showbizstar.ru Open in urlscan Pro
87.236.16.118 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://showbizstar.ru/
Submission: On May 02 via api (May 2nd 2023, 3:43:08 pm UTC) from US — Scanned from DE

Summary HTTP 158 Redirects Behaviour Indicators

Summary

This website contacted 27 IPs in 5 countries across 17 domains to perform 158 HTTP transactions. The main IP is 87.236.16.118, located in Russian Federation and belongs to BEGET-AS, RU. The main domain is showbizstar.ru.

This is the only time showbizstar.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
31	87.236.16.118 87.236.16.118	198610 (BEGET-AS) (BEGET-AS)
2	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
21	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
21	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3 4	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
3 4	185.89.210.180 185.89.210.180	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
2	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
158	27

31 87.236.16.118 (Russian Federation)

ASN198610 (BEGET-AS, RU)
PTR: ssl.oscar1.beget.com

showbizstar.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.34 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.180 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 tpc.googlesyndication.com — Cisco Umbrella Rank: 177	617 KB
31	showbizstar.ru showbizstar.ru	939 KB
28	criteo.net static.criteo.net — Cisco Umbrella Rank: 763 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9652 csm.eu.criteo.net — Cisco Umbrella Rank: 6433	214 KB
20	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 cm.g.doubleclick.net — Cisco Umbrella Rank: 313 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 394	142 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	93 KB
5	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 373	2 MB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 238	245 KB
5	criteo.com rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 13760 ads.eu.criteo.com — Cisco Umbrella Rank: 6413 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 8248	102 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 319	4 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 876	3 KB
4	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 130 www.google.com — Cisco Umbrella Rank: 16	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 91 region1.google-analytics.com — Cisco Umbrella Rank: 1718	21 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 344	10 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 5261	696 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	133 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 119	2 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1132	608 B
158	17

	Domain	Requested by
31	showbizstar.ru	showbizstar.ru
22	pagead2.googlesyndication.com	showbizstar.ru pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
21	static.criteo.net	ads.eu.criteo.com cdnjs.cloudflare.com static.criteo.net
21	tpc.googlesyndication.com	googleads.g.doubleclick.net showbizstar.ru tpc.googlesyndication.com pagead2.googlesyndication.com
14	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net showbizstar.ru
5	s0.2mdn.net	showbizstar.ru s0.2mdn.net googleads.g.doubleclick.net
5	www.googletagservices.com	googleads.g.doubleclick.net showbizstar.ru
5	fonts.gstatic.com	fonts.googleapis.com
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	imageproxy.eu.criteo.net	ads.eu.criteo.com
3	csm.eu.criteo.net	ads.eu.criteo.com
2	googleads4.g.doubleclick.net	showbizstar.ru
2	www.google.com	1 redirects tpc.googlesyndication.com
2	cdnjs.cloudflare.com	ads.eu.criteo.com
2	cat.nl3.eu.criteo.com	ads.eu.criteo.com
2	ads.eu.criteo.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	showbizstar.ru www.googletagmanager.com
2	fonts.googleapis.com	showbizstar.ru googleads.g.doubleclick.net
1	www.gstatic.com	googleads.g.doubleclick.net
1	rtb.fr3.eu.criteo.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
158	27

This site contains no links.

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
showbizstar.ru R3	`2023-04-16` - `2023-07-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-22` - `2023-06-25`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-04` - `2023-06-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-24` - `2023-06-18`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-14` - `2023-06-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-26` - `2023-06-29`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh

This page contains 19 frames:

Primary Page: http://showbizstar.ru/
Frame ID: E025B8A3E4A414F281B4A922ABB8243B
Requests: 56 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20190131/zrt_lookup.html
Frame ID: 0EE62C34157627130277DE45BEDF5A7A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8046275555674737&output=html&adk=1812271804&adf=3025194257&lmt=1683042182&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=http%3A%2F%2Fshowbizstar.ru%2F&ea=0&pra=5&wgl=1&dt=1683042182450&bpp=3&bdt=447&idt=195&shv=r20230426&mjsv=m202304260101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=913133703214&frm=20&pv=2&ga_vid=1354988519.1683042183&ga_sid=1683042183&ga_hid=1240913754&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44773809%2C44759842%2C44759927%2C44759876%2C44788441%2C44789761%2C44790154&oid=2&pvsid=3649869842442817&tmod=1750032204&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=256
Frame ID: AE040C8979570E6227E02A77CEC0C140
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8046275555674737&output=html&h=280&slotname=7341133236&adk=3079527149&adf=232494035&pi=t.ma~as.7341133236&w=1090&fwrn=4&fwrnh=100&lmt=1683042182&rafmt=1&format=1090x280&url=http%3A%2F%2Fshowbizstar.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1683042182453&bpp=2&bdt=450&idt=258&shv=r20230426&mjsv=m202304260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=913133703214&frm=20&pv=1&ga_vid=1354988519.1683042183&ga_sid=1683042183&ga_hid=1240913754&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=255&ady=199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44773809%2C44759842%2C44759927%2C44759876%2C44788441%2C44789761%2C44790154&oid=2&pvsid=3649869842442817&tmod=1750032204&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=iSrOsXr4vD&p=http%3A//showbizstar.ru&dtd=262
Frame ID: 696F7058AFFBAE7971A632A15BA69718
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8046275555674737&output=html&h=600&slotname=2633685742&adk=3568234344&adf=2458861518&pi=t.ma~as.2633685742&w=300&fwrn=4&fwrnh=100&lmt=1683042182&rafmt=1&format=300x600&url=http%3A%2F%2Fshowbizstar.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1683042182455&bpp=1&bdt=452&idt=274&shv=r20230426&mjsv=m202304260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280&nras=1&correlator=913133703214&frm=20&pv=1&ga_vid=1354988519.1683042183&ga_sid=1683042183&ga_hid=1240913754&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1045&ady=3543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44773809%2C44759842%2C44759927%2C44759876%2C44788441%2C44789761%2C44790154&oid=2&pvsid=3649869842442817&tmod=1750032204&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=IfZ7UgshdH&p=http%3A//showbizstar.ru&dtd=277
Frame ID: 5BAB6F6EF976295B1F119100C7B5418B
Requests: 14 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZFEvhgALU3kK7ZaGAA1C8J1sDX67kuyCYlOt6Q&u=%7CcUQNteQ%2BFsPR3eLSQqMwTkSqlG%2BWzMPMMzcsNIWE4zs%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37ds0oDHxEuxeKn7Xrp6ainli_Cmw5dJSudhYAqTqyTVI_Npph_ZNnhbOLEbwPSW-4xKkJuuhPiTYEg4EGTSn7cl0ckksiVKBJ62_coml-HSzG7Uq0bBCT9N56OChMUcdGWUe5RAJPldtXNow-DGp6_Suk0YnJjubu5SxrI0htH_-AS0SbYgKcfE25GbQiYKfcNbQnI9m1GRFDCRs5HywPfOyXVOWH_ngswRmyhEAK_ZBxX9nDpf70qOoJHHSVBfv1Amu9Mx861o0leLSwgW3-P7C6zUkjrdzqJVRbOTDOJfiM7USCfsULS1BzP6XJyABy1AugIWAp8CToeSM5nz2Z1SUiqJFZy7yK5CIKB4b_Rhi1LB2bFViat6UQbboOruKJ7zGm0YpX9pEGkRlG7_qaqDTw76t2CREtedZJhXXYmNndt-blwdPtWIlGp85nFscpmUissbLf_moR4eGIV-bzrE81XGsQBAQysUdIwgzfPvPUGrrARbMKHtrWko71pvTJj-JUCKRLguGKC6uorHZ7haa2YeZ299V06O6ObAj0EbiieVlFAnW6_WI2WrOxR9CGUYy557HyXj0O4kZKMF-upQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeaAChi9RZPmmLYattgfwhbXIAcme0rFczeGS93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODA0NjI3NTU1NTY3NDczN8gBCakCuEm_tTNnsj6oAwGqBL0BT9CnFK4lpXXEAJG-PBoD3RlHE79jkKBzpduKMXwYIK6nTuO1gcR725__qa6wvuZqUHwtAZhOoMZhqX5Pmo_XkxdwC1XanowzjXr_Boez3o5cA13wJ3UEyRqKY09DKWUEbYsm0U6bBAqS1VCCnnduwofw0r9UmWqWjav_YG0YooTgrH1aJ5HoG9fI5nQXybHFDlNAzbpFYRON5iIkatCvWmTiLs8Xugy_oJ8EzIXPJ_krBbC9361w4qIk7A-AgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1fWb83hculzH81oohMekwgcs1dCw%26client%3Dca-pub-8046275555674737%26adurl%3D
Frame ID: 599566B0371171339CC248164126AB9A
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js
Frame ID: AB32ADBA7F9DE765E5453CC935C9E38A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1
Frame ID: A00DE90EF0879771A07AE9CADA9D3C57
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1
Frame ID: F3A41B1BF26039AE9D734190E3ABA85F
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1
Frame ID: EBB0C883D22A957B52961D1D8378A182
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZFEvhgALPEUK7erIAADcP-Z9wJCDX1bmJARyEQ&u=%7CcUQNteQ%2BFsPJGMOu8r3xWqschXUhf91gxSR%2Fcs5bzHE%3D%7C&c1=TEbw32HdmhlTb08vzaRE0-J3aJQULXRb6S19EAZ80X2gBTzv4Dq5xMxb2AiDpyinZYbjjDWoUakywjYenlSNcek6oZZCdZfoDcjY8GnP4pBllRv5p2m4U889pTFlmwvpJ0ZuHwAdZap1qmw8jzxUmNiVQWwBpn8QgDdIySWhf0fuzGumWH5In-PgvAT1R55FVxMkYkS2R39GCFceY94BQXZgV_kSW8f0wBqdfBrZQPLnyLnRw-Qo5f_4pSdY5d2xjPZdoTl6NF0q2RssMlPLhL7UBut5EGL1fx2mo9EP_YrijzDPckfpCcAGPI-CR5Qc2Tjkv4P_uPJSVuyfzmcgeTafi6XTGo0iURXWMaJdUlEVfIT1tA6mKN7j4Q-iVjoXQM_DpjCrBOKSIcl6Ke6aSIt8_qgYW-gsvtAEfpyt0IBuozv30b-G9i_b4_rPFNkPk8szWY8GRLh-kXtxacpn4Bmjsy9N63_XPR9WIGsQmjLgP2U7eiCkf0XL5ohAApGESTkYDFUhSHnxeSXMUljLAo8bDkH8kgmxk3OBXUueuLXYE-9LZoeDATCtvFUu37HYd0m34PtuLvwFjKP6Ll25mOoMA4DCF3MkP2um3Gs2ttJfaxfjRhI8tcgBtdgd0Xdv&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm8e8hi9RZMX4LMjVtwe_uIOQD8me0rFcjfDi1pMBwI23ARABIABgleKQgqAHggEXY2EtcHViLTgwNDYyNzU1NTU2NzQ3MzfIAQmpArhJv7UzZ7I-qAMBqgS8AU_QmGzyd4PbXmPT7FqqCPvIy2nh46q5ZhW_x5aY4Y0A8l-X8dYQPuVsayxEWLQpvSEKHmPXcz943NNEPElLxuL0wM3clCnXWz2kd_x5wSeYcLPUI8JJ5Mj8WIsV_YLPbnqAQS9_7hK_MliUilahan8vAm3hS9tcI4pJUeuZoPmV6c6XEPWv060EuHUeV8kxGMJJL804gGMUkMnTYNpnCOvSxugVzqXX4gNY5KdhPrBcm1TkbVPRC5wtXqqdgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1-KCxNJ-LerkFBzmGqTbI39oPYTQ%26client%3Dca-pub-8046275555674737%26adurl%3D
Frame ID: 60997968A81218876015DFE4DC90A2EE
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMvN-gEQ3_CHsQMYnIes5gEwAQ&v=APEucNXyHglAl3ibpHHlSNv6_nIs6eE1ORlmvg3YfHcCCQbfER95-BOUNH_uivTysxfpoI-oGcElNS_64ymelMusZI97BiawLpuvDXfsHPycfyGx0MMQmzFaCkEVH75FLAaVU_QyjpQ3mmxgzEGu1nKKhS6kbUMrwUTzeO0eWXBbjNFQHM4CUBo
Frame ID: EEB5AD2367A2A251158553F1B010C259
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: FF0577ECDAF7456910EB106817F55467
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B8DDC6BEB48306C2769E64FD457AD1C9
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3B19EE5C2881BD315E07E0E622B40C96
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js
Frame ID: 878F421809E7018C0185B282B503E8AB
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11207411921136063200/aulus-728x90-DE.html
Frame ID: 8BADF9D0648C769AE6CC73B5FE81A8C4
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D222DBDA8755C1CA1916612000B51BD4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8DD43BAC4B6D4523E36C7565B227F6CE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Show Biz Star - WOW info

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

158
Requests

88 %
HTTPS

77 %
IPv6

17
Domains

27
Subdomains

27
IPs

5
Countries

4762 kB
Transfer

7767 kB
Size

13
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 121

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECLiF01rhXMiJcb3EplbdRo&google_cver=1

Request Chain 122

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZFEvh.12LSE9NPxVh5auCgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECLiF01rhXMiJcb3EplbdRo&google_cver=1&google_hm=2

Request Chain 123

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESED-1Iar4g9F9wGMZkDex6EM&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESED-1Iar4g9F9wGMZkDex6EM%26google_cver%3D1

Request Chain 124

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE0MzA5Mjk2NTgzMTUyNDEyOQ%3D%3D

Request Chain 131

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

158 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
showbizstar.ru/ 109 KB
15 KB 809ms
558ms Document
text/html 87.236.16.118
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://showbizstar.ru/
Protocol: HTTP/1.1
Server: 87.236.16.118 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.oscar1.beget.com
Software: nginx-reuseport/1.21.1 / PHP/7.4.33
Resource Hash: 2cf2901ad1e74d326075770da72eb99ec5d628dbe603d13a296c79021c6f1965

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Length: 15225
Content-Type: text/html; charset=UTF-8
Date: Tue, 02 May 2023 15:43:01 GMT
Keep-Alive: timeout=30
Link: <https://showbizstar.ru/wp-json/>; rel="https://api.w.org/"
Server: nginx-reuseport/1.21.1
Vary: Accept-Encoding,Cookie
X-Powered-By: PHP/7.4.33

GET
H/1.1 200
OK style.min.css
showbizstar.ru/wp-includes/css/dist/block-library/ 95 KB
13 KB 60ms
59ms Stylesheet
text/css 87.236.16.118
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://showbizstar.ru/wp-includes/css/dist/block-library/style.min.css?ver=6.2
Requested by: Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol: HTTP/1.1
Server: 87.236.16.118 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.oscar1.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizstar.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 02 May 2023 15:43:02 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Mar 2023 09:32:47 GMT
Server: nginx-reuseport/1.21.1
ETag: W/"6425573f-17ced"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Connection: keep-alive
Keep-Alive: timeout=30
Expires: Tue, 09 May 2023 15:43:02 GMT

GET
H/1.1 200
OK classic-themes.min.css
showbizstar.ru/wp-includes/css/ 291 B
597 B 96ms
56ms Stylesheet
text/css 87.236.16.118
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://showbizstar.ru/wp-includes/css/classic-themes.min.css?ver=6.2
Requested by: Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol: HTTP/1.1
Server: 87.236.16.118 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.oscar1.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizstar.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 02 May 2023 15:43:02 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Mar 2023 09:32:47 GMT
Server: nginx-reuseport/1.21.1
ETag: W/"6425573f-123"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Connection: keep-alive
Keep-Alive: timeout=30
Expires: Tue, 09 May 2023 15:43:02 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 141ms
48ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&display=swap&ver=6.2

Requested by

Host: showbizstar.ru
URL: http://showbizstar.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ddccbab392901d3cf7568f12976be1a9843afec38283c7d77c1f711eb4f8fc83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizstar.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 02 May 2023 15:43:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 02 May 2023 14:47:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 02 May 2023 15:43:02 GMT

GET
H/1.1 200
OK style.min.css
showbizstar.ru/wp-content/themes/root/assets/css/ 163 KB
33 KB 121ms
64ms Stylesheet
text/css 87.236.16.118
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://showbizstar.ru/wp-content/themes/root/assets/css/style.min.css?ver=3.1.2
Requested by: Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol: HTTP/1.1
Server: 87.236.16.118 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.oscar1.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 3e34a2ad74039bbe3d9878c92bef7d872fdef7b72d3d37123ea452f6cc70b546

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizstar.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 02 May 2023 15:43:02 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Nov 2022 10:40:04 GMT
Server: nginx-reuseport/1.21.1
ETag: W/"63624904-28a9a"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Connection: keep-alive
Keep-Alive: timeout=30
Expires: Tue, 09 May 2023 15:43:02 GMT

GET
H/1.1 200
OK jquery.min.js Show response
showbizstar.ru/wp-includes/js/jquery/ 88 KB
31 KB 119ms
62ms Script
application/x-javascript 87.236.16.118
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://showbizstar.ru/wp-includes/js/jquery/jquery.min.js?ver=3.6.3
Requested by: Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol: HTTP/1.1
Server: 87.236.16.118 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.oscar1.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizstar.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 02 May 2023 15:43:02 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Mar 2023 09:32:45 GMT
Server: nginx-reuseport/1.21.1
ETag: W/"6425573d-15ed7"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=604800
Connection: keep-alive
Keep-Alive: timeout=30
Expires: Tue, 09 May 2023 15:43:02 GMT

GET
H/1.1 200
OK jquery-migrate.min.js Show response
showbizstar.ru/wp-includes/js/jquery/ 13 KB
5 KB 116ms
58ms Script
application/x-javascript 87.236.16.118
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://showbizstar.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
Requested by: Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol: HTTP/1.1
Server: 87.236.16.118 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.oscar1.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizstar.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 02 May 2023 15:43:02 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Mar 2023 09:32:45 GMT
Server: nginx-reuseport/1.21.1
ETag: W/"6425573d-3470"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=604800
Connection: keep-alive
Keep-Alive: timeout=30
Expires: Tue, 09 May 2023 15:43:02 GMT

GET
H/1.1 200
OK fontawesome-webfont.ttf
showbizstar.ru/wp-content/themes/root/fonts/ 162 KB
162 KB 113ms
56ms Font
application/octet-stream 87.236.16.118
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://showbizstar.ru/wp-content/themes/root/fonts/fontawesome-webfont.ttf
Requested by: Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol: HTTP/1.1
Server: 87.236.16.118 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.oscar1.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: aa58f33f239a0fb02f5c7a6c45c043d7a9ac9a093335806694ecd6d4edc0d6a8

Request headers

Referer: http://showbizstar.ru/
Origin: http://showbizstar.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 02 May 2023 15:43:02 GMT
Last-Modified: Wed, 02 Nov 2022 10:40:04 GMT
Server: nginx-reuseport/1.21.1
ETag: "63624904-286ac"
Content-Type: application/octet-stream
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=30
Content-Length: 165548
Expires: Thu, 01 Jun 2023 15:43:02 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 167 KB
61 KB 127ms
49ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-200606446-1

Requested by

Host: showbizstar.ru
URL: http://showbizstar.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ba50339919a90068858c8ef567edba5d9e31a0572f1a818fad26c6300b52610c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizstar.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:43:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62294
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 02 May 2023 15:43:02 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
47 KB 170ms
86ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: showbizstar.ru
URL: http://showbizstar.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e448f424e7e314ecb9ea1b1bf0e3337b6c7441886c563f7e98ea7da0a233e54d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizstar.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:43:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47421
x-xss-protection: 0
server: cafe
etag: 3263224297042763496
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 02 May 2023 15:43:02 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
showbizstar.ru/wp-includes/js/ 18 KB
5 KB 58ms
57ms Script
application/x-javascript 87.236.16.118
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://showbizstar.ru/wp-includes/js/wp-emoji-release.min.js?ver=6.2
Requested by: Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol: HTTP/1.1
Server: 87.236.16.118 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.oscar1.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizstar.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 02 May 2023 15:43:02 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Mar 2023 09:32:45 GMT
Server: nginx-reuseport/1.21.1
ETag: W/"6425573d-4904"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=604800
Connection: keep-alive
Keep-Alive: timeout=30
Expires: Tue, 09 May 2023 15:43:02 GMT

GET
H/1.1 200
OK swiper.min.js Show response
showbizstar.ru/wp-content/themes/root/assets/js/plugins/ 122 KB
32 KB 68ms
65ms Script
application/x-javascript 87.236.16.118
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://showbizstar.ru/wp-content/themes/root/assets/js/plugins/swiper.min.js?ver=3.1.2
Requested by: Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol: HTTP/1.1
Server: 87.236.16.118 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.oscar1.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: d509c6a9542e235d1451c1215f69357c70dc358c33dab1f92ea929d19edc9829

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizstar.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 02 May 2023 15:43:02 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Nov 2022 10:40:04 GMT
Server: nginx-reuseport/1.21.1
ETag: W/"63624904-1e63a"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=604800
Connection: keep-alive
Keep-Alive: timeout=30
Expires: Tue, 09 May 2023 15:43:02 GMT

GET
H/1.1 200
OK lightbox.min.js Show response
showbizstar.ru/wp-content/themes/root/assets/js/plugins/ 2 KB
1 KB 96ms
56ms Script
application/x-javascript 87.236.16.118
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://showbizstar.ru/wp-content/themes/root/assets/js/plugins/lightbox.min.js?ver=3.1.2
Requested by: Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol: HTTP/1.1
Server: 87.236.16.118 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.oscar1.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: fbf413da8be4e1bf8fb4cb0f4e7d667ff0b7fe2bfeaca31d91205520a5111cad

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizstar.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 02 May 2023 15:43:02 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Nov 2022 10:40:04 GMT
Server: nginx-reuseport/1.21.1
ETag: W/"63624904-616"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=604800
Connection: keep-alive
Keep-Alive: timeout=30
Expires: Tue, 09 May 2023 15:43:02 GMT

GET
H/1.1 200
OK scripts.min.js Show response
showbizstar.ru/wp-content/themes/root/assets/js/ 7 KB
3 KB 121ms
57ms Script
application/x-javascript 87.236.16.118
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://showbizstar.ru/wp-content/themes/root/assets/js/scripts.min.js?ver=3.1.2
Requested by: Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol: HTTP/1.1
Server: 87.236.16.118 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.oscar1.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 68babdfc4950d6f622a966498dbe69a5d2c99665f0388af533848f4f7c165cb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizstar.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 02 May 2023 15:43:02 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Nov 2022 10:40:04 GMT
Server: nginx-reuseport/1.21.1
ETag: W/"63624904-1d5e"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=604800
Connection: keep-alive
Keep-Alive: timeout=30
Expires: Tue, 09 May 2023 15:43:02 GMT

GET
H/1.1 200
OK frontend.min.js Show response
showbizstar.ru/wp-content/plugins/q2w3-fixed-widget/js/ 23 KB
6 KB 154ms
57ms Script
application/x-javascript 87.236.16.118
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://showbizstar.ru/wp-content/plugins/q2w3-fixed-widget/js/frontend.min.js?ver=6.2.3
Requested by: Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol: HTTP/1.1
Server: 87.236.16.118 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.oscar1.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: a69c12ccd186a899db79fce802b46c08e71f69c2c422be2666ed8565e3add026

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizstar.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 02 May 2023 15:43:02 GMT
Content-Encoding: gzip
Last-Modified: Mon, 28 Nov 2022 17:35:05 GMT
Server: nginx-reuseport/1.21.1
ETag: W/"6384f149-5b89"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=604800
Connection: keep-alive
Keep-Alive: timeout=30
Expires: Tue, 09 May 2023 15:43:02 GMT

GET
H/1.1 200
OK smush-lazy-load.min.js Show response
showbizstar.ru/wp-content/plugins/wp-smushit/app/assets/js/ 8 KB
4 KB 177ms
57ms Script
application/x-javascript 87.236.16.118
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://showbizstar.ru/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js?ver=3.12.6
Requested by: Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol: HTTP/1.1
Server: 87.236.16.118 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.oscar1.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizstar.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 02 May 2023 15:43:02 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Mar 2023 17:35:14 GMT
Server: nginx-reuseport/1.21.1
ETag: W/"640a18d2-1ef2"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=604800
Connection: keep-alive
Keep-Alive: timeout=30
Expires: Tue, 09 May 2023 15:43:02 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizstar.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK showbizstar.jpg
showbizstar.ru/wp-content/uploads/2021/04/ 38 KB
39 KB 56ms
56ms Image
image/jpeg 87.236.16.118
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://showbizstar.ru/wp-content/uploads/2021/04/showbizstar.jpg
Requested by: Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol: HTTP/1.1
Server: 87.236.16.118 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.oscar1.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 21b54f30b2790a8254cb82b3b32645dfb5c6c7dd669767c62ce2d26e07301de7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizstar.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 02 May 2023 15:43:02 GMT
Last-Modified: Sat, 17 Apr 2021 12:59:24 GMT
Server: nginx-reuseport/1.21.1
ETag: "607adbac-9945"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=30
Content-Length: 39237
Expires: Thu, 01 Jun 2023 15:43:02 GMT

GET
H2 200 showbizstar1.jpg
showbizstar.ru/wp-content/uploads/2021/04/ 43 KB
43 KB 225ms
110ms Image
image/jpeg 87.236.16.118
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://showbizstar.ru/wp-content/uploads/2021/04/showbizstar1.jpg
Requested by: Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.118 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.oscar1.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 9ea027ac2c8047e44a569d1625acb59c1e4f25a484de0bbd053ef1eb5d490f96

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizstar.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:43:02 GMT
last-modified: Sat, 17 Apr 2021 13:05:06 GMT
server: nginx-reuseport/1.21.1
etag: "607add02-ac1b"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 44059
expires: Thu, 01 Jun 2023 15:43:02 GMT

GET
DATA 200
OK truncated
/ 287 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f64f60b60f581caadfa1cf9b012ca732c4f4a24c8475027e7b7a225f20ce4278

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizstar.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 Paris-Hilton.webp
showbizstar.ru/wp-content/uploads/2023/05/ 147 KB
147 KB 224ms
110ms Image
image/webp 87.236.16.118
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://showbizstar.ru/wp-content/uploads/2023/05/Paris-Hilton.webp
Requested by: Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.118 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.oscar1.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 766c3d2bef584e25a10c0268e288ed28a8dc689351782db792a246e3a7c35d05

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizstar.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:43:02 GMT
last-modified: Tue, 02 May 2023 13:35:33 GMT
server: nginx-reuseport/1.21.1
etag: "645111a5-24a48"
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 150088
expires: Thu, 01 Jun 2023 15:43:02 GMT

GET
H2 200 abandoned-dog-finally-finds-a-home4.jpg
showbizstar.ru/wp-content/uploads/2023/05/ 50 KB
50 KB 225ms
111ms Image
image/jpeg 87.236.16.118
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://showbizstar.ru/wp-content/uploads/2023/05/abandoned-dog-finally-finds-a-home4.jpg
Requested by: Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.118 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.oscar1.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 6c229d6173666048f0654945567c56d6d159e3ec383b914c220ff68d26d8fdbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizstar.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:43:02 GMT
last-modified: Tue, 02 May 2023 13:22:26 GMT
server: nginx-reuseport/1.21.1
etag: "64510e92-c6c5"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 50885
expires: Thu, 01 Jun 2023 15:43:02 GMT

GET
H2 200 Olivia-Wilde.jpg
showbizstar.ru/wp-content/uploads/2023/05/ 82 KB
83 KB 225ms
111ms Image
image/jpeg 87.236.16.118
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://showbizstar.ru/wp-content/uploads/2023/05/Olivia-Wilde.jpg
Requested by: Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.118 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.oscar1.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: d60d4a9508ed8edf15bde82fee4869abfa7d5f12671cdd002a7630304068d6c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizstar.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:43:02 GMT
last-modified: Tue, 02 May 2023 13:11:45 GMT
server: nginx-reuseport/1.21.1
etag: "64510c11-14904"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 84228
expires: Thu, 01 Jun 2023 15:43:02 GMT

GET
H2 200 cat-walks-24-miles-to-return-to-his-birthplace-1.jpg
showbizstar.ru/wp-content/uploads/2023/05/ 55 KB
55 KB 225ms
111ms Image
image/jpeg 87.236.16.118
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://showbizstar.ru/wp-content/uploads/2023/05/cat-walks-24-miles-to-return-to-his-birthplace-1.jpg
Requested by: Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.118 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.oscar1.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 8f99bc8844fcea57f0e84019376b273077e20f295ef256612ea557d3a6f2cd51

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizstar.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:43:02 GMT
last-modified: Tue, 02 May 2023 12:54:56 GMT
server: nginx-reuseport/1.21.1
etag: "64510820-dce1"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 56545
expires: Thu, 01 Jun 2023 15:43:02 GMT

GET
H2 200 Kendall-Jenner-3.jpg
showbizstar.ru/wp-content/uploads/2023/05/ 44 KB
45 KB 224ms
110ms Image
image/jpeg 87.236.16.118
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://showbizstar.ru/wp-content/uploads/2023/05/Kendall-Jenner-3.jpg
Requested by: Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.118 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.oscar1.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: e911424c07e0ce6aaaa9a92dbb80599bd7907400f1d42b990551c2fda16926ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizstar.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:43:02 GMT
last-modified: Tue, 02 May 2023 10:57:03 GMT
server: nginx-reuseport/1.21.1
etag: "6450ec7f-b176"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 45430
expires: Thu, 01 Jun 2023 15:43:02 GMT

GET
DATA 200
OK truncated
/ 152 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81f5a03e1b49cbe1692501481bd08328870b21f448be669a04666ae2a6c96855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizstar.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 150 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d47a786c6b9e0f114e0ff0c92a8ff81d27d822447e41279494336c84560ea675

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizstar.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
9 KB 176ms
92ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&display=swap&ver=6.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://showbizstar.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 10:21:35 GMT
x-content-type-options: nosniff
age: 364887
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9628
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Apr 2024 10:21:35 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 125ms
41ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&display=swap&ver=6.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://showbizstar.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 06:22:44 GMT
x-content-type-options: nosniff
age: 292818
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 06:22:44 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 136ms
52ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&display=swap&ver=6.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://showbizstar.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 06:10:15 GMT
x-content-type-options: nosniff
age: 293567
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 06:10:15 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
showbizstar.ru/wp-content/themes/root/fonts/ 75 KB
76 KB 56ms
56ms Font
application/font-woff2 87.236.16.118
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://showbizstar.ru/wp-content/themes/root/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: showbizstar.ru
URL: http://showbizstar.ru/wp-content/themes/root/assets/css/style.min.css?ver=3.1.2
Protocol: HTTP/1.1
Server: 87.236.16.118 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.oscar1.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: http://showbizstar.ru/wp-content/themes/root/assets/css/style.min.css?ver=3.1.2
Origin: http://showbizstar.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 02 May 2023 15:43:02 GMT
Last-Modified: Wed, 02 Nov 2022 10:40:04 GMT
Server: nginx-reuseport/1.21.1
ETag: "63624904-12d68"
Content-Type: application/font-woff2
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=30
Content-Length: 77160
Expires: Thu, 01 Jun 2023 15:43:02 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
10 KB 147ms
82ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&display=swap&ver=6.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://showbizstar.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 21:11:38 GMT
x-content-type-options: nosniff
age: 239484
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9644
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 21:11:38 GMT

GET
H2 200 Paris-Hilton-330x140.webp
showbizstar.ru/wp-content/uploads/2023/05/ 13 KB
13 KB 304ms
304ms Image
image/webp 87.236.16.118
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://showbizstar.ru/wp-content/uploads/2023/05/Paris-Hilton-330x140.webp
Requested by: Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.118 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.oscar1.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: d69525c9d86a15cbe0863330ce2f39ede18ab33fd593117cc7955fa3a899d083

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizstar.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:43:02 GMT
last-modified: Tue, 02 May 2023 13:35:33 GMT
server: nginx-reuseport/1.21.1
etag: "645111a5-3478"
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 13432
expires: Thu, 01 Jun 2023 15:43:02 GMT

GET
H2 200 abandoned-dog-finally-finds-a-home4-330x140.jpg
showbizstar.ru/wp-content/uploads/2023/05/ 9 KB
9 KB 304ms
304ms Image
image/jpeg 87.236.16.118
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://showbizstar.ru/wp-content/uploads/2023/05/abandoned-dog-finally-finds-a-home4-330x140.jpg
Requested by: Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.118 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.oscar1.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 72b32ba1353f8afe9c76396d3f7693e2b88e03a42193df47eccb62d775647e31

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizstar.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:43:02 GMT
last-modified: Tue, 02 May 2023 13:22:27 GMT
server: nginx-reuseport/1.21.1
etag: "64510e93-2286"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8838
expires: Thu, 01 Jun 2023 15:43:02 GMT

GET
H2 200 miley-cyrus-topless-music-video-spl-ftr-330x140.webp
showbizstar.ru/wp-content/uploads/2023/01/ 7 KB
7 KB 305ms
305ms Image
image/webp 87.236.16.118
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://showbizstar.ru/wp-content/uploads/2023/01/miley-cyrus-topless-music-video-spl-ftr-330x140.webp
Requested by: Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.118 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.oscar1.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: bdeaf8670e736c57d2205cf898e02ad5bd71320a3c0dc0fb6676d12033b61db7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizstar.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:43:02 GMT
last-modified: Tue, 10 Jan 2023 13:08:14 GMT
server: nginx-reuseport/1.21.1
etag: "63bd633e-1ad4"
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 6868
expires: Thu, 01 Jun 2023 15:43:02 GMT

GET
H2 200 %D0%BC%D0%B8%D1%85%D0%B0%D0%B8%D0%BB-%D0%B5%D1%84%D1%80%D0%B5%D0%BC%D0%BE%D0%B2-330x140.jpg
showbizstar.ru/wp-content/uploads/2021/04/ 7 KB
7 KB 305ms
305ms Image
image/jpeg 87.236.16.118
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://showbizstar.ru/wp-content/uploads/2021/04/%D0%BC%D0%B8%D1%85%D0%B0%D0%B8%D0%BB-%D0%B5%D1%84%D1%80%D0%B5%D0%BC%D0%BE%D0%B2-330x140.jpg
Requested by: Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.118 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.oscar1.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 1f63d37176e96d3a8468c7664a0a72d314f934c075bdf5c9d0eaa04a94bb94a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizstar.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:43:02 GMT
last-modified: Mon, 26 Apr 2021 13:26:35 GMT
server: nginx-reuseport/1.21.1
etag: "6086bf8b-1ac8"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 6856
expires: Thu, 01 Jun 2023 15:43:02 GMT

GET
H2 200 756736017412825-330x140.webp
showbizstar.ru/wp-content/uploads/2023/01/ 5 KB
6 KB 248ms
247ms Image
image/webp 87.236.16.118
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://showbizstar.ru/wp-content/uploads/2023/01/756736017412825-330x140.webp
Requested by: Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.118 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.oscar1.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: e7ac8c213a39acac1c68e7764de0275c26a2ef93eab2ef8c91f542d65c230cfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizstar.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:43:02 GMT
last-modified: Fri, 13 Jan 2023 15:19:03 GMT
server: nginx-reuseport/1.21.1
etag: "63c17667-1556"
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 5462
expires: Thu, 01 Jun 2023 15:43:02 GMT

GET
H2 200 %D0%BB2-1-330x140.jpg
showbizstar.ru/wp-content/uploads/2022/12/ 8 KB
9 KB 248ms
248ms Image
image/jpeg 87.236.16.118
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://showbizstar.ru/wp-content/uploads/2022/12/%D0%BB2-1-330x140.jpg
Requested by: Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.118 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.oscar1.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 46eb2c66cea96d8f2ff202f45b92c2590b4a98fc32b7a8c13d9ff7caddc29b8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizstar.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:43:02 GMT
last-modified: Thu, 15 Dec 2022 16:23:45 GMT
server: nginx-reuseport/1.21.1
etag: "639b4a11-2167"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8551
expires: Thu, 01 Jun 2023 15:43:02 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 201 KB
72 KB 50ms
49ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WN83Y015T5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-200606446-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

64d219084b8cb14eb52e6081812e02d005a0f38830ef66f4f754319995913703

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizstar.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:43:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 73554
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 02 May 2023 15:43:02 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 121ms
38ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-200606446-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizstar.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 02 May 2023 15:05:04 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 2278
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Tue, 02 May 2023 17:05:04 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304260101/ 354 KB
119 KB 98ms
98ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8046275555674737&plah=showbizstar.ru

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d8b6b74824a19961f715e79bb50029065b1aa5c81428e5b47fd1ccc854a477f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizstar.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:43:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122007
x-xss-protection: 0
server: cafe
etag: 15806578441566201593
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 02 May 2023 15:43:02 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230426/r20190131/ Frame 0EE6 10 KB
5 KB 121ms
38ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230426/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://showbizstar.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 32117
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 02 May 2023 06:47:45 GMT
etag: 2378337311435320485
expires: Tue, 16 May 2023 06:47:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
253 B 54ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-WN83Y015T5&gtm=45je34q0h1&_p=1240913754&cid=1354988519.1683042183&ul=en-us&sr=1600x1200&ir=1&_eu=EA&_s=1&sid=1683042182&sct=1&seg=0&dl=http%3A%2F%2Fshowbizstar.ru%2F&dt=Show%20Biz%20Star%20-%20WOW%20info&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WN83Y015T5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizstar.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 May 2023 15:43:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://showbizstar.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Olivia-Wilde-330x140.jpg
showbizstar.ru/wp-content/uploads/2023/05/ 9 KB
9 KB 120ms
120ms Image
image/jpeg 87.236.16.118
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://showbizstar.ru/wp-content/uploads/2023/05/Olivia-Wilde-330x140.jpg
Requested by: Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.118 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.oscar1.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 34566586b3286863c27e440e6f4a3c996f81ce53ba7eac835ae73ef537c66d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizstar.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:43:02 GMT
last-modified: Tue, 02 May 2023 13:11:45 GMT
server: nginx-reuseport/1.21.1
etag: "64510c11-2296"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8854
expires: Thu, 01 Jun 2023 15:43:02 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
205 B 45ms
45ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1240913754&t=pageview&_s=1&dl=http%3A%2F%2Fshowbizstar.ru%2F&ul=en-us&de=UTF-8&dt=Show%20Biz%20Star%20-%20WOW%20info&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=99307243&gjid=1806167725&cid=1354988519.1683042183&tid=UA-200606446-1&_gid=928805372.1683042183&_r=1&gtm=457e34q0h1&jsscut=1&z=583709095

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://showbizstar.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 02 May 2023 15:43:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://showbizstar.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 395 B
608 B 144ms
47ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=showbizstar.ru&callback=_gfp_s_&client=ca-pub-8046275555674737

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8046275555674737&plah=showbizstar.ru

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ad5a67597b873ba56a2f16364ac27d3626339da13749059f44cfc62d17e01a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizstar.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:43:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 256
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 145ms
46ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=showbizstar.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizstar.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:43:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 130ms
46ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=showbizstar.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizstar.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:43:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AE04 176 KB
44 KB 746ms
745ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8046275555674737&output=html&adk=1812271804&adf=3025194257&lmt=1683042182&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=http%3A%2F%2Fshowbizstar.ru%2F&ea=0&pra=5&wgl=1&dt=1683042182450&bpp=3&bdt=447&idt=195&shv=r20230426&mjsv=m202304260101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=913133703214&frm=20&pv=2&ga_vid=1354988519.1683042183&ga_sid=1683042183&ga_hid=1240913754&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44773809%2C44759842%2C44759927%2C44759876%2C44788441%2C44789761%2C44790154&oid=2&pvsid=3649869842442817&tmod=1750032204&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=256

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

251401c02761c0d8df753e9afaeedbacb107a74a57728aa5116044dc8bf4e79a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://showbizstar.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 44935
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 02 May 2023 15:43:03 GMT
expires: Tue, 02 May 2023 15:43:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 696F 23 KB
10 KB 432ms
432ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8046275555674737&output=html&h=280&slotname=7341133236&adk=3079527149&adf=232494035&pi=t.ma~as.7341133236&w=1090&fwrn=4&fwrnh=100&lmt=1683042182&rafmt=1&format=1090x280&url=http%3A%2F%2Fshowbizstar.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1683042182453&bpp=2&bdt=450&idt=258&shv=r20230426&mjsv=m202304260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=913133703214&frm=20&pv=1&ga_vid=1354988519.1683042183&ga_sid=1683042183&ga_hid=1240913754&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=255&ady=199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44773809%2C44759842%2C44759927%2C44759876%2C44788441%2C44789761%2C44790154&oid=2&pvsid=3649869842442817&tmod=1750032204&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=iSrOsXr4vD&p=http%3A//showbizstar.ru&dtd=262

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfce7661990990ec6c1d5b9fc81ff67472dc95e685198a2a02d3d775d90ea75e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://showbizstar.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 9986
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 02 May 2023 15:43:03 GMT
expires: Tue, 02 May 2023 15:43:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5BAB 104 KB
34 KB 518ms
517ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8046275555674737&output=html&h=600&slotname=2633685742&adk=3568234344&adf=2458861518&pi=t.ma~as.2633685742&w=300&fwrn=4&fwrnh=100&lmt=1683042182&rafmt=1&format=300x600&url=http%3A%2F%2Fshowbizstar.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1683042182455&bpp=1&bdt=452&idt=274&shv=r20230426&mjsv=m202304260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280&nras=1&correlator=913133703214&frm=20&pv=1&ga_vid=1354988519.1683042183&ga_sid=1683042183&ga_hid=1240913754&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1045&ady=3543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44773809%2C44759842%2C44759927%2C44759876%2C44788441%2C44789761%2C44790154&oid=2&pvsid=3649869842442817&tmod=1750032204&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=IfZ7UgshdH&p=http%3A//showbizstar.ru&dtd=277

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed5b054b3d1d550e89618cfea32ea7d54d7b9b5cdb3294c77232fa3383a47c8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://showbizstar.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 34974
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 02 May 2023 15:43:03 GMT
expires: Tue, 02 May 2023 15:43:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cat-walks-24-miles-to-return-to-his-birthplace-1-330x140.jpg
showbizstar.ru/wp-content/uploads/2023/05/ 12 KB
12 KB 57ms
56ms Image
image/jpeg 87.236.16.118
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://showbizstar.ru/wp-content/uploads/2023/05/cat-walks-24-miles-to-return-to-his-birthplace-1-330x140.jpg
Requested by: Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.118 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.oscar1.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: a0034a8a0b3a99a5eec395ba97f4af69bb4dc4e0b560663cccea314501f9ac2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizstar.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:43:02 GMT
last-modified: Tue, 02 May 2023 12:54:57 GMT
server: nginx-reuseport/1.21.1
etag: "64510821-2f34"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12084
expires: Thu, 01 Jun 2023 15:43:02 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 696F 0
0 80ms
80ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CNXyZhi9RZPmmLYattgfwhbXIAcme0rFczeGS93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODA0NjI3NTU1NTY3NDczN8gBCakCuEm_tTNnsj6oAwGqBLoBT9CnFK4lpXXEAJG-PBoD3RlHE79jkKBzpduKMXwYIK6nTuO1gcR725__qa6wvuZqUHwtAZhOoMZhqX5Pmo_XkxdwC1XanowzjXr_Boez3o5cA13wJ3UEyRqKY09DKWUEbYsm0U6bBAqS1VCCnnduwofw0r9UmWqWjav_YG0YooTgrH1aJ5HoG9fI5nQXybHFDlNAzfhHQIEKab431Uy7-bTfiDcergYJqrEcTjEHGl_Zuq6RxyjaZrGbgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTgwNDYyNzU1NTU2NzQ3MzcYAA&sigh=uDrHEwuw57Q&uach_m=[UACH]&cid=CAQSGwBygQiDCOiTOUQK-sjob7XNuu5AA1ake169YxgB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8046275555674737&output=html&h=280&slotname=7341133236&adk=3079527149&adf=232494035&pi=t.ma~as.7341133236&w=1090&fwrn=4&fwrnh=100&lmt=1683042182&rafmt=1&format=1090x280&url=http%3A%2F%2Fshowbizstar.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1683042182453&bpp=2&bdt=450&idt=258&shv=r20230426&mjsv=m202304260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=913133703214&frm=20&pv=1&ga_vid=1354988519.1683042183&ga_sid=1683042183&ga_hid=1240913754&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=255&ady=199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44773809%2C44759842%2C44759927%2C44759876%2C44788441%2C44789761%2C44790154&oid=2&pvsid=3649869842442817&tmod=1750032204&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=iSrOsXr4vD&p=http%3A//showbizstar.ru&dtd=262

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8046275555674737&output=html&h=280&slotname=7341133236&adk=3079527149&adf=232494035&pi=t.ma~as.7341133236&w=1090&fwrn=4&fwrnh=100&lmt=1683042182&rafmt=1&format=1090x280&url=http%3A%2F%2Fshowbizstar.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1683042182453&bpp=2&bdt=450&idt=258&shv=r20230426&mjsv=m202304260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=913133703214&frm=20&pv=1&ga_vid=1354988519.1683042183&ga_sid=1683042183&ga_hid=1240913754&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=255&ady=199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44773809%2C44759842%2C44759927%2C44759876%2C44788441%2C44789761%2C44790154&oid=2&pvsid=3649869842442817&tmod=1750032204&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=iSrOsXr4vD&p=http%3A//showbizstar.ru&dtd=262
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 02 May 2023 15:43:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 02 May 2023 15:43:03 GMT

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 696F 0
0 66ms
16ms Fetch 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kMWCFMz6RMIImAKdg2ICAgAAABHlpEOplKiLEIUvUWRnF8gKvH10Im1AAAASAAAKCkFRVUJEd0VCRHc&wp=ZFEvhgALU3kK7ZaGAA1C8J1sDX67kuyCYlOt6Q

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:43:02 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 174446
server: Kestrel
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 5995 145 KB
47 KB 102ms
70ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZFEvhgALU3kK7ZaGAA1C8J1sDX67kuyCYlOt6Q&u=%7CcUQNteQ%2BFsPR3eLSQqMwTkSqlG%2BWzMPMMzcsNIWE4zs%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37ds0oDHxEuxeKn7Xrp6ainli_Cmw5dJSudhYAqTqyTVI_Npph_ZNnhbOLEbwPSW-4xKkJuuhPiTYEg4EGTSn7cl0ckksiVKBJ62_coml-HSzG7Uq0bBCT9N56OChMUcdGWUe5RAJPldtXNow-DGp6_Suk0YnJjubu5SxrI0htH_-AS0SbYgKcfE25GbQiYKfcNbQnI9m1GRFDCRs5HywPfOyXVOWH_ngswRmyhEAK_ZBxX9nDpf70qOoJHHSVBfv1Amu9Mx861o0leLSwgW3-P7C6zUkjrdzqJVRbOTDOJfiM7USCfsULS1BzP6XJyABy1AugIWAp8CToeSM5nz2Z1SUiqJFZy7yK5CIKB4b_Rhi1LB2bFViat6UQbboOruKJ7zGm0YpX9pEGkRlG7_qaqDTw76t2CREtedZJhXXYmNndt-blwdPtWIlGp85nFscpmUissbLf_moR4eGIV-bzrE81XGsQBAQysUdIwgzfPvPUGrrARbMKHtrWko71pvTJj-JUCKRLguGKC6uorHZ7haa2YeZ299V06O6ObAj0EbiieVlFAnW6_WI2WrOxR9CGUYy557HyXj0O4kZKMF-upQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeaAChi9RZPmmLYattgfwhbXIAcme0rFczeGS93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODA0NjI3NTU1NTY3NDczN8gBCakCuEm_tTNnsj6oAwGqBL0BT9CnFK4lpXXEAJG-PBoD3RlHE79jkKBzpduKMXwYIK6nTuO1gcR725__qa6wvuZqUHwtAZhOoMZhqX5Pmo_XkxdwC1XanowzjXr_Boez3o5cA13wJ3UEyRqKY09DKWUEbYsm0U6bBAqS1VCCnnduwofw0r9UmWqWjav_YG0YooTgrH1aJ5HoG9fI5nQXybHFDlNAzbpFYRON5iIkatCvWmTiLs8Xugy_oJ8EzIXPJ_krBbC9361w4qIk7A-AgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1fWb83hculzH81oohMekwgcs1dCw%26client%3Dca-pub-8046275555674737%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

29aab4e8ef36ac96b31bfdc7625207d595e2e0eb03dafe40c8beea0f58faae4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 02 May 2023 15:43:03 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=Rumj1F1dNOfLt25_fLCD8kDlYqSTgcNZJBFszBgd9Zng2LDISXLvgXSVWwHVcEZG8q5TigdTPHREuDG_modpcO5wYHcLFNMbanZOsNxOKDxYcMQkpq9UOsDbxNPg-mTprKOF0pr90HstPG8Q8u2lGYURHvBxa4TsSHmboP9vsWdQqM3RJ08Hs6DaL_z9zcjA3_5b28OhQecqMnVsOSNJ7eG1ByQasJO7vATmi3Z37XHZlUbsY6cDNX3_HRwR8-G3_YgcTQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 53951600
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 696F 3 KB
1 KB 127ms
42ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 14:39:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3813
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 May 2023 14:39:30 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 696F 19 KB
8 KB 122ms
38ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 09:20:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22956
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7966
x-xss-protection: 0
server: cafe
etag: 10783182253924109600
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 May 2023 09:20:27 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 696F 160 KB
49 KB 126ms
46ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcef0a2eb37a3d8e32ddf11f664b3375a06980cf33792aa7bfb798b15cb646d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:43:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50021
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682940967289926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 May 2023 15:43:03 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 5BAB 9 KB
1017 B 49ms
48ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8046275555674737&output=html&h=600&slotname=2633685742&adk=3568234344&adf=2458861518&pi=t.ma~as.2633685742&w=300&fwrn=4&fwrnh=100&lmt=1683042182&rafmt=1&format=300x600&url=http%3A%2F%2Fshowbizstar.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1683042182455&bpp=1&bdt=452&idt=274&shv=r20230426&mjsv=m202304260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280&nras=1&correlator=913133703214&frm=20&pv=1&ga_vid=1354988519.1683042183&ga_sid=1683042183&ga_hid=1240913754&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1045&ady=3543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44773809%2C44759842%2C44759927%2C44759876%2C44788441%2C44789761%2C44790154&oid=2&pvsid=3649869842442817&tmod=1750032204&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=IfZ7UgshdH&p=http%3A//showbizstar.ru&dtd=277

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 02 May 2023 15:43:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 02 May 2023 14:19:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 02 May 2023 15:43:03 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 5995 2 KB
1 KB 56ms
20ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZFEvhgALU3kK7ZaGAA1C8J1sDX67kuyCYlOt6Q&u=%7CcUQNteQ%2BFsPR3eLSQqMwTkSqlG%2BWzMPMMzcsNIWE4zs%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37ds0oDHxEuxeKn7Xrp6ainli_Cmw5dJSudhYAqTqyTVI_Npph_ZNnhbOLEbwPSW-4xKkJuuhPiTYEg4EGTSn7cl0ckksiVKBJ62_coml-HSzG7Uq0bBCT9N56OChMUcdGWUe5RAJPldtXNow-DGp6_Suk0YnJjubu5SxrI0htH_-AS0SbYgKcfE25GbQiYKfcNbQnI9m1GRFDCRs5HywPfOyXVOWH_ngswRmyhEAK_ZBxX9nDpf70qOoJHHSVBfv1Amu9Mx861o0leLSwgW3-P7C6zUkjrdzqJVRbOTDOJfiM7USCfsULS1BzP6XJyABy1AugIWAp8CToeSM5nz2Z1SUiqJFZy7yK5CIKB4b_Rhi1LB2bFViat6UQbboOruKJ7zGm0YpX9pEGkRlG7_qaqDTw76t2CREtedZJhXXYmNndt-blwdPtWIlGp85nFscpmUissbLf_moR4eGIV-bzrE81XGsQBAQysUdIwgzfPvPUGrrARbMKHtrWko71pvTJj-JUCKRLguGKC6uorHZ7haa2YeZ299V06O6ObAj0EbiieVlFAnW6_WI2WrOxR9CGUYy557HyXj0O4kZKMF-upQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeaAChi9RZPmmLYattgfwhbXIAcme0rFczeGS93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODA0NjI3NTU1NTY3NDczN8gBCakCuEm_tTNnsj6oAwGqBL0BT9CnFK4lpXXEAJG-PBoD3RlHE79jkKBzpduKMXwYIK6nTuO1gcR725__qa6wvuZqUHwtAZhOoMZhqX5Pmo_XkxdwC1XanowzjXr_Boez3o5cA13wJ3UEyRqKY09DKWUEbYsm0U6bBAqS1VCCnnduwofw0r9UmWqWjav_YG0YooTgrH1aJ5HoG9fI5nQXybHFDlNAzbpFYRON5iIkatCvWmTiLs8Xugy_oJ8EzIXPJ_krBbC9361w4qIk7A-AgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1fWb83hculzH81oohMekwgcs1dCw%26client%3Dca-pub-8046275555674737%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:43:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 26 Apr 2024 15:43:03 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 5995 2 KB
1 KB 52ms
16ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:43:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 26 Apr 2024 15:43:03 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 5995 308 B
636 B 54ms
19ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:43:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 26 Apr 2024 15:43:03 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 5995 293 B
622 B 51ms
16ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:43:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Fri, 26 Apr 2024 15:43:03 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 5995 43 B
348 B 54ms
18ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=QUdDzbtN-RQUOohkDdd_K8QTT35r8Dcl05D-iyBXqvmbwXpxLGEPkwjyoWXMmeL5D_bIf08avpV4W5bn-7U_Jao5BG5wk0pPShLeyif6dhI1dHULJl5QJ9yzTxaIArkhBHoZqODU2jsqwqRqALdwo01ycAPcgHcY8BqaDBKLH2STxZakZraAT2JyFoCUCgXN8shOh8-Jq8ZJ_GfrIHCBudek-v9qakfqrT4dy4ScfWpbV8nDWCzgwH3eKQ-kr3WHusgkosVY4oYy6Zjoas3jerx1u6RHvPKTM9xY8l1BBnLqvr6IFm2oOWbhOzmkStKQE52uNb95bLkYcQISOSNP-A9x3OUdxc-rdiTmyv0HGk66I4YJujZuZATn_zC4m3idyvEM_8aMs-VU5gdRjxO4x7jcbJHt2qCuhSL_r88nANbgvPTf

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 May 2023 15:43:03 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1765596
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 5BAB 2 KB
846 B 37ms
37ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 20:09:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70438
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 May 2023 20:09:05 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5BAB 0
0 82ms
81ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CBuP1hi9RZMCnLoKytwem-bagB8_Pip5v2JmrltYRm8n2tY0OEAEgoZCCLmCV4pCCoAegAcCJ4foCyAEJqQKNWIRKBfW0PqgDAcgDywSqBMkBT9D9PikCrMvzJTB_GcdugqtX6S8OsLvHILycuFPXpFvNxOd-YnV1fGzCe1KIO10r22m4hgewy-4VECmbD2_r7VITznn_nTzRTNjrT9iviRx-g0aPrvkqFbCXHEaG2VInhHSvjyBUAEMvaUByZ5-b4bdXbmFEeiKXS7MR9enf6pmm67hLE5VPN-CKp-6besR_PoFPOiY20nDg3hP_Mtb8J2HAkeaiT-JkDyzmDbz2Aaqv_O0kc4sH05LqqophtUW4bJgJkjai9qTewAS2qMn20AOSBQQIBBgBkgUECAUYBKAGLoAHqPaehQGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBC9lwPSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDYgUAdAVAZgWAYAXAbIXHAoaCAASFHB1Yi04MDQ2Mjc1NTU1Njc0NzM3GAA&sigh=7dslT087vKs&uach_m=[UACH]&cid=CAQSGwBygQiDnOR-K5xiFSAr2bA0mdOqAN_1G1Aq1xgB&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8046275555674737&output=html&h=600&slotname=2633685742&adk=3568234344&adf=2458861518&pi=t.ma~as.2633685742&w=300&fwrn=4&fwrnh=100&lmt=1683042182&rafmt=1&format=300x600&url=http%3A%2F%2Fshowbizstar.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1683042182455&bpp=1&bdt=452&idt=274&shv=r20230426&mjsv=m202304260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280&nras=1&correlator=913133703214&frm=20&pv=1&ga_vid=1354988519.1683042183&ga_sid=1683042183&ga_hid=1240913754&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1045&ady=3543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44773809%2C44759842%2C44759927%2C44759876%2C44788441%2C44789761%2C44790154&oid=2&pvsid=3649869842442817&tmod=1750032204&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=IfZ7UgshdH&p=http%3A//showbizstar.ru&dtd=277
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 02 May 2023 15:43:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/13866511437101175351/ Frame 5BAB 36 KB
36 KB 40ms
40ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13866511437101175351/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e64c296ec03016c7f655e77f99d655a71e2e98a4dc3613774c2a92fac79b77b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 05:09:06 GMT
x-content-type-options: nosniff
age: 556437
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36430
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 16:54:05 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 25 Apr 2024 05:09:06 GMT

GET
DATA 200
OK truncated
/ Frame 5BAB 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 5BAB 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/ Frame 5BAB 22 KB
9 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec81013fada9e239bb9d91316ba5cdfffaf0f7a1ea4220ae81c271db75b71a5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:12:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1837
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8751
x-xss-protection: 0
server: cafe
etag: 8024400250147624166
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 May 2023 15:12:26 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 5BAB 3 KB
1 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 14:39:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3813
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 May 2023 14:39:30 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 5BAB 19 KB
8 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 09:20:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22956
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7966
x-xss-protection: 0
server: cafe
etag: 10783182253924109600
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 May 2023 09:20:27 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5BAB 160 KB
49 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcef0a2eb37a3d8e32ddf11f664b3375a06980cf33792aa7bfb798b15cb646d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:43:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50021
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682940967289926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 May 2023 15:43:03 GMT

GET
H2 200 dc885651c24f3a38cf2b2dda4c5c7197.js Show response
www.gstatic.com/mysidia/ Frame 5BAB 32 KB
14 KB 126ms
42ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/dc885651c24f3a38cf2b2dda4c5c7197.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14c77f954be37da1e7fba8efd1279e7ece7e384d33b8375d6e6a1ce013daaf47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 12:11:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12690
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13586
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 20:09:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 31 Jul 2023 12:11:33 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 5995 12 KB
5 KB 52ms
21ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:43:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 424769
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yo4ja85Ku2Wwo9IgekVLPjcRtc4gPnKEUMoBiNMPj70pI2vg0OMi8N1%2FiXsHsTKSR5KAfwrufjyagRd2eq6c3W0DytydkcOX2rwEjTJSwfeQurR%2F6qMANUk%2Bsx2AieGRGZnCH%2Fnx255oN%2F5%2BPEEga3Bn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7c1160adcb45927d-FRA
expires: Sun, 21 Apr 2024 15:43:03 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 5995 12 KB
6 KB 19ms
18ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:43:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 26 Apr 2024 15:43:03 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5995 15 KB
15 KB 80ms
32ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=800&m=0&partner=915&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F16%2F16111367MO_14_F.JPG&v=3&w=800&s=a44HdszreB_KvkOLDPhlKsY4&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

108d4173838f9a382cf7d7f380bc034375ad25d28ca4e5ff0e25898c21a29030

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:43:02 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 15546
expires: Tue, 02 Apr 2024 13:22:11 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5995 16 KB
16 KB 72ms
25ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=800&m=0&partner=915&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F16%2F16008048OQ_14_F.JPG&v=3&w=800&s=DwoWFA8C2afSilu0mQDv9uP-&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a440695e0a007d2ca741bbae89df69d572544c20f3da597531c42b4a856474d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:43:02 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 16066
expires: Wed, 03 Apr 2024 16:02:48 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5995 6 KB
6 KB 74ms
27ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=800&m=0&partner=915&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F17%2F17520809DP_14_F.JPG&v=3&w=800&s=i4Cg1fjh6YmiXzn7W6L4pJZ-&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d9d7a127e58c45ac16c95f2635500671e9b93bd932361f0dedeb085354d2d422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:43:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 6324
expires: Tue, 23 Apr 2024 11:22:29 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5995 110 KB
110 KB 87ms
40ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=915&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F915%2F230403%2F22a9cb179f624f09a3e1c5bd28aef15b_img_horizontal_1.jpg&v=3&w=1200&s=KQnj1X8gm47ac8JCmZLg3JjE

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

86423a6ca95e0453e3411953509af199ad1504fb91cc13b567021e7abeed683c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:43:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 112136
expires: Thu, 28 Mar 2024 12:44:43 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 5995 0
128 B 46ms
14ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=Rumj1F1dNOfLt25_fLCD8kDlYqSTgcNZJBFszBgd9Zng2LDISXLvgXSVWwHVcEZG8q5TigdTPHREuDG_modpcO5wYHcLFNMbanZOsNxOKDxYcMQkpq9UOsDbxNPg-mTprKOF0pr90HstPG8Q8u2lGYURHvBxa4TsSHmboP9vsWdQqM3RJ08Hs6DaL_z9zcjA3_5b28OhQecqMnVsOSNJ7eG1ByQasJO7vATmi3Z37XHZlUbsY6cDNX3_HRwR8-G3_YgcTQ&sds=2&rev=86118&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 02 May 2023 15:43:03 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 5995 2 KB
1 KB 22ms
21ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:43:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 26 Apr 2024 15:43:03 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 5995 2 KB
1 KB 18ms
17ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:43:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 26 Apr 2024 15:43:03 GMT

GET
DATA 200
OK truncated
/ Frame 696F 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9ecf36623d7ae48b3b1dda4f4d66966a2f062e2b754fd79d0fa63f8898947837

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 montserrat-400.css
static.criteo.net/design/googlefont/montserrat/ Frame 5995 2 KB
803 B 16ms
16ms Stylesheet
text/css 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/montserrat/montserrat-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a81d25118c6f7d835e9ca132b995b8aca46e3575ee4ab2136ab96ac8d5e4688b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:43:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:06:54 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391ef7e-675"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 26 Apr 2024 15:43:03 GMT

GET
H2 200 montserrat-700.css
static.criteo.net/design/googlefont/montserrat/ Frame 5995 2 KB
803 B 17ms
16ms Stylesheet
text/css 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/montserrat/montserrat-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

77a44f65bb6894c92e3c7ccab98de0fc357172221cc1dd45949ab938c0c7756a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:43:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:06:55 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391ef7f-675"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 26 Apr 2024 15:43:03 GMT

GET
DATA 200
OK truncated
/ Frame 5BAB 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 09df6a6552e9ec0a635e7122ccc7d4c99ae36176c1c84ed34bda715ce29b0695

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 montserrat-400-latin.woff2
static.criteo.net/design/googlefont/montserrat/ Frame 5995 12 KB
13 KB 59ms
20ms Font
application/octet-stream 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/montserrat/montserrat-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/montserrat/montserrat-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

5f9376c77618bf0ef43bcabf8228c9e2befde3731087b944e140a88c34066873

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/montserrat/montserrat-400.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:43:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:06:54 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391ef7e-31a4"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 26 Apr 2024 15:43:03 GMT

GET
H2 200 montserrat-700-latin.woff2
static.criteo.net/design/googlefont/montserrat/ Frame 5995 13 KB
13 KB 73ms
34ms Font
application/octet-stream 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/montserrat/montserrat-700-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/montserrat/montserrat-700.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

28f403366c2c520bfff7d5a0883f1d53e1e87ba1c8202f3f29e6395a0b66806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/montserrat/montserrat-700.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:43:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:06:55 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391ef7f-3230"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 26 Apr 2024 15:43:03 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame 5BAB 29 KB
29 KB 39ms
38ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 22:26:30 GMT
x-content-type-options: nosniff
age: 234993
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29728
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 22:26:30 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304260101/ 148 KB
50 KB 102ms
101ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304260101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3064985f885077e29c807522c002a661513396d58bdc3c1d4f21052812326d85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizstar.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:43:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51489
x-xss-protection: 0
server: cafe
etag: 11101195180575534530
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 May 2023 15:43:03 GMT

GET
H3 200 C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js Show response
pagead2.googlesyndication.com/bg/ Frame AB32 36 KB
14 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b91400591617ff92c9fc737a11b29e3a82e22403987b29811432e1b700371e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 20:12:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 502234
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14118
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Apr 2024 20:12:29 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 78ms
47ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=showbizstar.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizstar.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:43:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 79ms
48ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=showbizstar.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizstar.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:43:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/ Frame A00D 10 KB
4 KB 53ms
44ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://showbizstar.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 32114
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 02 May 2023 06:47:49 GMT
etag: 2378337311435320485
expires: Tue, 16 May 2023 06:47:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/ Frame F3A4 10 KB
4 KB 51ms
40ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://showbizstar.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 32114
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 02 May 2023 06:47:49 GMT
etag: 2378337311435320485
expires: Tue, 16 May 2023 06:47:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/ Frame EBB0 10 KB
4 KB 51ms
42ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://showbizstar.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 32114
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 02 May 2023 06:47:49 GMT
etag: 2378337311435320485
expires: Tue, 16 May 2023 06:47:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 6099 176 KB
54 KB 92ms
91ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZFEvhgALPEUK7erIAADcP-Z9wJCDX1bmJARyEQ&u=%7CcUQNteQ%2BFsPJGMOu8r3xWqschXUhf91gxSR%2Fcs5bzHE%3D%7C&c1=TEbw32HdmhlTb08vzaRE0-J3aJQULXRb6S19EAZ80X2gBTzv4Dq5xMxb2AiDpyinZYbjjDWoUakywjYenlSNcek6oZZCdZfoDcjY8GnP4pBllRv5p2m4U889pTFlmwvpJ0ZuHwAdZap1qmw8jzxUmNiVQWwBpn8QgDdIySWhf0fuzGumWH5In-PgvAT1R55FVxMkYkS2R39GCFceY94BQXZgV_kSW8f0wBqdfBrZQPLnyLnRw-Qo5f_4pSdY5d2xjPZdoTl6NF0q2RssMlPLhL7UBut5EGL1fx2mo9EP_YrijzDPckfpCcAGPI-CR5Qc2Tjkv4P_uPJSVuyfzmcgeTafi6XTGo0iURXWMaJdUlEVfIT1tA6mKN7j4Q-iVjoXQM_DpjCrBOKSIcl6Ke6aSIt8_qgYW-gsvtAEfpyt0IBuozv30b-G9i_b4_rPFNkPk8szWY8GRLh-kXtxacpn4Bmjsy9N63_XPR9WIGsQmjLgP2U7eiCkf0XL5ohAApGESTkYDFUhSHnxeSXMUljLAo8bDkH8kgmxk3OBXUueuLXYE-9LZoeDATCtvFUu37HYd0m34PtuLvwFjKP6Ll25mOoMA4DCF3MkP2um3Gs2ttJfaxfjRhI8tcgBtdgd0Xdv&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm8e8hi9RZMX4LMjVtwe_uIOQD8me0rFcjfDi1pMBwI23ARABIABgleKQgqAHggEXY2EtcHViLTgwNDYyNzU1NTU2NzQ3MzfIAQmpArhJv7UzZ7I-qAMBqgS8AU_QmGzyd4PbXmPT7FqqCPvIy2nh46q5ZhW_x5aY4Y0A8l-X8dYQPuVsayxEWLQpvSEKHmPXcz943NNEPElLxuL0wM3clCnXWz2kd_x5wSeYcLPUI8JJ5Mj8WIsV_YLPbnqAQS9_7hK_MliUilahan8vAm3hS9tcI4pJUeuZoPmV6c6XEPWv060EuHUeV8kxGMJJL804gGMUkMnTYNpnCOvSxugVzqXX4gNY5KdhPrBcm1TkbVPRC5wtXqqdgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1-KCxNJ-LerkFBzmGqTbI39oPYTQ%26client%3Dca-pub-8046275555674737%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4c6d0852e50ee0a548650e749858af9b0e5154a463f5c0e60839efb931e8dc45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 02 May 2023 15:43:03 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=1H5LyV1dNOfLt25_1NolGFVGWPqCE2PwhjrY1qu_6qLUP303K3LeOYr4j06IgvAhwEWTvRPZr4cJgvoGngEIu4ufDj76WlecdpQiPTi8_leqD6Zm10GLeWaTt72WILN0S216KAYzAwxunBlfoQbqC3QjzbkyD5EQNW43nKb9ri1GhVcO_aEnFLKLRCoqhRViaUzs6pqpLsUlP9dSm6QQie52lZwX4SK1qWYDdjNUE9YhskOwzJwHoR4FthKObyeSS5JhUw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 67678987
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame A00D 3 KB
1 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 14:39:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3813
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 May 2023 14:39:30 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame A00D 19 KB
8 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 09:20:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22956
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7966
x-xss-protection: 0
server: cafe
etag: 10783182253924109600
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 May 2023 09:20:27 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A00D 160 KB
49 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcef0a2eb37a3d8e32ddf11f664b3375a06980cf33792aa7bfb798b15cb646d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:43:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50021
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682940967289926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 May 2023 15:43:03 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/ Frame F3A4 22 KB
9 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec81013fada9e239bb9d91316ba5cdfffaf0f7a1ea4220ae81c271db75b71a5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:12:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1837
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8751
x-xss-protection: 0
server: cafe
etag: 8024400250147624166
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 May 2023 15:12:26 GMT

GET
H3 200 10687626274755950680
tpc.googlesyndication.com/simgad/ Frame F3A4 145 KB
145 KB 75ms
75ms Image
image/gif 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10687626274755950680

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

846498b01abdb8f4be4e0806ff5144ca647e1ab278c570af13ffc9dafa345068

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 06:31:36 GMT
x-content-type-options: nosniff
age: 292287
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 148440
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 15:39:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 28 Apr 2024 06:31:36 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame F3A4 3 KB
1 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 14:39:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3813
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 May 2023 14:39:30 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame F3A4 19 KB
8 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 09:20:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22956
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7966
x-xss-protection: 0
server: cafe
etag: 10783182253924109600
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 May 2023 09:20:27 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F3A4 160 KB
49 KB 67ms
66ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcef0a2eb37a3d8e32ddf11f664b3375a06980cf33792aa7bfb798b15cb646d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:43:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50021
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682940967289926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 May 2023 15:43:03 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame F3A4 32 KB
13 KB 66ms
66ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

19e108654cdad8d8c68a56b51a36b7412d0f1a5b3062d8f0dcef455e193fa324

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 22:12:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63058
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13029
x-xss-protection: 0
server: cafe
etag: 10977537620671291280
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 May 2023 22:12:05 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame EEB5 624 B
245 B 85ms
77ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMvN-gEQ3_CHsQMYnIes5gEwAQ&v=APEucNXyHglAl3ibpHHlSNv6_nIs6eE1ORlmvg3YfHcCCQbfER95-BOUNH_uivTysxfpoI-oGcElNS_64ymelMusZI97BiawLpuvDXfsHPycfyGx0MMQmzFaCkEVH75FLAaVU_QyjpQ3mmxgzEGu1nKKhS6kbUMrwUTzeO0eWXBbjNFQHM4CUBo

Requested by

Host: showbizstar.ru
URL: http://showbizstar.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 02 May 2023 15:43:03 GMT
expires: Tue, 02 May 2023 15:43:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame FF05 78 KB
27 KB 90ms
90ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: showbizstar.ru
URL: http://showbizstar.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:43:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28043
x-xss-protection: 0
server: cafe
etag: 15270303690107644053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 02 May 2023 15:43:03 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame FF05 3 KB
1 KB 79ms
77ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js

Requested by

Host: showbizstar.ru
URL: http://showbizstar.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 14:39:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3813
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 May 2023 14:39:30 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame FF05 19 KB
8 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: showbizstar.ru
URL: http://showbizstar.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 09:20:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22956
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7966
x-xss-protection: 0
server: cafe
etag: 10783182253924109600
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 May 2023 09:20:27 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FF05 160 KB
49 KB 91ms
90ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: showbizstar.ru
URL: http://showbizstar.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcef0a2eb37a3d8e32ddf11f664b3375a06980cf33792aa7bfb798b15cb646d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:43:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50021
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682940967289926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 May 2023 15:43:03 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame FF05 42 B
63 B 145ms
144ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BLo_FQkAHaOQkZbLv9cT2nvevE5UhwyqT4BA_1szXfucJ9enSgNvkt4P3b_muOfYvn6vqqBzdYS28Ud5JlryGj8LGr8qNaUgDOyc9ixHe3S2Ik8qM

Requested by

Host: showbizstar.ru
URL: http://showbizstar.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 May 2023 15:43:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FF05 0
20 B 144ms
143ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=7146452841508732809&x=1&ct=119

Requested by

Host: showbizstar.ru
URL: http://showbizstar.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 May 2023 15:43:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B8DD 143 B
166 B 39ms
39ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2011
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 02 May 2023 15:09:32 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 6099 2 KB
1 KB 23ms
22ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZFEvhgALPEUK7erIAADcP-Z9wJCDX1bmJARyEQ&u=%7CcUQNteQ%2BFsPJGMOu8r3xWqschXUhf91gxSR%2Fcs5bzHE%3D%7C&c1=TEbw32HdmhlTb08vzaRE0-J3aJQULXRb6S19EAZ80X2gBTzv4Dq5xMxb2AiDpyinZYbjjDWoUakywjYenlSNcek6oZZCdZfoDcjY8GnP4pBllRv5p2m4U889pTFlmwvpJ0ZuHwAdZap1qmw8jzxUmNiVQWwBpn8QgDdIySWhf0fuzGumWH5In-PgvAT1R55FVxMkYkS2R39GCFceY94BQXZgV_kSW8f0wBqdfBrZQPLnyLnRw-Qo5f_4pSdY5d2xjPZdoTl6NF0q2RssMlPLhL7UBut5EGL1fx2mo9EP_YrijzDPckfpCcAGPI-CR5Qc2Tjkv4P_uPJSVuyfzmcgeTafi6XTGo0iURXWMaJdUlEVfIT1tA6mKN7j4Q-iVjoXQM_DpjCrBOKSIcl6Ke6aSIt8_qgYW-gsvtAEfpyt0IBuozv30b-G9i_b4_rPFNkPk8szWY8GRLh-kXtxacpn4Bmjsy9N63_XPR9WIGsQmjLgP2U7eiCkf0XL5ohAApGESTkYDFUhSHnxeSXMUljLAo8bDkH8kgmxk3OBXUueuLXYE-9LZoeDATCtvFUu37HYd0m34PtuLvwFjKP6Ll25mOoMA4DCF3MkP2um3Gs2ttJfaxfjRhI8tcgBtdgd0Xdv&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm8e8hi9RZMX4LMjVtwe_uIOQD8me0rFcjfDi1pMBwI23ARABIABgleKQgqAHggEXY2EtcHViLTgwNDYyNzU1NTU2NzQ3MzfIAQmpArhJv7UzZ7I-qAMBqgS8AU_QmGzyd4PbXmPT7FqqCPvIy2nh46q5ZhW_x5aY4Y0A8l-X8dYQPuVsayxEWLQpvSEKHmPXcz943NNEPElLxuL0wM3clCnXWz2kd_x5wSeYcLPUI8JJ5Mj8WIsV_YLPbnqAQS9_7hK_MliUilahan8vAm3hS9tcI4pJUeuZoPmV6c6XEPWv060EuHUeV8kxGMJJL804gGMUkMnTYNpnCOvSxugVzqXX4gNY5KdhPrBcm1TkbVPRC5wtXqqdgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1-KCxNJ-LerkFBzmGqTbI39oPYTQ%26client%3Dca-pub-8046275555674737%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:43:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 26 Apr 2024 15:43:03 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 6099 2 KB
1 KB 22ms
22ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:43:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 26 Apr 2024 15:43:03 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 6099 308 B
636 B 17ms
16ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:43:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 26 Apr 2024 15:43:03 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 6099 293 B
621 B 16ms
15ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:43:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Fri, 26 Apr 2024 15:43:03 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 6099 43 B
347 B 17ms
17ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=cIK5H7tN-RQUOohkDdd_K8QTT34jT94gB_B5zakmVxnHgO1mC792nHdd3QpqGZ3jjWU5198tyDhglB_CDCzTDcw6-kFwj8sMHtn0onoVxt53ldeghNiP0L3LxACYCIuCHebj9SJJPDXUrSolF7rE7KW9BgMDui_2SgPhal6DhL1l_141dnoldgrQZc9qc-ZH-e-oQSOe_VKNPQz_AOIQLkxfZcxFMAqP5pfaUiAkziwmgTtMFzk75PhjnDbrNX3KZmaWd0ZnhvIZZo2_2KUh3wIpvyV5hbrKMdFepgvMN_ouwOmxN3DZY-q1t77CSd-5cfQNelAjnRgkEbMwOdjb8ggWjb20TNQt8nm_2Ky0UqE2aG8tP-MUAgU2MaCliAeA-qU3dW5aNIPSeUkHrdjwl0Dasg8fFCzzgderayNcJpsACppB

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 May 2023 15:43:03 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1863085
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 6099 12 KB
5 KB 22ms
22ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:43:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 424769
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CZ3Jubf4WkuGjGq2Wwuw8%2FailzOedp3IGvTWDoSq87rVlL%2BdM4D48BGeYvMR9z9Bj%2Fi51VQAxO7eA2PlXSAwzW23xXG8LL%2FX%2FyYU5SMlUcNiGzlxfalBAwlBXanUJGwMP3JferGiyM9w8WGfxm1PdhXk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7c1160b17ed8927d-FRA
expires: Sun, 21 Apr 2024 15:43:03 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 6099 12 KB
6 KB 30ms
29ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:43:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 26 Apr 2024 15:43:03 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame EEB5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECLiF01rhXMiJcb3EplbdRo&google_cver=1

43 B
766 B

7ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECLiF01rhXMiJcb3EplbdRo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMvN-gEQ3_CHsQMYnIes5gEwAQ&v=APEucNXyHglAl3ibpHHlSNv6_nIs6eE1ORlmvg3YfHcCCQbfER95-BOUNH_uivTysxfpoI-oGcElNS_64ymelMusZI97BiawLpuvDXfsHPycfyGx0MMQmzFaCkEVH75FLAaVU_QyjpQ3mmxgzEGu1nKKhS6kbUMrwUTzeO0eWXBbjNFQHM4CUBo
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 May 2023 15:43:04 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 02 May 2023 15:43:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECLiF01rhXMiJcb3EplbdRo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame EEB5
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZFEvh.12LSE9NPxVh5auCgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECLiF01rhXMiJcb3EplbdRo&google_cver=1&google_hm=2

43 B
766 B

14ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECLiF01rhXMiJcb3EplbdRo&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMvN-gEQ3_CHsQMYnIes5gEwAQ&v=APEucNXyHglAl3ibpHHlSNv6_nIs6eE1ORlmvg3YfHcCCQbfER95-BOUNH_uivTysxfpoI-oGcElNS_64ymelMusZI97BiawLpuvDXfsHPycfyGx0MMQmzFaCkEVH75FLAaVU_QyjpQ3mmxgzEGu1nKKhS6kbUMrwUTzeO0eWXBbjNFQHM4CUBo
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 May 2023 15:43:04 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 02 May 2023 15:43:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECLiF01rhXMiJcb3EplbdRo&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame EEB5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESED-1Iar4g9F9wGMZkDex6EM&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESED-1Iar4g9F9wGMZkDex6EM%26google_cver%3D1

43 B
1 KB

14ms
14ms

Image
image/gif

185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESED-1Iar4g9F9wGMZkDex6EM%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMvN-gEQ3_CHsQMYnIes5gEwAQ&v=APEucNXyHglAl3ibpHHlSNv6_nIs6eE1ORlmvg3YfHcCCQbfER95-BOUNH_uivTysxfpoI-oGcElNS_64ymelMusZI97BiawLpuvDXfsHPycfyGx0MMQmzFaCkEVH75FLAaVU_QyjpQ3mmxgzEGu1nKKhS6kbUMrwUTzeO0eWXBbjNFQHM4CUBo

Protocol

HTTP/1.1

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 May 2023 15:43:04 GMT
AN-X-Request-Uuid: 36bfda4e-e28a-448a-bd02-a2e97d73db68
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 02 May 2023 15:43:04 GMT
AN-X-Request-Uuid: fc6dee67-8afd-48b0-a2b9-667d777a8d6d
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESED-1Iar4g9F9wGMZkDex6EM%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame EEB5
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE0MzA5Mjk2NTgzMTUyNDEyOQ%3D%3D

170 B
243 B

46ms
46ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE0MzA5Mjk2NTgzMTUyNDEyOQ%3D%3D

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 May 2023 15:43:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 02 May 2023 15:43:04 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 5afcfbba-a081-4718-9ae5-1420233c6610
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE0MzA5Mjk2NTgzMTUyNDEyOQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 6099 0
127 B 14ms
14ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=1H5LyV1dNOfLt25_1NolGFVGWPqCE2PwhjrY1qu_6qLUP303K3LeOYr4j06IgvAhwEWTvRPZr4cJgvoGngEIu4ufDj76WlecdpQiPTi8_leqD6Zm10GLeWaTt72WILN0S216KAYzAwxunBlfoQbqC3QjzbkyD5EQNW43nKb9ri1GhVcO_aEnFLKLRCoqhRViaUzs6pqpLsUlP9dSm6QQie52lZwX4SK1qWYDdjNUE9YhskOwzJwHoR4FthKObyeSS5JhUw&sds=2&rev=86118&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 02 May 2023 15:43:03 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 6099 2 KB
1 KB 15ms
15ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:43:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 26 Apr 2024 15:43:03 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 6099 2 KB
1 KB 18ms
18ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:43:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 26 Apr 2024 15:43:03 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FF05 0
20 B 139ms
138ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3397626113560&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 May 2023 15:43:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FF05 0
20 B 139ms
139ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3397626113560&version=m202301230201&ct=119&x=1&cor=7146452841508733000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 May 2023 15:43:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame FF05 81 KB
34 KB 75ms
75ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cwi0S36x11sqbjta2oA0cC0FGjmNLr7WXcNzog8AwrlLa-9Ogjun3vM0-q8axNEOeRCpNErNQ8X--YPqEjuJ9OJBWQz_s6Aq2ZG_tivqwaSPqch03bZdomBIp1js39niXYJxbs8VxTFigNp9y36iWw54YbGBfBstAXxDp2inIBRty6fQU&cry=1&dbm_d=AKAmf-Agy8--r2_-pex6YSDQmmG6MIxkgnjIFgarkFzIsByZSXcY1tbdH1QiUV4L-qn4_q5UP1LkzOpO2PKhVRwdorFHQttcqBrMlbhHhjO3iN2qRhrdURXUbHso-S2W8In-6TfWDRfiXHKsVR_Ulv3Qs0Xnm03v7XOndbvUfIYR7kPvwq1YxQkHisCuw3XCTQoIkoNJFBU_Q1ALDS-G-mN66m4UWbpMhVLHgQB2weBZs16sf2C7rc9t7UyCya0wHXzrxdx0EWoRVs5-Ir0Gv8Xw1NKiA7nPzheQ1GvislmktN6gtTdrqh_O4I8P99jjeq1KjqHQCFT4H_52wfwZ8JFAnAJKnhVwN-YiNw3KU7xaPB4PEoluCCNUB2WKcE4CtG_Ad_pv-0iRZd02-wsdwjqhm-yJhldy6PcPJJ5lXmrJDCq_iyWaIRd5-GVE6ynJ2vTYFj6oUJWj3dQpqhkhVYncGK7B6Z_2Ul9tjf5Fbo8-ue5Jyo4FLj1KUFw8zDMclkf4c26ZS7NNHdm5sPiHQSaEki09LdzT4IufgK06-QP32cVAGK1ORqcKejMO1t_QVM4adtmEwYJvSCnIIkimp-llTk4A1FNFPgu6adM_woMBC9j0z1meXivNF1E2H6WxW9r6FMYMmNgnkIlJZPkMyeT81OteA7GaP6a8PHIqpIk1CpA_dUwb_cbT0qK7r0bTH5TInJynFWLw1JO-LY8Fg4_YVMRlMaaCt4VlJwQ9nsl06vBmA7f6F_ujGYTPR8NyDgFC3pYIqoKGhPd17nTlnK98kJC_moIl6wljyJOidNuUz2hRevdTWMDzvojTOnlxSHTqSaARdNScAhEW5fCkMRDrEsthgJ5MULOZI70nRnQk-xwcn9657JocgZakTX3VxfEfegVQ4_Q2oJGGsxUTgblwPtg_gtQ5bT_yxwI1j01b80cAJHkcPURsAzjfnObCVmbg70nZYplyZzNI8htJroyTgpTFSyMW1s6tt1UVRr4ojbHR4Kh7PPCuxTVkInnfnzJNhfJdGweQhBxF7Jc_XUHTAN4r4Re8L3sSxI8S3U7XdnTp2ozxJdg1z-lj0OKdx_PH195E3l_BrveGUDjMOwsvKSewV_D0ZgS8X6NrVcmIOhJdoHYO2z8IZKBtAX3Rp6OZ3lc7qSrmxORvN3E4NmsHxgQcUCRqGwc4PpaXEGPBLu0vSn5EAAC6qKqa4FVcn5DgdmEjJiBfWDQK9y4ZZAjMAPkW48SX-FGVtsShLox2k2TeXCmXVseH1WOWNRgolY9qv6r3X2Arz1hjXFPpivPmfWz7AojWSb2ew8ZQeUs3Lc7U1EjXhafKpItUYRT-R2EYWg1Vm2WsQ12C7NAjygNbongnVEPjw8Ns6gt5QMdRA5GViMe5k8mb5NdrCCS4Mq2HzXCTTxyC_K_ugZMEbyS09ggaHd5C3Ccaz3rXqo69TCmYZuqiuX3KG0JQ_vI61nT3urZsxk1QiwaJaeNdBBbwXBmT0PMqi_5hDtNWnEczC36YGKHCirOJ4qeZ3lzGaMS1TBncjVqjaQ1ow-Y5_vbpUmB0aXPMXzqL5plW6qMyDvffg6PdyKhkzioMkVDaAeqtqN-_LAQxM5u69-N73d_NGFzB7m3W33HzU7dffrYnZ_ndKRPEqR-pLzUlrq1GscZ79-TiIHovbNY8rLviQBwKz_iez2b5MJ_za1vlryx3J8kW6BVlO7YZz31L2Pwndvy2LPAWeMTrEU_QbQIgbvZqsSIe9f58aYl_iD8Ey_IW-wBPQW3fr2RgVoJXnrHe-MoehB4oOMgLObHX-Jopvp1NLTjzs5wi-lKUZOZjZPiFJmwD_WO1z_amtvBbzyENckw4fN35GZcZd1m4BXxYgiWQV3rd1nv-5AYC8pk7m-tKMkBZc0iaDbU2VHQTc1A84CqKMMh4R9ZKXyJ3NSZpidE-n5Umu_mWQrqLsbwWu6QeUJUgqsiwuqlj2Jvdt18DyNG4GqKHTQCeazavNkDBOmx7XZO0OW_q3fMd0qNDoM2RpcDvCWBLF64mX-r2v96ye_GLx2HDgN_saQsuAsFPsmuALuFhQNu-e8AklFmBc8fsneE3Xkx7lQCPVvLNHL-GHZmxZEvU06iemg8z2cGyYnwYCanVe0UpwvAgvneqithDUzq7ZAcGlwj1o_TGt7-PXNlfGmSu5_hbsYq8zQx-3cdi_UC0n-Kd-6nRk6Y5zg1p_1E974by_2QHIJCRZk3UNXXZELKCWXzZ26RrCpLoA_fQycD71XRAjWN-QzaWJpCUaqUCf2Iyerc0k0KO9jCIUrWdLeBvYOWqqz5dZJDlNvEVCLuBmLgx0Y5npxiqCJXdzVpE6Fq04kSkjmjeeOqHimLz4lPs5jg8n8zPH9ft0AYchn4kCC11BczwNwlsoJUqfIHfOqqTQWH1gsch_oopX3QreeovuDWaz7WTqkWT529DE6xtSHddz4zwaNQJte7h6VEas5PjI8Sp4-D9_lnLuawEdB56SaibG8yd9MAQ_TgIcPIe16oIuh8GTaYRsK0ZOZ5lAWJuyCzBcPoZJsZwnrsVUHUjlPxEeO8X0hoajcBUsAP3m3LyTWS3N188v1p0ju_eNLVO_HLU5SmKxr348-D6lSWDv0UPfbOb3shUursdxlM_fnQ-mCkSF7o9kbPmKc_9iVmdzS60ZeA_-RH8s4uBZMSel74trnfhevQm3qChJSgrEOVvkyruSGmSE7-2PGEcvGp0I-gefw2K0xsXCSy8-78aYnhXIfA6-Mb1laS-HyoRTuSaUPUHnCQI7RY6VAi4ZuJ8dQr6TBcbY1Ynv-a4FvQammVENK3mYjoLmyQuywGnpay1lfBpE3nsynQ_qNa7opPPsWEwNTkRQduI9t0qM8h8xODXIvG7nDEFCtu7GR56mH-JQEdBkIlK_pKqKdkHzh43xDCAjQUCO1CrWGe3h1XNyCE0wORyF1KlHPbuqK5zNSxFriDkVv8AEeEFxvT5roL1z_HuU5rZ3HtY-ROGnvwHByeK-tKhLxrWqAuYslGeAf3gnm4grRm2vP8AL3RmBWW0A9uWwT3TYutOk75Zh8YDb5e8oPkDdpyZcsYDBUpUFmd-E1tgLhtH2Ac0-xhY-0FHPia8-Ee4_Kwd1EmmsA4gtcaZbMaCkJoZCWoS-GyeqQLmd6HiqRHi5g_vlcO2A0j9AU2AbHn_LBf6JgST3GUlvsnzSYmjVi2RI7fxoziU4Htg-zCsn2cd_pHS_SIYPokhpDUu798ndof2npVTJv7uABOkcrL6mlnj8OqfcBt8ByOH_QPc2VNf6twYxNxw-5OvhuD7P-1RrZjJ1RxoDVCj8Qx0nzObLBNRi5gRjBvF80PtGw&cid=CAQSGwBygQiD6GUGKRzrP4EMfzwbtr-SzTMFjhZUHBgB&dv3_ver=m202301230201&rfl=http%3A%2F%2Fshowbizstar.ru%2F&ds=l&xdt=1&iif=1&cor=7146452841508733000&adk=521587874&idt=99&cac=0&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d627d5f88f86813c582ecb5622da7243ab3327ebf83db188fd5211643ca5e6a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 May 2023 15:43:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34990
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B8DD
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

48ms
47ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 02 May 2023 15:43:04 GMT
expires: Tue, 02 May 2023 15:43:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 02 May 2023 15:43:04 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 montserrat-400.css
static.criteo.net/design/googlefont/montserrat/ Frame 6099 2 KB
803 B 18ms
17ms Stylesheet
text/css 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/montserrat/montserrat-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a81d25118c6f7d835e9ca132b995b8aca46e3575ee4ab2136ab96ac8d5e4688b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:43:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:06:54 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391ef7e-675"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 26 Apr 2024 15:43:04 GMT

GET
H2 200 montserrat-700.css
static.criteo.net/design/googlefont/montserrat/ Frame 6099 2 KB
803 B 16ms
16ms Stylesheet
text/css 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/montserrat/montserrat-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

77a44f65bb6894c92e3c7ccab98de0fc357172221cc1dd45949ab938c0c7756a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:43:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:06:55 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391ef7f-675"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 26 Apr 2024 15:43:04 GMT

GET
H2 200 montserrat-400-latin.woff2
static.criteo.net/design/googlefont/montserrat/ Frame 6099 12 KB
13 KB 27ms
26ms Font
application/octet-stream 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/montserrat/montserrat-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/montserrat/montserrat-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

5f9376c77618bf0ef43bcabf8228c9e2befde3731087b944e140a88c34066873

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/montserrat/montserrat-400.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:43:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:06:54 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391ef7e-31a4"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 26 Apr 2024 15:43:04 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame FF05 106 KB
37 KB 126ms
39ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: showbizstar.ru
URL: http://showbizstar.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 09:27:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22551
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 03 May 2023 09:27:13 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/ Frame FF05 11 KB
4 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cwi0S36x11sqbjta2oA0cC0FGjmNLr7WXcNzog8AwrlLa-9Ogjun3vM0-q8axNEOeRCpNErNQ8X--YPqEjuJ9OJBWQz_s6Aq2ZG_tivqwaSPqch03bZdomBIp1js39niXYJxbs8VxTFigNp9y36iWw54YbGBfBstAXxDp2inIBRty6fQU&cry=1&dbm_d=AKAmf-Agy8--r2_-pex6YSDQmmG6MIxkgnjIFgarkFzIsByZSXcY1tbdH1QiUV4L-qn4_q5UP1LkzOpO2PKhVRwdorFHQttcqBrMlbhHhjO3iN2qRhrdURXUbHso-S2W8In-6TfWDRfiXHKsVR_Ulv3Qs0Xnm03v7XOndbvUfIYR7kPvwq1YxQkHisCuw3XCTQoIkoNJFBU_Q1ALDS-G-mN66m4UWbpMhVLHgQB2weBZs16sf2C7rc9t7UyCya0wHXzrxdx0EWoRVs5-Ir0Gv8Xw1NKiA7nPzheQ1GvislmktN6gtTdrqh_O4I8P99jjeq1KjqHQCFT4H_52wfwZ8JFAnAJKnhVwN-YiNw3KU7xaPB4PEoluCCNUB2WKcE4CtG_Ad_pv-0iRZd02-wsdwjqhm-yJhldy6PcPJJ5lXmrJDCq_iyWaIRd5-GVE6ynJ2vTYFj6oUJWj3dQpqhkhVYncGK7B6Z_2Ul9tjf5Fbo8-ue5Jyo4FLj1KUFw8zDMclkf4c26ZS7NNHdm5sPiHQSaEki09LdzT4IufgK06-QP32cVAGK1ORqcKejMO1t_QVM4adtmEwYJvSCnIIkimp-llTk4A1FNFPgu6adM_woMBC9j0z1meXivNF1E2H6WxW9r6FMYMmNgnkIlJZPkMyeT81OteA7GaP6a8PHIqpIk1CpA_dUwb_cbT0qK7r0bTH5TInJynFWLw1JO-LY8Fg4_YVMRlMaaCt4VlJwQ9nsl06vBmA7f6F_ujGYTPR8NyDgFC3pYIqoKGhPd17nTlnK98kJC_moIl6wljyJOidNuUz2hRevdTWMDzvojTOnlxSHTqSaARdNScAhEW5fCkMRDrEsthgJ5MULOZI70nRnQk-xwcn9657JocgZakTX3VxfEfegVQ4_Q2oJGGsxUTgblwPtg_gtQ5bT_yxwI1j01b80cAJHkcPURsAzjfnObCVmbg70nZYplyZzNI8htJroyTgpTFSyMW1s6tt1UVRr4ojbHR4Kh7PPCuxTVkInnfnzJNhfJdGweQhBxF7Jc_XUHTAN4r4Re8L3sSxI8S3U7XdnTp2ozxJdg1z-lj0OKdx_PH195E3l_BrveGUDjMOwsvKSewV_D0ZgS8X6NrVcmIOhJdoHYO2z8IZKBtAX3Rp6OZ3lc7qSrmxORvN3E4NmsHxgQcUCRqGwc4PpaXEGPBLu0vSn5EAAC6qKqa4FVcn5DgdmEjJiBfWDQK9y4ZZAjMAPkW48SX-FGVtsShLox2k2TeXCmXVseH1WOWNRgolY9qv6r3X2Arz1hjXFPpivPmfWz7AojWSb2ew8ZQeUs3Lc7U1EjXhafKpItUYRT-R2EYWg1Vm2WsQ12C7NAjygNbongnVEPjw8Ns6gt5QMdRA5GViMe5k8mb5NdrCCS4Mq2HzXCTTxyC_K_ugZMEbyS09ggaHd5C3Ccaz3rXqo69TCmYZuqiuX3KG0JQ_vI61nT3urZsxk1QiwaJaeNdBBbwXBmT0PMqi_5hDtNWnEczC36YGKHCirOJ4qeZ3lzGaMS1TBncjVqjaQ1ow-Y5_vbpUmB0aXPMXzqL5plW6qMyDvffg6PdyKhkzioMkVDaAeqtqN-_LAQxM5u69-N73d_NGFzB7m3W33HzU7dffrYnZ_ndKRPEqR-pLzUlrq1GscZ79-TiIHovbNY8rLviQBwKz_iez2b5MJ_za1vlryx3J8kW6BVlO7YZz31L2Pwndvy2LPAWeMTrEU_QbQIgbvZqsSIe9f58aYl_iD8Ey_IW-wBPQW3fr2RgVoJXnrHe-MoehB4oOMgLObHX-Jopvp1NLTjzs5wi-lKUZOZjZPiFJmwD_WO1z_amtvBbzyENckw4fN35GZcZd1m4BXxYgiWQV3rd1nv-5AYC8pk7m-tKMkBZc0iaDbU2VHQTc1A84CqKMMh4R9ZKXyJ3NSZpidE-n5Umu_mWQrqLsbwWu6QeUJUgqsiwuqlj2Jvdt18DyNG4GqKHTQCeazavNkDBOmx7XZO0OW_q3fMd0qNDoM2RpcDvCWBLF64mX-r2v96ye_GLx2HDgN_saQsuAsFPsmuALuFhQNu-e8AklFmBc8fsneE3Xkx7lQCPVvLNHL-GHZmxZEvU06iemg8z2cGyYnwYCanVe0UpwvAgvneqithDUzq7ZAcGlwj1o_TGt7-PXNlfGmSu5_hbsYq8zQx-3cdi_UC0n-Kd-6nRk6Y5zg1p_1E974by_2QHIJCRZk3UNXXZELKCWXzZ26RrCpLoA_fQycD71XRAjWN-QzaWJpCUaqUCf2Iyerc0k0KO9jCIUrWdLeBvYOWqqz5dZJDlNvEVCLuBmLgx0Y5npxiqCJXdzVpE6Fq04kSkjmjeeOqHimLz4lPs5jg8n8zPH9ft0AYchn4kCC11BczwNwlsoJUqfIHfOqqTQWH1gsch_oopX3QreeovuDWaz7WTqkWT529DE6xtSHddz4zwaNQJte7h6VEas5PjI8Sp4-D9_lnLuawEdB56SaibG8yd9MAQ_TgIcPIe16oIuh8GTaYRsK0ZOZ5lAWJuyCzBcPoZJsZwnrsVUHUjlPxEeO8X0hoajcBUsAP3m3LyTWS3N188v1p0ju_eNLVO_HLU5SmKxr348-D6lSWDv0UPfbOb3shUursdxlM_fnQ-mCkSF7o9kbPmKc_9iVmdzS60ZeA_-RH8s4uBZMSel74trnfhevQm3qChJSgrEOVvkyruSGmSE7-2PGEcvGp0I-gefw2K0xsXCSy8-78aYnhXIfA6-Mb1laS-HyoRTuSaUPUHnCQI7RY6VAi4ZuJ8dQr6TBcbY1Ynv-a4FvQammVENK3mYjoLmyQuywGnpay1lfBpE3nsynQ_qNa7opPPsWEwNTkRQduI9t0qM8h8xODXIvG7nDEFCtu7GR56mH-JQEdBkIlK_pKqKdkHzh43xDCAjQUCO1CrWGe3h1XNyCE0wORyF1KlHPbuqK5zNSxFriDkVv8AEeEFxvT5roL1z_HuU5rZ3HtY-ROGnvwHByeK-tKhLxrWqAuYslGeAf3gnm4grRm2vP8AL3RmBWW0A9uWwT3TYutOk75Zh8YDb5e8oPkDdpyZcsYDBUpUFmd-E1tgLhtH2Ac0-xhY-0FHPia8-Ee4_Kwd1EmmsA4gtcaZbMaCkJoZCWoS-GyeqQLmd6HiqRHi5g_vlcO2A0j9AU2AbHn_LBf6JgST3GUlvsnzSYmjVi2RI7fxoziU4Htg-zCsn2cd_pHS_SIYPokhpDUu798ndof2npVTJv7uABOkcrL6mlnj8OqfcBt8ByOH_QPc2VNf6twYxNxw-5OvhuD7P-1RrZjJ1RxoDVCj8Qx0nzObLBNRi5gRjBvF80PtGw&cid=CAQSGwBygQiD6GUGKRzrP4EMfzwbtr-SzTMFjhZUHBgB&dv3_ver=m202301230201&rfl=http%3A%2F%2Fshowbizstar.ru%2F&ds=l&xdt=1&iif=1&cor=7146452841508733000&adk=521587874&idt=99&cac=0&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 09:20:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22956
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4122
x-xss-protection: 0
server: cafe
etag: 11429739870029468282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 May 2023 09:20:28 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/ Frame FF05 28 KB
11 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

750d70bfb8a9982b827656699387de0b63da65b2e9a247768005d9775bad42b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 09:20:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22956
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10878
x-xss-protection: 0
server: cafe
etag: 6410051166583139006
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 May 2023 09:20:28 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame FF05 41 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 09:20:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22956
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 May 2024 09:20:28 GMT

GET
DATA 200
OK truncated
/ Frame FF05 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67269c188734c4a76b48b8b1d99901bfd340ae4af7293c6516cad1ac2bc62362

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 3B19 22 KB
8 KB 39ms
38ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1516
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 02 May 2023 15:17:48 GMT
expires: Wed, 01 May 2024 15:17:48 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F3A4 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 569b25e02dcd9275b6dd46bfd1833287f2670730f770153e114dd94bfc6dfbe8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js Show response
pagead2.googlesyndication.com/bg/ Frame 878F 36 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b91400591617ff92c9fc737a11b29e3a82e22403987b29811432e1b700371e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 20:12:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 502235
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14118
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Apr 2024 20:12:29 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F3A4 0
19 B 83ms
82ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CRUXFhi9RZMb4LMjVtwe_uIOQD52T65xw_cWQ6p4R6aDC098VEAEgoZCCLmCV4pCCoAegAfKj-t4DyAEDqQK4Sb-1M2eyPqgDAcgDyQSqBMQBT9BjExDPIYvabHVNMXEVYdyXHlvzrXttuHwT0jp6j_oDh8rapn4prSB7UhZIAmthQpejAKvFqa0Ti_pnlqEeXmR7jq5uGvWx0ieCM2B8W2Sb62GO2P4vFCzOK_rN0RUik3D6VZyEAe3MV3pwcH-JnrEM1fjwGwITVhU0OEMkpUb54M9aGbPjL2l4i1zwhvk3rujWDvnTsjE5ArCinn55oPAfwwBEUnSeoIfYK9jTWZyFtHA2n2MbIO8-SzQCiSVN6qJC2cAEr7S3yKQEkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgOAB-KZqx2oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDXwQLSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi04MDQ2Mjc1NTU1Njc0NzM3GAA&sigh=3cy5q3oxFfE&uach_m=[UACH]&cid=CAQSGwBygQiD6GUGKRzrP4EMfzwbtr-SzTMFjhZUHBgB&vis=1

Requested by

Host: showbizstar.ru
URL: http://showbizstar.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 02 May 2023 15:43:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js Show response
pagead2.googlesyndication.com/bg/ Frame 3B19 36 KB
14 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b91400591617ff92c9fc737a11b29e3a82e22403987b29811432e1b700371e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 20:12:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 502235
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14118
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Apr 2024 20:12:29 GMT

GET
H3 200 aulus-728x90-DE.html Show response
s0.2mdn.net/sadbundle/11207411921136063200/ Frame 8BAD 6 KB
2 KB 128ms
41ms Document
text/html 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11207411921136063200/aulus-728x90-DE.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf5a32878407b7e1f4fae574fdd255f300dd3002c7cc3561b4d5b03df1edb5b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 234195
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2378
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 29 Apr 2023 22:39:49 GMT
expires: Sun, 28 Apr 2024 22:39:49 GMT
last-modified: Tue, 11 Apr 2023 12:03:09 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame FF05 0
0 198ms
87ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssx-5BfsSJJyPEPswM90wiKvEi6_EuILB_qI8RtOF6RuzkpbEHuErsYKUVd_RY05hMeNUoClOtkxtjr2m_A7EG_5jw5o4aP87DRgP8q1YDAl4ZCmURlA53L0lAF3MjMWxq4WfK2knnQpTpvRAYCT9rTu9ZedfYLBLMFMf7qxyQxjnzmXmSM2cSpDeKv-c1cTjxEmahwzf7OjqRehUg_LDUkPCvo5OHMO39kkTF_gUgQqbMSLIySJfl7-mLijkTgqoESi6ttUMkCg5--taPCa3hnwRdSb174PiOCzOuLEhBWKUKTFmqd1MhkpPbWlp8kvEuDy031P52D9WSoK3jSmCkKnXJOEL4rDPDeQifSCOb5gvF3hVlGi9WyhMUwBZ9oRyfC8dAWRIXYQu7HWyUrLuJwoOaxIHWBqnbhFJd7DnIx00GptbXzhnh56nXyTaQIjSecAzQz4kAO-wKALAkB88EKlrXeWiyki14eAkyAJ5KR0q1uvUdnp6tFCFer6-KjKCgQGpBdXL_s9R7OoXCF4AxQS82SggixtuFi_MJvGSx_sJadoE7Fdl1Ha4QOkU-P_wzG1TOH3KlIK9AGEphu7rA5AmZAk9ZPqbIzF9i3uLIpoiTauvVXolZwdaLiR7O1ezYZj7rdfSlQHI3RmlbXLl58dNw0m8oNKnO7sNcWbHOuT7zaem6ep7PKo7NCZ9O64J_YQ8tTgA33SGUXGFjxBnscZ3K6xUaiVAkm_KEvQBvr9NGsQgSrflfAYTRAqxO-c_r_0ApwKKwGhdXDAlzwTC0z5Dqitrw_DSSRziiz1ixkS-9XS3-6byQ6InayNPR4vTje3fWKBbWxEgyJy10O7CTrf5BdN3_z-47ZDrV6czKdL7MAGRJW2EoCsvPVMyw_yuN7uM_xcwi501kb614sXvl0Qa-ZQhFPItOIFTRqXm09XyNVUQ5ldsDq2momvmvCiMkDqYkBCaMeLbWKgv94wu_IDaIhJJTQzL9fTbqUIbJG_75hAbfAKadIT-Y5OqHMe4yBlf_CBS9QhlPgPr8qiwfdninUa6FTGyQCkoXBv9MoER6K5PXTorwvW14WpcQCNommpGcnNersI49atUlRKTPO9L3fHyWMjG7Iek5BuDgXf9OWr5zUCCS_7bbQT9Im4mMA81Rn_H_KynifsBhrzhH-JF2EwaPLUgZivps&sai=AMfl-YSufXheqaDiQ-A0VpiTMNI4Exs0cl2k2lxWkqvqzVBeZsn3tiSFR0C70S9CAUa89aAIHxl6GSmAAj40fsT6gwnYwczpBR4vIyVjApvhRMG5HIfcc2kni62oUwdPKOTWDVtTdVj1YbTa-IXS1M7xHPJzBs1yHZozKCLhSzCIP-VImoCGx6g&sig=Cg0ArKJSzBCsSjUkxfQuEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=179&cbvp=1&cstd=174&cisv=r20230426.73527&arae=0&ftch=1&adurl=

Requested by

Host: showbizstar.ru
URL: http://showbizstar.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 02 May 2023 15:43:04 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 02 May 2023 15:43:04 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 5995 0
127 B 15ms
15ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 02 May 2023 15:43:04 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 8BAD 236 KB
63 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11207411921136063200/aulus-728x90-DE.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11207411921136063200/aulus-728x90-DE.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:43:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 02 May 2023 15:43:04 GMT

GET
H3 200 aulus-728x90-DE.js Show response
s0.2mdn.net/sadbundle/11207411921136063200/ Frame 8BAD 142 KB
14 KB 40ms
39ms Script
application/x-javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11207411921136063200/aulus-728x90-DE.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11207411921136063200/aulus-728x90-DE.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8126a786b178c58984fe63249ce3fabaa0236797990fe6f75082bc49c9dcb0d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11207411921136063200/aulus-728x90-DE.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 16:41:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 514881
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14409
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 12:03:09 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 25 Apr 2024 16:41:43 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 696F 42 B
64 B 218ms
139ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssYM3qRP2-_Zs8E2h1D0JGKf4TPv-QQMPaL-5MtF3AhNh2-x16FBH91PIeP2UJz45JjdNJ-OKsfE0z3WAIFZmHHwSY&sig=Cg0ArKJSzKlLsgUMXkXkEAE&id=lidar2&mcvt=1015&p=0,0,280,1090&mtos=1015,1015,1015,1015,1015&tos=1015,0,0,0,0&v=20230501&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3079527149&rs=2&la=1&cr=0&vs=4&r=v&rst=1683042182716&rpt=665&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 May 2023 15:43:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3B19 0
20 B 150ms
147ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BIcqPiC9RZNsTxPPfA_Dcm-gNAAAAADgB4AQC&bg=!eHuley_NAAb9Sbh13Uk7ADkAdvg8Wutpk2GYqBqQVh87F_ErLNj2ktn50izH4rZj6HcGEtAtr5OFUuRnGHrfG-2yDXRghyZSRTYCAAAAcFIAAAAJaAEHmQM396aOJ2jOr3xxqJdGOiW7BKgKAQ2hAfvghbyo93cBWYuksGAz0uhDQHgtMt7Ns9VC7HpdtNEzXxkUKTqlHVgRTpVMtom4TcP59-DG0mTKtNVIec7g5UB7zPAJFuc0AeOt1JwwOKMjdzmr41W2pXuG8O2SRuMru5rNE_lyf-kUC4XLAFei2qYJkpeA4XAK2gwLKA6tb02MWykxGR99rQqUa_BfPOYyVlTk98DJqYk64AaSpar659OHkXjrtK7NSDC2xFSv_XeRu5gKs3tmNvWFixusSIwFQJY-4J87T1acCsvU6delMwjkyywItnc0JhFboVGIMk_3I6d6lc2BU2r7hGvZjwLiyUQQiIUbX3i2QH2JanMnO7E5FEr7tBE5jggKzy0rbYOfMaLSENhlahvPI4HJd5fgNthhaXpgIx6P3TqMVJT8QEA8qO_xnofIHhhb9uzKF7eKM9CO8VWkh4YNi6qiNOd9F3gMpjgfZP4kYTSYRIGxXzIG46DiluTF3I1NjiYM_3quOQ3UDXgzNu4-2mMf8C3x9BCN4W2zalteKWTtk3kYDZ1QCH9sLz2MlC7iZb1EDssqTAjf3WR-LqDxHaVumq8UPdnpb7YYmGR5sKsOeJy2lAPOHof6mUy84u9IYl-qOUN3jpIkPzmOtAzjq_LgjmCPmueq89HKPJz51XFO9MEh_gljGngOlpW6_V-WI0wTp4IHBVGojHktGDtqPh3ml4ojXizGGK-xx9CmmXk9O2qvG5EmzLwycVteUgWesdnIkvqmc4zyeRh69b-7y2c6CA-CC3t6a8iv9ZYeKouL7VR88oSnFNJkhfsvNgSb0-rvWcVMs6Eo5OLZBwADXXGWUzm9k2un8SJPV1SGNd7kySXWkd8zAeeL1H9Gf3NHUsuBRJ4FcpJLKMqo3SIkbqx0MnaO5CCxXjrW5ueX4ybPHLQeHLfGZJCOB8b2JQgvkf3mPRZFtykyndCKPCOSLZqIKEQ1n0t-x6U0Q2LyodrscFWDlpocbk3zQjdO8Z8i7QtdeBh1f8oJo3RMP4fcIKTME-73MaMfIEorgKx2549yLQb4N22h1I8zk67vpauYBivvHjkbXw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 May 2023 15:43:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 aulus_728x90_DE_atlas_1.jpg
s0.2mdn.net/sadbundle/11207411921136063200/images/ Frame 8BAD 2 MB
2 MB 42ms
41ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11207411921136063200/images/aulus_728x90_DE_atlas_1.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1c57474d88bc77066cc29ddbaaa5e853c3dc5e4892ab6cfe64ec36be3058389

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11207411921136063200/aulus-728x90-DE.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 22:31:26 GMT
x-content-type-options: nosniff
age: 234698
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2173118
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 12:03:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 28 Apr 2024 22:31:26 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame FF05 0
0 76ms
75ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssx-5BfsSJJyPEPswM90wiKvEi6_EuILB_qI8RtOF6RuzkpbEHuErsYKUVd_RY05hMeNUoClOtkxtjr2m_A7EG_5jw5o4aP87DRgP8q1YDAl4ZCmURlA53L0lAF3MjMWxq4WfK2knnQpTpvRAYCT9rTu9ZedfYLBLMFMf7qxyQxjnzmXmSM2cSpDeKv-c1cTjxEmahwzf7OjqRehUg_LDUkPCvo5OHMO39kkTF_gUgQqbMSLIySJfl7-mLijkTgqoESi6ttUMkCg5--taPCa3hnwRdSb174PiOCzOuLEhBWKUKTFmqd1MhkpPbWlp8kvEuDy031P52D9WSoK3jSmCkKnXJOEL4rDPDeQifSCOb5gvF3hVlGi9WyhMUwBZ9oRyfC8dAWRIXYQu7HWyUrLuJwoOaxIHWBqnbhFJd7DnIx00GptbXzhnh56nXyTaQIjSecAzQz4kAO-wKALAkB88EKlrXeWiyki14eAkyAJ5KR0q1uvUdnp6tFCFer6-KjKCgQGpBdXL_s9R7OoXCF4AxQS82SggixtuFi_MJvGSx_sJadoE7Fdl1Ha4QOkU-P_wzG1TOH3KlIK9AGEphu7rA5AmZAk9ZPqbIzF9i3uLIpoiTauvVXolZwdaLiR7O1ezYZj7rdfSlQHI3RmlbXLl58dNw0m8oNKnO7sNcWbHOuT7zaem6ep7PKo7NCZ9O64J_YQ8tTgA33SGUXGFjxBnscZ3K6xUaiVAkm_KEvQBvr9NGsQgSrflfAYTRAqxO-c_r_0ApwKKwGhdXDAlzwTC0z5Dqitrw_DSSRziiz1ixkS-9XS3-6byQ6InayNPR4vTje3fWKBbWxEgyJy10O7CTrf5BdN3_z-47ZDrV6czKdL7MAGRJW2EoCsvPVMyw_yuN7uM_xcwi501kb614sXvl0Qa-ZQhFPItOIFTRqXm09XyNVUQ5ldsDq2momvmvCiMkDqYkBCaMeLbWKgv94wu_IDaIhJJTQzL9fTbqUIbJG_75hAbfAKadIT-Y5OqHMe4yBlf_CBS9QhlPgPr8qiwfdninUa6FTGyQCkoXBv9MoER6K5PXTorwvW14WpcQCNommpGcnNersI49atUlRKTPO9L3fHyWMjG7Iek5BuDgXf9OWr5zUCCS_7bbQT9Im4mMA81Rn_H_KynifsBhrzhH-JF2EwaPLUgZivps&sai=AMfl-YSufXheqaDiQ-A0VpiTMNI4Exs0cl2k2lxWkqvqzVBeZsn3tiSFR0C70S9CAUa89aAIHxl6GSmAAj40fsT6gwnYwczpBR4vIyVjApvhRMG5HIfcc2kni62oUwdPKOTWDVtTdVj1YbTa-IXS1M7xHPJzBs1yHZozKCLhSzCIP-VImoCGx6g&sig=Cg0ArKJSzBCsSjUkxfQuEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=436&vt=11&dtpt=257&dett=3&cstd=174&cisv=r20230426.73527&arae=0&ftch=1&adurl=

Requested by

Host: showbizstar.ru
URL: http://showbizstar.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:43:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 02 May 2023 15:43:04 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 87ms
87ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230426&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdcee888032df2709f5e05a19b50a097665b34f0c9e8d5efa01f8ddf89af0fc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizstar.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:43:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11120
x-xss-protection: 0

GET
H2 200 %D0%BC%D0%B5%D0%BD%D1%8C%D1%88%D0%B8%D0%BA%D0%BE%D0%B23-330x140.jpg
showbizstar.ru/wp-content/uploads/2021/07/ 8 KB
8 KB 56ms
56ms Image
image/jpeg 87.236.16.118
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://showbizstar.ru/wp-content/uploads/2021/07/%D0%BC%D0%B5%D0%BD%D1%8C%D1%88%D0%B8%D0%BA%D0%BE%D0%B23-330x140.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.118 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.oscar1.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: f452f43e94619df02e38ca31500f265641541e9a06c89f3e0485cba8dd0035e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizstar.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:43:04 GMT
last-modified: Mon, 12 Jul 2021 15:05:19 GMT
server: nginx-reuseport/1.21.1
etag: "60ec5a2f-209a"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8346
expires: Thu, 01 Jun 2023 15:43:04 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizstar.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:43:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 02 May 2023 15:43:04 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D222 13 KB
5 KB 39ms
38ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://showbizstar.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1838
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 02 May 2023 15:12:26 GMT
expires: Wed, 01 May 2024 15:12:26 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8DD4 783 B
969 B 49ms
47ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

53e897e8d232c0aae8eed18b047f1fed63ce70f3a886ae36682712ea2898befb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jquAAcU1vkebrzaZ90hi5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://showbizstar.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-jquAAcU1vkebrzaZ90hi5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 02 May 2023 15:43:04 GMT
expires: Tue, 02 May 2023 15:43:04 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js Show response
pagead2.googlesyndication.com/bg/ Frame D222 36 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b91400591617ff92c9fc737a11b29e3a82e22403987b29811432e1b700371e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 20:12:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 502235
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14118
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Apr 2024 20:12:29 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8DD4 0
0 139ms
138ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230426&jk=3649869842442817&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H2 200 Kendall-Jenner-3-330x140.jpg
showbizstar.ru/wp-content/uploads/2023/05/ 11 KB
11 KB 57ms
56ms Image
image/jpeg 87.236.16.118
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://showbizstar.ru/wp-content/uploads/2023/05/Kendall-Jenner-3-330x140.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.118 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.oscar1.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 40e10f5100459ee5b1152009e90b790d5481b3c4e229f7012fecff548060ec97

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizstar.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:43:04 GMT
last-modified: Tue, 02 May 2023 10:57:05 GMT
server: nginx-reuseport/1.21.1
etag: "6450ec81-2d12"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11538
expires: Thu, 01 Jun 2023 15:43:04 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D222 0
10 B 39ms
38ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?mcqPbw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:43:04 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F3A4 42 B
64 B 144ms
144ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuliKPRJ2gf0hfCftxZmUijPkcpdEpSHgsNi1wSplMONHNKTAH-3ag-7yrw65tx_oQaLesmU85N8b5tVC70G-iKm7GB4kDuoHDrEJ4maGs7dQyZaJo3C-fRVoRwucaBRm_OKSoWFA&sai=AMfl-YQt1UxMrkViaqioS1B_bfXvHFB-xrMKHw818EnppeHiry1CGwoTnEPwHOiHfRrEl7Il59W5qj1SXvMw&sig=Cg0ArKJSzLpi9nrwhzL1EAE&cid=CAQSGwBygQiD6GUGKRzrP4EMfzwbtr-SzTMFjhZUHBgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230501&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271804&rs=2&la=0&cr=0&vs=4&r=v&rst=1683042183660&rpt=302&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 May 2023 15:43:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FF05 42 B
64 B 142ms
141ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstA5TXyjnHBb9GIF-6gbw5IqeSc1vdWMWxJUFKEh-BsPeiqv6LAfItXdqsYge8lKv0955WQEa5sBGbcx8YL4XDu9yN6p0LpbQmF0FLYMia9RhIQc9ARS_ZPbnFE&sai=AMfl-YQhoX5cF9yn_rfTjd3jGI7qqeB6ULWzyCUweSfz8Q2VfydN4THOUIE3mgiG42g7x858cpbiVxX0BX9q&sig=Cg0ArKJSzFCrG0Chdo3JEAE&cid=CAQSGwBygQiD6GUGKRzrP4EMfzwbtr-SzTMFjhZUHBgB&id=lidar2&mcvt=1002&p=0,0,90,728&mtos=570,1002,1002,1002,1002&tos=570,432,0,0,0&v=20230501&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1683042183788&rpt=434&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 May 2023 15:43:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 145ms
144ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230426&jk=3649869842442817&bg=!SkmlSR3NAAb9Sbh13Uk7ADkAdvg8WpVpNY3vafyLsen4PzOmXlwJ73ehI9yGdOR-0EXLjvPxdk6gMcpflYZHBKIHpJbMSqY0Z3ACAAAAn1IAAAACaAEHmQLY01MuhBK86JdYv0IH9rHNQpPxzBQrdxauPkXiBaQKnb_518B-s54qe5yKu8IjP4rqWypck4Ozjrq2WK7cxocIePo163y4soNxgF4Ra2_tombsshK_cTBSFHUXZNzX8G-K3k1MLA3PKWgru7mjKzkYSv1wDai5uzhBrgdCOH7F3GDhgXbgO1b6QGs4cfqVN4gz5Hj8Zu94zOyONay2eISEa2LAq1sl0WLB7LDwm5so5fk5uNevTJpUpFA39acAh4BBIdDlKMgJFU4b7hBwQomXmIn9RhNFkDoSHBr26T8bjT5b84qDruhT2Lt74Gxf9DWv2nEyEad5OhUEQIxR5w24i5Z0uR8a8SIjfvrIVeWJhYa6ENZp1wQPRg4F2t343DaSbkRbXN9WHOQ7iS-bfvruHD3a8smxgAeWp4CO44gsfXMuYDBaWGf1gQajRDEmpqZrtpqo7dXmxuGhe9SVr3PD8L78WHcnRsQmATlwWUj5nZeY77n8gFcAWYjqNgSTJsV01yZ-ePx3Q5reQa-V3HEgiIApPsR11yK4cxulAVpwhFYedOPXIo2I3dKmLTdTBkraHp119FgMzwulMOhdvk21mP1TSmtuNZ0wODQmo7TD_o3peB51AV2r6tB2y5JnYDz641gsnxMT2CGLSjIMDzxXP9h_Yl2JX-A9YvEM21fHG-ebbKtGuhFMarYD7g6FsjsW6tVCjr23utURl-6cSFB2vEvfIvxh6abutBNW7TC46q8qunEx7VqtdikXgXLpDYSpDI-medUTsjRXYUOJNXcTet0vcyc3e8p31xuXyBe3hUz0L-D59jfLhbcvAOll0UK8_Om5cWe1bXFnWHzKprq0juDjVk2bjrnlFZKfAneesLO0R3ubH9062PLCERyvpNcLdbdWKQpSShAuThM842IqmcWN7IqbsrzTLn_mpMe3deEij8oPuucmVq3mk4ji3f4N_MeQ2fCcJ5M
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizstar.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FF05 0
20 B 139ms
139ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3397626113560&version=m202301230201&ct=119&x=1&cor=7146452841508733000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 May 2023 15:43:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.showbizstar.ru/	1970-01-20 21:06:42	Name: _ga_WN83Y015T5 Value: GS1.1.1683042182.1.0.1683042182.0.0.0
.showbizstar.ru/	1970-01-20 21:06:42	Name: _ga Value: GA1.2.1354988519.1683042183
.showbizstar.ru/	1970-01-20 11:32:08	Name: _gid Value: GA1.2.928805372.1683042183
.showbizstar.ru/	1970-01-20 11:30:42	Name: _gat_gtag_UA_200606446_1 Value: 1
.showbizstar.ru/	1970-01-20 20:52:18	Name: __gads Value: ID=eab98f321305df44-227214fab7dd00c0:T=1683042182:RT=1683042182:S=ALNI_MZwonmplgMuDsjysrG9KqqocZn1-A
.showbizstar.ru/	1970-01-20 20:52:18	Name: __gpi Value: UID=00000bf4e48886e1:T=1683042182:RT=1683042182:S=ALNI_MZhxAPZZC8GON3e-5E2BUyLYOmqxw
.doubleclick.net/	1970-01-20 20:52:18	Name: IDE Value: AHWqTUngRJ0yjA5RA0nsUbMlgycIgezTZp4t13u-Re_8bl7a1f6ybnUrDVN4D-c9wkM
.casalemedia.com/	1970-01-20 20:16:18	Name: CMID Value: ZFEvh.12LSE9NPxVh5auCgAA
.casalemedia.com/	1970-01-20 13:40:18	Name: CMPS Value: 5201
.casalemedia.com/	1970-01-20 13:40:18	Name: CMPRO Value: 5201
.adnxs.com/	1970-01-20 13:40:18	Name: uuid2 Value: 1143092965831524129
.adnxs.com/	1970-01-20 13:40:18	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C$GCky=0!@wnfH8K6pQK`!5=E<L5?%KNkChA^f@bXnh-L0a5d-U1`HP2@A1sYUS`]!%nugO%v4VB%nlFD)c^q$
.doubleclick.net/	1970-01-20 11:30:45	Name: DSID Value: NO_DATA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8046275555674737&output=html&h=280&slotname=7341133236&adk=3079527149&adf=232494035&pi=t.ma~as.7341133236&w=1090&fwrn=4&fwrnh=100&lmt=1683042182&rafmt=1&format=1090x280&url=http%3A%2F%2Fshowbizstar.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1683042182453&bpp=2&bdt=450&idt=258&shv=r20230426&mjsv=m202304260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=913133703214&frm=20&pv=1&ga_vid=1354988519.1683042183&ga_sid=1683042183&ga_hid=1240913754&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=255&ady=199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44773809%2C44759842%2C44759927%2C44759876%2C44788441%2C44789761%2C44790154&oid=2&pvsid=3649869842442817&tmod=1750032204&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=iSrOsXr4vD&p=http%3A//showbizstar.ru&dtd=262 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.com
adservice.google.de
cat.nl3.eu.criteo.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
csm.eu.criteo.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
imageproxy.eu.criteo.net
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
rtb.fr3.eu.criteo.com
s0.2mdn.net
showbizstar.ru
static.criteo.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.250.185.130
142.250.186.34
178.250.1.6
185.80.39.216
185.89.210.180
2001:4860:4802:32::36
2606:4700::6811:190e
2a00:1450:4001:800::2004
2a00:1450:4001:803::2003
2a00:1450:4001:806::2002
2a00:1450:4001:806::2008
2a00:1450:4001:810::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::2002
2a00:1450:4001:827::2006
2a00:1450:4001:827::200a
2a00:1450:4001:828::2001
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2002
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:d::2
2a02:2638:d::c
87.236.16.118
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09df6a6552e9ec0a635e7122ccc7d4c99ae36176c1c84ed34bda715ce29b0695
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b91400591617ff92c9fc737a11b29e3a82e22403987b29811432e1b700371e9
108d4173838f9a382cf7d7f380bc034375ad25d28ca4e5ff0e25898c21a29030
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14c77f954be37da1e7fba8efd1279e7ece7e384d33b8375d6e6a1ce013daaf47
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19e108654cdad8d8c68a56b51a36b7412d0f1a5b3062d8f0dcef455e193fa324
1f63d37176e96d3a8468c7664a0a72d314f934c075bdf5c9d0eaa04a94bb94a6
21b54f30b2790a8254cb82b3b32645dfb5c6c7dd669767c62ce2d26e07301de7
251401c02761c0d8df753e9afaeedbacb107a74a57728aa5116044dc8bf4e79a
28f403366c2c520bfff7d5a0883f1d53e1e87ba1c8202f3f29e6395a0b66806d
29aab4e8ef36ac96b31bfdc7625207d595e2e0eb03dafe40c8beea0f58faae4e
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2cf2901ad1e74d326075770da72eb99ec5d628dbe603d13a296c79021c6f1965
2d8b6b74824a19961f715e79bb50029065b1aa5c81428e5b47fd1ccc854a477f
3064985f885077e29c807522c002a661513396d58bdc3c1d4f21052812326d85
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34566586b3286863c27e440e6f4a3c996f81ce53ba7eac835ae73ef537c66d96
3e34a2ad74039bbe3d9878c92bef7d872fdef7b72d3d37123ea452f6cc70b546
400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02
40e10f5100459ee5b1152009e90b790d5481b3c4e229f7012fecff548060ec97
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
46eb2c66cea96d8f2ff202f45b92c2590b4a98fc32b7a8c13d9ff7caddc29b8d
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c6d0852e50ee0a548650e749858af9b0e5154a463f5c0e60839efb931e8dc45
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53e897e8d232c0aae8eed18b047f1fed63ce70f3a886ae36682712ea2898befb
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
569b25e02dcd9275b6dd46bfd1833287f2670730f770153e114dd94bfc6dfbe8
5f9376c77618bf0ef43bcabf8228c9e2befde3731087b944e140a88c34066873
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64d219084b8cb14eb52e6081812e02d005a0f38830ef66f4f754319995913703
67269c188734c4a76b48b8b1d99901bfd340ae4af7293c6516cad1ac2bc62362
68babdfc4950d6f622a966498dbe69a5d2c99665f0388af533848f4f7c165cb4
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c229d6173666048f0654945567c56d6d159e3ec383b914c220ff68d26d8fdbc
6e64c296ec03016c7f655e77f99d655a71e2e98a4dc3613774c2a92fac79b77b
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72b32ba1353f8afe9c76396d3f7693e2b88e03a42193df47eccb62d775647e31
750d70bfb8a9982b827656699387de0b63da65b2e9a247768005d9775bad42b8
766c3d2bef584e25a10c0268e288ed28a8dc689351782db792a246e3a7c35d05
77a44f65bb6894c92e3c7ccab98de0fc357172221cc1dd45949ab938c0c7756a
7ad5a67597b873ba56a2f16364ac27d3626339da13749059f44cfc62d17e01a6
8126a786b178c58984fe63249ce3fabaa0236797990fe6f75082bc49c9dcb0d2
81f5a03e1b49cbe1692501481bd08328870b21f448be669a04666ae2a6c96855
846498b01abdb8f4be4e0806ff5144ca647e1ab278c570af13ffc9dafa345068
86423a6ca95e0453e3411953509af199ad1504fb91cc13b567021e7abeed683c
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f99bc8844fcea57f0e84019376b273077e20f295ef256612ea557d3a6f2cd51
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
9ea027ac2c8047e44a569d1625acb59c1e4f25a484de0bbd053ef1eb5d490f96
9ecf36623d7ae48b3b1dda4f4d66966a2f062e2b754fd79d0fa63f8898947837
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0034a8a0b3a99a5eec395ba97f4af69bb4dc4e0b560663cccea314501f9ac2a
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a440695e0a007d2ca741bbae89df69d572544c20f3da597531c42b4a856474d9
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a69c12ccd186a899db79fce802b46c08e71f69c2c422be2666ed8565e3add026
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a81d25118c6f7d835e9ca132b995b8aca46e3575ee4ab2136ab96ac8d5e4688b
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
aa58f33f239a0fb02f5c7a6c45c043d7a9ac9a093335806694ecd6d4edc0d6a8
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
ba50339919a90068858c8ef567edba5d9e31a0572f1a818fad26c6300b52610c
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bdcee888032df2709f5e05a19b50a097665b34f0c9e8d5efa01f8ddf89af0fc7
bdeaf8670e736c57d2205cf898e02ad5bd71320a3c0dc0fb6676d12033b61db7
bf5a32878407b7e1f4fae574fdd255f300dd3002c7cc3561b4d5b03df1edb5b3
c1c57474d88bc77066cc29ddbaaa5e853c3dc5e4892ab6cfe64ec36be3058389
c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
d47a786c6b9e0f114e0ff0c92a8ff81d27d822447e41279494336c84560ea675
d509c6a9542e235d1451c1215f69357c70dc358c33dab1f92ea929d19edc9829
d60d4a9508ed8edf15bde82fee4869abfa7d5f12671cdd002a7630304068d6c5
d627d5f88f86813c582ecb5622da7243ab3327ebf83db188fd5211643ca5e6a8
d69525c9d86a15cbe0863330ce2f39ede18ab33fd593117cc7955fa3a899d083
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d9d7a127e58c45ac16c95f2635500671e9b93bd932361f0dedeb085354d2d422
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
dcef0a2eb37a3d8e32ddf11f664b3375a06980cf33792aa7bfb798b15cb646d1
ddccbab392901d3cf7568f12976be1a9843afec38283c7d77c1f711eb4f8fc83
dfce7661990990ec6c1d5b9fc81ff67472dc95e685198a2a02d3d775d90ea75e
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e448f424e7e314ecb9ea1b1bf0e3337b6c7441886c563f7e98ea7da0a233e54d
e7ac8c213a39acac1c68e7764de0275c26a2ef93eab2ef8c91f542d65c230cfb
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e911424c07e0ce6aaaa9a92dbb80599bd7907400f1d42b990551c2fda16926ba
ec81013fada9e239bb9d91316ba5cdfffaf0f7a1ea4220ae81c271db75b71a5a
ed5b054b3d1d550e89618cfea32ea7d54d7b9b5cdb3294c77232fa3383a47c8d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f452f43e94619df02e38ca31500f265641541e9a06c89f3e0485cba8dd0035e5
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f64f60b60f581caadfa1cf9b012ca732c4f4a24c8475027e7b7a225f20ce4278
f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fbf413da8be4e1bf8fb4cb0f4e7d667ff0b7fe2bfeaca31d91205520a5111cad

showbizstar.ru Open in urlscan Pro 87.236.16.118 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

158 Requests

88 %HTTPS

77 %IPv6

17 Domains

27 Subdomains

27 IPs

5 Countries

4762 kBTransfer

7767 kBSize

13 Cookies

0 Outgoing links

Redirected requests

158 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

showbizstar.ru Open in urlscan Pro
87.236.16.118 Public Scan

Screenshot
Live screenshot

Full Image

158
Requests

88 %
HTTPS

77 %
IPv6

17
Domains

27
Subdomains

27
IPs

5
Countries

4762 kB
Transfer

7767 kB
Size

13
Cookies

158 HTTP transactions
10 data transactions