instagramed.ru Open in urlscan Pro
213.232.240.187 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://instagramed.ru/dilya-mac-os.html
Submission: On February 16 via manual (February 16th 2023, 6:04:46 am UTC) from KZ — Scanned from DE

Summary HTTP 64 Redirects Behaviour Indicators

Summary

This website contacted 17 IPs in 5 countries across 10 domains to perform 64 HTTP transactions. The main IP is 213.232.240.187, located in St Petersburg, Russian Federation and belongs to SELECTEL, RU. The main domain is instagramed.ru.
TLS certificate: Issued by R3 on January 7th 2023. Valid for: 3 months.

This is the only time instagramed.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	213.232.240.187 213.232.240.187	49505 (SELECTEL) (SELECTEL)
7	2a00:1450:400... 2a00:1450:400d:80c::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:1::4 2a02:2638:1::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
9	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2a02:2638:1::8 2a02:2638:1::8	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
64	17

14 213.232.240.187 (St Petersburg, Russian Federation)

ASN49505 (SELECTEL, RU)
PTR: srv.dalabu.ru

instagramed.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400d:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:803::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:2638:1::8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	criteo.net static.criteo.net — Cisco Umbrella Rank: 630 pix.eu.criteo.net — Cisco Umbrella Rank: 8393 csm.eu.criteo.net — Cisco Umbrella Rank: 8410	443 KB
14	instagramed.ru instagramed.ru	197 KB
12	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 tpc.googlesyndication.com — Cisco Umbrella Rank: 137	216 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41	20 KB
3	criteo.com rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 13105 ads.eu.criteo.com — Cisco Umbrella Rank: 8334 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 12670	54 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 72 www.google.com — Cisco Umbrella Rank: 2	2 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 196	5 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 183	48 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 9006	531 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 863	607 B
64	10

	Domain	Requested by
14	pix.eu.criteo.net	ads.eu.criteo.com
14	instagramed.ru	instagramed.ru
9	static.criteo.net	ads.eu.criteo.com
7	pagead2.googlesyndication.com	instagramed.ru pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
5	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	csm.eu.criteo.net	ads.eu.criteo.com
1	www.google.com	tpc.googlesyndication.com
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	cat.nl.eu.criteo.com	ads.eu.criteo.com
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	rtb.nl3.eu.criteo.com	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
64	16

This site contains no links.

Subject Issuer	Validity	Valid
instagramed.ru R3	`2023-01-07` - `2023-04-07`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-04` - `2023-04-05`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-22` - `2023-03-26`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-15`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-19` - `2023-03-24`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://instagramed.ru/dilya-mac-os.html
Frame ID: 8DAC80FA4E4EDA03BF9C0D46F6854984
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20190131/zrt_lookup.html
Frame ID: 236DED25BBB4113BA1A6E961F93E9127
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4223742104081029&output=html&h=280&slotname=9128289090&adk=2023025958&adf=837968023&pi=t.ma~as.9128289090&w=1170&fwrn=4&fwrnh=100&lmt=1676527481&rafmt=1&format=1170x280&url=https%3A%2F%2Finstagramed.ru%2Fdilya-mac-os.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676527481577&bpp=3&bdt=255&idt=156&shv=r20230213&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&correlator=8296510465334&frm=20&pv=2&ga_vid=1316702638.1676527482&ga_sid=1676527482&ga_hid=1168734971&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=222&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071643%2C31072479%2C31071269&oid=2&pvsid=4477886171755172&tmod=1694353492&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=bjMoBtdlFE&p=https%3A//instagramed.ru&dtd=175
Frame ID: 374F8B72269BEE13FD8F2555CC55B72C
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4223742104081029&output=html&adk=1812271804&adf=3025194257&lmt=1676527481&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Finstagramed.ru%2Fdilya-mac-os.html&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676527481590&bpp=1&bdt=268&idt=168&shv=r20230213&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&prev_fmts=1170x280&nras=1&correlator=8296510465334&frm=20&pv=1&ga_vid=1316702638.1676527482&ga_sid=1676527482&ga_hid=1168734971&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071643%2C31072479%2C31071269&oid=2&pvsid=4477886171755172&tmod=1694353492&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=174
Frame ID: F220F98F2BD48C6D2A058B4F5E0AFA3F
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y-3HeQAL9_0K0wYJAA3rFH7kqmhmgUEOhKR1Pw&u=%7CXVwwK6oKmGGw0CpF2TXwDHxbrLzs0tE6KvOars1epfM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy_wNVu8Nsi-eucSjBjcwI-u5QJ_t2zjUsK3EBBuXBvkJvhfb3ho04RPoqyeSjt0BOeVz4KdpSntdP5Tnmw1ss0ImukV8eVkdU2xuynD90VHElaEHvG0vns1mhmfoeMVRrrNKkAxg3TZpegjNwsePxgRe25jspr0s5EhLPVKbJR1R_dyjZzRLV2KxGdB727vRydZ4liCpvq2bX-7O4dUn5RLhq4mbyp8DNGjHrurtjnGtXp0w7tRWV0p5k5lZzB6tobcXjubET2mWoN2ewTiRFOQQ7asLa6Q4lygxqlTiL_ReF6Hw3RarBj3jrZBvodtaP-T77DUUg7C4sb2hFUnMtosRo6cp-7O86KD3RDwljAyfGCZLQs7dbUB9BdjGRbTyQpNks02-2dp4EnKgnsdFq9vSiu0vhRIDziKdP1ftkw_nrHkHKrh2d_oi0iz61CVGpetLhqk3Rs45WFa3sBnxdvodsWXBGmWliC9JXkUEK07wBxj4PNDO6ZiGzPuhS6lpEBDcyS5XGc4rixNH5-VKxKg3C9gRftRmic6szoOzxK_z&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCYt8ecftY_3vL4mMzAaU1rdwyZ7SsVy96ZX3cMCNtwEQASAAYJW6gIKYB4IBF2NhLXB1Yi00MjIzNzQyMTA0MDgxMDI5yAEJqQJFKCtUW-6xPqgDAaoE0wFP0Nq05hjYBjW4L0tjxkrCFYf4QcmsfzJKLsu_4clCELX0OyVEqmhhTyMyb0RA15RZ2O8Ha0ts-CpjUNwOVxdYKo4JKlB5POEG18Ecj1MzpH8bhwIqcr9nJZdTPNXGcU588kq6o-A-0E4n5YSqxDuzGtclmrTVfKSJlNORA61pxh0HO_sKdQjDK33sswqvaM2ef8v75Jiz0PyFSrxy9MvKzS9wyNKrjNmNjiR1e-PLOeahV7ZCRq0CABdWz2zhWCseg7Zu5-H5QF2_5VyTCvo20Ii8gAbqjumR8dyRhxqgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_258bM6TdUs0IzLPYwguvjkETF0EA%26client%3Dca-pub-4223742104081029%26adurl%3D
Frame ID: BD05BE3A86698CC962E3D786A987D0DF
Requests: 28 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 423869331CEE54B3587EBDDB79908F47
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8015625B6BC2680E7399744A63070E20
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

404

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

64
Requests

100 %
HTTPS

88 %
IPv6

10
Domains

16
Subdomains

17
IPs

5
Countries

985 kB
Transfer

1885 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

64 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 404 Primary Request dilya-mac-os.html Show response
instagramed.ru/ 5 KB
2 KB 191ms
79ms Document
text/html 213.232.240.187
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://instagramed.ru/dilya-mac-os.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.232.240.187 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: srv.dalabu.ru
Software: nginx /
Resource Hash: 7e49617a8ac3a6d3a5f620d985b815aeee2979e36025a28aa7908e6ba7410a61

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=172800, private, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 16 Feb 2023 06:04:41 GMT
expires: Thu, 23 Feb 2023 06:04:41 GMT
p3p: CP="NOI NID ADMa OUR IND UNI COM NAV"
server: nginx
vary: Accept-Encoding

GET
H2 200 bootstrap.min.css
instagramed.ru/tpl/css/ 115 KB
19 KB 111ms
109ms Stylesheet
text/css 213.232.240.187
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL

https://instagramed.ru/tpl/css/bootstrap.min.css

Requested by

Host: instagramed.ru
URL: https://instagramed.ru/dilya-mac-os.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.232.240.187 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

srv.dalabu.ru

Software

nginx /

Resource Hash

c2264f9ea021b09971ebee24d75bcdb8a517dce219c0cf1ad9fc543151760742

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://instagramed.ru/dilya-mac-os.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 06:04:41 GMT
strict-transport-security: max-age=31536000;
content-encoding: gzip
last-modified: Mon, 04 Apr 2022 06:36:16 GMT
server: nginx
etag: W/"624a91e0-1cb09"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
expires: Fri, 16 Feb 2024 06:04:41 GMT

GET
H2 200 style.css
instagramed.ru/tpl/css/ 20 KB
5 KB 112ms
109ms Stylesheet
text/css 213.232.240.187
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL

https://instagramed.ru/tpl/css/style.css

Requested by

Host: instagramed.ru
URL: https://instagramed.ru/dilya-mac-os.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.232.240.187 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

srv.dalabu.ru

Software

nginx /

Resource Hash

48a487738ddee46416a0d274d5c01eebefaf096c2ab5ba09b9cb29dbd442f441

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://instagramed.ru/dilya-mac-os.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 06:04:41 GMT
strict-transport-security: max-age=31536000;
content-encoding: gzip
last-modified: Sun, 28 Aug 2022 10:13:32 GMT
server: nginx
etag: W/"630b3fcc-4e8e"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
expires: Fri, 16 Feb 2024 06:04:41 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
49 KB 170ms
72ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: instagramed.ru
URL: https://instagramed.ru/dilya-mac-os.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37829df4b523a77765d8d1ec1e2d1b792ae654efe7c693c7ee5c89f4acba4fbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://instagramed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 06:04:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49400
x-xss-protection: 0
server: cafe
etag: 12700833929253287695
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 16 Feb 2023 06:04:41 GMT

GET
H2 200 jquery.min.js Show response
instagramed.ru/tpl/js/ 94 KB
33 KB 164ms
161ms Script
application/javascript 213.232.240.187
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL

https://instagramed.ru/tpl/js/jquery.min.js

Requested by

Host: instagramed.ru
URL: https://instagramed.ru/dilya-mac-os.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.232.240.187 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

srv.dalabu.ru

Software

nginx /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://instagramed.ru/dilya-mac-os.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 06:04:41 GMT
strict-transport-security: max-age=31536000;
content-encoding: gzip
last-modified: Sat, 31 Oct 2020 00:04:24 GMT
server: nginx
etag: W/"5f9caa08-176f8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Fri, 16 Feb 2024 06:04:41 GMT

GET
H2 200 bootstrap.min.js Show response
instagramed.ru/tpl/js/ 36 KB
10 KB 149ms
148ms Script
application/javascript 213.232.240.187
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL

https://instagramed.ru/tpl/js/bootstrap.min.js

Requested by

Host: instagramed.ru
URL: https://instagramed.ru/dilya-mac-os.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.232.240.187 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

srv.dalabu.ru

Software

nginx /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://instagramed.ru/dilya-mac-os.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 06:04:41 GMT
strict-transport-security: max-age=31536000;
content-encoding: gzip
last-modified: Sat, 31 Oct 2020 00:04:24 GMT
server: nginx
etag: W/"5f9caa08-90b5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Fri, 16 Feb 2024 06:04:41 GMT

GET
H2 200 lazy.js Show response
instagramed.ru/tpl/js/ 2 KB
757 B 149ms
149ms Script
application/javascript 213.232.240.187
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL

https://instagramed.ru/tpl/js/lazy.js

Requested by

Host: instagramed.ru
URL: https://instagramed.ru/dilya-mac-os.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.232.240.187 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

srv.dalabu.ru

Software

nginx /

Resource Hash

ec2b12fc8c9d57f2f2308f8944b22bddb6a79334d4a72385482a0eca180a94cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://instagramed.ru/dilya-mac-os.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 06:04:41 GMT
strict-transport-security: max-age=31536000;
content-encoding: gzip
last-modified: Sat, 31 Oct 2020 00:04:24 GMT
server: nginx
etag: W/"5f9caa08-643"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Fri, 16 Feb 2024 06:04:41 GMT

GET
H2 200 lozad.min.js Show response
instagramed.ru/tpl/js/ 3 KB
1 KB 164ms
162ms Script
application/javascript 213.232.240.187
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL

https://instagramed.ru/tpl/js/lozad.min.js

Requested by

Host: instagramed.ru
URL: https://instagramed.ru/dilya-mac-os.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.232.240.187 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

srv.dalabu.ru

Software

nginx /

Resource Hash

98e15110586a9877906d7a4ada5a789c0deaa285600027e1f3c7e925fb4b05b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://instagramed.ru/dilya-mac-os.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 06:04:41 GMT
strict-transport-security: max-age=31536000;
content-encoding: gzip
last-modified: Wed, 17 Feb 2021 09:35:30 GMT
server: nginx
etag: W/"602ce362-c17"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Fri, 16 Feb 2024 06:04:41 GMT

GET
H2 200 lozadstart.js Show response
instagramed.ru/tpl/js/ 478 B
515 B 164ms
162ms Script
application/javascript 213.232.240.187
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL

https://instagramed.ru/tpl/js/lozadstart.js

Requested by

Host: instagramed.ru
URL: https://instagramed.ru/dilya-mac-os.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.232.240.187 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

srv.dalabu.ru

Software

nginx /

Resource Hash

fffcbea111dc195b3afe12252cf755e965e6d94c84a6bedd8675c592301f025f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://instagramed.ru/dilya-mac-os.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 06:04:41 GMT
strict-transport-security: max-age=31536000;
content-encoding: gzip
last-modified: Wed, 17 Feb 2021 09:46:18 GMT
server: nginx
etag: W/"602ce5ea-1de"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Fri, 16 Feb 2024 06:04:41 GMT

GET
H2 200 jquery.mousewheel-3.0.6.pack.js Show response
instagramed.ru/assets/js/fancybox/ 1 KB
945 B 164ms
162ms Script
application/javascript 213.232.240.187
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL

https://instagramed.ru/assets/js/fancybox/jquery.mousewheel-3.0.6.pack.js

Requested by

Host: instagramed.ru
URL: https://instagramed.ru/dilya-mac-os.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.232.240.187 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

srv.dalabu.ru

Software

nginx /

Resource Hash

89063c896f3ff978cbecd97312879f288e207d519781425f0d7f9dd203dff653

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://instagramed.ru/dilya-mac-os.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 06:04:41 GMT
strict-transport-security: max-age=31536000;
content-encoding: gzip
last-modified: Sat, 31 Oct 2020 01:22:46 GMT
server: nginx
etag: W/"5f9cbc66-574"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Fri, 16 Feb 2024 06:04:41 GMT

GET
H2 200 jquery.fancybox.js Show response
instagramed.ru/assets/js/fancybox/ 48 KB
14 KB 164ms
163ms Script
application/javascript 213.232.240.187
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL

https://instagramed.ru/assets/js/fancybox/jquery.fancybox.js

Requested by

Host: instagramed.ru
URL: https://instagramed.ru/dilya-mac-os.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.232.240.187 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

srv.dalabu.ru

Software

nginx /

Resource Hash

6c78ce6b6d1928630b903084ea9d503643f303ba05455860cc7cd17f7687cc65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://instagramed.ru/dilya-mac-os.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 06:04:41 GMT
strict-transport-security: max-age=31536000;
content-encoding: gzip
last-modified: Sat, 31 Oct 2020 01:22:46 GMT
server: nginx
etag: W/"5f9cbc66-be42"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Fri, 16 Feb 2024 06:04:41 GMT

GET
H2 200 jquery.fancybox.css
instagramed.ru/assets/js/fancybox/ 5 KB
2 KB 111ms
110ms Stylesheet
text/css 213.232.240.187
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL

https://instagramed.ru/assets/js/fancybox/jquery.fancybox.css

Requested by

Host: instagramed.ru
URL: https://instagramed.ru/dilya-mac-os.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.232.240.187 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

srv.dalabu.ru

Software

nginx /

Resource Hash

968a8e56e4adaf8c135199ebd7f6cc065424ca45974d4dfbeb5607e69fe72fcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://instagramed.ru/dilya-mac-os.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 06:04:41 GMT
strict-transport-security: max-age=31536000;
content-encoding: gzip
last-modified: Sat, 31 Oct 2020 01:22:46 GMT
server: nginx
etag: W/"5f9cbc66-131f"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
expires: Fri, 16 Feb 2024 06:04:41 GMT

GET
H2 200 bgsh.jpg
instagramed.ru/tpl/images/ 75 KB
75 KB 97ms
97ms Image
image/jpeg 213.232.240.187
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://instagramed.ru/tpl/images/bgsh.jpg

Requested by

Host: instagramed.ru
URL: https://instagramed.ru/tpl/css/style.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.232.240.187 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

srv.dalabu.ru

Software

nginx /

Resource Hash

9a96becc9aae33eb0e3036c6654a56967486260a8a1dcadd51241ec2cc7394ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://instagramed.ru/tpl/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 06:04:41 GMT
strict-transport-security: max-age=31536000;
last-modified: Mon, 04 Apr 2022 06:38:10 GMT
server: nginx
etag: "624a9252-12b16"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 76566
expires: Fri, 16 Feb 2024 06:04:41 GMT

GET
H2 200 iJWKBXyIfDnIV7nFrXyi0A.woff2
instagramed.ru/tpl/fonts/ 10 KB
11 KB 100ms
100ms Font
font/woff2 213.232.240.187
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL

https://instagramed.ru/tpl/fonts/iJWKBXyIfDnIV7nFrXyi0A.woff2

Requested by

Host: instagramed.ru
URL: https://instagramed.ru/tpl/css/style.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.232.240.187 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

srv.dalabu.ru

Software

nginx /

Resource Hash

7be407e0fbe01c52d593198f0020ce824873abc9150c088e547b795639440cd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://instagramed.ru/tpl/css/style.css
Origin: https://instagramed.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 06:04:41 GMT
strict-transport-security: max-age=31536000;
last-modified: Sat, 31 Oct 2020 00:04:21 GMT
server: nginx
etag: "5f9caa05-2980"
content-type: font/woff2
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 10624
expires: Fri, 16 Feb 2024 06:04:41 GMT

GET
H2 200 iJWKBXyIfDnIV7nBrXw.woff2
instagramed.ru/tpl/fonts/ 22 KB
22 KB 100ms
100ms Font
font/woff2 213.232.240.187
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL

https://instagramed.ru/tpl/fonts/iJWKBXyIfDnIV7nBrXw.woff2

Requested by

Host: instagramed.ru
URL: https://instagramed.ru/tpl/css/style.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.232.240.187 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

srv.dalabu.ru

Software

nginx /

Resource Hash

dc3dd1958c8c96494a868ce922090704dfe779f54e7b059408077b6d59584d13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://instagramed.ru/tpl/css/style.css
Origin: https://instagramed.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 06:04:41 GMT
strict-transport-security: max-age=31536000;
last-modified: Sat, 31 Oct 2020 00:04:21 GMT
server: nginx
etag: "5f9caa05-5880"
content-type: font/woff2
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 22656
expires: Fri, 16 Feb 2024 06:04:41 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302140101/ 366 KB
121 KB 84ms
84ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4223742104081029&plah=instagramed.ru&bust=31072479

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a42be2177da934e8272a302caaaef7cedc397fa30dd3e46e2e9ad146a156f88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://instagramed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 06:04:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123264
x-xss-protection: 0
server: cafe
etag: 11164869691038300013
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 16 Feb 2023 06:04:41 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230213/r20190131/ Frame 236D 10 KB
5 KB 78ms
22ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230213/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://instagramed.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42055
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 15 Feb 2023 18:23:46 GMT
etag: 10353107486223812946
expires: Wed, 01 Mar 2023 18:23:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 395 B
607 B 80ms
29ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=instagramed.ru&callback=_gfp_s_&client=ca-pub-4223742104081029

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4223742104081029&plah=instagramed.ru&bust=31072479

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

da43484f56b809a928504ef06e6bfd9c745346143363dec5f0c5280b1c418e09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://instagramed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 06:04:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 151ms
58ms Script
application/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=instagramed.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://instagramed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 06:04:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 86ms
31ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=instagramed.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://instagramed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 06:04:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 374F 23 KB
10 KB 196ms
195ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4223742104081029&output=html&h=280&slotname=9128289090&adk=2023025958&adf=837968023&pi=t.ma~as.9128289090&w=1170&fwrn=4&fwrnh=100&lmt=1676527481&rafmt=1&format=1170x280&url=https%3A%2F%2Finstagramed.ru%2Fdilya-mac-os.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676527481577&bpp=3&bdt=255&idt=156&shv=r20230213&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&correlator=8296510465334&frm=20&pv=2&ga_vid=1316702638.1676527482&ga_sid=1676527482&ga_hid=1168734971&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=222&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071643%2C31072479%2C31071269&oid=2&pvsid=4477886171755172&tmod=1694353492&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=bjMoBtdlFE&p=https%3A//instagramed.ru&dtd=175

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49044156892a937079a1bb6793deee3186e63c962c2d0b934f8f38d884e7d951

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://instagramed.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 9959
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Feb 2023 06:04:41 GMT
expires: Thu, 16 Feb 2023 06:04:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F220 15 KB
5 KB 170ms
170ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4223742104081029&output=html&adk=1812271804&adf=3025194257&lmt=1676527481&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Finstagramed.ru%2Fdilya-mac-os.html&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676527481590&bpp=1&bdt=268&idt=168&shv=r20230213&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&prev_fmts=1170x280&nras=1&correlator=8296510465334&frm=20&pv=1&ga_vid=1316702638.1676527482&ga_sid=1676527482&ga_hid=1168734971&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071643%2C31072479%2C31071269&oid=2&pvsid=4477886171755172&tmod=1694353492&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=174

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

955a41356b0725ab44d7929ed1941565c5e1012e85d7418f534574d9a2f6300f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://instagramed.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 5273
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Feb 2023 06:04:41 GMT
expires: Thu, 16 Feb 2023 06:04:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame 374F 3 KB
1 KB 76ms
23ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4223742104081029&output=html&h=280&slotname=9128289090&adk=2023025958&adf=837968023&pi=t.ma~as.9128289090&w=1170&fwrn=4&fwrnh=100&lmt=1676527481&rafmt=1&format=1170x280&url=https%3A%2F%2Finstagramed.ru%2Fdilya-mac-os.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676527481577&bpp=3&bdt=255&idt=156&shv=r20230213&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&correlator=8296510465334&frm=20&pv=2&ga_vid=1316702638.1676527482&ga_sid=1676527482&ga_hid=1168734971&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=222&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071643%2C31072479%2C31071269&oid=2&pvsid=4477886171755172&tmod=1694353492&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=bjMoBtdlFE&p=https%3A//instagramed.ru&dtd=175

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:31:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59595
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Mar 2023 13:31:27 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame 374F 20 KB
9 KB 73ms
21ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b4727366dbbf82f3dc7d48c30bc9444860158da542dcc4b04eeeb6e0a7b6d60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:31:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59596
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8316
x-xss-protection: 0
server: cafe
etag: 7067238764211672077
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Mar 2023 13:31:26 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 374F 156 KB
48 KB 928ms
873ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 06:04:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48814
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676465787912926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 16 Feb 2023 06:04:42 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 374F 0
0 63ms
62ms Fetch
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CQWhaecftY_3vL4mMzAaU1rdwyZ7SsVy96ZX3cMCNtwEQASAAYJW6gIKYB4IBF2NhLXB1Yi00MjIzNzQyMTA0MDgxMDI5yAEJqQJFKCtUW-6xPqgDAaoE0AFP0Nq05hjYBjW4L0tjxkrCFYf4QcmsfzJKLsu_4clCELX0OyVEqmhhTyMyb0RA15RZ2O8Ha0ts-CpjUNwOVxdYKo4JKlB5POEG18Ecj1MzpH8bhwIqcr9nJZdTPNXGcU588kq6o-A-0E4n5YSqxDuzGtclmrTVfKSJlNORA61pxh0HO_sKdQjDK33sswqvaM2ef8v75Jiz0PyFSrxy9MvKzS9wyNKrjNmNjmZ3WnFMtnqy6CpW5X0_pu9f22ZXUgUGAQKm2kcL_0OT_dk5jumJgAbqjumR8dyRhxqgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTQyMjM3NDIxMDQwODEwMjkYAA&sigh=9v5WxkLihRo&uach_m=[UACH]&cid=CAQSGwDUE5ymHuVhnpiayn6Cn7ir5_NxyFv8HH596hgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4223742104081029&output=html&h=280&slotname=9128289090&adk=2023025958&adf=837968023&pi=t.ma~as.9128289090&w=1170&fwrn=4&fwrnh=100&lmt=1676527481&rafmt=1&format=1170x280&url=https%3A%2F%2Finstagramed.ru%2Fdilya-mac-os.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676527481577&bpp=3&bdt=255&idt=156&shv=r20230213&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&correlator=8296510465334&frm=20&pv=2&ga_vid=1316702638.1676527482&ga_sid=1676527482&ga_hid=1168734971&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=222&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071643%2C31072479%2C31071269&oid=2&pvsid=4477886171755172&tmod=1694353492&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=bjMoBtdlFE&p=https%3A//instagramed.ru&dtd=175
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 16 Feb 2023 06:04:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 16 Feb 2023 06:04:42 GMT

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 374F 0
0 153ms
42ms Fetch 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kKW_EMz6RJIJmAKdg2ICAgAAAIM0RuVo0UsKEHnH7WNuQPWHpKGm-Z7N1wASAAAKDkFRVURBUVlCQVFFUEFR&wp=Y-3HeQAL9_0K0wYJAA3rFH7kqmhmgUEOhKR1Pw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 06:04:41 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 204784
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame BD05 173 KB
54 KB 378ms
141ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y-3HeQAL9_0K0wYJAA3rFH7kqmhmgUEOhKR1Pw&u=%7CXVwwK6oKmGGw0CpF2TXwDHxbrLzs0tE6KvOars1epfM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy_wNVu8Nsi-eucSjBjcwI-u5QJ_t2zjUsK3EBBuXBvkJvhfb3ho04RPoqyeSjt0BOeVz4KdpSntdP5Tnmw1ss0ImukV8eVkdU2xuynD90VHElaEHvG0vns1mhmfoeMVRrrNKkAxg3TZpegjNwsePxgRe25jspr0s5EhLPVKbJR1R_dyjZzRLV2KxGdB727vRydZ4liCpvq2bX-7O4dUn5RLhq4mbyp8DNGjHrurtjnGtXp0w7tRWV0p5k5lZzB6tobcXjubET2mWoN2ewTiRFOQQ7asLa6Q4lygxqlTiL_ReF6Hw3RarBj3jrZBvodtaP-T77DUUg7C4sb2hFUnMtosRo6cp-7O86KD3RDwljAyfGCZLQs7dbUB9BdjGRbTyQpNks02-2dp4EnKgnsdFq9vSiu0vhRIDziKdP1ftkw_nrHkHKrh2d_oi0iz61CVGpetLhqk3Rs45WFa3sBnxdvodsWXBGmWliC9JXkUEK07wBxj4PNDO6ZiGzPuhS6lpEBDcyS5XGc4rixNH5-VKxKg3C9gRftRmic6szoOzxK_z&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCYt8ecftY_3vL4mMzAaU1rdwyZ7SsVy96ZX3cMCNtwEQASAAYJW6gIKYB4IBF2NhLXB1Yi00MjIzNzQyMTA0MDgxMDI5yAEJqQJFKCtUW-6xPqgDAaoE0wFP0Nq05hjYBjW4L0tjxkrCFYf4QcmsfzJKLsu_4clCELX0OyVEqmhhTyMyb0RA15RZ2O8Ha0ts-CpjUNwOVxdYKo4JKlB5POEG18Ecj1MzpH8bhwIqcr9nJZdTPNXGcU588kq6o-A-0E4n5YSqxDuzGtclmrTVfKSJlNORA61pxh0HO_sKdQjDK33sswqvaM2ef8v75Jiz0PyFSrxy9MvKzS9wyNKrjNmNjiR1e-PLOeahV7ZCRq0CABdWz2zhWCseg7Zu5-H5QF2_5VyTCvo20Ii8gAbqjumR8dyRhxqgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_258bM6TdUs0IzLPYwguvjkETF0EA%26client%3Dca-pub-4223742104081029%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

367fdcc0be2d2ee77c74a57293b4cdf6066bdd606066e650aefb8779fd1fbb4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 16 Feb 2023 06:04:41 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=0vGCrgEfDZrhzgsdUYJwbOfU7DSCydxKBpkiWLMyvdXnKL8K3JR8EkzT6NetsJVhO3pVN64uaWseeAcQKh-Js7b68ZocJYPZAasCle-vOn4y7ZnmeE0ct6eQW_0rrkGqLHOiceB-OJVsvNcVGkA61-TmwC_xmF5uj48y8fPX1fDpVT8t0cskbQeKv4Pkm8Ktnh64UdrKKQ2IFmIKOIDlMvsOP0QVjdokIvH790jmutstS4wokgZjv8pNrQUh34uaPe0Jzg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 102344570
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 374F 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cf6153f14aaa07394ebbae94e6f2cb1f83259f64eeeb073e37c3141059cffe83

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame BD05 2 KB
1 KB 322ms
34ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y-3HeQAL9_0K0wYJAA3rFH7kqmhmgUEOhKR1Pw&u=%7CXVwwK6oKmGGw0CpF2TXwDHxbrLzs0tE6KvOars1epfM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy_wNVu8Nsi-eucSjBjcwI-u5QJ_t2zjUsK3EBBuXBvkJvhfb3ho04RPoqyeSjt0BOeVz4KdpSntdP5Tnmw1ss0ImukV8eVkdU2xuynD90VHElaEHvG0vns1mhmfoeMVRrrNKkAxg3TZpegjNwsePxgRe25jspr0s5EhLPVKbJR1R_dyjZzRLV2KxGdB727vRydZ4liCpvq2bX-7O4dUn5RLhq4mbyp8DNGjHrurtjnGtXp0w7tRWV0p5k5lZzB6tobcXjubET2mWoN2ewTiRFOQQ7asLa6Q4lygxqlTiL_ReF6Hw3RarBj3jrZBvodtaP-T77DUUg7C4sb2hFUnMtosRo6cp-7O86KD3RDwljAyfGCZLQs7dbUB9BdjGRbTyQpNks02-2dp4EnKgnsdFq9vSiu0vhRIDziKdP1ftkw_nrHkHKrh2d_oi0iz61CVGpetLhqk3Rs45WFa3sBnxdvodsWXBGmWliC9JXkUEK07wBxj4PNDO6ZiGzPuhS6lpEBDcyS5XGc4rixNH5-VKxKg3C9gRftRmic6szoOzxK_z&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCYt8ecftY_3vL4mMzAaU1rdwyZ7SsVy96ZX3cMCNtwEQASAAYJW6gIKYB4IBF2NhLXB1Yi00MjIzNzQyMTA0MDgxMDI5yAEJqQJFKCtUW-6xPqgDAaoE0wFP0Nq05hjYBjW4L0tjxkrCFYf4QcmsfzJKLsu_4clCELX0OyVEqmhhTyMyb0RA15RZ2O8Ha0ts-CpjUNwOVxdYKo4JKlB5POEG18Ecj1MzpH8bhwIqcr9nJZdTPNXGcU588kq6o-A-0E4n5YSqxDuzGtclmrTVfKSJlNORA61pxh0HO_sKdQjDK33sswqvaM2ef8v75Jiz0PyFSrxy9MvKzS9wyNKrjNmNjiR1e-PLOeahV7ZCRq0CABdWz2zhWCseg7Zu5-H5QF2_5VyTCvo20Ii8gAbqjumR8dyRhxqgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_258bM6TdUs0IzLPYwguvjkETF0EA%26client%3Dca-pub-4223742104081029%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 06:04:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 11 Feb 2024 06:04:42 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame BD05 2 KB
1 KB 318ms
29ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 06:04:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 11 Feb 2024 06:04:42 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame BD05 308 B
636 B 318ms
30ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 06:04:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 11 Feb 2024 06:04:42 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame BD05 293 B
621 B 318ms
31ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 06:04:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 11 Feb 2024 06:04:42 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame BD05 43 B
348 B 106ms
32ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=ojNFJVpK7UNOzZVT8RZfYtdX4rAMHNJwBu--vxq6kdUH31BoDBdpvuPdlkF9C3uv7GMFt88zNwxIrIuIicRkNaJz3FSgzfZvSOwvPHncrv_28SuBP_3bLQEHwsnFAuNA6eh5yZoW3b7ZZZCghcr7U4X-0yAvdTwuKApdA4waImNE_7Cp0jDcDe2wK9VzGRuLJ0312DHm0YnKV7QKlGqdoRIdT7srlxvPnFPhUD90SsqPwpL69d340DVOxVMHE4btZahyMkaAZSMu-B8uC-eX6CHH4xaww3dWkFwRpHnq_rzRTO4etMYX_D6DCdvIXJZFksklmuiiPTVGMsf7yD05rCaCEVt7v4MrDrnUWPXWIX-Rve9tRzX6Cend-U1uT3drRGdiJerC_gyFrZsSmQ_P7c9UDNab9F2YP-Nxjw9CEKYH6whP

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 06:04:42 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3490988
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame BD05 12 KB
5 KB 78ms
29ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 06:04:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2606721
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0hLX2tKo2Ma8OyMt5EZm4rYZ4kMJfL2Ml5q8bikp0MCQFLMMftYZvO6e2ZHbLliKeM4d8cVWY%2BIz%2BqLsI%2BgbMIDoZIdEcTSjMIcgfBN3VCKArautY6g%2FwxxUWZmC%2F0Idpl%2FgVOqndoWdFUl2c4ouI8m5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79a4165d4dbfbb67-FRA
expires: Tue, 06 Feb 2024 06:04:42 GMT

GET
H2 200 ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
static.criteo.net/design/dt/ Frame BD05 46 KB
46 KB 317ms
58ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 06:04:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-b778"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 11 Feb 2024 06:04:42 GMT

GET
H2 200 0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
static.criteo.net/design/dt/ Frame BD05 38 KB
38 KB 353ms
94ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 06:04:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-97a8"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 11 Feb 2024 06:04:42 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame BD05 12 KB
6 KB 39ms
38ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 06:04:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 11 Feb 2024 06:04:42 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame BD05 69 KB
70 KB 163ms
55ms Image
image/png 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=556&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F190121%2F8ee840d4a3ed46b29e29bc1b9545348c_stardardcon.png&v=3&w=518&s=qtE8ztIojx4ceRogNh7PA9PG

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ea44e24bde143682df3c5b18862c5e197954494b954609e81a84933a8bbd3c18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 06:04:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29272053
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 71154
expires: Sun, 21 Jan 2024 01:12:16 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame BD05 62 KB
63 KB 173ms
66ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F221121%2F71409a64baf248aca03b351b9195ce6d_img_horizontal_1.jpg&v=3&w=1200&s=KA_nDUJEBJWiZ1S55oDpFXKD

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

713ba573bd44652ff38f4445d9807d587e34e2e81ebdcae673a4414606d784e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 06:04:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29050671
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 63762
expires: Thu, 18 Jan 2024 11:42:33 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame BD05 7 KB
8 KB 196ms
89ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1544803151%2F18300358-BQBk5bjM.jpg&v=3&w=400&s=7q9r08ZyY2ZjqaZMxEethEAi&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

19bded2d9cba71a31fd4aa13a02b22c9b7648e067be1c27c4c9f90549e745cb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 06:04:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=436015
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7468
expires: Tue, 21 Feb 2023 07:11:37 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame BD05 6 KB
6 KB 135ms
28ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F22247504-lw7f96bi.jpg&v=3&w=400&s=6cHdNp0nuIfBIvURRt1fOTto&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

b3265ec0ad58bbe316c0c4d0cc6ee7902152f35c5d5c96b0eef09d59d8503ca2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 06:04:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=5363
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 5648
expires: Thu, 16 Feb 2023 07:34:06 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame BD05 11 KB
12 KB 188ms
81ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1662530955%2F22203999-pPzqCdpV.jpg&v=3&w=400&s=RISYjSZdOh4Trz_jabRnb-xC&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

277c5b5baa90e089f5e8f68541933dfa3bc41568e0787954677a093ecb512c92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 06:04:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30282
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 11766
expires: Thu, 16 Feb 2023 14:29:24 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame BD05 32 KB
32 KB 220ms
113ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1671483602%2F22247538-DJ25p0aT.jpg&v=3&w=400&s=otwsd46JiE5B3EdeOYO-cm_y&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

c3ac8b4f815fea78c0b388cd1bb80d575ceb76a1cdaad18ac2854817a06c4962

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 06:04:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=4584
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 32320
expires: Thu, 16 Feb 2023 07:21:07 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame BD05 26 KB
26 KB 39ms
38ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F20266421-SFFeKXd4.jpg&v=3&w=400&s=pDUTbeGSX7guL1Uy7IrgBgd0&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

eb370d0cf8a89e349d3fa9ce2f3901ad5e890aec3eb38c94f286fff00617ce18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 06:04:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=460227
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 26196
expires: Tue, 21 Feb 2023 13:55:09 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame BD05 26 KB
26 KB 42ms
41ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1574680618%2F19350041-HdGURvFq.jpg&v=3&w=400&s=s7Y8hkE3oxHedDFEuqXS2Lt2&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

25e30933661da74c924c50e285b5b062c7efc697c07c320eb37df35ebbf97e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 06:04:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=197664
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 26426
expires: Sat, 18 Feb 2023 12:59:06 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame BD05 7 KB
7 KB 58ms
57ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1580993547%2F12111736-P6LyaHEn.jpg&v=3&w=400&s=XEmMv5t3FAlgWtLhLCl50JRS&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

d3b8194178341cabda7f111c7ed67c4ce117811c397c3d5ae6c5c5d0d8d037ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 06:04:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=176701
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 6742
expires: Sat, 18 Feb 2023 07:09:44 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame BD05 54 KB
54 KB 51ms
50ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1657012338%2F22147267-5fqMNGb4.jpg&v=3&w=400&s=SlN_rI4LJSIVagXRvtjYjGZs&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

de39b46e328ed2ee2c068993925426b988fee69bb793363a2fadcebad8121650

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 06:04:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=603319
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 55468
expires: Thu, 23 Feb 2023 05:40:01 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame BD05 11 KB
11 KB 49ms
48ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F21058995-aLlSfOy1.jpg&v=3&w=400&s=RziDElrWc-OxgA7nMRia0atT&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

5979eefe63a3d4826db0e54526fd56af17217961bf0ee4cefeeb705e3915e7bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 06:04:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=467398
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 10992
expires: Tue, 21 Feb 2023 15:54:41 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame BD05 9 KB
9 KB 43ms
42ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1573478455%2F19305485-Eyk2dNTp.jpg&v=3&w=400&s=clGqG9peNAg-I2yiIhVl_pcN&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

4ab456e9461641e5efb81e0b5fc8d235d73981534a2ca5cea3e092c1678e625a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 06:04:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=460802
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 9320
expires: Tue, 21 Feb 2023 14:04:44 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame BD05 17 KB
17 KB 50ms
49ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F19026544-7dMKeo34.jpg&v=3&w=400&s=k4XWukjPUSJAZMnBVXDDyOqa&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

bbaf0008de2e4bc67234574db19bcad720be615db83b520ace07b38d3f337d63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 06:04:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=544637
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16916
expires: Wed, 22 Feb 2023 13:21:59 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame BD05 6 KB
6 KB 47ms
46ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F22272395-m0ULgskY.jpg&v=3&w=400&s=QBcykATsfApeYK3564y8xg8Q&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e0e2174879763a941e6d7112ac9dfc9081722997c859d415bb75f895b501ada7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 06:04:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=117788
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 5998
expires: Fri, 17 Feb 2023 14:47:50 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame BD05 0
128 B 300ms
48ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=0vGCrgEfDZrhzgsdUYJwbOfU7DSCydxKBpkiWLMyvdXnKL8K3JR8EkzT6NetsJVhO3pVN64uaWseeAcQKh-Js7b68ZocJYPZAasCle-vOn4y7ZnmeE0ct6eQW_0rrkGqLHOiceB-OJVsvNcVGkA61-TmwC_xmF5uj48y8fPX1fDpVT8t0cskbQeKv4Pkm8Ktnh64UdrKKQ2IFmIKOIDlMvsOP0QVjdokIvH790jmutstS4wokgZjv8pNrQUh34uaPe0Jzg&sds=2&rev=84699&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 16 Feb 2023 06:04:41 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame BD05 2 KB
1 KB 40ms
39ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 06:04:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 11 Feb 2024 06:04:42 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame BD05 2 KB
1 KB 42ms
41ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 06:04:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 11 Feb 2024 06:04:42 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 139ms
67ms XHR
application/json 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230213&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93d108ff404d55d5fb096f8160c9612e95d466ebdd50f5f4cfc15db88c73cfe9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://instagramed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 06:04:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11215
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://instagramed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 06:04:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 16 Feb 2023 06:04:43 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4238 13 KB
5 KB 23ms
20ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://instagramed.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 28433
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 15 Feb 2023 22:10:50 GMT
expires: Thu, 15 Feb 2024 22:10:50 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8015 783 B
1 KB 85ms
33ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0ac58e583cac96a3cca09f48a071b7dde29f436e845033e54735bce07bcc0ae5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Q47H9UArgSwdob6eYD9APg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://instagramed.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-Q47H9UArgSwdob6eYD9APg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 16 Feb 2023 06:04:43 GMT
expires: Thu, 16 Feb 2023 06:04:43 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 6-mBnbZZAXMPHT3hzvxeUCpCwb2zquUgwTdAFaKOTjQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 4238 36 KB
14 KB 37ms
36ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6-mBnbZZAXMPHT3hzvxeUCpCwb2zquUgwTdAFaKOTjQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebe9819db65901730f1d3de1cefc5e502a42c1bdb3aae520c1374015a28e4e34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 06:22:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85350
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14458
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 17:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 Feb 2024 06:22:13 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8015 0
0 69ms
68ms Image
text/html 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230213&jk=4477886171755172&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4238 0
10 B 22ms
21ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?tw-tEw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 06:04:43 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 all
csm.eu.criteo.net/ Frame BD05 0
127 B 49ms
49ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 16 Feb 2023 06:04:42 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 71ms
70ms Image
text/html 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230213&jk=4477886171755172&bg=!CwilCFzNAAYuhb89DoU7ADkAdvg8WsRBKYW1pbt0rpYu_6xQyTpriF0WsN3TPZbf-577GfXdEewo8B0QYvgg0u5lU0dnbuQ8a9kCAAAAVlIAAAADaAEHCgBLyCXUg96305ZH7Uh7NOWjCTiaKYmBUpJQ87OdpAomyDc2pSonOe0QQ7EmsnTkTlsK0YxkSeDUvyZShIys86MuZekn1YtHvvdj5MgpmQLRUQWGZBr_2W_BgfpuHC8X5SvTHxL_T1EMdGT0cjy5N1LnLmS3JonBAUhmD-S-WH_KbXaN0cz7mvkuVoden94FnP4KwDlYnfMHm5qLeHHsYnNGrdxfmpoinaEl-uLGEmV_dXeIlnxafed_j0LM3uhjUnOuIwFmFTXShxwgJ085AxHKi1edozhu0yG0w7PmIccTyFGAzxEDA_7Nwy7t3RSM-oE15lOuE0-7sKP0GUYbas3w4wP1mQSc6R4tcG7q76SjoPVV_CrH6GET0lHnFFnjoDKd6-IQGMbZMrgC-Trhh0kXiHh1cckFGfuFLwUtbdqWxPlSO8i_fFUOA5xv5HGkkqP2YjMyKJJ0B_G_hlb5AMdGUDUJmg7weXyJsHAys0t8UkaCXz9Act4qRrUy7UCkW2IgdxGQ5DqPgz2P90hm_fUOMMsdrXF9wyq_xnPOP1sgXSrfTUlcFYxLeKaSJNEAKbgxJh0zePaYlbkqr_ALfUHDMuGDL_jFZfeJ1lHvvl0j6azYVGr5iTHJV8hLloDU5T5EYid9LiWGIMgccO1Dip17srMlyza2ox-4Xs-DXxGhsclxGCeLbNd427He0oW4pD7M97NRLjo3M4TBESbMl80KXM3xAQ-QqbrXvFf-14iLfSiWlgnDTwofwRdXgZeVUSs4d03ZTedGacHX_r_6lkunuBYj2XATjHmWlmd668Gg-l4tlGuinBhgz_F-MOyXOthYxEmW5qze7bTD6rnuruk31OQ4ii0JJ6Rn_2A1QuNUtH4dBn4bIskSYj4GRVf58curkgQsKkGcmfUZLdBCYnlXIpfGrS1zCrMwBWmLMdc3JwvVJpBZYTP5mBDY9ydveoImnbX1tafg3SEU7wausqVL0HS3gRxj0W4ggkohFOANrottcmwg5pFdp2YwDQ8HF6MXiv66dK9b8tuNN8qL20uz1B2bI_-DsxQtGfe1YIJL-Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://instagramed.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 374F 42 B
64 B 68ms
67ms Fetch
image/gif 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstNLMiT_jzU_tKLpSARG0n_o7jBXkkftf0tqhsDYROAJbhh4IqxmNV4DxH5iy-jJkyE6i5_MvcrejiXr0i6FDRGmFQ&sig=Cg0ArKJSzDO12-v0cOuvEAE&id=lidar2&mcvt=1000&p=0,0,280,1170&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230215&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2023025958&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1676527481753&rpt=1196&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 06:04:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
instagramed.ru/	1969-12-31 23:59:59	Name: evo17mfnqq Value: vj998i8vcvqovj38pmqmap1lr3
.instagramed.ru/	1970-01-20 19:03:43	Name: __gads Value: ID=9397c23ecdce20a1-22cac21d8edc0018:T=1676527481:RT=1676527481:S=ALNI_MbnyBxd74aFrz7CKTTQY7kgVQLvFw
.instagramed.ru/	1970-01-20 19:03:43	Name: __gpi Value: UID=00000bb74c31b46a:T=1676527481:RT=1676527481:S=ALNI_MYfr_tYgL_yDslZWozgKdYuQNk3Jg
.doubleclick.net/	1970-01-20 19:03:43	Name: IDE Value: AHWqTUm0iuiDuBJ1F5Y8T4_lN99z-9KOafhxdp8BHAyuLnqVL7jabcWW7zf4k7KXD9c

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://instagramed.ru/dilya-mac-os.html Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4223742104081029&output=html&h=280&slotname=9128289090&adk=2023025958&adf=837968023&pi=t.ma~as.9128289090&w=1170&fwrn=4&fwrnh=100&lmt=1676527481&rafmt=1&format=1170x280&url=https%3A%2F%2Finstagramed.ru%2Fdilya-mac-os.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676527481577&bpp=3&bdt=255&idt=156&shv=r20230213&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&correlator=8296510465334&frm=20&pv=2&ga_vid=1316702638.1676527482&ga_sid=1676527482&ga_hid=1168734971&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=222&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071643%2C31072479%2C31071269&oid=2&pvsid=4477886171755172&tmod=1694353492&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=bjMoBtdlFE&p=https%3A//instagramed.ru&dtd=175 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.com
adservice.google.de
cat.nl.eu.criteo.com
cdnjs.cloudflare.com
csm.eu.criteo.net
googleads.g.doubleclick.net
instagramed.ru
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
rtb.nl3.eu.criteo.com
static.criteo.net
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
178.250.2.148
213.232.240.187
2606:4700::6811:180e
2a00:1450:4001:800::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2001
2a00:1450:4001:828::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::2004
2a00:1450:400d:803::2002
2a00:1450:400d:80c::2002
2a02:2638:1::4
2a02:2638:1::8
2a02:2638:3::1a
2a02:2638:3::9
2a02:2638::3
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0ac58e583cac96a3cca09f48a071b7dde29f436e845033e54735bce07bcc0ae5
19bded2d9cba71a31fd4aa13a02b22c9b7648e067be1c27c4c9f90549e745cb9
25e30933661da74c924c50e285b5b062c7efc697c07c320eb37df35ebbf97e34
277c5b5baa90e089f5e8f68541933dfa3bc41568e0787954677a093ecb512c92
2b4727366dbbf82f3dc7d48c30bc9444860158da542dcc4b04eeeb6e0a7b6d60
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
367fdcc0be2d2ee77c74a57293b4cdf6066bdd606066e650aefb8779fd1fbb4d
37829df4b523a77765d8d1ec1e2d1b792ae654efe7c693c7ee5c89f4acba4fbc
48a487738ddee46416a0d274d5c01eebefaf096c2ab5ba09b9cb29dbd442f441
49044156892a937079a1bb6793deee3186e63c962c2d0b934f8f38d884e7d951
4ab456e9461641e5efb81e0b5fc8d235d73981534a2ca5cea3e092c1678e625a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5979eefe63a3d4826db0e54526fd56af17217961bf0ee4cefeeb705e3915e7bc
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6a42be2177da934e8272a302caaaef7cedc397fa30dd3e46e2e9ad146a156f88
6c78ce6b6d1928630b903084ea9d503643f303ba05455860cc7cd17f7687cc65
713ba573bd44652ff38f4445d9807d587e34e2e81ebdcae673a4414606d784e8
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7be407e0fbe01c52d593198f0020ce824873abc9150c088e547b795639440cd4
7e49617a8ac3a6d3a5f620d985b815aeee2979e36025a28aa7908e6ba7410a61
89063c896f3ff978cbecd97312879f288e207d519781425f0d7f9dd203dff653
8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
93d108ff404d55d5fb096f8160c9612e95d466ebdd50f5f4cfc15db88c73cfe9
955a41356b0725ab44d7929ed1941565c5e1012e85d7418f534574d9a2f6300f
968a8e56e4adaf8c135199ebd7f6cc065424ca45974d4dfbeb5607e69fe72fcd
98e15110586a9877906d7a4ada5a789c0deaa285600027e1f3c7e925fb4b05b7
9a96becc9aae33eb0e3036c6654a56967486260a8a1dcadd51241ec2cc7394ca
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b3265ec0ad58bbe316c0c4d0cc6ee7902152f35c5d5c96b0eef09d59d8503ca2
bbaf0008de2e4bc67234574db19bcad720be615db83b520ace07b38d3f337d63
c2264f9ea021b09971ebee24d75bcdb8a517dce219c0cf1ad9fc543151760742
c3ac8b4f815fea78c0b388cd1bb80d575ceb76a1cdaad18ac2854817a06c4962
ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f
cf6153f14aaa07394ebbae94e6f2cb1f83259f64eeeb073e37c3141059cffe83
d3b8194178341cabda7f111c7ed67c4ce117811c397c3d5ae6c5c5d0d8d037ce
da43484f56b809a928504ef06e6bfd9c745346143363dec5f0c5280b1c418e09
dc3dd1958c8c96494a868ce922090704dfe779f54e7b059408077b6d59584d13
de39b46e328ed2ee2c068993925426b988fee69bb793363a2fadcebad8121650
e0e2174879763a941e6d7112ac9dfc9081722997c859d415bb75f895b501ada7
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea44e24bde143682df3c5b18862c5e197954494b954609e81a84933a8bbd3c18
eb370d0cf8a89e349d3fa9ce2f3901ad5e890aec3eb38c94f286fff00617ce18
ebe9819db65901730f1d3de1cefc5e502a42c1bdb3aae520c1374015a28e4e34
ec2b12fc8c9d57f2f2308f8944b22bddb6a79334d4a72385482a0eca180a94cc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
fffcbea111dc195b3afe12252cf755e965e6d94c84a6bedd8675c592301f025f

instagramed.ru Open in urlscan Pro 213.232.240.187 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

64 Requests

100 %HTTPS

88 %IPv6

10 Domains

16 Subdomains

17 IPs

5 Countries

985 kBTransfer

1885 kBSize

4 Cookies

0 Outgoing links

Redirected requests

64 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

instagramed.ru Open in urlscan Pro
213.232.240.187 Public Scan

Screenshot
Live screenshot

Full Image

64
Requests

100 %
HTTPS

88 %
IPv6

10
Domains

16
Subdomains

17
IPs

5
Countries

985 kB
Transfer

1885 kB
Size

4
Cookies

64 HTTP transactions
1 data transactions