IWTbgJAvii6OJ0rHhsAyG5JTU2hzoM5zkJ0dm0bHeUkoNPyi9NL60hbJvG-k9dkL37Aez9k_g05RD_kN2ojuHEYveQvpDvcRVOhfrq7SkingErvqihoUp-E99L-CqrQMSC8YtRr3k9haSI0eIbi48ceH9uSIEu7aXM7QlrR2mR9AdtAWjN3oMOl8FS5I0jtZ3Hn3gOHb91FyH_2wDC1X4qh19vPIs64BZgo4WqdSzQYM_PTPHLfue7l_wqU
Requested by: Host: www.germany.ru
URL: https://www.germany.ru/cgi-bin/portal/login_form.cgi?login=delvaux
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4EA8 0
0 68ms
68ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220518&jk=214284471957362&bg=!Q0ClQATNAAZ4vKt9WLw7ACkAdvg8WjKWM8o3xg3QO28ucVtir1eItBGIDopmgASeilUy7EIMniqNzwIAAAGVUgAAAANoAQeZArkJs9uN4uFjSADlAVLz5Vv6CK6x3_-V_4x9vzQTFsuIC4sppYy6YkdNirx-dRvaVeZwssx5Bag2wu716riPs5CQhTPSsku2iroENNzX8lGEfbrR9hSUDkdUJnhPn6QITKsMQtosOMqui8bNIeqQMr__jWpsqrcwZlme0IORKVQ4nrFlcBqpzlzDw5vAYFH40HKJF-RcM9W7utXFqsDkQHq1jhP9q6bK1ioHsDGk_vn5dkwms9Ja2A_ZwbHb6ag0KPC3AOx_VkOCca_THW4mHadjcP0iRSx7PYOhfTT5bxj7S_izJcixbSLc8uQ260FV5sWfNB5PZTYjvE01lxqxzIuGSoGyyIaM1hZo7zrhFkbooRAJCepUiGVtMwlnghVLlAMZ2XP3Al8vNlJpyXuGfe-KmqYECIi5wcWSgF2SUEpHFSV5ec3YN3Nsc_ztURm6DilOXIwoW1mtcLdtH8bBj4ZQ4ceZGZ9oqQ-qgRhurw2xzsqxjrYkUU9hlpD5w7tpz0oXdg5rBF5bfGAzNWjurks-R84d4LNuALKoMakNAEBx0U73dQ0wxAvuLtxMZZytSgRyuNhzEisT-qNBLiicur-k2S5eJlXmXD0VMhKztJsXJVDxVXRspbdwEmHhNWqY9rNCRTj34xGLRbFEleuFUBAThp3Amwzgcwk_zpJ3rWUuJ2fc6p-zYfglgTlawFn1dhHH8XJdTqpcOCYXDCQ7jShyYxuZhz11oa6N0ptfC8ClW_jNME6JmdZhUPLs8iCayOV-LDvk7h8-TD9wHJ_wz3lK_DOA7kXdv02P3i-ojxqbZexdUcI_Jzt3IWKP2n41Vhjie7u7-Q6vC5_QdlgXNJ-9dzXqQeReu9NMokFxYi80HZqoJKeYkW5L56LfpAaLzhOqXd0rrTeQpbAqp3-Se-OTn9K74Ox8oc54
Requested by: Host: www.germany.ru
URL: https://www.germany.ru/cgi-bin/portal/login_form.cgi?login=delvaux
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E6D6 0
0 67ms
67ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220518&jk=204603319168219&bg=!mZqlmt7NAAZ4vKt9WLw7ACkAdvg8WhcT7auTl1FNv-ACPBrUBGJDZi4hPi3Sv7dXmoqDWe3oSOqM7gIAAAFoUgAAABxoAQeZAroTHxXmmDGA45S4x5qYFMhytdnlXuE7w1zoQBPwHwdn0-tTI0elPSYaxnT3OMwtMCLRURkNpO-vqxF-98ZnGBGFTWb00ao5gB29G2kFRhVZohvVIcbXJheerEOCsmEZSTj6bWm-rR2MS8eIYvrpZH196fTl-5sUz7XjL8iJMDEV285RdVBrgKduo9m6J08f_D5UmQoK9AevLaxK30kAo6kpIDO2KrW8UxbXfm6_81oC4uBLbnzw2P9D3C8wzINBV1Qv6T7TQMWfQ0irJ1deJB3AkA3Vuv11JHQ7gP01nHKtHU2AIPxAStdYPoWA3VtEpq7m10Klj-S_vb6U_hbJxlPE-o-QQH8SQnrK72qBe-Nt9BahqnJGsWd0Ap8MPomzp5k7kTw7EIWOIyyDuUvKmZNHQNwxetK1p8fVwqjQC5TIXlLJPbXu9FdKSAxTK6hrMPWjFpFYH28anLP7bOwHV7IMfDl0Ay6d7AF9cP4L0RIzp6Ih-6oml2s3xdQQEb_sVBdlgnnZFKPtEhXfN7a-mB6OpLJm8jmWds8KNjR4PMRzQWrDWNl9dQRhHaFZ35crAXJNz5W06P4itVj-EH0zRDx7XTe331EXjGpz2fgM0ZUr0yj1OKPNHm0yg-P9d1XyS84TI2PvBykQc84UOQxp8CbHdrHHFNaXgCJyEmuqJXVg4URCnC9fGn8PoQe9C4x9kgSSDqzarZFVWbMrXsxgyKuBq5gS-gjfvG2imYeeV9bQI9wk5bTNLdxe40OteWqrNIOS0wYpKcHrzYvO458VUaP20zrugsgWcTu9OPbbcgGvhkR7voVRC1z8p6mAm-__8c37z6v11GmOhD9cViVPDwdLh1Ggf2tRwoeFYV1NOJ4jDzKDeT-2z_6kXHoU914BRsKhFgV_MXT_c2TB7Uw83aR83pvh-7UKG0TUFw
Requested by: Host: www.germany.ru
URL: https://www.germany.ru/cgi-bin/portal/login_form.cgi?login=delvaux
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H2

200

img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 1AE9
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&u...
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=bb1d5463-42b7-4355-a740-ca2c645c1850

49 B
537 B

37ms
37ms

Image
image/gif

18.157.192.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=bb1d5463-42b7-4355-a740-ca2c645c1850
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1
Protocol: H2
Server: 18.157.192.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-192-56.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:51 GMT
p3p: CP=NOI PSA OUR
content-length: 49
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 21 May 2022 17:43:50 GMT
server: Kestrel
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=bb1d5463-42b7-4355-a740-ca2c645c1850
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1814659
content-length: 0
expires: Sat, 21 May 2022 00:00:00 GMT

GET
H2

200

img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 1AE9
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=640b49dd56f3eed41649c420...
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=97106289-24d6-4000-b714-8ba074a7ff62

49 B
559 B

33ms
32ms

Image
image/gif

18.157.192.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=97106289-24d6-4000-b714-8ba074a7ff62
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1
Protocol: H2
Server: 18.157.192.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-192-56.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:51 GMT
p3p: CP=NOI PSA OUR
content-length: 49
content-type: image/gif

Redirect headers

Date: Sat, 21 May 2022 17:43:51 GMT
Server: MT3 4419 e1034d5 master zrh-pixel-x10 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=97106289-24d6-4000-b714-8ba074a7ff62
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 21 May 2022 17:43:50 GMT

GET
H2

200

img
ih.adscale.de/sium/0fcc27d7a12a427f9fbd092664fe526e/1653155029372/0/ Frame 1AE9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=b6304598f2d392ffaf89d4f271a7d628ed4b961d5c57b33bea2dd94ca1313294&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F0fc...
https://ih.adscale.de/sium/0fcc27d7a12a427f9fbd092664fe526e/1653155029372/0/img?uid=b6304598f2d392ffaf89d4f271a7d628ed4b961d5c57b33bea2dd94ca1313294&tpid=38&tpuid=CAESEA_LCRd-g10kiRuzPIi1mS8&google...

49 B
577 B

33ms
32ms

Image
image/gif

18.157.192.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/0fcc27d7a12a427f9fbd092664fe526e/1653155029372/0/img?uid=b6304598f2d392ffaf89d4f271a7d628ed4b961d5c57b33bea2dd94ca1313294&tpid=38&tpuid=CAESEA_LCRd-g10kiRuzPIi1mS8&google_cver=1
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1
Protocol: H2
Server: 18.157.192.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-192-56.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:51 GMT
p3p: CP=NOI PSA OUR
content-length: 49
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 21 May 2022 17:43:51 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ih.adscale.de/sium/0fcc27d7a12a427f9fbd092664fe526e/1653155029372/0/img?uid=b6304598f2d392ffaf89d4f271a7d628ed4b961d5c57b33bea2dd94ca1313294&tpid=38&tpuid=CAESEA_LCRd-g10kiRuzPIi1mS8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 413
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7CA6 42 B
64 B 57ms
56ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvyl5dSeWWABtgmdzXK0buryCOrjrZJF42Px7mHrsMknzwnxb4LyqOniJSneicWUK5Lncphas7dRGvZrGGZOfeP&sig=Cg0ArKJSzJV-IgyhCq_UEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220518&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2750932062&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1653155028538&rpt=390&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 May 2022 17:43:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 527A 42 B
64 B 58ms
57ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstg5HUo5Mm0oQwRowkz4cso9Y11in5eZBaQIOH3CvRbcevnhDi0ZpoqDrHDUfNpnBvNoUDtknJOLQIW_SuD2OVk&sig=Cg0ArKJSzGpcKwsjIIAdEAE&id=lidar2&mcvt=1006&p=0,0,280,970&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20220518&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3570679225&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1653155028501&rpt=386&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 May 2022 17:43:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 8D4B 0
127 B 29ms
28ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 21 May 2022 17:43:51 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

POST
H2 200 all
csm.eu.criteo.net/ Frame A88A 0
127 B 29ms
29ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 21 May 2022 17:43:51 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2

200

js Show response
ih.adscale.de/sium/0fcc27d7a12a427f9fbd092664fe526e/1653155029372/0/ Frame 1AE9
Redirect Chain

https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=262b7580ebf1daa0bcc7e5cb4b79cdb37832dfcf3f030826829eff8575303228&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F0fcc27d7a12a42...
https://tracking-a.dsp.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=262b7580ebf1daa0bcc7e5cb4b79cdb37832dfcf3f030826829eff8575303228&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F0fcc27d7...
https://ih.adscale.de/sium/0fcc27d7a12a427f9fbd092664fe526e/1653155029372/0/js?tpid=48&tpuid=eb3df0903b04b508907c1c07a1c30f93

44 B
594 B

37ms
37ms

Script
text/javascript

18.157.192.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ih.adscale.de/sium/0fcc27d7a12a427f9fbd092664fe526e/1653155029372/0/js?tpid=48&tpuid=eb3df0903b04b508907c1c07a1c30f93
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1
Protocol: H2
Server: 18.157.192.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-192-56.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: a3f6000a33d58957a47a2e2118bbff88cf9d6d61bd1e351a2b1607b74872a046

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:51 GMT
p3p: CP=NOI PSA OUR
content-length: 44
content-type: text/javascript

Redirect headers

location: https://ih.adscale.de/sium/0fcc27d7a12a427f9fbd092664fe526e/1653155029372/0/js?tpid=48&tpuid=eb3df0903b04b508907c1c07a1c30f93
date: Sat, 21 May 2022 17:43:51 GMT
content-type: text/plain; charset=utf-8
content-length: 147
vary: Accept
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

POST
H2 200 sium
ih.adscale.de/ Frame 1AE9 0
0 41ms
40ms Fetch
application/json 18.157.192.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ih.adscale.de/sium
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/match.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.157.192.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-192-56.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://ih.adscale.de/map?format=display&ssl=1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://ih.adscale.de
date: Sat, 21 May 2022 17:43:51 GMT
access-control-allow-credentials: true
access-control-allow-headers: x-openrtb-version
content-length: 0
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 39ms
39ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220518&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f9d79b97dd1296766614705332f0e914358cc3c1ded6f726f908cb52c663efc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 May 2022 17:43:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10726
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 21 May 2022 17:43:51 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3E0A 13 KB
5 KB 24ms
24ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.germany.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2054
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 21 May 2022 17:09:37 GMT
expires: Sun, 21 May 2023 17:09:37 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7BF0 783 B
535 B 33ms
32ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2ddff86feb0f84022bf9492e0fba16667d5cc1a844f2bf561a9aca2348d4bba4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EFBTYX96g6HaoaoEC1W5dw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.germany.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-EFBTYX96g6HaoaoEC1W5dw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 21 May 2022 17:43:51 GMT
expires: Sat, 21 May 2022 17:43:51 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7BF0 0
0 62ms
62ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220518&jk=2427230675030458&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js Show response
pagead2.googlesyndication.com/bg/ Frame 3E0A 35 KB
13 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea76c98ae3087db3370ab358fad0c88f209d7498ac48a70ef595a9fac54920d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 21:06:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74265
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13771
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 May 2023 21:06:06 GMT

GET
H2 200 launcher.js Show response
sak.userreport.com/sdm/ 100 KB
28 KB 113ms
28ms Script
application/javascript 2600:9000:224a:1e00:8:5c85:cdc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sak.userreport.com/sdm/launcher.js
Requested by: Host: nugmw.userreport.com
URL: https://nugmw.userreport.com/rc-ap/0/si.nuggad.net/nuggad?nuggn=571289945&nuggsid=1029839715
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:1e00:8:5c85:cdc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 56fd52144cef5d51a8b6c1a5deb628a9842f3964d4c3e12739a59319a9d690af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: SObA1BSVcqC_uhuCAroOaac3zDpZ3oZ3
content-encoding: br
last-modified: Wed, 18 May 2022 13:01:27 GMT
server: AmazonS3
age: 46
etag: W/"0f668c62853e79665dabbda635df717b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 27a205ba0937fb032aa2efb66ec66a80.cloudfront.net (CloudFront)
cache-control: max-age=7200, s-maxage=60
date: Sat, 21 May 2022 17:43:07 GMT
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: INs_e5_EYJfKvmuYb8dXLi65qo4QTgw_V9Gu3gy0PtSciIf8L1gwlQ==

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3E0A 0
9 B 22ms
22ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?4RLCdw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:43:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 74ms
74ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220518&jk=2427230675030458&bg=!CgmlCU3NAAZ4vKt9WLw7ACkAdvg8WnCDMmqWI0MtG4S48bt8tbUTEBLPX4VeSWYW-wm1jeHlAQiydAIAAABwUgAAAAZoAQeZAqpcvhQuwwgV5m8yvLlzcmRvcKEIRmkMt0KmDkef3mJ5eeOPkSIu0SPYQGpO4tTMUCq_C-7iuLzNMXTJRHjLAeE1bayjAjXysfJyoT8wwPGPaE3KD_2CbRWR3WWSV5Etob9f9LwCwcX4ZPcwHYfmTOqcudJkmvCF1TZuqXghUGpXqiZxvGa7DA0JUzzp7Xv6tkCZt-4zumv6oSnf0SDSfJBPRZYAXrDuWkKYWgHd8GoHNBWx9pPfHNN_I6PTuUGs2mqIyLf3wffxDkjJlw6UyaMAC6XD4eKuv3f8kikvUlN3e__nLBNkGbKW0Ipldzkfyv_dTOv7FErVpRguiOlN7r7ipOybOpsk2zrtDkz0LQf2m2mK8sIChxopIVLs7b_dQDve_eVP-DqrDrIlyVP6vxj41aPYld-_MCIvfVfex0I67G6SdcbIy738a-GODwcNOGLnIiLoLY9yTyEEkPtUbnkLm0JVTIW762OxlD-ZO-QbnILd_wgHlXF65MaJHEKyH3ioIEJz5e1xOpSfUBkxxCUzIWcSIFroRJy-i1lq9bqfuO3LRDsfzdnuDGTZZTr0jCgT22Uxj4o00QKM71RyuFtmXgqccCGg44Z71TM6nRBC92MeIfc774dqOlakoagwJi7TyfZWY0ucPr5JflWNmy7sggpMWGVxFeE0ifwlZO3x-QSPMWRcVU8tFerotgcHgZX8v86z5TsLWNr69h2fyL1rTkfmlby7ktwxfej3LIVrLSvFy0xReIncWf9RHIaffGzcMET_ClqTuCtZfrBBN8UBYl8AEiU49p_YmoCeRUrDxBs7DnitaGQFqjU8oVp2ZPcx2qB0d4jPvqqPHU93IsyjTaDKH3wEkTRiJlRtddIiBdxLH8l0SBNL9ASSn-d5dou0hsFZKr-m8isb
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 28ms
28ms Ping
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-TP4BKXBP5N&gtm=2oe5b0&_p=38198425&_z=ccd.tfB&cid=1859434887.1653155028&ul=en-us&sr=1600x1200&_s=2&sid=1653155028&sct=1&seg=0&dl=https%3A%2F%2Fwww.germany.ru%2Fcgi-bin%2Fportal%2Flogin_form.cgi%3Flogin%3Ddelvaux&dt=Germany.ru&en=scroll&_et=26&epn.percent_scrolled=90
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TP4BKXBP5N
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.germany.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 May 2022 17:43:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.germany.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

103 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.userreport.com/rc-ap/0/si.nuggad.net	1970-01-20 11:58:11	Name: __bpn_uid Value: 49369443-a177-44be-8a74-37b9412fcb5e
.userreport.com/rc-ap/0/si.nuggad.net	1970-01-20 11:58:11	Name: __ur_dc Value: 1653155029436
.germany.ru/	1970-01-23 06:43:08	Name: language Value: russian
.germany.ru/	1970-01-23 06:43:08	Name: skin Value: 0
.germany.ru/	1970-01-23 06:43:08	Name: track Value: mLbBHXsTdQUj7D446863
.germany.ru/	1970-01-20 20:43:47	Name: _ga_TP4BKXBP5N Value: GS1.1.1653155028.1.0.1653155028.0
.germany.ru/	1970-01-20 20:43:47	Name: _ga Value: GA1.2.1859434887.1653155028
.germany.ru/	1970-01-20 03:14:01	Name: _gid Value: GA1.2.843213370.1653155028
.germany.ru/	1970-01-20 03:12:35	Name: _gat Value: 1
.adscale.de/	1970-01-20 11:54:51	Name: cct Value: 1653155029223
.adscale.de/	1970-01-20 11:54:51	Name: uu Value: 7a314eb3402f47db81f98065b9a8c892
.germany.ru/	1970-01-20 12:34:11	Name: __gads Value: ID=2440bac3c623bdb6-227b529999cd0006:T=1653155029:RT=1653155029:S=ALNI_Mb8ItSpNtxxonHGOtJ4wxP8vjiOmQ
.adscale.de/	1970-01-20 11:54:51	Name: ng Value: 2#867802896#27552583#32739#d7~1&d10~2&d2~3&d4~1&d11~5&d8~1&d9~3&d12~4&d1~1&d3~1
.doubleclick.net/	1970-01-20 12:34:11	Name: IDE Value: AHWqTUldl0cMb7_iWBm_-abO5HX_IyUAxKmQtcREGtznmRAi1_pLuAceHLLHs-gm28g
.casalemedia.com/	1970-01-20 11:58:11	Name: CMID Value: Yokk1cDNBA2cLXtPUnpnbgAA
.casalemedia.com/	1970-01-20 05:22:11	Name: CMPS Value: 5199
.casalemedia.com/	1970-01-20 05:22:11	Name: CMPRO Value: 1164
.casalemedia.com/	1970-01-20 03:14:01	Name: CMST Value: Yokk1WKJJNUA
.doubleclick.net/	1970-01-20 03:12:35	Name: test_cookie Value: CheckForPermission
.mathtag.com/	1970-01-20 12:38:30	Name: uuid Value: 97106289-24d6-4000-b714-8ba074a7ff62
.adform.net/	1970-01-20 03:57:13	Name: C Value: 1
.adform.net/	1970-01-20 04:38:59	Name: uid Value: 3429764444055319894
.criteo.com/	1970-01-20 12:34:11	Name: uid Value: bb1d5463-42b7-4355-a740-ca2c645c1850
.m6r.eu/	1970-01-20 03:12:38	Name: test Value: true
.m6r.eu/	1970-01-20 05:22:11	Name: cct Value: 1653155031657
.m6r.eu/	1970-01-20 05:22:11	Name: id Value: eb3df0903b04b508907c1c07a1c30f93
.ih.adscale.de/	1970-01-20 11:54:51	Name: tu Value: 4#2513602094#48~eb3df0903b04b508907c1c07a1c30f93~459209~0~0#101~BBID-01-03278690296747642-16608600~459209~0~0#38~CAESEA_LCRd-g10kiRuzPIi1mS8~459209~0~0#39~97106289-24d6-4000-b714-8ba074a7ff62~459209~0~0#40~bb1d5463-42b7-4355-a740-ca2c645c1850~459209~0~0#42~3429764444055319894~459209~0~0#108~97106289-24d6-4000-b714-8ba074a7ff62~459209~0~0#63~Yokk1cDNBA2cLXtPUnpnbgAA&1164~459209~0~0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.com
adservice.google.de
bbnaut.ibillboard.com
cat.nl.eu.criteo.com
cm.g.doubleclick.net
code.jquery.com
csm.eu.criteo.net
dis.criteo.com
fonts.googleapis.com
fonts.gstatic.com
gaa.adscale.de
googleads.g.doubleclick.net
h.germany.ru
ih.adscale.de
js.adscale.de
katalogui.germany.ru
nugmw.userreport.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
rtb.fr.eu.criteo.com
rtb.nl.eu.criteo.com
sak.userreport.com
secure-gl.imrworldwide.com
ssum.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
sync.mathtag.com
tpc.googlesyndication.com
track.adform.net
tracking-a.dsp.m6r.eu
tracking.m6r.eu
tt.germany.ru
ttn.germany.ru
www.germany.ru
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
104.102.29.65
138.201.192.69
142.250.74.194
172.217.16.130
178.250.2.135
178.250.2.148
178.250.2.150
178.250.2.151
18.157.192.56
185.29.132.245
188.40.142.195
2001:4de0:ac18::1:a:3b
2600:9000:206f:2200:f:4f64:8940:93a1
2600:9000:206f:b600:1f:a1b:34c0:93a1
2600:9000:206f:f200:1e:a43d:b640:93a1
2600:9000:224a:1e00:8:5c85:cdc0:93a1
2a00:1450:4001:800::2002
2a00:1450:4001:802::2008
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:827::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2001
2a00:1450:4001:831::2003
2a00:1450:400c:c00::9a
2a00:1450:4016:80a::2003
2a02:2638:1::2
2a02:2638:1::4
2a02:2638::2
2a02:2638::3
3.124.13.195
37.157.4.40
62.209.227.211
99.83.169.100
00d606469b5a1c19c0168c191ce299b39540251d32e3fbe34505df14c2262c7d
080069b2dce01872cbc2bfcc0b6a2cd9b9a5b9fbb22fc1683ece0cea17aac96f
0839a4961347bfa8529c80cda5c76e95bc5e7dbfb60898ccc879a958a7cca7cf
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0c94f011226f03b1e9efc3aeae1c5c06e3f8253ded52ebd23f587089083c4a8e
11684e32291991f92abb8ab0ed5593425273840577b4c40e9d9937c81a35e726
132ae0a59d120b8eecc5def619efcdeb715fc5b003c927aaf37bddcccff96cd9
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
18d16743f29e1d988af192e45168077fa66d1c6bd25614ffc69b52fac81ea9ab
18fde910b0372eb5c77bb291dbf42520da4ecdb5b2ec4b47e7c76c945fe71c38
19b6345ef6f44bf3aab769ac231d4097e169bc3383c98e9e38e32816f2185f99
1a045fdc088409e4e87d57617de7a9b613bf251c12997180910faeed8fa7aba1
1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310
280f628fd9d0a6f780202257be7609d26865d9d61e9b9780be63169f2ebe1525
2a29e79bd75cc83eade181c4acc1c198786539997766b648bc21ed5aa7698408
2d203199167f264d0f4a282a25897f209bddc13793cfb01a40bc6062ea1f3eaf
2dd9e534b405733ef3eaef91bf0d4700c507b5a1dc694dad61f3d8f27ec44b03
2ddff86feb0f84022bf9492e0fba16667d5cc1a844f2bf561a9aca2348d4bba4
311e63b3c7172672cbf475f800d435f73f6fd10557a01c723f9ba98507609627
330b67e0a517ddc18c7b34bc2f07bac211a559391d475bec0846c882187a1886
35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830
3676c7e1de77b00773b81fa4ccf5bb1ddbc32f0c80e91303d7973dc7ac77321e
3ea71896c74dc9df5844e6eafc42d49534c6e0e05ac3d35a1a105613a8b09324
3f17c5a20099caaf54cca706e204464808476207a7bfc59a4f774f5efcb9bbe3
42214d63c876bc657e5242489b66db912451a7f9cec29f6131b332911ead2b47
42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6
4398ea7291a151cbd8392b8b5b6862b9ae3d3efd1a63964b6e130b10343c02c3
4530759d970509ac35adaf25a108d10293ffc00185266279d499278b0744c77a
45767d3452a56be0180eed18ff44acd5e688dc5bbde2b77e1da29b326a180416
498a2dbe268367b46a0c149340d447116a6ae18634b866e7775787e434d54c59
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51b3f24d652233d69d0c9e69da3d1173f5d5bff754103d062259fc0fdafa399e
52716454b0dd9642fecea7f45fe7a924686d8ea0ea78ba7a4ceaefc1f643d70a
53029bd52ce68ef409d482286ed118409ad98821ad52ca971da9f98103821312
53168bac7c57cb3c8a748a4a9473c29799bd27c8ca0287b40dff75e01905f798
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56fd52144cef5d51a8b6c1a5deb628a9842f3964d4c3e12739a59319a9d690af
58a968212f47698b1dac86f8ccdead909be03295b891da6a85d67c4b5ba29918
595c14bd7589b069e4570ba658cfab8850611639e8a077ca84ef263bfa4671f9
608236698997be623ff56d4fd114e4cd8a114eb8552404e30f2fa81a52c36342
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
66b805fbc4d13121af1e13dc3badc4e7076571a40c558d144be6f87ca6e0c84e
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17
6c52313b6ba57be518be73e00fa18db7e11d89eb15d27beec18e29a96a2da4ed
702ee4eac991f18ce23e0784a03fa1663abf0f17ae76e83ddb049851c58173ef
71f3f42ef0779c9c5c588ff6d572d832678708d49c01a3e403278a119609e782
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72eb25e65a6cf11914e57ac9c72a128f144c193f2c21f75198e896e26a99c4a1
75e0914b4feef36a682e74712f6e7a6e6fc90570a3f77144b3a60c3568e4c4dc
7623e3dabbcb4918185bdefe006d9ff2266b24d2bb244d97522df6d806f2832e
7b1747bec52ea01f3de75a9201120dafe45b6a72734a87624cd5d5107afd2c36
7e5be3da581cb25ab7e553a7fc547508bd79de95435107484f24a8e9049d6c07
7e9c22d02fc319b701844b334477a05fd32acee9668feb98672f6c27887f79cf
7fd4b9696a19d1e8b521192f799bd2885a6943977005afd74d839503e1dcda6f
827dfa5823a7da58bf9e8d3277f40011f2afed7fcc2f1a2e0ace062d9d6a3e87
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85dac06246c41e07cf74291618cb28e5b31a03fb2b7279368e85e8a931eb3a09
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ab72c25d71e12f99d7b3588afdbf14c8766294a33871a3484698cfe05605b97
8d1381b4d04e5bfcbd3eddb73fa50a02e3e881618345624d5c4d44a2c7309f6a
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9d79b97dd1296766614705332f0e914358cc3c1ded6f726f908cb52c663efc
966adf353f5e4d8bc10f941bbb2e7daaf891dec113ba491dc5d435a20d2823fe
9f3852b186cca1eb720e5988afd6173c8cc7025846381f7b723f84cb8dfefb25
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a330a08f7518181d5914d6e8a1afabfb7e7fa827c9f89fa9f1d32c4b9a2e1df7
a377d904d0302671c6f45af9c57876759f5aa839266aee95515a3b1ceb17ee5d
a3f6000a33d58957a47a2e2118bbff88cf9d6d61bd1e351a2b1607b74872a046
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73ecd7a1de9d7be56630c4f8f8ed41558ee9eee2de0073ee86be6426f9d956a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b05c27c25dcad4d9088456a23a729efb70b3e397c94e74d8739a64c7e8d02fb2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1bef9eeeef1f212636bbc9e61613f6de8d1ae1226873f2166fba33fbf27b98d
bd2164fcd86275603353afdeddf2ba2174c0bb2e9a0a6a09fc66b3f4a4ce845c
c38e076da21dc997a97ba46c2464b656b9ab308a34318c250fb42b77e0588172
c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c
c6c5a0858c896086bade97776b401d28b9001003c07df729c04ff4c805c81ac1
c7b61caa3b2d160d2b4a313fe6eb36abef28aa61ef1ec2c7db5558bcf499c172
ca38ab561201a1a68867f61d4fb3df9682756c8927fe80f047624e7ef662f0f3
cd3604873a59f3aa2958cc0547094e0b283d7f267a4594e704aaac6872c03e83
ce5bfade1c92a8acd00fb6f49c40641403d01f002f56db2404f956aff3348f09
cfe5907dc5a8a0afe360a124813888d3800bc9c824234cea869f506d1bb7f8db
d299a969e1ba8a952652362a480f80d0e8d89d6917e6b162f8220f88d9270970
d5330d77fb9977c51ef913d23d007041ab6d15224ad63e5675d1550fe836a7b4
d621b11566f77cc82fdb433e6042b35e0b401edad822755f6c3085d4534b8a4e
d6395ae2c5192b156c0ad3a09d9f18f667d5637e590787feaf8f53d90587ef71
d9b8557c16ce78263c0cf25baef1e2e59956692bb26b55a0f1bcb7504ef8066a
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dcfdb60d6b356e87d9b0f18792bd491a26720e680b1300da4f98255ce2467005
df0afbcac71eda0e189a2b70c5241beae9d0e990074727542cb05a93650fb6de
e08ecb85f947fd5f442332879a817ba5a3a645bee8ea7a3f39212348e50d97e0
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e1f53c1526b0c1a40515d13589438d653e65bc5c0ac76962a779b374637e3468
e29ffeda170cb0752b062928f22de04adc1c9177706f50b9c6a9c96dc706bf61
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b658c2d79d7059538f2b2a216d334ecc6b0e062516c704817074db10a3f0b4
e3c9acbf47cea0a6f707523784f5b04a68dcc76dfd35381df28a481b8221f2f5
e4b58a351151e4da3ebfac8c923fc7c19c7bbbd6696d716a2f3465bf869f1138
e863b80083f3553afa2fe3cf46fd966d881365056e43908cbb42613ac91906b5
e94e8badb63667a8c13ceba0867502abec046a0f26d6c33048cd9f95a51b7a90
ea6df1376bc8f578fac029fc5b4a5606d64e45150165e4026087df1afd29eeb0
ea76c98ae3087db3370ab358fad0c88f209d7498ac48a70ef595a9fac54920d7
ead500f0db56cc5a405166cebf63b855c8b4af6fdeb401f27cd669e08e22fcb6
ec836978f5b8719542d7769820f0f3c6d3b03bdfbb4fcc68d7401bc8fabe83ca
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd5e7875e480a9c8a913b7589c7a191cc1244c741a9239944c810d8fb290a59
f03d4a96a478aa1ea4e909af4e661b696f6dd97fe72230538a6487d5b63da0f2
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
fa86b31ffa06fc298d939ff4cc7afcaa82e6fc5563a1d9c6b80dc5e8c8ba3420
fc1f6c6128caa15d6e10943cb80044cb5e689beed4428062a064c9932091e11e

www.germany.ru Open in urlscan Pro 138.201.192.69 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

195 Requests

96 %HTTPS

58 %IPv6

22 Domains

41 Subdomains

30 IPs

10 Countries

2168 kBTransfer

5524 kBSize

27 Cookies

13 Outgoing links

Redirected requests

195 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.germany.ru Open in urlscan Pro
138.201.192.69 Public Scan

Screenshot
Live screenshot

Full Image

195
Requests

96 %
HTTPS

58 %
IPv6

22
Domains

41
Subdomains

30
IPs

10
Countries

2168 kB
Transfer

5524 kB
Size

27
Cookies

195 HTTP transactions
4 data transactions