siv.cc Open in urlscan Pro
166.0.254.251 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://12893.com/
Effective URL:
http://siv.cc/domain/12893.com
Submission: On December 04 via api (December 4th 2023, 4:20:12 am UTC) from BY — Scanned from DE

Summary HTTP 43 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 18 IPs in 4 countries across 12 domains to perform 43 HTTP transactions. The main IP is 166.0.254.251, located in Idabel, United States and belongs to ASN-QUADRANET-GLOBAL, US. The main domain is siv.cc.

This is the only time siv.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	166.0.254.251 166.0.254.251	8100 (ASN-QUADR...) (ASN-QUADRANET-GLOBAL)
7	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2408:8710:102... 2408:8710:1020:78:3::393	4837 (CHINA169-...) (CHINA169-BACKBONE CHINA UNICOM China169 Backbone)
1	121.5.110.244 121.5.110.244	45090 (TENCENT-N...) (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited)
3	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
43	18

3 166.0.254.251 (Idabel, United States) 1 redirects

ASN8100 (ASN-QUADRANET-GLOBAL, US)

12893.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
siv.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2408:8710:1020:78:3::393 (China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)

s23.cnzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 121.5.110.244 (China)

ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)

tj.fopy.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	criteo.net static.criteo.net — Cisco Umbrella Rank: 631 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 10143 csm.eu.criteo.net — Cisco Umbrella Rank: 9625	62 KB
12	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	239 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2189	21 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	19 KB
3	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 9522 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10971 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 16316	50 KB
2	siv.cc siv.cc	4 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	64 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	80 KB
1	fopy.cn tj.fopy.cn	979 B
1	cnzz.com s23.cnzz.com — Cisco Umbrella Rank: 379797	552 B
1	12893.com 1 redirects 12893.com	207 B
43	12

	Domain	Requested by
7	static.criteo.net	ads.eu.criteo.com
7	pagead2.googlesyndication.com	siv.cc pagead2.googlesyndication.com www.googletagservices.com tpc.googlesyndication.com
5	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
4	imageproxy.eu.criteo.net	ads.eu.criteo.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	www.google-analytics.com	siv.cc www.google-analytics.com
2	csm.eu.criteo.net	ads.eu.criteo.com
2	siv.cc	siv.cc
1	www.google.com	tpc.googlesyndication.com
1	rtb.fr3.eu.criteo.com	googleads.g.doubleclick.net
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	www.google-analytics.com
1	tj.fopy.cn	siv.cc
1	s23.cnzz.com	siv.cc
1	12893.com	1 redirects
43	18

This site contains links to these domains. Also see Links.

Domain
7808.net
haoip.cn

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tj.fopy.cn Encryption Everywhere DV TLS CA - G1	`2023-08-14` - `2024-08-13`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-03` - `2024-02-28`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-17` - `2024-01-18`	3 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-07` - `2023-12-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 7 frames:

Primary Page: http://siv.cc/domain/12893.com
Frame ID: C353D192A8AD7219DFDB9A17E3791FEC
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html
Frame ID: 133FD331CD4E5CE74112AB1CA5C2AB6B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9627012291018827&output=html&h=280&slotname=8211871142&adk=1607395873&adf=3017137674&pi=t.ma~as.8211871142&w=400&fwrn=4&fwrnh=100&lmt=1701663608&rafmt=1&format=400x280&url=http%3A%2F%2Fsiv.cc%2Fdomain%2F12893.com&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1701663608231&bpp=6&bdt=145&idt=101&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&correlator=6000427846903&frm=20&pv=2&ga_vid=1982867681.1701663608&ga_sid=1701663608&ga_hid=1185426705&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=838&ady=210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078301%2C44807764%2C44808149%2C44808285%2C44809072%2C44809918&oid=2&pvsid=1158617479063976&tmod=577165916&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=113
Frame ID: EE6FDBAE63F6C35259821F7EBA7E0F7E
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9627012291018827&output=html&adk=1812271804&adf=3025194257&lmt=1701663608&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=http%3A%2F%2Fsiv.cc%2Fdomain%2F12893.com&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&aslmct=0.6&asamct=0.6&dt=1701663608239&bpp=2&bdt=152&idt=113&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=400x280&nras=1&correlator=6000427846903&frm=20&pv=1&ga_vid=1982867681.1701663608&ga_sid=1701663608&ga_hid=1185426705&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078301%2C44807764%2C44808149%2C44808285%2C44809072%2C44809918&oid=2&pvsid=1158617479063976&tmod=577165916&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=122
Frame ID: 21525DDAB00DFC0C17853330E31E7F29
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZW1TeAAFj9wHg5LgAAspLhPV2L-be_B9Bb_4mg&u=%7CVz%2F3gfJxhFWPKdlrr5NIAYFa1hl8X2rE1OjCiYBBj%2B8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866lgAAKCDmYuWY0JMQcr6vJrB3Aw3bPa6SCkuZ62S-DkaKOkoecvgE2l1ed9hTSz1tE1YtuJ5BsTT2wZIWh2DtQD23PI15ihBlTUzeOgZcUBg5Uvu9iJOdZ_fWb8fV9MIUkRybHDnsncrhfMp2t9-xsSeYm7OAI58kaMzNRJOA5-9xqSexFr_5yHXt6epwfliWbn20Y8zlA_Ji4pgatr2viS0VCz9Oh0oRhgRo3BDSTa4Jh-uThzT0PfDguBH3O7NbBSaUPqAnGKNMTgBQt8Q2JM6JGN9eFwkAa0tqe1MBgj9-RTMLJiCnqQ8F3PEyFaqTcJG9AjZ0KH70j2BU10s_WrQEFvBhujusEP6lpMZJr0eSYNNEYEwr0tlDuMdrpJ7Sb-qONnoCkRE0t9Gx3kI8djq_vt4qdB35SMLdd0HYPh46_mvuaoDGkn0EoAqE0CO74o_DIcNJyPYUcsjcCEdJICd_MPnRGQI6gmvIeEdMJq3SE8MDKYsTdFCGnY7Hi_DivQ9qedcNO6t8VsBeuX6kgKJSndptcPOYhEXPe_7Cq6pfDBlVtXxgA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6qhJeFNtZdyfFuCljuwPrtKs-APJntKxXM2G49aTAcCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi05NjI3MDEyMjkxMDE4ODI3yAEJqQKHFnI5ikKyPqgDAcgDAqoEvwFP0DckjZxOlIKwnr6DuFAliZ-DDH2MaoAqFC2XM1MaEzxs5yQPgXD2KaYO1sdXpe671hWUZAHYNr0ANbrP_CiGXXHnGW3Qq6DzUxiKbn8GqTlT-F0mGbXxdwwidXoxIx5HZATNamYSnnmZg-zw3z5MtgzyUUKmWGhiuFlTWtHXFL-IWejQUHN6T3vHBzA44HnOZT0piUbErluIT-ekuFj9eoTtRbBpHiOJog6zXVAGoyxClhXnwMWuBPd8wMpMWYAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLyhnff29IID-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2tE3IMwbTuntQs3QzgmraRk07rnA%26client%3Dca-pub-9627012291018827%26adurl%3D
Frame ID: 4032A89E58BF6E2736AF444B116AC574
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 77DBFCB2AA7B7544B7B76DC9074A42CE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 01B4D3A75A5B369038F9C46F162D7497
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

12893.com - 四维米表

Page URL History Show full URLs

http://12893.com/ HTTP 302
http://siv.cc/domain/12893.com Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

43
Requests

86 %
HTTPS

82 %
IPv6

12
Domains

18
Subdomains

18
IPs

4
Countries

541 kB
Transfer

1405 kB
Size

7
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://7808.net/12893.com
Title: 查询Whois

Search URL Search Domain Scan URL

URL: http://haoip.cn/
Title: 好IP在线工具

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://12893.com/ HTTP 302
http://siv.cc/domain/12893.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 8

http://www.google-analytics.com/collect?v=1&_v=j101&a=1185426705&t=event&_s=2&dl=http%3A%2F%2Fsiv.cc%2Fdomain%2F12893.com&ul=en-us&de=UTF-8&dt=12893.com%20-%20%E5%9B%9B%E7%BB%B4%E7%B1%B3%E8%A1%A8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=view&ea=outside&el=12893.com&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=1982867681.1701663608&tid=UA-66539489-1&_gid=966567283.1701663608&z=1858981218 HTTP 307
https://www.google-analytics.com/collect?v=1&_v=j101&a=1185426705&t=event&_s=2&dl=http%3A%2F%2Fsiv.cc%2Fdomain%2F12893.com&ul=en-us&de=UTF-8&dt=12893.com%20-%20%E5%9B%9B%E7%BB%B4%E7%B1%B3%E8%A1%A8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=view&ea=outside&el=12893.com&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=1982867681.1701663608&tid=UA-66539489-1&_gid=966567283.1701663608&z=1858981218

43 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request 12893.com Show response
siv.cc/domain/
Redirect Chain

http://12893.com/
http://siv.cc/domain/12893.com

8 KB
3 KB

1891ms
143ms

Document
text/html

166.0.254.251
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: http://siv.cc/domain/12893.com
Protocol: HTTP/1.1
Server: 166.0.254.251 Idabel, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
Software: nginx /
Resource Hash: 982a11fda1e55321d4ca8cdae9195eb9b6d484822a64dad4364e661e1ecfc3df

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Mon, 04 Dec 2023 04:20:08 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Type: text/html;charset=utf-8
Date: Mon, 04 Dec 2023 04:20:06 GMT
Location: http://siv.cc/domain/12893.com
Server: nginx
Transfer-Encoding: chunked

GET
H/1.1 200
OK main.css
siv.cc/style/ 3 KB
1 KB 142ms
142ms Stylesheet
text/css 166.0.254.251
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: http://siv.cc/style/main.css
Requested by: Host: siv.cc
URL: http://siv.cc/domain/12893.com
Protocol: HTTP/1.1
Server: 166.0.254.251 Idabel, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
Software: nginx /
Resource Hash: 04d65024656f108939ae3657197fbe1808ef26f4376fe8c010318b9fd034b311

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://siv.cc/domain/12893.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 04:20:08 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 Feb 2019 10:21:13 GMT
Server: nginx
ETag: W/"5c6fcd19-b60"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=43200
Connection: keep-alive
Expires: Mon, 04 Dec 2023 16:20:08 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
55 KB 37ms
23ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: siv.cc
URL: http://siv.cc/domain/12893.com

Protocol

HTTP/1.1

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6ba1a006967159889b49ca0c55fc8fd9cf79a4b501be04a13e390c1a0505576d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://siv.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 04:20:08 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 55802
X-XSS-Protection: 0
Server: cafe
ETag: 3069733917216306130
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Mon, 04 Dec 2023 04:20:08 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/ Frame 133F 9 KB
4 KB 35ms
7ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://siv.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 25763
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 21:10:45 GMT
etag: 12051592065903069241
expires: Sun, 17 Dec 2023 21:10:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/ 398 KB
135 KB 68ms
47ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9627012291018827&plah=siv.cc

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9628d560d53636ca6c940f0f2548645a060bc0a97b076f7e524d5afc28c3a0d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://siv.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 04:20:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137670
x-xss-protection: 0
server: cafe
etag: 8006336050431723154
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 04:20:08 GMT

GET
H/1.1 200
OK stat.php Show response
s23.cnzz.com/ 0
552 B 1541ms
419ms Script
text/plain 2408:8710:1020:78:3::393
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: http://s23.cnzz.com/stat.php?id=4099811&web_id=4099811
Requested by: Host: siv.cc
URL: http://siv.cc/domain/12893.com
Protocol: HTTP/1.1
Server: 2408:8710:1020:78:3::393 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://siv.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 04:20:09 GMT
content-encoding: gzip
Via: cache2.l2ea120-8[47,47,200-0,M], cache27.l2ea120-8[48,0], cache5.cn4961[126,126,200-0,M], cache13.cn4961[128,0]
Server: Tengine
Age: 0
X-Swift-CacheTime: 90
vary: accept-encoding
Ali-Swift-Global-Savetime: 1701663609
X-Cache: MISS TCP_MISS dirn:-2:-2
cache-control: public, max-age=90
Connection: keep-alive
X-Swift-SaveTime: Mon, 04 Dec 2023 04:20:09 GMT
Timing-Allow-Origin: *
Content-Length: 20
EagleId: 7d27672117016636094783357e

GET
H2 200 stats.js Show response
tj.fopy.cn/ 2 KB
979 B 2309ms
197ms Script
application/javascript 121.5.110.244
TENCENT-NET-AP Sh...

General

Check archive.org

Show headers Download Go to

Full URL

https://tj.fopy.cn/stats.js

Requested by

Host: siv.cc
URL: http://siv.cc/domain/12893.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

121.5.110.244 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),

Reverse DNS

Software

nginx /

Resource Hash

86a5ea62a903307f642b587448630a2bda187a185e439e897c8cc5b89843a3e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://siv.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 04:20:10 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 25 Oct 2018 07:19:51 GMT
server: nginx
etag: W/"5bd16e97-7ca"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8,gbk
cache-control: max-age=43200
expires: Mon, 04 Dec 2023 16:20:10 GMT

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

52 KB
21 KB

27ms
6ms

Script
text/javascript

2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: siv.cc
URL: http://siv.cc/domain/12893.com

Protocol

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://siv.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 04 Dec 2023 02:31:40 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6508
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 04 Dec 2023 04:31:40 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
152 B 14ms
13ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1185426705&t=pageview&_s=1&dl=http%3A%2F%2Fsiv.cc%2Fdomain%2F12893.com&ul=en-us&de=UTF-8&dt=12893.com%20-%20%E5%9B%9B%E7%BB%B4%E7%B1%B3%E8%A1%A8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1219974519&gjid=1131180442&cid=1982867681.1701663608&tid=UA-66539489-1&_gid=966567283.1701663608&_r=1&_slc=1&z=829187513

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8fe8aad18e9e17812cc5a077bfa5bde104694794450d3341a3eb68ddf1911dfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://siv.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 04:20:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://siv.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/collect?v=1&_v=j101&a=1185426705&t=event&_s=2&dl=http%3A%2F%2Fsiv.cc%2Fdomain%2F12893.com&ul=en-us&de=UTF-8&dt=12893.com%20-%20%E5%9B%9B%E7%BB%B4%E7%B1%B3%E8%A1%A8&s...
https://www.google-analytics.com/collect?v=1&_v=j101&a=1185426705&t=event&_s=2&dl=http%3A%2F%2Fsiv.cc%2Fdomain%2F12893.com&ul=en-us&de=UTF-8&dt=12893.com%20-%20%E5%9B%9B%E7%BB%B4%E7%B1%B3%E8%A1%A8&...

35 B
194 B

7ms
6ms

Image
image/gif

2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1185426705&t=event&_s=2&dl=http%3A%2F%2Fsiv.cc%2Fdomain%2F12893.com&ul=en-us&de=UTF-8&dt=12893.com%20-%20%E5%9B%9B%E7%BB%B4%E7%B1%B3%E8%A1%A8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=view&ea=outside&el=12893.com&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=1982867681.1701663608&tid=UA-66539489-1&_gid=966567283.1701663608&z=1858981218

Requested by

Host: siv.cc
URL: http://siv.cc/domain/12893.com

Protocol

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://siv.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 12:30:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 57006
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/collect?v=1&_v=j101&a=1185426705&t=event&_s=2&dl=http%3A%2F%2Fsiv.cc%2Fdomain%2F12893.com&ul=en-us&de=UTF-8&dt=12893.com%20-%20%E5%9B%9B%E7%BB%B4%E7%B1%B3%E8%A1%A8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=view&ea=outside&el=12893.com&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=1982867681.1701663608&tid=UA-66539489-1&_gid=966567283.1701663608&z=1858981218
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 222 KB
80 KB 43ms
22ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GQJK1XKR4G&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d2427e7fa01bec6675fec2ceda092c69bba035f909b6d391253c9cb3ca362ca4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://siv.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 04:20:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81253
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 04 Dec 2023 04:20:08 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EE6F 36 KB
15 KB 226ms
226ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9627012291018827&output=html&h=280&slotname=8211871142&adk=1607395873&adf=3017137674&pi=t.ma~as.8211871142&w=400&fwrn=4&fwrnh=100&lmt=1701663608&rafmt=1&format=400x280&url=http%3A%2F%2Fsiv.cc%2Fdomain%2F12893.com&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1701663608231&bpp=6&bdt=145&idt=101&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&correlator=6000427846903&frm=20&pv=2&ga_vid=1982867681.1701663608&ga_sid=1701663608&ga_hid=1185426705&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=838&ady=210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078301%2C44807764%2C44808149%2C44808285%2C44809072%2C44809918&oid=2&pvsid=1158617479063976&tmod=577165916&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=113

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9627012291018827&plah=siv.cc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae305c67589be3a4dad6a8204344de258698a0dfa56dc40d10f43c159a3f1431

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://siv.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 14662
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 04:20:08 GMT
expires: Mon, 04 Dec 2023 04:20:08 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2152 0
171 B 17ms
16ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9627012291018827&output=html&adk=1812271804&adf=3025194257&lmt=1701663608&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=http%3A%2F%2Fsiv.cc%2Fdomain%2F12893.com&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&aslmct=0.6&asamct=0.6&dt=1701663608239&bpp=2&bdt=152&idt=113&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=400x280&nras=1&correlator=6000427846903&frm=20&pv=1&ga_vid=1982867681.1701663608&ga_sid=1701663608&ga_hid=1185426705&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078301%2C44807764%2C44808149%2C44808285%2C44809072%2C44809918&oid=2&pvsid=1158617479063976&tmod=577165916&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=122

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://siv.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 04:20:08 GMT
expires: Mon, 04 Dec 2023 04:20:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
247 B 35ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-GQJK1XKR4G&gtm=45je3bt0v9110501374&_p=1701663608300&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=1982867681.1701663608&_eu=ABAI&_s=1&dl=http%3A%2F%2Fsiv.cc%2Fdomain%2F12893.com&dt=12893.com%20-%20%E5%9B%9B%E7%BB%B4%E7%B1%B3%E8%A1%A8&sid=1701663608&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=5636
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GQJK1XKR4G&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://siv.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 04:20:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://siv.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame EE6F 3 KB
1 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9627012291018827&output=html&h=280&slotname=8211871142&adk=1607395873&adf=3017137674&pi=t.ma~as.8211871142&w=400&fwrn=4&fwrnh=100&lmt=1701663608&rafmt=1&format=400x280&url=http%3A%2F%2Fsiv.cc%2Fdomain%2F12893.com&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1701663608231&bpp=6&bdt=145&idt=101&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&correlator=6000427846903&frm=20&pv=2&ga_vid=1982867681.1701663608&ga_sid=1701663608&ga_hid=1185426705&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=838&ady=210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078301%2C44807764%2C44808149%2C44808285%2C44809072%2C44809918&oid=2&pvsid=1158617479063976&tmod=577165916&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=113

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 19:44:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30968
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 19:44:00 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame EE6F 20 KB
9 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29878
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 20:02:10 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame EE6F 202 KB
64 KB 42ms
15ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 04:20:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Dec 2023 04:20:08 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 4032 148 KB
49 KB 82ms
57ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZW1TeAAFj9wHg5LgAAspLhPV2L-be_B9Bb_4mg&u=%7CVz%2F3gfJxhFWPKdlrr5NIAYFa1hl8X2rE1OjCiYBBj%2B8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866lgAAKCDmYuWY0JMQcr6vJrB3Aw3bPa6SCkuZ62S-DkaKOkoecvgE2l1ed9hTSz1tE1YtuJ5BsTT2wZIWh2DtQD23PI15ihBlTUzeOgZcUBg5Uvu9iJOdZ_fWb8fV9MIUkRybHDnsncrhfMp2t9-xsSeYm7OAI58kaMzNRJOA5-9xqSexFr_5yHXt6epwfliWbn20Y8zlA_Ji4pgatr2viS0VCz9Oh0oRhgRo3BDSTa4Jh-uThzT0PfDguBH3O7NbBSaUPqAnGKNMTgBQt8Q2JM6JGN9eFwkAa0tqe1MBgj9-RTMLJiCnqQ8F3PEyFaqTcJG9AjZ0KH70j2BU10s_WrQEFvBhujusEP6lpMZJr0eSYNNEYEwr0tlDuMdrpJ7Sb-qONnoCkRE0t9Gx3kI8djq_vt4qdB35SMLdd0HYPh46_mvuaoDGkn0EoAqE0CO74o_DIcNJyPYUcsjcCEdJICd_MPnRGQI6gmvIeEdMJq3SE8MDKYsTdFCGnY7Hi_DivQ9qedcNO6t8VsBeuX6kgKJSndptcPOYhEXPe_7Cq6pfDBlVtXxgA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6qhJeFNtZdyfFuCljuwPrtKs-APJntKxXM2G49aTAcCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi05NjI3MDEyMjkxMDE4ODI3yAEJqQKHFnI5ikKyPqgDAcgDAqoEvwFP0DckjZxOlIKwnr6DuFAliZ-DDH2MaoAqFC2XM1MaEzxs5yQPgXD2KaYO1sdXpe671hWUZAHYNr0ANbrP_CiGXXHnGW3Qq6DzUxiKbn8GqTlT-F0mGbXxdwwidXoxIx5HZATNamYSnnmZg-zw3z5MtgzyUUKmWGhiuFlTWtHXFL-IWejQUHN6T3vHBzA44HnOZT0piUbErluIT-ekuFj9eoTtRbBpHiOJog6zXVAGoyxClhXnwMWuBPd8wMpMWYAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLyhnff29IID-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2tE3IMwbTuntQs3QzgmraRk07rnA%26client%3Dca-pub-9627012291018827%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7c944f4fc00836b833b97089d141e68ab6e27a2ec777dc1f18c5d7069a92c482

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 04:20:08 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=T2APBYE8mr5CUazPYeBCJU5YHV0GJBJZ-5aDcASqijMfk14mmW5rGXNfDiH1eEm_6Hv084vRH63z3jIOSEMskTlU6DroiH_VzqlTiCpgvLXPdGE4CU68jFjMLOUY94nKCSkNccfiF5Nc2AiBeFRb1UuDw11sXs1FLe-vLTr7oXzkIODk6W2YMaeZQueOJUxXC8gJE8JABzqowYqbdpLcxNCoOqwaFYJrTl-kdctyTkWwb5dQKY7dwz4tPD_fKuMRB7OHvQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 42741353
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame EE6F 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b0fe22926d8f2d816d4781b30691d50f5694f1e5cfd22e97818b5e9aa0269cf6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 4032 2 KB
1 KB 39ms
12ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZW1TeAAFj9wHg5LgAAspLhPV2L-be_B9Bb_4mg&u=%7CVz%2F3gfJxhFWPKdlrr5NIAYFa1hl8X2rE1OjCiYBBj%2B8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866lgAAKCDmYuWY0JMQcr6vJrB3Aw3bPa6SCkuZ62S-DkaKOkoecvgE2l1ed9hTSz1tE1YtuJ5BsTT2wZIWh2DtQD23PI15ihBlTUzeOgZcUBg5Uvu9iJOdZ_fWb8fV9MIUkRybHDnsncrhfMp2t9-xsSeYm7OAI58kaMzNRJOA5-9xqSexFr_5yHXt6epwfliWbn20Y8zlA_Ji4pgatr2viS0VCz9Oh0oRhgRo3BDSTa4Jh-uThzT0PfDguBH3O7NbBSaUPqAnGKNMTgBQt8Q2JM6JGN9eFwkAa0tqe1MBgj9-RTMLJiCnqQ8F3PEyFaqTcJG9AjZ0KH70j2BU10s_WrQEFvBhujusEP6lpMZJr0eSYNNEYEwr0tlDuMdrpJ7Sb-qONnoCkRE0t9Gx3kI8djq_vt4qdB35SMLdd0HYPh46_mvuaoDGkn0EoAqE0CO74o_DIcNJyPYUcsjcCEdJICd_MPnRGQI6gmvIeEdMJq3SE8MDKYsTdFCGnY7Hi_DivQ9qedcNO6t8VsBeuX6kgKJSndptcPOYhEXPe_7Cq6pfDBlVtXxgA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6qhJeFNtZdyfFuCljuwPrtKs-APJntKxXM2G49aTAcCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi05NjI3MDEyMjkxMDE4ODI3yAEJqQKHFnI5ikKyPqgDAcgDAqoEvwFP0DckjZxOlIKwnr6DuFAliZ-DDH2MaoAqFC2XM1MaEzxs5yQPgXD2KaYO1sdXpe671hWUZAHYNr0ANbrP_CiGXXHnGW3Qq6DzUxiKbn8GqTlT-F0mGbXxdwwidXoxIx5HZATNamYSnnmZg-zw3z5MtgzyUUKmWGhiuFlTWtHXFL-IWejQUHN6T3vHBzA44HnOZT0piUbErluIT-ekuFj9eoTtRbBpHiOJog6zXVAGoyxClhXnwMWuBPd8wMpMWYAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLyhnff29IID-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2tE3IMwbTuntQs3QzgmraRk07rnA%26client%3Dca-pub-9627012291018827%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 04:20:08 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 28 Nov 2024 04:20:08 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 4032 2 KB
1 KB 41ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 04:20:08 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 28 Nov 2024 04:20:08 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 4032 308 B
636 B 39ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 04:20:08 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 28 Nov 2024 04:20:08 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 4032 293 B
621 B 42ms
16ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 04:20:08 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Thu, 28 Nov 2024 04:20:08 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 4032 43 B
348 B 59ms
14ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=jKA2lN6CE6D-1zVCyUDLT1rTLHR-VzL1GXU7o7YiK-MQHy6sqdWMHVftsWTFKz-FbBMpKU0ZCNw4hPQPVClAkI4PQuTv-_CTKx1eRNXy0HUp3-PPLB1_7Xb5z8lHww-DDux91ZE7wtvDN2Jb0mQ3WRQ9TWZGhZD9zmMq63sdye0WdiH09v8So_yHcYoGxMM1TF7IjShC5DVcgUB3gpQ_9LqfhHU3Tn7-yh7jg0Tz6Y5lkeOqeUT2hlW3H2kFg4YSfzOvrww-DtsR6n7aByy0PNhUZACk7ygw2GqP4KZ4iFgSb1H4Srww8GSLekSWCmKUylDNE6tuPOdEGvdziZQOBpOBz7nHE9EC_UdZvnxIbtio65GUt3n3mua4zoHPUZb8jNhfnryVmf8JMb9HfeAT2MShsLTbWNpI5-aJvPGbHzjGnOXopfClC-9UBmAHCthD4PiZyw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 04:20:07 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1608192
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 4032 12 KB
6 KB 40ms
24ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 04:20:08 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 28 Nov 2024 04:20:08 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 4032 13 KB
13 KB 61ms
26ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=168&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F105623%2F5022139%2Fde7bb98efd3a445e80511badf471eccc_eu_oveckarna_vertikalni_hneda.png&v=3&w=796&rid=4&s=bbIF1oECqu8Y9nEglBoVx7Wg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3d860cdd4c6a9152cc624755138d4e841033133703a360f6d82a63ef9dc3cd83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 04:20:08 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 12910
expires: Sun, 03 Nov 2024 04:28:02 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 4032 15 KB
15 KB 58ms
23ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F1%2F11461_102.jpg%3F1637921114_2&v=3&w=400&rid=4&s=Mk6aCbOMrkhsLsruILQ6XPcB&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ee87e6547702fb6ef8a6f9d5ef54c46594c7481654f383a9ba9c17867932172c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 04:20:08 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 15494
expires: Tue, 05 Dec 2023 04:35:40 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 4032 8 KB
9 KB 65ms
30ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F9%2F10289_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=N2-N3FEOfepReAgBnHPPF5ZX&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

37f81dfa473e551ebde3be297dee64b41c2c3d67707ad27c2ea238c37764d8bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 04:20:07 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 8586
expires: Mon, 04 Dec 2023 12:47:18 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 4032 12 KB
13 KB 70ms
36ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F0%2F7210_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=2ShoipM3DI1nSIV-aaDBJ8vj&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

fa57cfcc89f5b4e0bc92a1aabc1f6d0b0cb941af909541f0a55211789392cbf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 04:20:08 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 12642
expires: Thu, 21 Dec 2023 06:46:40 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 4032 0
128 B 39ms
12ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=T2APBYE8mr5CUazPYeBCJU5YHV0GJBJZ-5aDcASqijMfk14mmW5rGXNfDiH1eEm_6Hv084vRH63z3jIOSEMskTlU6DroiH_VzqlTiCpgvLXPdGE4CU68jFjMLOUY94nKCSkNccfiF5Nc2AiBeFRb1UuDw11sXs1FLe-vLTr7oXzkIODk6W2YMaeZQueOJUxXC8gJE8JABzqowYqbdpLcxNCoOqwaFYJrTl-kdctyTkWwb5dQKY7dwz4tPD_fKuMRB7OHvQ&sds=2&rev=89278&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 04 Dec 2023 04:20:07 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 4032 2 KB
1 KB 21ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 04:20:08 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 28 Nov 2024 04:20:08 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 4032 2 KB
1 KB 14ms
12ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 04:20:08 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 28 Nov 2024 04:20:08 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame EE6F 0
23 B 50ms
50ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CeNDzeFNtZdyfFuCljuwPrtKs-APJntKxXM2G49aTAcCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi05NjI3MDEyMjkxMDE4ODI3yAEJqQKHFnI5ikKyPqgDAcgDAqoEvAFP0DckjZxOlIKwnr6DuFAliZ-DDH2MaoAqFC2XM1MaEzxs5yQPgXD2KaYO1sdXpe671hWUZAHYNr0ANbrP_CiGXXHnGW3Qq6DzUxiKbn8GqTlT-F0mGbXxdwwidXoxIx5HZATNamYSnnmZg-zw3z5MtgzyUUKmWGhiuFlTWtHXFL-IWejQUHN6T3vHBzA44HnOZT0piUaGrHoaz3R0hf4tXV5hZVnNEASDFASdRdKyaxHkZKr57N02zmNcKYAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLyhnff29IIDgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTk2MjcwMTIyOTEwMTg4MjcYAA&sigh=ceL_u8K6YIA&uach_m=%5BUACH%5D&cid=CAQSTgDICaaNyOLPHgj4KofbRZhwj9yZHGV8CK1w7YJmLRTIObhfe5IpESGMB-k8cXrHMzytnB48vtMMmKEIDoWG3WGEJz4z3QixT4YW8WjlIRgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9627012291018827&output=html&h=280&slotname=8211871142&adk=1607395873&adf=3017137674&pi=t.ma~as.8211871142&w=400&fwrn=4&fwrnh=100&lmt=1701663608&rafmt=1&format=400x280&url=http%3A%2F%2Fsiv.cc%2Fdomain%2F12893.com&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1701663608231&bpp=6&bdt=145&idt=101&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&correlator=6000427846903&frm=20&pv=2&ga_vid=1982867681.1701663608&ga_sid=1701663608&ga_hid=1185426705&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=838&ady=210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078301%2C44807764%2C44808149%2C44808285%2C44809072%2C44809918&oid=2&pvsid=1158617479063976&tmod=577165916&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=113
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 04 Dec 2023 04:20:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 04 Dec 2023 04:20:08 GMT

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame EE6F 0
126 B 54ms
16ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kI7EGMz6RJADmAKdg2ICAgAAAG_-PVSgF2mCEHdTbWWJZ_CIr_PwUMqWAAASAAAKCkFRVUREd0VCRHc&wp=ZW1TeAAFj9wHg5LgAAspLhPV2L-be_B9Bb_4mg&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 04:20:08 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 155019
server: Kestrel
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EE6F 42 B
64 B 58ms
43ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssKhAHzrxJnfS5xRIYzkXwM84w8GaDpmUkVNYyjAn6to4dAQQvB69S6hg3b4VwpObwse5OrHmVWsW9R-YxEQCN3UGGto7XVwzVd8scldQfqv-rSfGNUeQ&sig=Cg0ArKJSzK6JT-4F6yUrEAE&id=lidar2&mcvt=1000&p=0,0,280,400&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1607395873&rs=2&la=0&cr=0&vs=4&r=v&rst=1701663608346&rpt=325&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 04:20:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 4032 0
127 B 13ms
12ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 04 Dec 2023 04:20:08 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 21ms
21ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231129&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7652b1e8e5ec6dffb151bf38061d55f375d4ba69f8476cc73735ed455cfb058b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://siv.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 04:20:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12185
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://siv.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 04:20:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Dec 2023 04:20:10 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 77DB 13 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://siv.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 30969
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 19:44:01 GMT
expires: Mon, 02 Dec 2024 19:44:01 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 01B4 829 B
1 KB 38ms
17ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

40c410284e52e588223fe749f2bb745d61ec7e71a6098653ec887e21c2db28dd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IVdBCMQgLr5qIEm9oQIl5g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://siv.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-IVdBCMQgLr5qIEm9oQIl5g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 04:20:10 GMT
expires: Mon, 04 Dec 2023 04:20:10 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 77DB 39 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 19:25:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32071
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 02 Dec 2024 19:25:39 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 01B4 0
0 41ms
40ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231129&jk=1158617479063976&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 77DB 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?NTw38A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 04:20:10 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 44ms
43ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231129&jk=1158617479063976&bg=!6eql6qXNAAY3kmNgF5I7ADQBe5WfOMLtQKCbh7IeTAuPL1Yfsm4BJ4T90RwsiZ_z6Xre20IAovojfM3iMo9OKG63x--pAgAAAEFSAAAAAmgBBwoAt1As_RdI5Qyd1itdxvALd-kFMvcZZzAGLc5g-1ze8Q77T-PugFaJ-pMaZkulAkLc49G_wC1jJBZ24Eq7o-kctSx7sCEVuDx9TVgsSWQ0XAoGarJM2me3c7tnYX6BG6GJ_n7146i2SMJ0HAsWMACFiI83TaBZTmOFb3DYiihPMV4B6jeOPnCgK1ClJtce3HRe2SCoW2CnuDi5XurwtrgLq2jMbPiaqUvSWdQZa85Q7QlygYdLAcIxgpkCrvEoemkRvr5Vz_oZz2iHTL3yomKvl0O7TC-jIYcC9j7EA-GQp4CMSfVmFueQLuGtjP_E4VU9NZ4chzyBGV1JAQX3BoL6gDWs4hRI_vQXfQXNX_MGcDFWisyL_udlZhgPyYDWTxylvgRblYsumSce2ctchmjQfg9p3c4fKWgR2c35Xw9J96H4cizXwlB4TzM1fWae2ltnEx8HSZKSErmnZqjIJ1T6mbHg_XjkRbgXcyKu-OwKmmI4JV_o1QeNQyFJPHsqVCzjBo2qL2wnqE_m0qrEvyFgWqN--4FIiGS4hBNOxoPB7c0BxUF6PSuxJf_YPswC8vxtaZWOtQvVnhhrROj1ANTfM-UY4cWFNwUNsFjTNtnKkY0ERwbP3v4JQAEjhSLMxpBNCDf5LYMTQEDj5D8So5Y_ys5U9ZUgqXFiKtWTlGW-ttjyPb3ipvlPBTwEI3fG3SYDLe7Rllck0BrfoMJJfxUbqkHPAHcC98Q1QbgGAfewqap8NIUp8y-jGkt8QC1oeqIlVdDweqiLBgNGmAGrSrir_f0R4XPXOq8A9_CSG6XIp41L10X97rv0vyndQsVfQnCFJCpW76TJgjjg6anqsbi8Oi_RF_-hbwDHrDKFo3vTnG3niN4faHBMuK7GHAmmgGAIc4vpYoCIGEJ__HwF6WCduXN0tXlrhPKTReduLQQ3Moq0Vu59Q9djJcD5VKV5ua8air5gI1Ee021goqjvWW8s-IJnwAAetWhs5hvlDqO2diVwenpqN9f5Hk4unmspPQ_2Mqkv2BwnQ2rTSyiya3l1yqXzPWgUfGEbPqJm5CKPSFR9v6FPqsr6TA-DEIgv7R8dyzf_Q6UajXC-mPkj61Oz9rO6-4jXbUT4Q30YxJdwU0CDorX1WTOBXMDwbrPNl-so-JavtRehFbdg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://siv.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.siv.cc/	1970-01-21 02:17:03	Name: _ga Value: GA1.2.1982867681.1701663608
.siv.cc/	1970-01-20 16:42:30	Name: _gid Value: GA1.2.966567283.1701663608
.siv.cc/	1970-01-20 16:41:03	Name: _gat Value: 1
.siv.cc/	1970-01-21 02:17:03	Name: _ga_GQJK1XKR4G Value: GS1.2.1701663608.1.0.1701663608.0.0.0
.siv.cc/	1970-01-21 02:02:39	Name: __gads Value: ID=42de1b18adb3bbbb:T=1701663608:RT=1701663608:S=ALNI_MZOdd7uadDfVtaP3g8iglDo3OlfAw
.siv.cc/	1970-01-21 02:02:39	Name: __gpi Value: UID=00000d0318251168:T=1701663608:RT=1701663608:S=ALNI_Mad9Y0sbL78Q-0XX5UZcXqjD-l81w
.doubleclick.net/	1970-01-21 02:02:39	Name: IDE Value: AHWqTUlCsT8Scez7HzJy2vx1SO7L-L1zf97fYQPEPoPda-lslYT8_Hbnl2w0BDPDHs4

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9627012291018827&output=html&h=280&slotname=8211871142&adk=1607395873&adf=3017137674&pi=t.ma~as.8211871142&w=400&fwrn=4&fwrnh=100&lmt=1701663608&rafmt=1&format=400x280&url=http%3A%2F%2Fsiv.cc%2Fdomain%2F12893.com&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1701663608231&bpp=6&bdt=145&idt=101&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&correlator=6000427846903&frm=20&pv=2&ga_vid=1982867681.1701663608&ga_sid=1701663608&ga_hid=1185426705&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=838&ady=210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31078301%2C44807764%2C44808149%2C44808285%2C44809072%2C44809918&oid=2&pvsid=1158617479063976&tmod=577165916&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=113 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12893.com
ads.eu.criteo.com
cat.nl3.eu.criteo.com
csm.eu.criteo.net
googleads.g.doubleclick.net
imageproxy.eu.criteo.net
pagead2.googlesyndication.com
region1.google-analytics.com
rtb.fr3.eu.criteo.com
s23.cnzz.com
siv.cc
static.criteo.net
tj.fopy.cn
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
121.5.110.244
166.0.254.251
178.250.1.6
2001:4860:4802:32::36
2408:8710:1020:78:3::393
2a00:1450:4001:80f::2002
2a00:1450:4001:81c::2001
2a00:1450:4001:827::2002
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2004
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2002
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:d::c
04d65024656f108939ae3657197fbe1808ef26f4376fe8c010318b9fd034b311
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
37f81dfa473e551ebde3be297dee64b41c2c3d67707ad27c2ea238c37764d8bb
3d860cdd4c6a9152cc624755138d4e841033133703a360f6d82a63ef9dc3cd83
40c410284e52e588223fe749f2bb745d61ec7e71a6098653ec887e21c2db28dd
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6ba1a006967159889b49ca0c55fc8fd9cf79a4b501be04a13e390c1a0505576d
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7652b1e8e5ec6dffb151bf38061d55f375d4ba69f8476cc73735ed455cfb058b
7c944f4fc00836b833b97089d141e68ab6e27a2ec777dc1f18c5d7069a92c482
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86a5ea62a903307f642b587448630a2bda187a185e439e897c8cc5b89843a3e1
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8fe8aad18e9e17812cc5a077bfa5bde104694794450d3341a3eb68ddf1911dfe
9628d560d53636ca6c940f0f2548645a060bc0a97b076f7e524d5afc28c3a0d2
982a11fda1e55321d4ca8cdae9195eb9b6d484822a64dad4364e661e1ecfc3df
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
ae305c67589be3a4dad6a8204344de258698a0dfa56dc40d10f43c159a3f1431
b0fe22926d8f2d816d4781b30691d50f5694f1e5cfd22e97818b5e9aa0269cf6
d2427e7fa01bec6675fec2ceda092c69bba035f909b6d391253c9cb3ca362ca4
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee87e6547702fb6ef8a6f9d5ef54c46594c7481654f383a9ba9c17867932172c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
fa57cfcc89f5b4e0bc92a1aabc1f6d0b0cb941af909541f0a55211789392cbf6

siv.cc Open in urlscan Pro 166.0.254.251 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

43 Requests

86 %HTTPS

82 %IPv6

12 Domains

18 Subdomains

18 IPs

4 Countries

541 kBTransfer

1405 kBSize

7 Cookies

2 Outgoing links

Page URL History

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

siv.cc Open in urlscan Pro
166.0.254.251 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

86 %
HTTPS

82 %
IPv6

12
Domains

18
Subdomains

18
IPs

4
Countries

541 kB
Transfer

1405 kB
Size

7
Cookies

43 HTTP transactions
1 data transactions