URL: http://showbizstar.ru/
Submission: On May 02 via api from US — Scanned from DE

Summary

This website contacted 27 IPs in 5 countries across 17 domains to perform 158 HTTP transactions. The main IP is 87.236.16.118, located in Russian Federation and belongs to BEGET-AS, RU. The main domain is showbizstar.ru.
This is the only time showbizstar.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
31 87.236.16.118 198610 (BEGET-AS)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
22 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:d::c 44788 (ASN-CRITE...)
2 2a02:2638:3::12 44788 (ASN-CRITE...)
21 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
21 2a02:2638:d::2 44788 (ASN-CRITE...)
2 178.250.1.6 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a02:2638:3::10 44788 (ASN-CRITE...)
3 2a02:2638:3::1a 44788 (ASN-CRITE...)
3 4 142.250.186.34 15169 (GOOGLE)
2 4 185.80.39.216 27381 (CASALE-MEDIA)
3 4 185.89.210.180 29990 (ASN-APPNEX)
1 2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 142.250.185.130 15169 (GOOGLE)
158 27
Apex Domain
Subdomains
Transfer
43 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 129
tpc.googlesyndication.com — Cisco Umbrella Rank: 177
617 KB
31 showbizstar.ru
showbizstar.ru
939 KB
28 criteo.net
static.criteo.net — Cisco Umbrella Rank: 763
imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9652
csm.eu.criteo.net — Cisco Umbrella Rank: 6433
214 KB
20 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 67
cm.g.doubleclick.net — Cisco Umbrella Rank: 313
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 394
142 KB
6 gstatic.com
fonts.gstatic.com
www.gstatic.com
93 KB
5 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 373
2 MB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 238
245 KB
5 criteo.com
rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 13760
ads.eu.criteo.com — Cisco Umbrella Rank: 6413
cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 8248
102 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 319
4 KB
4 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 876
3 KB
4 google.com
adservice.google.com — Cisco Umbrella Rank: 130
www.google.com — Cisco Umbrella Rank: 16
2 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 91
region1.google-analytics.com — Cisco Umbrella Rank: 1718
21 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 344
10 KB
2 google.de
adservice.google.de — Cisco Umbrella Rank: 5261
696 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
133 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 119
2 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1132
608 B
158 17
Domain Requested by
31 showbizstar.ru showbizstar.ru
22 pagead2.googlesyndication.com showbizstar.ru
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
21 static.criteo.net ads.eu.criteo.com
cdnjs.cloudflare.com
static.criteo.net
21 tpc.googlesyndication.com googleads.g.doubleclick.net
showbizstar.ru
tpc.googlesyndication.com
pagead2.googlesyndication.com
14 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
showbizstar.ru
5 s0.2mdn.net showbizstar.ru
s0.2mdn.net
googleads.g.doubleclick.net
5 www.googletagservices.com googleads.g.doubleclick.net
showbizstar.ru
5 fonts.gstatic.com fonts.googleapis.com
4 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
4 imageproxy.eu.criteo.net ads.eu.criteo.com
3 csm.eu.criteo.net ads.eu.criteo.com
2 googleads4.g.doubleclick.net showbizstar.ru
2 www.google.com 1 redirects tpc.googlesyndication.com
2 cdnjs.cloudflare.com ads.eu.criteo.com
2 cat.nl3.eu.criteo.com ads.eu.criteo.com
2 ads.eu.criteo.com googleads.g.doubleclick.net
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com showbizstar.ru
www.googletagmanager.com
2 fonts.googleapis.com showbizstar.ru
googleads.g.doubleclick.net
1 www.gstatic.com googleads.g.doubleclick.net
1 rtb.fr3.eu.criteo.com googleads.g.doubleclick.net
1 partner.googleadservices.com pagead2.googlesyndication.com
1 region1.google-analytics.com www.googletagmanager.com
158 27

This site contains no links.

Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1C3
2023-04-03 -
2023-06-26
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-04-03 -
2023-06-26
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-04-03 -
2023-06-26
3 months crt.sh
showbizstar.ru
R3
2023-04-16 -
2023-07-15
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-04-03 -
2023-06-26
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2023-04-03 -
2023-06-26
3 months crt.sh
*.google.de
GTS CA 1C3
2023-04-03 -
2023-06-26
3 months crt.sh
*.google.com
GTS CA 1C3
2023-04-03 -
2023-06-26
3 months crt.sh
*.fr3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-03-22 -
2023-06-25
3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-03-04 -
2023-06-04
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-04-03 -
2023-06-26
3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-03-24 -
2023-06-18
3 months crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-03-14 -
2023-06-09
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-08-03 -
2023-08-02
a year crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-03-26 -
2023-06-29
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2023-04-03 -
2023-06-26
3 months crt.sh
www.google.com
GTS CA 1C3
2023-04-03 -
2023-06-26
3 months crt.sh

This page contains 19 frames:

Primary Page: http://showbizstar.ru/
Frame ID: E025B8A3E4A414F281B4A922ABB8243B
Requests: 56 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20190131/zrt_lookup.html
Frame ID: 0EE62C34157627130277DE45BEDF5A7A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8046275555674737&output=html&adk=1812271804&adf=3025194257&lmt=1683042182&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=http%3A%2F%2Fshowbizstar.ru%2F&ea=0&pra=5&wgl=1&dt=1683042182450&bpp=3&bdt=447&idt=195&shv=r20230426&mjsv=m202304260101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=913133703214&frm=20&pv=2&ga_vid=1354988519.1683042183&ga_sid=1683042183&ga_hid=1240913754&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44773809%2C44759842%2C44759927%2C44759876%2C44788441%2C44789761%2C44790154&oid=2&pvsid=3649869842442817&tmod=1750032204&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=256
Frame ID: AE040C8979570E6227E02A77CEC0C140
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8046275555674737&output=html&h=280&slotname=7341133236&adk=3079527149&adf=232494035&pi=t.ma~as.7341133236&w=1090&fwrn=4&fwrnh=100&lmt=1683042182&rafmt=1&format=1090x280&url=http%3A%2F%2Fshowbizstar.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1683042182453&bpp=2&bdt=450&idt=258&shv=r20230426&mjsv=m202304260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=913133703214&frm=20&pv=1&ga_vid=1354988519.1683042183&ga_sid=1683042183&ga_hid=1240913754&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=255&ady=199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44773809%2C44759842%2C44759927%2C44759876%2C44788441%2C44789761%2C44790154&oid=2&pvsid=3649869842442817&tmod=1750032204&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=iSrOsXr4vD&p=http%3A//showbizstar.ru&dtd=262
Frame ID: 696F7058AFFBAE7971A632A15BA69718
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8046275555674737&output=html&h=600&slotname=2633685742&adk=3568234344&adf=2458861518&pi=t.ma~as.2633685742&w=300&fwrn=4&fwrnh=100&lmt=1683042182&rafmt=1&format=300x600&url=http%3A%2F%2Fshowbizstar.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1683042182455&bpp=1&bdt=452&idt=274&shv=r20230426&mjsv=m202304260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280&nras=1&correlator=913133703214&frm=20&pv=1&ga_vid=1354988519.1683042183&ga_sid=1683042183&ga_hid=1240913754&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1045&ady=3543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44773809%2C44759842%2C44759927%2C44759876%2C44788441%2C44789761%2C44790154&oid=2&pvsid=3649869842442817&tmod=1750032204&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=IfZ7UgshdH&p=http%3A//showbizstar.ru&dtd=277
Frame ID: 5BAB6F6EF976295B1F119100C7B5418B
Requests: 14 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZFEvhgALU3kK7ZaGAA1C8J1sDX67kuyCYlOt6Q&u=%7CcUQNteQ%2BFsPR3eLSQqMwTkSqlG%2BWzMPMMzcsNIWE4zs%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37ds0oDHxEuxeKn7Xrp6ainli_Cmw5dJSudhYAqTqyTVI_Npph_ZNnhbOLEbwPSW-4xKkJuuhPiTYEg4EGTSn7cl0ckksiVKBJ62_coml-HSzG7Uq0bBCT9N56OChMUcdGWUe5RAJPldtXNow-DGp6_Suk0YnJjubu5SxrI0htH_-AS0SbYgKcfE25GbQiYKfcNbQnI9m1GRFDCRs5HywPfOyXVOWH_ngswRmyhEAK_ZBxX9nDpf70qOoJHHSVBfv1Amu9Mx861o0leLSwgW3-P7C6zUkjrdzqJVRbOTDOJfiM7USCfsULS1BzP6XJyABy1AugIWAp8CToeSM5nz2Z1SUiqJFZy7yK5CIKB4b_Rhi1LB2bFViat6UQbboOruKJ7zGm0YpX9pEGkRlG7_qaqDTw76t2CREtedZJhXXYmNndt-blwdPtWIlGp85nFscpmUissbLf_moR4eGIV-bzrE81XGsQBAQysUdIwgzfPvPUGrrARbMKHtrWko71pvTJj-JUCKRLguGKC6uorHZ7haa2YeZ299V06O6ObAj0EbiieVlFAnW6_WI2WrOxR9CGUYy557HyXj0O4kZKMF-upQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeaAChi9RZPmmLYattgfwhbXIAcme0rFczeGS93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODA0NjI3NTU1NTY3NDczN8gBCakCuEm_tTNnsj6oAwGqBL0BT9CnFK4lpXXEAJG-PBoD3RlHE79jkKBzpduKMXwYIK6nTuO1gcR725__qa6wvuZqUHwtAZhOoMZhqX5Pmo_XkxdwC1XanowzjXr_Boez3o5cA13wJ3UEyRqKY09DKWUEbYsm0U6bBAqS1VCCnnduwofw0r9UmWqWjav_YG0YooTgrH1aJ5HoG9fI5nQXybHFDlNAzbpFYRON5iIkatCvWmTiLs8Xugy_oJ8EzIXPJ_krBbC9361w4qIk7A-AgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1fWb83hculzH81oohMekwgcs1dCw%26client%3Dca-pub-8046275555674737%26adurl%3D
Frame ID: 599566B0371171339CC248164126AB9A
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js
Frame ID: AB32ADBA7F9DE765E5453CC935C9E38A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1
Frame ID: A00DE90EF0879771A07AE9CADA9D3C57
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1
Frame ID: F3A41B1BF26039AE9D734190E3ABA85F
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1
Frame ID: EBB0C883D22A957B52961D1D8378A182
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZFEvhgALPEUK7erIAADcP-Z9wJCDX1bmJARyEQ&u=%7CcUQNteQ%2BFsPJGMOu8r3xWqschXUhf91gxSR%2Fcs5bzHE%3D%7C&c1=TEbw32HdmhlTb08vzaRE0-J3aJQULXRb6S19EAZ80X2gBTzv4Dq5xMxb2AiDpyinZYbjjDWoUakywjYenlSNcek6oZZCdZfoDcjY8GnP4pBllRv5p2m4U889pTFlmwvpJ0ZuHwAdZap1qmw8jzxUmNiVQWwBpn8QgDdIySWhf0fuzGumWH5In-PgvAT1R55FVxMkYkS2R39GCFceY94BQXZgV_kSW8f0wBqdfBrZQPLnyLnRw-Qo5f_4pSdY5d2xjPZdoTl6NF0q2RssMlPLhL7UBut5EGL1fx2mo9EP_YrijzDPckfpCcAGPI-CR5Qc2Tjkv4P_uPJSVuyfzmcgeTafi6XTGo0iURXWMaJdUlEVfIT1tA6mKN7j4Q-iVjoXQM_DpjCrBOKSIcl6Ke6aSIt8_qgYW-gsvtAEfpyt0IBuozv30b-G9i_b4_rPFNkPk8szWY8GRLh-kXtxacpn4Bmjsy9N63_XPR9WIGsQmjLgP2U7eiCkf0XL5ohAApGESTkYDFUhSHnxeSXMUljLAo8bDkH8kgmxk3OBXUueuLXYE-9LZoeDATCtvFUu37HYd0m34PtuLvwFjKP6Ll25mOoMA4DCF3MkP2um3Gs2ttJfaxfjRhI8tcgBtdgd0Xdv&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm8e8hi9RZMX4LMjVtwe_uIOQD8me0rFcjfDi1pMBwI23ARABIABgleKQgqAHggEXY2EtcHViLTgwNDYyNzU1NTU2NzQ3MzfIAQmpArhJv7UzZ7I-qAMBqgS8AU_QmGzyd4PbXmPT7FqqCPvIy2nh46q5ZhW_x5aY4Y0A8l-X8dYQPuVsayxEWLQpvSEKHmPXcz943NNEPElLxuL0wM3clCnXWz2kd_x5wSeYcLPUI8JJ5Mj8WIsV_YLPbnqAQS9_7hK_MliUilahan8vAm3hS9tcI4pJUeuZoPmV6c6XEPWv060EuHUeV8kxGMJJL804gGMUkMnTYNpnCOvSxugVzqXX4gNY5KdhPrBcm1TkbVPRC5wtXqqdgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1-KCxNJ-LerkFBzmGqTbI39oPYTQ%26client%3Dca-pub-8046275555674737%26adurl%3D
Frame ID: 60997968A81218876015DFE4DC90A2EE
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMvN-gEQ3_CHsQMYnIes5gEwAQ&v=APEucNXyHglAl3ibpHHlSNv6_nIs6eE1ORlmvg3YfHcCCQbfER95-BOUNH_uivTysxfpoI-oGcElNS_64ymelMusZI97BiawLpuvDXfsHPycfyGx0MMQmzFaCkEVH75FLAaVU_QyjpQ3mmxgzEGu1nKKhS6kbUMrwUTzeO0eWXBbjNFQHM4CUBo
Frame ID: EEB5AD2367A2A251158553F1B010C259
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: FF0577ECDAF7456910EB106817F55467
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B8DDC6BEB48306C2769E64FD457AD1C9
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3B19EE5C2881BD315E07E0E622B40C96
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js
Frame ID: 878F421809E7018C0185B282B503E8AB
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11207411921136063200/aulus-728x90-DE.html
Frame ID: 8BADF9D0648C769AE6CC73B5FE81A8C4
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D222DBDA8755C1CA1916612000B51BD4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8DD43BAC4B6D4523E36C7565B227F6CE
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Show Biz Star - WOW info

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

158
Requests

88 %
HTTPS

77 %
IPv6

17
Domains

27
Subdomains

27
IPs

5
Countries

4762 kB
Transfer

7767 kB
Size

13
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 121
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECLiF01rhXMiJcb3EplbdRo&google_cver=1
Request Chain 122
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZFEvh.12LSE9NPxVh5auCgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECLiF01rhXMiJcb3EplbdRo&google_cver=1&google_hm=2
Request Chain 123
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESED-1Iar4g9F9wGMZkDex6EM&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESED-1Iar4g9F9wGMZkDex6EM%26google_cver%3D1
Request Chain 124
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE0MzA5Mjk2NTgzMTUyNDEyOQ%3D%3D
Request Chain 131
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

158 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
showbizstar.ru/
109 KB
15 KB
Document
General
Full URL
http://showbizstar.ru/
Protocol
HTTP/1.1
Server
87.236.16.118 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
ssl.oscar1.beget.com
Software
nginx-reuseport/1.21.1 / PHP/7.4.33
Resource Hash
2cf2901ad1e74d326075770da72eb99ec5d628dbe603d13a296c79021c6f1965

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Length
15225
Content-Type
text/html; charset=UTF-8
Date
Tue, 02 May 2023 15:43:01 GMT
Keep-Alive
timeout=30
Link
<https://showbizstar.ru/wp-json/>; rel="https://api.w.org/"
Server
nginx-reuseport/1.21.1
Vary
Accept-Encoding,Cookie
X-Powered-By
PHP/7.4.33
style.min.css
showbizstar.ru/wp-includes/css/dist/block-library/
95 KB
13 KB
Stylesheet
General
Full URL
http://showbizstar.ru/wp-includes/css/dist/block-library/style.min.css?ver=6.2
Requested by
Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol
HTTP/1.1
Server
87.236.16.118 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
ssl.oscar1.beget.com
Software
nginx-reuseport/1.21.1 /
Resource Hash
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://showbizstar.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 02 May 2023 15:43:02 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Mar 2023 09:32:47 GMT
Server
nginx-reuseport/1.21.1
ETag
W/"6425573f-17ced"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800
Connection
keep-alive
Keep-Alive
timeout=30
Expires
Tue, 09 May 2023 15:43:02 GMT
classic-themes.min.css
showbizstar.ru/wp-includes/css/
291 B
597 B
Stylesheet
General
Full URL
http://showbizstar.ru/wp-includes/css/classic-themes.min.css?ver=6.2
Requested by
Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol
HTTP/1.1
Server
87.236.16.118 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
ssl.oscar1.beget.com
Software
nginx-reuseport/1.21.1 /
Resource Hash
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://showbizstar.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 02 May 2023 15:43:02 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Mar 2023 09:32:47 GMT
Server
nginx-reuseport/1.21.1
ETag
W/"6425573f-123"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800
Connection
keep-alive
Keep-Alive
timeout=30
Expires
Tue, 09 May 2023 15:43:02 GMT
css
fonts.googleapis.com/
7 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&display=swap&ver=6.2
Requested by
Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ddccbab392901d3cf7568f12976be1a9843afec38283c7d77c1f711eb4f8fc83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://showbizstar.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 May 2023 15:43:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 May 2023 14:47:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 May 2023 15:43:02 GMT
style.min.css
showbizstar.ru/wp-content/themes/root/assets/css/
163 KB
33 KB
Stylesheet
General
Full URL
http://showbizstar.ru/wp-content/themes/root/assets/css/style.min.css?ver=3.1.2
Requested by
Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol
HTTP/1.1
Server
87.236.16.118 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
ssl.oscar1.beget.com
Software
nginx-reuseport/1.21.1 /
Resource Hash
3e34a2ad74039bbe3d9878c92bef7d872fdef7b72d3d37123ea452f6cc70b546

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://showbizstar.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 02 May 2023 15:43:02 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Nov 2022 10:40:04 GMT
Server
nginx-reuseport/1.21.1
ETag
W/"63624904-28a9a"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800
Connection
keep-alive
Keep-Alive
timeout=30
Expires
Tue, 09 May 2023 15:43:02 GMT
jquery.min.js
showbizstar.ru/wp-includes/js/jquery/
88 KB
31 KB
Script
General
Full URL
http://showbizstar.ru/wp-includes/js/jquery/jquery.min.js?ver=3.6.3
Requested by
Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol
HTTP/1.1
Server
87.236.16.118 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
ssl.oscar1.beget.com
Software
nginx-reuseport/1.21.1 /
Resource Hash
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://showbizstar.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 02 May 2023 15:43:02 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Mar 2023 09:32:45 GMT
Server
nginx-reuseport/1.21.1
ETag
W/"6425573d-15ed7"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Connection
keep-alive
Keep-Alive
timeout=30
Expires
Tue, 09 May 2023 15:43:02 GMT
jquery-migrate.min.js
showbizstar.ru/wp-includes/js/jquery/
13 KB
5 KB
Script
General
Full URL
http://showbizstar.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
Requested by
Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol
HTTP/1.1
Server
87.236.16.118 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
ssl.oscar1.beget.com
Software
nginx-reuseport/1.21.1 /
Resource Hash
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://showbizstar.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 02 May 2023 15:43:02 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Mar 2023 09:32:45 GMT
Server
nginx-reuseport/1.21.1
ETag
W/"6425573d-3470"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Connection
keep-alive
Keep-Alive
timeout=30
Expires
Tue, 09 May 2023 15:43:02 GMT
fontawesome-webfont.ttf
showbizstar.ru/wp-content/themes/root/fonts/
162 KB
162 KB
Font
General
Full URL
http://showbizstar.ru/wp-content/themes/root/fonts/fontawesome-webfont.ttf
Requested by
Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol
HTTP/1.1
Server
87.236.16.118 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
ssl.oscar1.beget.com
Software
nginx-reuseport/1.21.1 /
Resource Hash
aa58f33f239a0fb02f5c7a6c45c043d7a9ac9a093335806694ecd6d4edc0d6a8

Request headers

Referer
http://showbizstar.ru/
Origin
http://showbizstar.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 02 May 2023 15:43:02 GMT
Last-Modified
Wed, 02 Nov 2022 10:40:04 GMT
Server
nginx-reuseport/1.21.1
ETag
"63624904-286ac"
Content-Type
application/octet-stream
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=30
Content-Length
165548
Expires
Thu, 01 Jun 2023 15:43:02 GMT
js
www.googletagmanager.com/gtag/
167 KB
61 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-200606446-1
Requested by
Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ba50339919a90068858c8ef567edba5d9e31a0572f1a818fad26c6300b52610c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://showbizstar.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:43:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62294
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 02 May 2023 15:43:02 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
139 KB
47 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e448f424e7e314ecb9ea1b1bf0e3337b6c7441886c563f7e98ea7da0a233e54d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://showbizstar.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:43:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47421
x-xss-protection
0
server
cafe
etag
3263224297042763496
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 02 May 2023 15:43:02 GMT
wp-emoji-release.min.js
showbizstar.ru/wp-includes/js/
18 KB
5 KB
Script
General
Full URL
http://showbizstar.ru/wp-includes/js/wp-emoji-release.min.js?ver=6.2
Requested by
Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol
HTTP/1.1
Server
87.236.16.118 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
ssl.oscar1.beget.com
Software
nginx-reuseport/1.21.1 /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://showbizstar.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 02 May 2023 15:43:02 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Mar 2023 09:32:45 GMT
Server
nginx-reuseport/1.21.1
ETag
W/"6425573d-4904"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Connection
keep-alive
Keep-Alive
timeout=30
Expires
Tue, 09 May 2023 15:43:02 GMT
swiper.min.js
showbizstar.ru/wp-content/themes/root/assets/js/plugins/
122 KB
32 KB
Script
General
Full URL
http://showbizstar.ru/wp-content/themes/root/assets/js/plugins/swiper.min.js?ver=3.1.2
Requested by
Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol
HTTP/1.1
Server
87.236.16.118 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
ssl.oscar1.beget.com
Software
nginx-reuseport/1.21.1 /
Resource Hash
d509c6a9542e235d1451c1215f69357c70dc358c33dab1f92ea929d19edc9829

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://showbizstar.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 02 May 2023 15:43:02 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Nov 2022 10:40:04 GMT
Server
nginx-reuseport/1.21.1
ETag
W/"63624904-1e63a"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Connection
keep-alive
Keep-Alive
timeout=30
Expires
Tue, 09 May 2023 15:43:02 GMT
lightbox.min.js
showbizstar.ru/wp-content/themes/root/assets/js/plugins/
2 KB
1 KB
Script
General
Full URL
http://showbizstar.ru/wp-content/themes/root/assets/js/plugins/lightbox.min.js?ver=3.1.2
Requested by
Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol
HTTP/1.1
Server
87.236.16.118 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
ssl.oscar1.beget.com
Software
nginx-reuseport/1.21.1 /
Resource Hash
fbf413da8be4e1bf8fb4cb0f4e7d667ff0b7fe2bfeaca31d91205520a5111cad

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://showbizstar.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 02 May 2023 15:43:02 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Nov 2022 10:40:04 GMT
Server
nginx-reuseport/1.21.1
ETag
W/"63624904-616"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Connection
keep-alive
Keep-Alive
timeout=30
Expires
Tue, 09 May 2023 15:43:02 GMT
scripts.min.js
showbizstar.ru/wp-content/themes/root/assets/js/
7 KB
3 KB
Script
General
Full URL
http://showbizstar.ru/wp-content/themes/root/assets/js/scripts.min.js?ver=3.1.2
Requested by
Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol
HTTP/1.1
Server
87.236.16.118 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
ssl.oscar1.beget.com
Software
nginx-reuseport/1.21.1 /
Resource Hash
68babdfc4950d6f622a966498dbe69a5d2c99665f0388af533848f4f7c165cb4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://showbizstar.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 02 May 2023 15:43:02 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Nov 2022 10:40:04 GMT
Server
nginx-reuseport/1.21.1
ETag
W/"63624904-1d5e"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Connection
keep-alive
Keep-Alive
timeout=30
Expires
Tue, 09 May 2023 15:43:02 GMT
frontend.min.js
showbizstar.ru/wp-content/plugins/q2w3-fixed-widget/js/
23 KB
6 KB
Script
General
Full URL
http://showbizstar.ru/wp-content/plugins/q2w3-fixed-widget/js/frontend.min.js?ver=6.2.3
Requested by
Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol
HTTP/1.1
Server
87.236.16.118 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
ssl.oscar1.beget.com
Software
nginx-reuseport/1.21.1 /
Resource Hash
a69c12ccd186a899db79fce802b46c08e71f69c2c422be2666ed8565e3add026

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://showbizstar.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 02 May 2023 15:43:02 GMT
Content-Encoding
gzip
Last-Modified
Mon, 28 Nov 2022 17:35:05 GMT
Server
nginx-reuseport/1.21.1
ETag
W/"6384f149-5b89"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Connection
keep-alive
Keep-Alive
timeout=30
Expires
Tue, 09 May 2023 15:43:02 GMT
smush-lazy-load.min.js
showbizstar.ru/wp-content/plugins/wp-smushit/app/assets/js/
8 KB
4 KB
Script
General
Full URL
http://showbizstar.ru/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js?ver=3.12.6
Requested by
Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol
HTTP/1.1
Server
87.236.16.118 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
ssl.oscar1.beget.com
Software
nginx-reuseport/1.21.1 /
Resource Hash
f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://showbizstar.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 02 May 2023 15:43:02 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Mar 2023 17:35:14 GMT
Server
nginx-reuseport/1.21.1
ETag
W/"640a18d2-1ef2"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Connection
keep-alive
Keep-Alive
timeout=30
Expires
Tue, 09 May 2023 15:43:02 GMT
truncated
/
37 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://showbizstar.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
showbizstar.jpg
showbizstar.ru/wp-content/uploads/2021/04/
38 KB
39 KB
Image
General
Full URL
http://showbizstar.ru/wp-content/uploads/2021/04/showbizstar.jpg
Requested by
Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol
HTTP/1.1
Server
87.236.16.118 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
ssl.oscar1.beget.com
Software
nginx-reuseport/1.21.1 /
Resource Hash
21b54f30b2790a8254cb82b3b32645dfb5c6c7dd669767c62ce2d26e07301de7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://showbizstar.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 02 May 2023 15:43:02 GMT
Last-Modified
Sat, 17 Apr 2021 12:59:24 GMT
Server
nginx-reuseport/1.21.1
ETag
"607adbac-9945"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=30
Content-Length
39237
Expires
Thu, 01 Jun 2023 15:43:02 GMT
showbizstar1.jpg
showbizstar.ru/wp-content/uploads/2021/04/
43 KB
43 KB
Image
General
Full URL
https://showbizstar.ru/wp-content/uploads/2021/04/showbizstar1.jpg
Requested by
Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.236.16.118 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
ssl.oscar1.beget.com
Software
nginx-reuseport/1.21.1 /
Resource Hash
9ea027ac2c8047e44a569d1625acb59c1e4f25a484de0bbd053ef1eb5d490f96

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://showbizstar.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:43:02 GMT
last-modified
Sat, 17 Apr 2021 13:05:06 GMT
server
nginx-reuseport/1.21.1
etag
"607add02-ac1b"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
44059
expires
Thu, 01 Jun 2023 15:43:02 GMT
truncated
/
287 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f64f60b60f581caadfa1cf9b012ca732c4f4a24c8475027e7b7a225f20ce4278

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://showbizstar.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
Paris-Hilton.webp
showbizstar.ru/wp-content/uploads/2023/05/
147 KB
147 KB
Image
General
Full URL
https://showbizstar.ru/wp-content/uploads/2023/05/Paris-Hilton.webp
Requested by
Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.236.16.118 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
ssl.oscar1.beget.com
Software
nginx-reuseport/1.21.1 /
Resource Hash
766c3d2bef584e25a10c0268e288ed28a8dc689351782db792a246e3a7c35d05

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://showbizstar.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:43:02 GMT
last-modified
Tue, 02 May 2023 13:35:33 GMT
server
nginx-reuseport/1.21.1
etag
"645111a5-24a48"
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
150088
expires
Thu, 01 Jun 2023 15:43:02 GMT
abandoned-dog-finally-finds-a-home4.jpg
showbizstar.ru/wp-content/uploads/2023/05/
50 KB
50 KB
Image
General
Full URL
https://showbizstar.ru/wp-content/uploads/2023/05/abandoned-dog-finally-finds-a-home4.jpg
Requested by
Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.236.16.118 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
ssl.oscar1.beget.com
Software
nginx-reuseport/1.21.1 /
Resource Hash
6c229d6173666048f0654945567c56d6d159e3ec383b914c220ff68d26d8fdbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://showbizstar.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:43:02 GMT
last-modified
Tue, 02 May 2023 13:22:26 GMT
server
nginx-reuseport/1.21.1
etag
"64510e92-c6c5"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
50885
expires
Thu, 01 Jun 2023 15:43:02 GMT
Olivia-Wilde.jpg
showbizstar.ru/wp-content/uploads/2023/05/
82 KB
83 KB
Image
General
Full URL
https://showbizstar.ru/wp-content/uploads/2023/05/Olivia-Wilde.jpg
Requested by
Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.236.16.118 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
ssl.oscar1.beget.com
Software
nginx-reuseport/1.21.1 /
Resource Hash
d60d4a9508ed8edf15bde82fee4869abfa7d5f12671cdd002a7630304068d6c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://showbizstar.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:43:02 GMT
last-modified
Tue, 02 May 2023 13:11:45 GMT
server
nginx-reuseport/1.21.1
etag
"64510c11-14904"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
84228
expires
Thu, 01 Jun 2023 15:43:02 GMT
cat-walks-24-miles-to-return-to-his-birthplace-1.jpg
showbizstar.ru/wp-content/uploads/2023/05/
55 KB
55 KB
Image
General
Full URL
https://showbizstar.ru/wp-content/uploads/2023/05/cat-walks-24-miles-to-return-to-his-birthplace-1.jpg
Requested by
Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.236.16.118 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
ssl.oscar1.beget.com
Software
nginx-reuseport/1.21.1 /
Resource Hash
8f99bc8844fcea57f0e84019376b273077e20f295ef256612ea557d3a6f2cd51

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://showbizstar.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:43:02 GMT
last-modified
Tue, 02 May 2023 12:54:56 GMT
server
nginx-reuseport/1.21.1
etag
"64510820-dce1"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
56545
expires
Thu, 01 Jun 2023 15:43:02 GMT
Kendall-Jenner-3.jpg
showbizstar.ru/wp-content/uploads/2023/05/
44 KB
45 KB
Image
General
Full URL
https://showbizstar.ru/wp-content/uploads/2023/05/Kendall-Jenner-3.jpg
Requested by
Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.236.16.118 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
ssl.oscar1.beget.com
Software
nginx-reuseport/1.21.1 /
Resource Hash
e911424c07e0ce6aaaa9a92dbb80599bd7907400f1d42b990551c2fda16926ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://showbizstar.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:43:02 GMT
last-modified
Tue, 02 May 2023 10:57:03 GMT
server
nginx-reuseport/1.21.1
etag
"6450ec7f-b176"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
45430
expires
Thu, 01 Jun 2023 15:43:02 GMT
truncated
/
152 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
81f5a03e1b49cbe1692501481bd08328870b21f448be669a04666ae2a6c96855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://showbizstar.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
150 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d47a786c6b9e0f114e0ff0c92a8ff81d27d822447e41279494336c84560ea675

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://showbizstar.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&display=swap&ver=6.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://showbizstar.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 10:21:35 GMT
x-content-type-options
nosniff
age
364887
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9628
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 27 Apr 2024 10:21:35 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&display=swap&ver=6.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://showbizstar.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 06:22:44 GMT
x-content-type-options
nosniff
age
292818
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 06:22:44 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&display=swap&ver=6.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://showbizstar.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 06:10:15 GMT
x-content-type-options
nosniff
age
293567
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 06:10:15 GMT
fontawesome-webfont.woff2
showbizstar.ru/wp-content/themes/root/fonts/
75 KB
76 KB
Font
General
Full URL
http://showbizstar.ru/wp-content/themes/root/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: showbizstar.ru
URL: http://showbizstar.ru/wp-content/themes/root/assets/css/style.min.css?ver=3.1.2
Protocol
HTTP/1.1
Server
87.236.16.118 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
ssl.oscar1.beget.com
Software
nginx-reuseport/1.21.1 /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
http://showbizstar.ru/wp-content/themes/root/assets/css/style.min.css?ver=3.1.2
Origin
http://showbizstar.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 02 May 2023 15:43:02 GMT
Last-Modified
Wed, 02 Nov 2022 10:40:04 GMT
Server
nginx-reuseport/1.21.1
ETag
"63624904-12d68"
Content-Type
application/font-woff2
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=30
Content-Length
77160
Expires
Thu, 01 Jun 2023 15:43:02 GMT
KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/
9 KB
10 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&display=swap&ver=6.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://showbizstar.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 21:11:38 GMT
x-content-type-options
nosniff
age
239484
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9644
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 21:11:38 GMT
Paris-Hilton-330x140.webp
showbizstar.ru/wp-content/uploads/2023/05/
13 KB
13 KB
Image
General
Full URL
https://showbizstar.ru/wp-content/uploads/2023/05/Paris-Hilton-330x140.webp
Requested by
Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.236.16.118 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
ssl.oscar1.beget.com
Software
nginx-reuseport/1.21.1 /
Resource Hash
d69525c9d86a15cbe0863330ce2f39ede18ab33fd593117cc7955fa3a899d083

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://showbizstar.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:43:02 GMT
last-modified
Tue, 02 May 2023 13:35:33 GMT
server
nginx-reuseport/1.21.1
etag
"645111a5-3478"
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
13432
expires
Thu, 01 Jun 2023 15:43:02 GMT
abandoned-dog-finally-finds-a-home4-330x140.jpg
showbizstar.ru/wp-content/uploads/2023/05/
9 KB
9 KB
Image
General
Full URL
https://showbizstar.ru/wp-content/uploads/2023/05/abandoned-dog-finally-finds-a-home4-330x140.jpg
Requested by
Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.236.16.118 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
ssl.oscar1.beget.com
Software
nginx-reuseport/1.21.1 /
Resource Hash
72b32ba1353f8afe9c76396d3f7693e2b88e03a42193df47eccb62d775647e31

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://showbizstar.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:43:02 GMT
last-modified
Tue, 02 May 2023 13:22:27 GMT
server
nginx-reuseport/1.21.1
etag
"64510e93-2286"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
8838
expires
Thu, 01 Jun 2023 15:43:02 GMT
miley-cyrus-topless-music-video-spl-ftr-330x140.webp
showbizstar.ru/wp-content/uploads/2023/01/
7 KB
7 KB
Image
General
Full URL
https://showbizstar.ru/wp-content/uploads/2023/01/miley-cyrus-topless-music-video-spl-ftr-330x140.webp
Requested by
Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.236.16.118 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
ssl.oscar1.beget.com
Software
nginx-reuseport/1.21.1 /
Resource Hash
bdeaf8670e736c57d2205cf898e02ad5bd71320a3c0dc0fb6676d12033b61db7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://showbizstar.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:43:02 GMT
last-modified
Tue, 10 Jan 2023 13:08:14 GMT
server
nginx-reuseport/1.21.1
etag
"63bd633e-1ad4"
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
6868
expires
Thu, 01 Jun 2023 15:43:02 GMT
%D0%BC%D0%B8%D1%85%D0%B0%D0%B8%D0%BB-%D0%B5%D1%84%D1%80%D0%B5%D0%BC%D0%BE%D0%B2-330x140.jpg
showbizstar.ru/wp-content/uploads/2021/04/
7 KB
7 KB
Image
General
Full URL
https://showbizstar.ru/wp-content/uploads/2021/04/%D0%BC%D0%B8%D1%85%D0%B0%D0%B8%D0%BB-%D0%B5%D1%84%D1%80%D0%B5%D0%BC%D0%BE%D0%B2-330x140.jpg
Requested by
Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.236.16.118 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
ssl.oscar1.beget.com
Software
nginx-reuseport/1.21.1 /
Resource Hash
1f63d37176e96d3a8468c7664a0a72d314f934c075bdf5c9d0eaa04a94bb94a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://showbizstar.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:43:02 GMT
last-modified
Mon, 26 Apr 2021 13:26:35 GMT
server
nginx-reuseport/1.21.1
etag
"6086bf8b-1ac8"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
6856
expires
Thu, 01 Jun 2023 15:43:02 GMT
756736017412825-330x140.webp
showbizstar.ru/wp-content/uploads/2023/01/
5 KB
6 KB
Image
General
Full URL
https://showbizstar.ru/wp-content/uploads/2023/01/756736017412825-330x140.webp
Requested by
Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.236.16.118 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
ssl.oscar1.beget.com
Software
nginx-reuseport/1.21.1 /
Resource Hash
e7ac8c213a39acac1c68e7764de0275c26a2ef93eab2ef8c91f542d65c230cfb

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://showbizstar.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:43:02 GMT
last-modified
Fri, 13 Jan 2023 15:19:03 GMT
server
nginx-reuseport/1.21.1
etag
"63c17667-1556"
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
5462
expires
Thu, 01 Jun 2023 15:43:02 GMT
%D0%BB2-1-330x140.jpg
showbizstar.ru/wp-content/uploads/2022/12/
8 KB
9 KB
Image
General
Full URL
https://showbizstar.ru/wp-content/uploads/2022/12/%D0%BB2-1-330x140.jpg
Requested by
Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.236.16.118 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
ssl.oscar1.beget.com
Software
nginx-reuseport/1.21.1 /
Resource Hash
46eb2c66cea96d8f2ff202f45b92c2590b4a98fc32b7a8c13d9ff7caddc29b8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://showbizstar.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:43:02 GMT
last-modified
Thu, 15 Dec 2022 16:23:45 GMT
server
nginx-reuseport/1.21.1
etag
"639b4a11-2167"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
8551
expires
Thu, 01 Jun 2023 15:43:02 GMT
js
www.googletagmanager.com/gtag/
201 KB
72 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-WN83Y015T5&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-200606446-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
64d219084b8cb14eb52e6081812e02d005a0f38830ef66f4f754319995913703
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://showbizstar.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:43:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
73554
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 02 May 2023 15:43:02 GMT
analytics.js
www.google-analytics.com/
51 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-200606446-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://showbizstar.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 02 May 2023 15:05:04 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
2278
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Tue, 02 May 2023 17:05:04 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304260101/
354 KB
119 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8046275555674737&plah=showbizstar.ru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2d8b6b74824a19961f715e79bb50029065b1aa5c81428e5b47fd1ccc854a477f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://showbizstar.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:43:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122007
x-xss-protection
0
server
cafe
etag
15806578441566201593
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 02 May 2023 15:43:02 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230426/r20190131/ Frame 0EE6
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230426/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://showbizstar.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
32117
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4549
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 May 2023 06:47:45 GMT
etag
2378337311435320485
expires
Tue, 16 May 2023 06:47:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.google-analytics.com/g/
0
253 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-WN83Y015T5&gtm=45je34q0h1&_p=1240913754&cid=1354988519.1683042183&ul=en-us&sr=1600x1200&ir=1&_eu=EA&_s=1&sid=1683042182&sct=1&seg=0&dl=http%3A%2F%2Fshowbizstar.ru%2F&dt=Show%20Biz%20Star%20-%20WOW%20info&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WN83Y015T5&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://showbizstar.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 May 2023 15:43:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://showbizstar.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Olivia-Wilde-330x140.jpg
showbizstar.ru/wp-content/uploads/2023/05/
9 KB
9 KB
Image
General
Full URL
https://showbizstar.ru/wp-content/uploads/2023/05/Olivia-Wilde-330x140.jpg
Requested by
Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.236.16.118 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
ssl.oscar1.beget.com
Software
nginx-reuseport/1.21.1 /
Resource Hash
34566586b3286863c27e440e6f4a3c996f81ce53ba7eac835ae73ef537c66d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://showbizstar.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:43:02 GMT
last-modified
Tue, 02 May 2023 13:11:45 GMT
server
nginx-reuseport/1.21.1
etag
"64510c11-2296"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
8854
expires
Thu, 01 Jun 2023 15:43:02 GMT
collect
www.google-analytics.com/j/
1 B
205 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1240913754&t=pageview&_s=1&dl=http%3A%2F%2Fshowbizstar.ru%2F&ul=en-us&de=UTF-8&dt=Show%20Biz%20Star%20-%20WOW%20info&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=99307243&gjid=1806167725&cid=1354988519.1683042183&tid=UA-200606446-1&_gid=928805372.1683042183&_r=1&gtm=457e34q0h1&jsscut=1&z=583709095
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://showbizstar.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 02 May 2023 15:43:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://showbizstar.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/
395 B
608 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=showbizstar.ru&callback=_gfp_s_&client=ca-pub-8046275555674737
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8046275555674737&plah=showbizstar.ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7ad5a67597b873ba56a2f16364ac27d3626339da13749059f44cfc62d17e01a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://showbizstar.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:43:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
256
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
107 B
531 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=showbizstar.ru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8046275555674737&plah=showbizstar.ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://showbizstar.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:43:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
456 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=showbizstar.ru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8046275555674737&plah=showbizstar.ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://showbizstar.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:43:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame AE04
176 KB
44 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8046275555674737&output=html&adk=1812271804&adf=3025194257&lmt=1683042182&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=http%3A%2F%2Fshowbizstar.ru%2F&ea=0&pra=5&wgl=1&dt=1683042182450&bpp=3&bdt=447&idt=195&shv=r20230426&mjsv=m202304260101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=913133703214&frm=20&pv=2&ga_vid=1354988519.1683042183&ga_sid=1683042183&ga_hid=1240913754&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44773809%2C44759842%2C44759927%2C44759876%2C44788441%2C44789761%2C44790154&oid=2&pvsid=3649869842442817&tmod=1750032204&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=256
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8046275555674737&plah=showbizstar.ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
251401c02761c0d8df753e9afaeedbacb107a74a57728aa5116044dc8bf4e79a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://showbizstar.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
44935
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 May 2023 15:43:03 GMT
expires
Tue, 02 May 2023 15:43:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 696F
23 KB
10 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8046275555674737&output=html&h=280&slotname=7341133236&adk=3079527149&adf=232494035&pi=t.ma~as.7341133236&w=1090&fwrn=4&fwrnh=100&lmt=1683042182&rafmt=1&format=1090x280&url=http%3A%2F%2Fshowbizstar.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1683042182453&bpp=2&bdt=450&idt=258&shv=r20230426&mjsv=m202304260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=913133703214&frm=20&pv=1&ga_vid=1354988519.1683042183&ga_sid=1683042183&ga_hid=1240913754&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=255&ady=199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44773809%2C44759842%2C44759927%2C44759876%2C44788441%2C44789761%2C44790154&oid=2&pvsid=3649869842442817&tmod=1750032204&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=iSrOsXr4vD&p=http%3A//showbizstar.ru&dtd=262
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8046275555674737&plah=showbizstar.ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dfce7661990990ec6c1d5b9fc81ff67472dc95e685198a2a02d3d775d90ea75e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://showbizstar.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
9986
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 May 2023 15:43:03 GMT
expires
Tue, 02 May 2023 15:43:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 5BAB
104 KB
34 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8046275555674737&output=html&h=600&slotname=2633685742&adk=3568234344&adf=2458861518&pi=t.ma~as.2633685742&w=300&fwrn=4&fwrnh=100&lmt=1683042182&rafmt=1&format=300x600&url=http%3A%2F%2Fshowbizstar.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1683042182455&bpp=1&bdt=452&idt=274&shv=r20230426&mjsv=m202304260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280&nras=1&correlator=913133703214&frm=20&pv=1&ga_vid=1354988519.1683042183&ga_sid=1683042183&ga_hid=1240913754&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1045&ady=3543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44773809%2C44759842%2C44759927%2C44759876%2C44788441%2C44789761%2C44790154&oid=2&pvsid=3649869842442817&tmod=1750032204&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=IfZ7UgshdH&p=http%3A//showbizstar.ru&dtd=277
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8046275555674737&plah=showbizstar.ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ed5b054b3d1d550e89618cfea32ea7d54d7b9b5cdb3294c77232fa3383a47c8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://showbizstar.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
34974
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 May 2023 15:43:03 GMT
expires
Tue, 02 May 2023 15:43:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cat-walks-24-miles-to-return-to-his-birthplace-1-330x140.jpg
showbizstar.ru/wp-content/uploads/2023/05/
12 KB
12 KB
Image
General
Full URL
https://showbizstar.ru/wp-content/uploads/2023/05/cat-walks-24-miles-to-return-to-his-birthplace-1-330x140.jpg
Requested by
Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.236.16.118 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
ssl.oscar1.beget.com
Software
nginx-reuseport/1.21.1 /
Resource Hash
a0034a8a0b3a99a5eec395ba97f4af69bb4dc4e0b560663cccea314501f9ac2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://showbizstar.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:43:02 GMT
last-modified
Tue, 02 May 2023 12:54:57 GMT
server
nginx-reuseport/1.21.1
etag
"64510821-2f34"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
12084
expires
Thu, 01 Jun 2023 15:43:02 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 696F
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CNXyZhi9RZPmmLYattgfwhbXIAcme0rFczeGS93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODA0NjI3NTU1NTY3NDczN8gBCakCuEm_tTNnsj6oAwGqBLoBT9CnFK4lpXXEAJG-PBoD3RlHE79jkKBzpduKMXwYIK6nTuO1gcR725__qa6wvuZqUHwtAZhOoMZhqX5Pmo_XkxdwC1XanowzjXr_Boez3o5cA13wJ3UEyRqKY09DKWUEbYsm0U6bBAqS1VCCnnduwofw0r9UmWqWjav_YG0YooTgrH1aJ5HoG9fI5nQXybHFDlNAzfhHQIEKab431Uy7-bTfiDcergYJqrEcTjEHGl_Zuq6RxyjaZrGbgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTgwNDYyNzU1NTU2NzQ3MzcYAA&sigh=uDrHEwuw57Q&uach_m=[UACH]&cid=CAQSGwBygQiDCOiTOUQK-sjob7XNuu5AA1ake169YxgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8046275555674737&output=html&h=280&slotname=7341133236&adk=3079527149&adf=232494035&pi=t.ma~as.7341133236&w=1090&fwrn=4&fwrnh=100&lmt=1683042182&rafmt=1&format=1090x280&url=http%3A%2F%2Fshowbizstar.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1683042182453&bpp=2&bdt=450&idt=258&shv=r20230426&mjsv=m202304260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=913133703214&frm=20&pv=1&ga_vid=1354988519.1683042183&ga_sid=1683042183&ga_hid=1240913754&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=255&ady=199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44773809%2C44759842%2C44759927%2C44759876%2C44788441%2C44789761%2C44790154&oid=2&pvsid=3649869842442817&tmod=1750032204&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=iSrOsXr4vD&p=http%3A//showbizstar.ru&dtd=262
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8046275555674737&output=html&h=280&slotname=7341133236&adk=3079527149&adf=232494035&pi=t.ma~as.7341133236&w=1090&fwrn=4&fwrnh=100&lmt=1683042182&rafmt=1&format=1090x280&url=http%3A%2F%2Fshowbizstar.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1683042182453&bpp=2&bdt=450&idt=258&shv=r20230426&mjsv=m202304260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=913133703214&frm=20&pv=1&ga_vid=1354988519.1683042183&ga_sid=1683042183&ga_hid=1240913754&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=255&ady=199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44773809%2C44759842%2C44759927%2C44759876%2C44788441%2C44789761%2C44790154&oid=2&pvsid=3649869842442817&tmod=1750032204&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=iSrOsXr4vD&p=http%3A//showbizstar.ru&dtd=262
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 02 May 2023 15:43:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 02 May 2023 15:43:03 GMT
notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 696F
0
0
Fetch
General
Full URL
https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kMWCFMz6RMIImAKdg2ICAgAAABHlpEOplKiLEIUvUWRnF8gKvH10Im1AAAASAAAKCkFRVUJEd0VCRHc&wp=ZFEvhgALU3kK7ZaGAA1C8J1sDX67kuyCYlOt6Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8046275555674737&output=html&h=280&slotname=7341133236&adk=3079527149&adf=232494035&pi=t.ma~as.7341133236&w=1090&fwrn=4&fwrnh=100&lmt=1683042182&rafmt=1&format=1090x280&url=http%3A%2F%2Fshowbizstar.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1683042182453&bpp=2&bdt=450&idt=258&shv=r20230426&mjsv=m202304260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=913133703214&frm=20&pv=1&ga_vid=1354988519.1683042183&ga_sid=1683042183&ga_hid=1240913754&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=255&ady=199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44773809%2C44759842%2C44759927%2C44759876%2C44788441%2C44789761%2C44790154&oid=2&pvsid=3649869842442817&tmod=1750032204&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=iSrOsXr4vD&p=http%3A//showbizstar.ru&dtd=262
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:43:02 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
174446
server
Kestrel
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame 5995
145 KB
47 KB
Document
General
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZFEvhgALU3kK7ZaGAA1C8J1sDX67kuyCYlOt6Q&u=%7CcUQNteQ%2BFsPR3eLSQqMwTkSqlG%2BWzMPMMzcsNIWE4zs%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37ds0oDHxEuxeKn7Xrp6ainli_Cmw5dJSudhYAqTqyTVI_Npph_ZNnhbOLEbwPSW-4xKkJuuhPiTYEg4EGTSn7cl0ckksiVKBJ62_coml-HSzG7Uq0bBCT9N56OChMUcdGWUe5RAJPldtXNow-DGp6_Suk0YnJjubu5SxrI0htH_-AS0SbYgKcfE25GbQiYKfcNbQnI9m1GRFDCRs5HywPfOyXVOWH_ngswRmyhEAK_ZBxX9nDpf70qOoJHHSVBfv1Amu9Mx861o0leLSwgW3-P7C6zUkjrdzqJVRbOTDOJfiM7USCfsULS1BzP6XJyABy1AugIWAp8CToeSM5nz2Z1SUiqJFZy7yK5CIKB4b_Rhi1LB2bFViat6UQbboOruKJ7zGm0YpX9pEGkRlG7_qaqDTw76t2CREtedZJhXXYmNndt-blwdPtWIlGp85nFscpmUissbLf_moR4eGIV-bzrE81XGsQBAQysUdIwgzfPvPUGrrARbMKHtrWko71pvTJj-JUCKRLguGKC6uorHZ7haa2YeZ299V06O6ObAj0EbiieVlFAnW6_WI2WrOxR9CGUYy557HyXj0O4kZKMF-upQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeaAChi9RZPmmLYattgfwhbXIAcme0rFczeGS93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODA0NjI3NTU1NTY3NDczN8gBCakCuEm_tTNnsj6oAwGqBL0BT9CnFK4lpXXEAJG-PBoD3RlHE79jkKBzpduKMXwYIK6nTuO1gcR725__qa6wvuZqUHwtAZhOoMZhqX5Pmo_XkxdwC1XanowzjXr_Boez3o5cA13wJ3UEyRqKY09DKWUEbYsm0U6bBAqS1VCCnnduwofw0r9UmWqWjav_YG0YooTgrH1aJ5HoG9fI5nQXybHFDlNAzbpFYRON5iIkatCvWmTiLs8Xugy_oJ8EzIXPJ_krBbC9361w4qIk7A-AgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1fWb83hculzH81oohMekwgcs1dCw%26client%3Dca-pub-8046275555674737%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8046275555674737&output=html&h=280&slotname=7341133236&adk=3079527149&adf=232494035&pi=t.ma~as.7341133236&w=1090&fwrn=4&fwrnh=100&lmt=1683042182&rafmt=1&format=1090x280&url=http%3A%2F%2Fshowbizstar.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1683042182453&bpp=2&bdt=450&idt=258&shv=r20230426&mjsv=m202304260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=913133703214&frm=20&pv=1&ga_vid=1354988519.1683042183&ga_sid=1683042183&ga_hid=1240913754&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=255&ady=199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44773809%2C44759842%2C44759927%2C44759876%2C44788441%2C44789761%2C44790154&oid=2&pvsid=3649869842442817&tmod=1750032204&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=iSrOsXr4vD&p=http%3A//showbizstar.ru&dtd=262
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
29aab4e8ef36ac96b31bfdc7625207d595e2e0eb03dafe40c8beea0f58faae4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Tue, 02 May 2023 15:43:03 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=Rumj1F1dNOfLt25_fLCD8kDlYqSTgcNZJBFszBgd9Zng2LDISXLvgXSVWwHVcEZG8q5TigdTPHREuDG_modpcO5wYHcLFNMbanZOsNxOKDxYcMQkpq9UOsDbxNPg-mTprKOF0pr90HstPG8Q8u2lGYURHvBxa4TsSHmboP9vsWdQqM3RJ08Hs6DaL_z9zcjA3_5b28OhQecqMnVsOSNJ7eG1ByQasJO7vATmi3Z37XHZlUbsY6cDNX3_HRwR8-G3_YgcTQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
53951600
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 696F
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8046275555674737&output=html&h=280&slotname=7341133236&adk=3079527149&adf=232494035&pi=t.ma~as.7341133236&w=1090&fwrn=4&fwrnh=100&lmt=1683042182&rafmt=1&format=1090x280&url=http%3A%2F%2Fshowbizstar.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1683042182453&bpp=2&bdt=450&idt=258&shv=r20230426&mjsv=m202304260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=913133703214&frm=20&pv=1&ga_vid=1354988519.1683042183&ga_sid=1683042183&ga_hid=1240913754&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=255&ady=199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44773809%2C44759842%2C44759927%2C44759876%2C44788441%2C44789761%2C44790154&oid=2&pvsid=3649869842442817&tmod=1750032204&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=iSrOsXr4vD&p=http%3A//showbizstar.ru&dtd=262
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 14:39:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
3813
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 May 2023 14:39:30 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 696F
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8046275555674737&output=html&h=280&slotname=7341133236&adk=3079527149&adf=232494035&pi=t.ma~as.7341133236&w=1090&fwrn=4&fwrnh=100&lmt=1683042182&rafmt=1&format=1090x280&url=http%3A%2F%2Fshowbizstar.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1683042182453&bpp=2&bdt=450&idt=258&shv=r20230426&mjsv=m202304260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=913133703214&frm=20&pv=1&ga_vid=1354988519.1683042183&ga_sid=1683042183&ga_hid=1240913754&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=255&ady=199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44773809%2C44759842%2C44759927%2C44759876%2C44788441%2C44789761%2C44790154&oid=2&pvsid=3649869842442817&tmod=1750032204&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=iSrOsXr4vD&p=http%3A//showbizstar.ru&dtd=262
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 09:20:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
22956
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7966
x-xss-protection
0
server
cafe
etag
10783182253924109600
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 May 2023 09:20:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 696F
160 KB
49 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8046275555674737&output=html&h=280&slotname=7341133236&adk=3079527149&adf=232494035&pi=t.ma~as.7341133236&w=1090&fwrn=4&fwrnh=100&lmt=1683042182&rafmt=1&format=1090x280&url=http%3A%2F%2Fshowbizstar.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1683042182453&bpp=2&bdt=450&idt=258&shv=r20230426&mjsv=m202304260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=913133703214&frm=20&pv=1&ga_vid=1354988519.1683042183&ga_sid=1683042183&ga_hid=1240913754&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=255&ady=199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44773809%2C44759842%2C44759927%2C44759876%2C44788441%2C44789761%2C44790154&oid=2&pvsid=3649869842442817&tmod=1750032204&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=iSrOsXr4vD&p=http%3A//showbizstar.ru&dtd=262
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dcef0a2eb37a3d8e32ddf11f664b3375a06980cf33792aa7bfb798b15cb646d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:43:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50021
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682940967289926"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 May 2023 15:43:03 GMT
css
fonts.googleapis.com/ Frame 5BAB
9 KB
1017 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8046275555674737&output=html&h=600&slotname=2633685742&adk=3568234344&adf=2458861518&pi=t.ma~as.2633685742&w=300&fwrn=4&fwrnh=100&lmt=1683042182&rafmt=1&format=300x600&url=http%3A%2F%2Fshowbizstar.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1683042182455&bpp=1&bdt=452&idt=274&shv=r20230426&mjsv=m202304260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280&nras=1&correlator=913133703214&frm=20&pv=1&ga_vid=1354988519.1683042183&ga_sid=1683042183&ga_hid=1240913754&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1045&ady=3543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44773809%2C44759842%2C44759927%2C44759876%2C44788441%2C44789761%2C44790154&oid=2&pvsid=3649869842442817&tmod=1750032204&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=IfZ7UgshdH&p=http%3A//showbizstar.ru&dtd=277
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 May 2023 15:43:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 May 2023 14:19:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 May 2023 15:43:03 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 5995
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZFEvhgALU3kK7ZaGAA1C8J1sDX67kuyCYlOt6Q&u=%7CcUQNteQ%2BFsPR3eLSQqMwTkSqlG%2BWzMPMMzcsNIWE4zs%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37ds0oDHxEuxeKn7Xrp6ainli_Cmw5dJSudhYAqTqyTVI_Npph_ZNnhbOLEbwPSW-4xKkJuuhPiTYEg4EGTSn7cl0ckksiVKBJ62_coml-HSzG7Uq0bBCT9N56OChMUcdGWUe5RAJPldtXNow-DGp6_Suk0YnJjubu5SxrI0htH_-AS0SbYgKcfE25GbQiYKfcNbQnI9m1GRFDCRs5HywPfOyXVOWH_ngswRmyhEAK_ZBxX9nDpf70qOoJHHSVBfv1Amu9Mx861o0leLSwgW3-P7C6zUkjrdzqJVRbOTDOJfiM7USCfsULS1BzP6XJyABy1AugIWAp8CToeSM5nz2Z1SUiqJFZy7yK5CIKB4b_Rhi1LB2bFViat6UQbboOruKJ7zGm0YpX9pEGkRlG7_qaqDTw76t2CREtedZJhXXYmNndt-blwdPtWIlGp85nFscpmUissbLf_moR4eGIV-bzrE81XGsQBAQysUdIwgzfPvPUGrrARbMKHtrWko71pvTJj-JUCKRLguGKC6uorHZ7haa2YeZ299V06O6ObAj0EbiieVlFAnW6_WI2WrOxR9CGUYy557HyXj0O4kZKMF-upQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeaAChi9RZPmmLYattgfwhbXIAcme0rFczeGS93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODA0NjI3NTU1NTY3NDczN8gBCakCuEm_tTNnsj6oAwGqBL0BT9CnFK4lpXXEAJG-PBoD3RlHE79jkKBzpduKMXwYIK6nTuO1gcR725__qa6wvuZqUHwtAZhOoMZhqX5Pmo_XkxdwC1XanowzjXr_Boez3o5cA13wJ3UEyRqKY09DKWUEbYsm0U6bBAqS1VCCnnduwofw0r9UmWqWjav_YG0YooTgrH1aJ5HoG9fI5nQXybHFDlNAzbpFYRON5iIkatCvWmTiLs8Xugy_oJ8EzIXPJ_krBbC9361w4qIk7A-AgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1fWb83hculzH81oohMekwgcs1dCw%26client%3Dca-pub-8046275555674737%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:43:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 26 Apr 2024 15:43:03 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 5995
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZFEvhgALU3kK7ZaGAA1C8J1sDX67kuyCYlOt6Q&u=%7CcUQNteQ%2BFsPR3eLSQqMwTkSqlG%2BWzMPMMzcsNIWE4zs%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37ds0oDHxEuxeKn7Xrp6ainli_Cmw5dJSudhYAqTqyTVI_Npph_ZNnhbOLEbwPSW-4xKkJuuhPiTYEg4EGTSn7cl0ckksiVKBJ62_coml-HSzG7Uq0bBCT9N56OChMUcdGWUe5RAJPldtXNow-DGp6_Suk0YnJjubu5SxrI0htH_-AS0SbYgKcfE25GbQiYKfcNbQnI9m1GRFDCRs5HywPfOyXVOWH_ngswRmyhEAK_ZBxX9nDpf70qOoJHHSVBfv1Amu9Mx861o0leLSwgW3-P7C6zUkjrdzqJVRbOTDOJfiM7USCfsULS1BzP6XJyABy1AugIWAp8CToeSM5nz2Z1SUiqJFZy7yK5CIKB4b_Rhi1LB2bFViat6UQbboOruKJ7zGm0YpX9pEGkRlG7_qaqDTw76t2CREtedZJhXXYmNndt-blwdPtWIlGp85nFscpmUissbLf_moR4eGIV-bzrE81XGsQBAQysUdIwgzfPvPUGrrARbMKHtrWko71pvTJj-JUCKRLguGKC6uorHZ7haa2YeZ299V06O6ObAj0EbiieVlFAnW6_WI2WrOxR9CGUYy557HyXj0O4kZKMF-upQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeaAChi9RZPmmLYattgfwhbXIAcme0rFczeGS93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODA0NjI3NTU1NTY3NDczN8gBCakCuEm_tTNnsj6oAwGqBL0BT9CnFK4lpXXEAJG-PBoD3RlHE79jkKBzpduKMXwYIK6nTuO1gcR725__qa6wvuZqUHwtAZhOoMZhqX5Pmo_XkxdwC1XanowzjXr_Boez3o5cA13wJ3UEyRqKY09DKWUEbYsm0U6bBAqS1VCCnnduwofw0r9UmWqWjav_YG0YooTgrH1aJ5HoG9fI5nQXybHFDlNAzbpFYRON5iIkatCvWmTiLs8Xugy_oJ8EzIXPJ_krBbC9361w4qIk7A-AgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1fWb83hculzH81oohMekwgcs1dCw%26client%3Dca-pub-8046275555674737%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:43:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 26 Apr 2024 15:43:03 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 5995
308 B
636 B
Image
General
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZFEvhgALU3kK7ZaGAA1C8J1sDX67kuyCYlOt6Q&u=%7CcUQNteQ%2BFsPR3eLSQqMwTkSqlG%2BWzMPMMzcsNIWE4zs%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37ds0oDHxEuxeKn7Xrp6ainli_Cmw5dJSudhYAqTqyTVI_Npph_ZNnhbOLEbwPSW-4xKkJuuhPiTYEg4EGTSn7cl0ckksiVKBJ62_coml-HSzG7Uq0bBCT9N56OChMUcdGWUe5RAJPldtXNow-DGp6_Suk0YnJjubu5SxrI0htH_-AS0SbYgKcfE25GbQiYKfcNbQnI9m1GRFDCRs5HywPfOyXVOWH_ngswRmyhEAK_ZBxX9nDpf70qOoJHHSVBfv1Amu9Mx861o0leLSwgW3-P7C6zUkjrdzqJVRbOTDOJfiM7USCfsULS1BzP6XJyABy1AugIWAp8CToeSM5nz2Z1SUiqJFZy7yK5CIKB4b_Rhi1LB2bFViat6UQbboOruKJ7zGm0YpX9pEGkRlG7_qaqDTw76t2CREtedZJhXXYmNndt-blwdPtWIlGp85nFscpmUissbLf_moR4eGIV-bzrE81XGsQBAQysUdIwgzfPvPUGrrARbMKHtrWko71pvTJj-JUCKRLguGKC6uorHZ7haa2YeZ299V06O6ObAj0EbiieVlFAnW6_WI2WrOxR9CGUYy557HyXj0O4kZKMF-upQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeaAChi9RZPmmLYattgfwhbXIAcme0rFczeGS93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODA0NjI3NTU1NTY3NDczN8gBCakCuEm_tTNnsj6oAwGqBL0BT9CnFK4lpXXEAJG-PBoD3RlHE79jkKBzpduKMXwYIK6nTuO1gcR725__qa6wvuZqUHwtAZhOoMZhqX5Pmo_XkxdwC1XanowzjXr_Boez3o5cA13wJ3UEyRqKY09DKWUEbYsm0U6bBAqS1VCCnnduwofw0r9UmWqWjav_YG0YooTgrH1aJ5HoG9fI5nQXybHFDlNAzbpFYRON5iIkatCvWmTiLs8Xugy_oJ8EzIXPJ_krBbC9361w4qIk7A-AgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1fWb83hculzH81oohMekwgcs1dCw%26client%3Dca-pub-8046275555674737%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:43:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Fri, 26 Apr 2024 15:43:03 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 5995
293 B
622 B
Image
General
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZFEvhgALU3kK7ZaGAA1C8J1sDX67kuyCYlOt6Q&u=%7CcUQNteQ%2BFsPR3eLSQqMwTkSqlG%2BWzMPMMzcsNIWE4zs%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37ds0oDHxEuxeKn7Xrp6ainli_Cmw5dJSudhYAqTqyTVI_Npph_ZNnhbOLEbwPSW-4xKkJuuhPiTYEg4EGTSn7cl0ckksiVKBJ62_coml-HSzG7Uq0bBCT9N56OChMUcdGWUe5RAJPldtXNow-DGp6_Suk0YnJjubu5SxrI0htH_-AS0SbYgKcfE25GbQiYKfcNbQnI9m1GRFDCRs5HywPfOyXVOWH_ngswRmyhEAK_ZBxX9nDpf70qOoJHHSVBfv1Amu9Mx861o0leLSwgW3-P7C6zUkjrdzqJVRbOTDOJfiM7USCfsULS1BzP6XJyABy1AugIWAp8CToeSM5nz2Z1SUiqJFZy7yK5CIKB4b_Rhi1LB2bFViat6UQbboOruKJ7zGm0YpX9pEGkRlG7_qaqDTw76t2CREtedZJhXXYmNndt-blwdPtWIlGp85nFscpmUissbLf_moR4eGIV-bzrE81XGsQBAQysUdIwgzfPvPUGrrARbMKHtrWko71pvTJj-JUCKRLguGKC6uorHZ7haa2YeZ299V06O6ObAj0EbiieVlFAnW6_WI2WrOxR9CGUYy557HyXj0O4kZKMF-upQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeaAChi9RZPmmLYattgfwhbXIAcme0rFczeGS93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODA0NjI3NTU1NTY3NDczN8gBCakCuEm_tTNnsj6oAwGqBL0BT9CnFK4lpXXEAJG-PBoD3RlHE79jkKBzpduKMXwYIK6nTuO1gcR725__qa6wvuZqUHwtAZhOoMZhqX5Pmo_XkxdwC1XanowzjXr_Boez3o5cA13wJ3UEyRqKY09DKWUEbYsm0U6bBAqS1VCCnnduwofw0r9UmWqWjav_YG0YooTgrH1aJ5HoG9fI5nQXybHFDlNAzbpFYRON5iIkatCvWmTiLs8Xugy_oJ8EzIXPJ_krBbC9361w4qIk7A-AgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1fWb83hculzH81oohMekwgcs1dCw%26client%3Dca-pub-8046275555674737%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:43:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Fri, 26 Apr 2024 15:43:03 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 5995
43 B
348 B
Image
General
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=QUdDzbtN-RQUOohkDdd_K8QTT35r8Dcl05D-iyBXqvmbwXpxLGEPkwjyoWXMmeL5D_bIf08avpV4W5bn-7U_Jao5BG5wk0pPShLeyif6dhI1dHULJl5QJ9yzTxaIArkhBHoZqODU2jsqwqRqALdwo01ycAPcgHcY8BqaDBKLH2STxZakZraAT2JyFoCUCgXN8shOh8-Jq8ZJ_GfrIHCBudek-v9qakfqrT4dy4ScfWpbV8nDWCzgwH3eKQ-kr3WHusgkosVY4oYy6Zjoas3jerx1u6RHvPKTM9xY8l1BBnLqvr6IFm2oOWbhOzmkStKQE52uNb95bLkYcQISOSNP-A9x3OUdxc-rdiTmyv0HGk66I4YJujZuZATn_zC4m3idyvEM_8aMs-VU5gdRjxO4x7jcbJHt2qCuhSL_r88nANbgvPTf
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZFEvhgALU3kK7ZaGAA1C8J1sDX67kuyCYlOt6Q&u=%7CcUQNteQ%2BFsPR3eLSQqMwTkSqlG%2BWzMPMMzcsNIWE4zs%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37ds0oDHxEuxeKn7Xrp6ainli_Cmw5dJSudhYAqTqyTVI_Npph_ZNnhbOLEbwPSW-4xKkJuuhPiTYEg4EGTSn7cl0ckksiVKBJ62_coml-HSzG7Uq0bBCT9N56OChMUcdGWUe5RAJPldtXNow-DGp6_Suk0YnJjubu5SxrI0htH_-AS0SbYgKcfE25GbQiYKfcNbQnI9m1GRFDCRs5HywPfOyXVOWH_ngswRmyhEAK_ZBxX9nDpf70qOoJHHSVBfv1Amu9Mx861o0leLSwgW3-P7C6zUkjrdzqJVRbOTDOJfiM7USCfsULS1BzP6XJyABy1AugIWAp8CToeSM5nz2Z1SUiqJFZy7yK5CIKB4b_Rhi1LB2bFViat6UQbboOruKJ7zGm0YpX9pEGkRlG7_qaqDTw76t2CREtedZJhXXYmNndt-blwdPtWIlGp85nFscpmUissbLf_moR4eGIV-bzrE81XGsQBAQysUdIwgzfPvPUGrrARbMKHtrWko71pvTJj-JUCKRLguGKC6uorHZ7haa2YeZ299V06O6ObAj0EbiieVlFAnW6_WI2WrOxR9CGUYy557HyXj0O4kZKMF-upQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeaAChi9RZPmmLYattgfwhbXIAcme0rFczeGS93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODA0NjI3NTU1NTY3NDczN8gBCakCuEm_tTNnsj6oAwGqBL0BT9CnFK4lpXXEAJG-PBoD3RlHE79jkKBzpduKMXwYIK6nTuO1gcR725__qa6wvuZqUHwtAZhOoMZhqX5Pmo_XkxdwC1XanowzjXr_Boez3o5cA13wJ3UEyRqKY09DKWUEbYsm0U6bBAqS1VCCnnduwofw0r9UmWqWjav_YG0YooTgrH1aJ5HoG9fI5nQXybHFDlNAzbpFYRON5iIkatCvWmTiLs8Xugy_oJ8EzIXPJ_krBbC9361w4qIk7A-AgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1fWb83hculzH81oohMekwgcs1dCw%26client%3Dca-pub-8046275555674737%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 May 2023 15:43:03 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1765596
expires
Mon, 26 Jul 1997 05:00:00 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 5BAB
2 KB
846 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8046275555674737&output=html&h=600&slotname=2633685742&adk=3568234344&adf=2458861518&pi=t.ma~as.2633685742&w=300&fwrn=4&fwrnh=100&lmt=1683042182&rafmt=1&format=300x600&url=http%3A%2F%2Fshowbizstar.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1683042182455&bpp=1&bdt=452&idt=274&shv=r20230426&mjsv=m202304260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280&nras=1&correlator=913133703214&frm=20&pv=1&ga_vid=1354988519.1683042183&ga_sid=1683042183&ga_hid=1240913754&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1045&ady=3543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44773809%2C44759842%2C44759927%2C44759876%2C44788441%2C44789761%2C44790154&oid=2&pvsid=3649869842442817&tmod=1750032204&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=IfZ7UgshdH&p=http%3A//showbizstar.ru&dtd=277
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 20:09:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
70438
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 15 May 2023 20:09:05 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 5BAB
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CBuP1hi9RZMCnLoKytwem-bagB8_Pip5v2JmrltYRm8n2tY0OEAEgoZCCLmCV4pCCoAegAcCJ4foCyAEJqQKNWIRKBfW0PqgDAcgDywSqBMkBT9D9PikCrMvzJTB_GcdugqtX6S8OsLvHILycuFPXpFvNxOd-YnV1fGzCe1KIO10r22m4hgewy-4VECmbD2_r7VITznn_nTzRTNjrT9iviRx-g0aPrvkqFbCXHEaG2VInhHSvjyBUAEMvaUByZ5-b4bdXbmFEeiKXS7MR9enf6pmm67hLE5VPN-CKp-6besR_PoFPOiY20nDg3hP_Mtb8J2HAkeaiT-JkDyzmDbz2Aaqv_O0kc4sH05LqqophtUW4bJgJkjai9qTewAS2qMn20AOSBQQIBBgBkgUECAUYBKAGLoAHqPaehQGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBC9lwPSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDYgUAdAVAZgWAYAXAbIXHAoaCAASFHB1Yi04MDQ2Mjc1NTU1Njc0NzM3GAA&sigh=7dslT087vKs&uach_m=[UACH]&cid=CAQSGwBygQiDnOR-K5xiFSAr2bA0mdOqAN_1G1Aq1xgB&template_id=5000
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8046275555674737&output=html&h=600&slotname=2633685742&adk=3568234344&adf=2458861518&pi=t.ma~as.2633685742&w=300&fwrn=4&fwrnh=100&lmt=1683042182&rafmt=1&format=300x600&url=http%3A%2F%2Fshowbizstar.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1683042182455&bpp=1&bdt=452&idt=274&shv=r20230426&mjsv=m202304260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280&nras=1&correlator=913133703214&frm=20&pv=1&ga_vid=1354988519.1683042183&ga_sid=1683042183&ga_hid=1240913754&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1045&ady=3543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44773809%2C44759842%2C44759927%2C44759876%2C44788441%2C44789761%2C44790154&oid=2&pvsid=3649869842442817&tmod=1750032204&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=IfZ7UgshdH&p=http%3A//showbizstar.ru&dtd=277
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8046275555674737&output=html&h=600&slotname=2633685742&adk=3568234344&adf=2458861518&pi=t.ma~as.2633685742&w=300&fwrn=4&fwrnh=100&lmt=1683042182&rafmt=1&format=300x600&url=http%3A%2F%2Fshowbizstar.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1683042182455&bpp=1&bdt=452&idt=274&shv=r20230426&mjsv=m202304260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280&nras=1&correlator=913133703214&frm=20&pv=1&ga_vid=1354988519.1683042183&ga_sid=1683042183&ga_hid=1240913754&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1045&ady=3543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44773809%2C44759842%2C44759927%2C44759876%2C44788441%2C44789761%2C44790154&oid=2&pvsid=3649869842442817&tmod=1750032204&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=IfZ7UgshdH&p=http%3A//showbizstar.ru&dtd=277
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 02 May 2023 15:43:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
14763004658117789537
tpc.googlesyndication.com/simgad/13866511437101175351/ Frame 5BAB
36 KB
36 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/13866511437101175351/14763004658117789537?w=400&h=209
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8046275555674737&output=html&h=600&slotname=2633685742&adk=3568234344&adf=2458861518&pi=t.ma~as.2633685742&w=300&fwrn=4&fwrnh=100&lmt=1683042182&rafmt=1&format=300x600&url=http%3A%2F%2Fshowbizstar.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1683042182455&bpp=1&bdt=452&idt=274&shv=r20230426&mjsv=m202304260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280&nras=1&correlator=913133703214&frm=20&pv=1&ga_vid=1354988519.1683042183&ga_sid=1683042183&ga_hid=1240913754&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1045&ady=3543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44773809%2C44759842%2C44759927%2C44759876%2C44788441%2C44789761%2C44790154&oid=2&pvsid=3649869842442817&tmod=1750032204&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=IfZ7UgshdH&p=http%3A//showbizstar.ru&dtd=277
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e64c296ec03016c7f655e77f99d655a71e2e98a4dc3613774c2a92fac79b77b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 05:09:06 GMT
x-content-type-options
nosniff
age
556437
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36430
x-xss-protection
0
last-modified
Mon, 24 Apr 2023 16:54:05 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 25 Apr 2024 05:09:06 GMT
truncated
/ Frame 5BAB
206 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 5BAB
209 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/ Frame 5BAB
22 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8046275555674737&output=html&h=600&slotname=2633685742&adk=3568234344&adf=2458861518&pi=t.ma~as.2633685742&w=300&fwrn=4&fwrnh=100&lmt=1683042182&rafmt=1&format=300x600&url=http%3A%2F%2Fshowbizstar.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1683042182455&bpp=1&bdt=452&idt=274&shv=r20230426&mjsv=m202304260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280&nras=1&correlator=913133703214&frm=20&pv=1&ga_vid=1354988519.1683042183&ga_sid=1683042183&ga_hid=1240913754&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1045&ady=3543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44773809%2C44759842%2C44759927%2C44759876%2C44788441%2C44789761%2C44790154&oid=2&pvsid=3649869842442817&tmod=1750032204&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=IfZ7UgshdH&p=http%3A//showbizstar.ru&dtd=277
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ec81013fada9e239bb9d91316ba5cdfffaf0f7a1ea4220ae81c271db75b71a5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:12:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
1837
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8751
x-xss-protection
0
server
cafe
etag
8024400250147624166
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 May 2023 15:12:26 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 5BAB
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8046275555674737&output=html&h=600&slotname=2633685742&adk=3568234344&adf=2458861518&pi=t.ma~as.2633685742&w=300&fwrn=4&fwrnh=100&lmt=1683042182&rafmt=1&format=300x600&url=http%3A%2F%2Fshowbizstar.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1683042182455&bpp=1&bdt=452&idt=274&shv=r20230426&mjsv=m202304260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280&nras=1&correlator=913133703214&frm=20&pv=1&ga_vid=1354988519.1683042183&ga_sid=1683042183&ga_hid=1240913754&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1045&ady=3543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44773809%2C44759842%2C44759927%2C44759876%2C44788441%2C44789761%2C44790154&oid=2&pvsid=3649869842442817&tmod=1750032204&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=IfZ7UgshdH&p=http%3A//showbizstar.ru&dtd=277
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 14:39:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
3813
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 May 2023 14:39:30 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 5BAB
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8046275555674737&output=html&h=600&slotname=2633685742&adk=3568234344&adf=2458861518&pi=t.ma~as.2633685742&w=300&fwrn=4&fwrnh=100&lmt=1683042182&rafmt=1&format=300x600&url=http%3A%2F%2Fshowbizstar.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1683042182455&bpp=1&bdt=452&idt=274&shv=r20230426&mjsv=m202304260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280&nras=1&correlator=913133703214&frm=20&pv=1&ga_vid=1354988519.1683042183&ga_sid=1683042183&ga_hid=1240913754&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1045&ady=3543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44773809%2C44759842%2C44759927%2C44759876%2C44788441%2C44789761%2C44790154&oid=2&pvsid=3649869842442817&tmod=1750032204&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=IfZ7UgshdH&p=http%3A//showbizstar.ru&dtd=277
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 09:20:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
22956
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7966
x-xss-protection
0
server
cafe
etag
10783182253924109600
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 May 2023 09:20:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5BAB
160 KB
49 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8046275555674737&output=html&h=600&slotname=2633685742&adk=3568234344&adf=2458861518&pi=t.ma~as.2633685742&w=300&fwrn=4&fwrnh=100&lmt=1683042182&rafmt=1&format=300x600&url=http%3A%2F%2Fshowbizstar.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1683042182455&bpp=1&bdt=452&idt=274&shv=r20230426&mjsv=m202304260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280&nras=1&correlator=913133703214&frm=20&pv=1&ga_vid=1354988519.1683042183&ga_sid=1683042183&ga_hid=1240913754&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1045&ady=3543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44773809%2C44759842%2C44759927%2C44759876%2C44788441%2C44789761%2C44790154&oid=2&pvsid=3649869842442817&tmod=1750032204&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=IfZ7UgshdH&p=http%3A//showbizstar.ru&dtd=277
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dcef0a2eb37a3d8e32ddf11f664b3375a06980cf33792aa7bfb798b15cb646d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:43:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50021
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682940967289926"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 May 2023 15:43:03 GMT
dc885651c24f3a38cf2b2dda4c5c7197.js
www.gstatic.com/mysidia/ Frame 5BAB
32 KB
14 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/dc885651c24f3a38cf2b2dda4c5c7197.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8046275555674737&output=html&h=600&slotname=2633685742&adk=3568234344&adf=2458861518&pi=t.ma~as.2633685742&w=300&fwrn=4&fwrnh=100&lmt=1683042182&rafmt=1&format=300x600&url=http%3A%2F%2Fshowbizstar.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1683042182455&bpp=1&bdt=452&idt=274&shv=r20230426&mjsv=m202304260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280&nras=1&correlator=913133703214&frm=20&pv=1&ga_vid=1354988519.1683042183&ga_sid=1683042183&ga_hid=1240913754&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1045&ady=3543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44773809%2C44759842%2C44759927%2C44759876%2C44788441%2C44789761%2C44790154&oid=2&pvsid=3649869842442817&tmod=1750032204&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=IfZ7UgshdH&p=http%3A//showbizstar.ru&dtd=277
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14c77f954be37da1e7fba8efd1279e7ece7e384d33b8375d6e6a1ce013daaf47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 12:11:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12690
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13586
x-xss-protection
0
last-modified
Thu, 27 Apr 2023 20:09:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 31 Jul 2023 12:11:33 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 5995
12 KB
5 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZFEvhgALU3kK7ZaGAA1C8J1sDX67kuyCYlOt6Q&u=%7CcUQNteQ%2BFsPR3eLSQqMwTkSqlG%2BWzMPMMzcsNIWE4zs%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37ds0oDHxEuxeKn7Xrp6ainli_Cmw5dJSudhYAqTqyTVI_Npph_ZNnhbOLEbwPSW-4xKkJuuhPiTYEg4EGTSn7cl0ckksiVKBJ62_coml-HSzG7Uq0bBCT9N56OChMUcdGWUe5RAJPldtXNow-DGp6_Suk0YnJjubu5SxrI0htH_-AS0SbYgKcfE25GbQiYKfcNbQnI9m1GRFDCRs5HywPfOyXVOWH_ngswRmyhEAK_ZBxX9nDpf70qOoJHHSVBfv1Amu9Mx861o0leLSwgW3-P7C6zUkjrdzqJVRbOTDOJfiM7USCfsULS1BzP6XJyABy1AugIWAp8CToeSM5nz2Z1SUiqJFZy7yK5CIKB4b_Rhi1LB2bFViat6UQbboOruKJ7zGm0YpX9pEGkRlG7_qaqDTw76t2CREtedZJhXXYmNndt-blwdPtWIlGp85nFscpmUissbLf_moR4eGIV-bzrE81XGsQBAQysUdIwgzfPvPUGrrARbMKHtrWko71pvTJj-JUCKRLguGKC6uorHZ7haa2YeZ299V06O6ObAj0EbiieVlFAnW6_WI2WrOxR9CGUYy557HyXj0O4kZKMF-upQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeaAChi9RZPmmLYattgfwhbXIAcme0rFczeGS93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODA0NjI3NTU1NTY3NDczN8gBCakCuEm_tTNnsj6oAwGqBL0BT9CnFK4lpXXEAJG-PBoD3RlHE79jkKBzpduKMXwYIK6nTuO1gcR725__qa6wvuZqUHwtAZhOoMZhqX5Pmo_XkxdwC1XanowzjXr_Boez3o5cA13wJ3UEyRqKY09DKWUEbYsm0U6bBAqS1VCCnnduwofw0r9UmWqWjav_YG0YooTgrH1aJ5HoG9fI5nQXybHFDlNAzbpFYRON5iIkatCvWmTiLs8Xugy_oJ8EzIXPJ_krBbC9361w4qIk7A-AgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1fWb83hculzH81oohMekwgcs1dCw%26client%3Dca-pub-8046275555674737%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:43:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
424769
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yo4ja85Ku2Wwo9IgekVLPjcRtc4gPnKEUMoBiNMPj70pI2vg0OMi8N1%2FiXsHsTKSR5KAfwrufjyagRd2eq6c3W0DytydkcOX2rwEjTJSwfeQurR%2F6qMANUk%2Bsx2AieGRGZnCH%2Fnx255oN%2F5%2BPEEga3Bn"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c1160adcb45927d-FRA
expires
Sun, 21 Apr 2024 15:43:03 GMT
animejs.js
static.criteo.net/animejs/ Frame 5995
12 KB
6 KB
Script
General
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZFEvhgALU3kK7ZaGAA1C8J1sDX67kuyCYlOt6Q&u=%7CcUQNteQ%2BFsPR3eLSQqMwTkSqlG%2BWzMPMMzcsNIWE4zs%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37ds0oDHxEuxeKn7Xrp6ainli_Cmw5dJSudhYAqTqyTVI_Npph_ZNnhbOLEbwPSW-4xKkJuuhPiTYEg4EGTSn7cl0ckksiVKBJ62_coml-HSzG7Uq0bBCT9N56OChMUcdGWUe5RAJPldtXNow-DGp6_Suk0YnJjubu5SxrI0htH_-AS0SbYgKcfE25GbQiYKfcNbQnI9m1GRFDCRs5HywPfOyXVOWH_ngswRmyhEAK_ZBxX9nDpf70qOoJHHSVBfv1Amu9Mx861o0leLSwgW3-P7C6zUkjrdzqJVRbOTDOJfiM7USCfsULS1BzP6XJyABy1AugIWAp8CToeSM5nz2Z1SUiqJFZy7yK5CIKB4b_Rhi1LB2bFViat6UQbboOruKJ7zGm0YpX9pEGkRlG7_qaqDTw76t2CREtedZJhXXYmNndt-blwdPtWIlGp85nFscpmUissbLf_moR4eGIV-bzrE81XGsQBAQysUdIwgzfPvPUGrrARbMKHtrWko71pvTJj-JUCKRLguGKC6uorHZ7haa2YeZ299V06O6ObAj0EbiieVlFAnW6_WI2WrOxR9CGUYy557HyXj0O4kZKMF-upQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeaAChi9RZPmmLYattgfwhbXIAcme0rFczeGS93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODA0NjI3NTU1NTY3NDczN8gBCakCuEm_tTNnsj6oAwGqBL0BT9CnFK4lpXXEAJG-PBoD3RlHE79jkKBzpduKMXwYIK6nTuO1gcR725__qa6wvuZqUHwtAZhOoMZhqX5Pmo_XkxdwC1XanowzjXr_Boez3o5cA13wJ3UEyRqKY09DKWUEbYsm0U6bBAqS1VCCnnduwofw0r9UmWqWjav_YG0YooTgrH1aJ5HoG9fI5nQXybHFDlNAzbpFYRON5iIkatCvWmTiLs8Xugy_oJ8EzIXPJ_krBbC9361w4qIk7A-AgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1fWb83hculzH81oohMekwgcs1dCw%26client%3Dca-pub-8046275555674737%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:43:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 26 Apr 2024 15:43:03 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5995
15 KB
15 KB
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=800&m=0&partner=915&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F16%2F16111367MO_14_F.JPG&v=3&w=800&s=a44HdszreB_KvkOLDPhlKsY4&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZFEvhgALU3kK7ZaGAA1C8J1sDX67kuyCYlOt6Q&u=%7CcUQNteQ%2BFsPR3eLSQqMwTkSqlG%2BWzMPMMzcsNIWE4zs%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37ds0oDHxEuxeKn7Xrp6ainli_Cmw5dJSudhYAqTqyTVI_Npph_ZNnhbOLEbwPSW-4xKkJuuhPiTYEg4EGTSn7cl0ckksiVKBJ62_coml-HSzG7Uq0bBCT9N56OChMUcdGWUe5RAJPldtXNow-DGp6_Suk0YnJjubu5SxrI0htH_-AS0SbYgKcfE25GbQiYKfcNbQnI9m1GRFDCRs5HywPfOyXVOWH_ngswRmyhEAK_ZBxX9nDpf70qOoJHHSVBfv1Amu9Mx861o0leLSwgW3-P7C6zUkjrdzqJVRbOTDOJfiM7USCfsULS1BzP6XJyABy1AugIWAp8CToeSM5nz2Z1SUiqJFZy7yK5CIKB4b_Rhi1LB2bFViat6UQbboOruKJ7zGm0YpX9pEGkRlG7_qaqDTw76t2CREtedZJhXXYmNndt-blwdPtWIlGp85nFscpmUissbLf_moR4eGIV-bzrE81XGsQBAQysUdIwgzfPvPUGrrARbMKHtrWko71pvTJj-JUCKRLguGKC6uorHZ7haa2YeZ299V06O6ObAj0EbiieVlFAnW6_WI2WrOxR9CGUYy557HyXj0O4kZKMF-upQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeaAChi9RZPmmLYattgfwhbXIAcme0rFczeGS93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODA0NjI3NTU1NTY3NDczN8gBCakCuEm_tTNnsj6oAwGqBL0BT9CnFK4lpXXEAJG-PBoD3RlHE79jkKBzpduKMXwYIK6nTuO1gcR725__qa6wvuZqUHwtAZhOoMZhqX5Pmo_XkxdwC1XanowzjXr_Boez3o5cA13wJ3UEyRqKY09DKWUEbYsm0U6bBAqS1VCCnnduwofw0r9UmWqWjav_YG0YooTgrH1aJ5HoG9fI5nQXybHFDlNAzbpFYRON5iIkatCvWmTiLs8Xugy_oJ8EzIXPJ_krBbC9361w4qIk7A-AgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1fWb83hculzH81oohMekwgcs1dCw%26client%3Dca-pub-8046275555674737%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
108d4173838f9a382cf7d7f380bc034375ad25d28ca4e5ff0e25898c21a29030
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:43:02 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
15546
expires
Tue, 02 Apr 2024 13:22:11 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5995
16 KB
16 KB
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=800&m=0&partner=915&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F16%2F16008048OQ_14_F.JPG&v=3&w=800&s=DwoWFA8C2afSilu0mQDv9uP-&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZFEvhgALU3kK7ZaGAA1C8J1sDX67kuyCYlOt6Q&u=%7CcUQNteQ%2BFsPR3eLSQqMwTkSqlG%2BWzMPMMzcsNIWE4zs%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37ds0oDHxEuxeKn7Xrp6ainli_Cmw5dJSudhYAqTqyTVI_Npph_ZNnhbOLEbwPSW-4xKkJuuhPiTYEg4EGTSn7cl0ckksiVKBJ62_coml-HSzG7Uq0bBCT9N56OChMUcdGWUe5RAJPldtXNow-DGp6_Suk0YnJjubu5SxrI0htH_-AS0SbYgKcfE25GbQiYKfcNbQnI9m1GRFDCRs5HywPfOyXVOWH_ngswRmyhEAK_ZBxX9nDpf70qOoJHHSVBfv1Amu9Mx861o0leLSwgW3-P7C6zUkjrdzqJVRbOTDOJfiM7USCfsULS1BzP6XJyABy1AugIWAp8CToeSM5nz2Z1SUiqJFZy7yK5CIKB4b_Rhi1LB2bFViat6UQbboOruKJ7zGm0YpX9pEGkRlG7_qaqDTw76t2CREtedZJhXXYmNndt-blwdPtWIlGp85nFscpmUissbLf_moR4eGIV-bzrE81XGsQBAQysUdIwgzfPvPUGrrARbMKHtrWko71pvTJj-JUCKRLguGKC6uorHZ7haa2YeZ299V06O6ObAj0EbiieVlFAnW6_WI2WrOxR9CGUYy557HyXj0O4kZKMF-upQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeaAChi9RZPmmLYattgfwhbXIAcme0rFczeGS93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODA0NjI3NTU1NTY3NDczN8gBCakCuEm_tTNnsj6oAwGqBL0BT9CnFK4lpXXEAJG-PBoD3RlHE79jkKBzpduKMXwYIK6nTuO1gcR725__qa6wvuZqUHwtAZhOoMZhqX5Pmo_XkxdwC1XanowzjXr_Boez3o5cA13wJ3UEyRqKY09DKWUEbYsm0U6bBAqS1VCCnnduwofw0r9UmWqWjav_YG0YooTgrH1aJ5HoG9fI5nQXybHFDlNAzbpFYRON5iIkatCvWmTiLs8Xugy_oJ8EzIXPJ_krBbC9361w4qIk7A-AgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1fWb83hculzH81oohMekwgcs1dCw%26client%3Dca-pub-8046275555674737%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a440695e0a007d2ca741bbae89df69d572544c20f3da597531c42b4a856474d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:43:02 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
16066
expires
Wed, 03 Apr 2024 16:02:48 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5995
6 KB
6 KB
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=800&m=0&partner=915&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F17%2F17520809DP_14_F.JPG&v=3&w=800&s=i4Cg1fjh6YmiXzn7W6L4pJZ-&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZFEvhgALU3kK7ZaGAA1C8J1sDX67kuyCYlOt6Q&u=%7CcUQNteQ%2BFsPR3eLSQqMwTkSqlG%2BWzMPMMzcsNIWE4zs%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37ds0oDHxEuxeKn7Xrp6ainli_Cmw5dJSudhYAqTqyTVI_Npph_ZNnhbOLEbwPSW-4xKkJuuhPiTYEg4EGTSn7cl0ckksiVKBJ62_coml-HSzG7Uq0bBCT9N56OChMUcdGWUe5RAJPldtXNow-DGp6_Suk0YnJjubu5SxrI0htH_-AS0SbYgKcfE25GbQiYKfcNbQnI9m1GRFDCRs5HywPfOyXVOWH_ngswRmyhEAK_ZBxX9nDpf70qOoJHHSVBfv1Amu9Mx861o0leLSwgW3-P7C6zUkjrdzqJVRbOTDOJfiM7USCfsULS1BzP6XJyABy1AugIWAp8CToeSM5nz2Z1SUiqJFZy7yK5CIKB4b_Rhi1LB2bFViat6UQbboOruKJ7zGm0YpX9pEGkRlG7_qaqDTw76t2CREtedZJhXXYmNndt-blwdPtWIlGp85nFscpmUissbLf_moR4eGIV-bzrE81XGsQBAQysUdIwgzfPvPUGrrARbMKHtrWko71pvTJj-JUCKRLguGKC6uorHZ7haa2YeZ299V06O6ObAj0EbiieVlFAnW6_WI2WrOxR9CGUYy557HyXj0O4kZKMF-upQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeaAChi9RZPmmLYattgfwhbXIAcme0rFczeGS93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODA0NjI3NTU1NTY3NDczN8gBCakCuEm_tTNnsj6oAwGqBL0BT9CnFK4lpXXEAJG-PBoD3RlHE79jkKBzpduKMXwYIK6nTuO1gcR725__qa6wvuZqUHwtAZhOoMZhqX5Pmo_XkxdwC1XanowzjXr_Boez3o5cA13wJ3UEyRqKY09DKWUEbYsm0U6bBAqS1VCCnnduwofw0r9UmWqWjav_YG0YooTgrH1aJ5HoG9fI5nQXybHFDlNAzbpFYRON5iIkatCvWmTiLs8Xugy_oJ8EzIXPJ_krBbC9361w4qIk7A-AgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1fWb83hculzH81oohMekwgcs1dCw%26client%3Dca-pub-8046275555674737%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d9d7a127e58c45ac16c95f2635500671e9b93bd932361f0dedeb085354d2d422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:43:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
6324
expires
Tue, 23 Apr 2024 11:22:29 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5995
110 KB
110 KB
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=915&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F915%2F230403%2F22a9cb179f624f09a3e1c5bd28aef15b_img_horizontal_1.jpg&v=3&w=1200&s=KQnj1X8gm47ac8JCmZLg3JjE
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZFEvhgALU3kK7ZaGAA1C8J1sDX67kuyCYlOt6Q&u=%7CcUQNteQ%2BFsPR3eLSQqMwTkSqlG%2BWzMPMMzcsNIWE4zs%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37ds0oDHxEuxeKn7Xrp6ainli_Cmw5dJSudhYAqTqyTVI_Npph_ZNnhbOLEbwPSW-4xKkJuuhPiTYEg4EGTSn7cl0ckksiVKBJ62_coml-HSzG7Uq0bBCT9N56OChMUcdGWUe5RAJPldtXNow-DGp6_Suk0YnJjubu5SxrI0htH_-AS0SbYgKcfE25GbQiYKfcNbQnI9m1GRFDCRs5HywPfOyXVOWH_ngswRmyhEAK_ZBxX9nDpf70qOoJHHSVBfv1Amu9Mx861o0leLSwgW3-P7C6zUkjrdzqJVRbOTDOJfiM7USCfsULS1BzP6XJyABy1AugIWAp8CToeSM5nz2Z1SUiqJFZy7yK5CIKB4b_Rhi1LB2bFViat6UQbboOruKJ7zGm0YpX9pEGkRlG7_qaqDTw76t2CREtedZJhXXYmNndt-blwdPtWIlGp85nFscpmUissbLf_moR4eGIV-bzrE81XGsQBAQysUdIwgzfPvPUGrrARbMKHtrWko71pvTJj-JUCKRLguGKC6uorHZ7haa2YeZ299V06O6ObAj0EbiieVlFAnW6_WI2WrOxR9CGUYy557HyXj0O4kZKMF-upQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeaAChi9RZPmmLYattgfwhbXIAcme0rFczeGS93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODA0NjI3NTU1NTY3NDczN8gBCakCuEm_tTNnsj6oAwGqBL0BT9CnFK4lpXXEAJG-PBoD3RlHE79jkKBzpduKMXwYIK6nTuO1gcR725__qa6wvuZqUHwtAZhOoMZhqX5Pmo_XkxdwC1XanowzjXr_Boez3o5cA13wJ3UEyRqKY09DKWUEbYsm0U6bBAqS1VCCnnduwofw0r9UmWqWjav_YG0YooTgrH1aJ5HoG9fI5nQXybHFDlNAzbpFYRON5iIkatCvWmTiLs8Xugy_oJ8EzIXPJ_krBbC9361w4qIk7A-AgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1fWb83hculzH81oohMekwgcs1dCw%26client%3Dca-pub-8046275555674737%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
86423a6ca95e0453e3411953509af199ad1504fb91cc13b567021e7abeed683c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:43:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
112136
expires
Thu, 28 Mar 2024 12:44:43 GMT
all
csm.eu.criteo.net/ Frame 5995
0
128 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=Rumj1F1dNOfLt25_fLCD8kDlYqSTgcNZJBFszBgd9Zng2LDISXLvgXSVWwHVcEZG8q5TigdTPHREuDG_modpcO5wYHcLFNMbanZOsNxOKDxYcMQkpq9UOsDbxNPg-mTprKOF0pr90HstPG8Q8u2lGYURHvBxa4TsSHmboP9vsWdQqM3RJ08Hs6DaL_z9zcjA3_5b28OhQecqMnVsOSNJ7eG1ByQasJO7vATmi3Z37XHZlUbsY6cDNX3_HRwR8-G3_YgcTQ&sds=2&rev=86118&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZFEvhgALU3kK7ZaGAA1C8J1sDX67kuyCYlOt6Q&u=%7CcUQNteQ%2BFsPR3eLSQqMwTkSqlG%2BWzMPMMzcsNIWE4zs%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37ds0oDHxEuxeKn7Xrp6ainli_Cmw5dJSudhYAqTqyTVI_Npph_ZNnhbOLEbwPSW-4xKkJuuhPiTYEg4EGTSn7cl0ckksiVKBJ62_coml-HSzG7Uq0bBCT9N56OChMUcdGWUe5RAJPldtXNow-DGp6_Suk0YnJjubu5SxrI0htH_-AS0SbYgKcfE25GbQiYKfcNbQnI9m1GRFDCRs5HywPfOyXVOWH_ngswRmyhEAK_ZBxX9nDpf70qOoJHHSVBfv1Amu9Mx861o0leLSwgW3-P7C6zUkjrdzqJVRbOTDOJfiM7USCfsULS1BzP6XJyABy1AugIWAp8CToeSM5nz2Z1SUiqJFZy7yK5CIKB4b_Rhi1LB2bFViat6UQbboOruKJ7zGm0YpX9pEGkRlG7_qaqDTw76t2CREtedZJhXXYmNndt-blwdPtWIlGp85nFscpmUissbLf_moR4eGIV-bzrE81XGsQBAQysUdIwgzfPvPUGrrARbMKHtrWko71pvTJj-JUCKRLguGKC6uorHZ7haa2YeZ299V06O6ObAj0EbiieVlFAnW6_WI2WrOxR9CGUYy557HyXj0O4kZKMF-upQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeaAChi9RZPmmLYattgfwhbXIAcme0rFczeGS93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODA0NjI3NTU1NTY3NDczN8gBCakCuEm_tTNnsj6oAwGqBL0BT9CnFK4lpXXEAJG-PBoD3RlHE79jkKBzpduKMXwYIK6nTuO1gcR725__qa6wvuZqUHwtAZhOoMZhqX5Pmo_XkxdwC1XanowzjXr_Boez3o5cA13wJ3UEyRqKY09DKWUEbYsm0U6bBAqS1VCCnnduwofw0r9UmWqWjav_YG0YooTgrH1aJ5HoG9fI5nQXybHFDlNAzbpFYRON5iIkatCvWmTiLs8Xugy_oJ8EzIXPJ_krBbC9361w4qIk7A-AgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1fWb83hculzH81oohMekwgcs1dCw%26client%3Dca-pub-8046275555674737%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 02 May 2023 15:43:03 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 5995
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZFEvhgALU3kK7ZaGAA1C8J1sDX67kuyCYlOt6Q&u=%7CcUQNteQ%2BFsPR3eLSQqMwTkSqlG%2BWzMPMMzcsNIWE4zs%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37ds0oDHxEuxeKn7Xrp6ainli_Cmw5dJSudhYAqTqyTVI_Npph_ZNnhbOLEbwPSW-4xKkJuuhPiTYEg4EGTSn7cl0ckksiVKBJ62_coml-HSzG7Uq0bBCT9N56OChMUcdGWUe5RAJPldtXNow-DGp6_Suk0YnJjubu5SxrI0htH_-AS0SbYgKcfE25GbQiYKfcNbQnI9m1GRFDCRs5HywPfOyXVOWH_ngswRmyhEAK_ZBxX9nDpf70qOoJHHSVBfv1Amu9Mx861o0leLSwgW3-P7C6zUkjrdzqJVRbOTDOJfiM7USCfsULS1BzP6XJyABy1AugIWAp8CToeSM5nz2Z1SUiqJFZy7yK5CIKB4b_Rhi1LB2bFViat6UQbboOruKJ7zGm0YpX9pEGkRlG7_qaqDTw76t2CREtedZJhXXYmNndt-blwdPtWIlGp85nFscpmUissbLf_moR4eGIV-bzrE81XGsQBAQysUdIwgzfPvPUGrrARbMKHtrWko71pvTJj-JUCKRLguGKC6uorHZ7haa2YeZ299V06O6ObAj0EbiieVlFAnW6_WI2WrOxR9CGUYy557HyXj0O4kZKMF-upQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeaAChi9RZPmmLYattgfwhbXIAcme0rFczeGS93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODA0NjI3NTU1NTY3NDczN8gBCakCuEm_tTNnsj6oAwGqBL0BT9CnFK4lpXXEAJG-PBoD3RlHE79jkKBzpduKMXwYIK6nTuO1gcR725__qa6wvuZqUHwtAZhOoMZhqX5Pmo_XkxdwC1XanowzjXr_Boez3o5cA13wJ3UEyRqKY09DKWUEbYsm0U6bBAqS1VCCnnduwofw0r9UmWqWjav_YG0YooTgrH1aJ5HoG9fI5nQXybHFDlNAzbpFYRON5iIkatCvWmTiLs8Xugy_oJ8EzIXPJ_krBbC9361w4qIk7A-AgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1fWb83hculzH81oohMekwgcs1dCw%26client%3Dca-pub-8046275555674737%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:43:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 26 Apr 2024 15:43:03 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 5995
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZFEvhgALU3kK7ZaGAA1C8J1sDX67kuyCYlOt6Q&u=%7CcUQNteQ%2BFsPR3eLSQqMwTkSqlG%2BWzMPMMzcsNIWE4zs%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37ds0oDHxEuxeKn7Xrp6ainli_Cmw5dJSudhYAqTqyTVI_Npph_ZNnhbOLEbwPSW-4xKkJuuhPiTYEg4EGTSn7cl0ckksiVKBJ62_coml-HSzG7Uq0bBCT9N56OChMUcdGWUe5RAJPldtXNow-DGp6_Suk0YnJjubu5SxrI0htH_-AS0SbYgKcfE25GbQiYKfcNbQnI9m1GRFDCRs5HywPfOyXVOWH_ngswRmyhEAK_ZBxX9nDpf70qOoJHHSVBfv1Amu9Mx861o0leLSwgW3-P7C6zUkjrdzqJVRbOTDOJfiM7USCfsULS1BzP6XJyABy1AugIWAp8CToeSM5nz2Z1SUiqJFZy7yK5CIKB4b_Rhi1LB2bFViat6UQbboOruKJ7zGm0YpX9pEGkRlG7_qaqDTw76t2CREtedZJhXXYmNndt-blwdPtWIlGp85nFscpmUissbLf_moR4eGIV-bzrE81XGsQBAQysUdIwgzfPvPUGrrARbMKHtrWko71pvTJj-JUCKRLguGKC6uorHZ7haa2YeZ299V06O6ObAj0EbiieVlFAnW6_WI2WrOxR9CGUYy557HyXj0O4kZKMF-upQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeaAChi9RZPmmLYattgfwhbXIAcme0rFczeGS93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODA0NjI3NTU1NTY3NDczN8gBCakCuEm_tTNnsj6oAwGqBL0BT9CnFK4lpXXEAJG-PBoD3RlHE79jkKBzpduKMXwYIK6nTuO1gcR725__qa6wvuZqUHwtAZhOoMZhqX5Pmo_XkxdwC1XanowzjXr_Boez3o5cA13wJ3UEyRqKY09DKWUEbYsm0U6bBAqS1VCCnnduwofw0r9UmWqWjav_YG0YooTgrH1aJ5HoG9fI5nQXybHFDlNAzbpFYRON5iIkatCvWmTiLs8Xugy_oJ8EzIXPJ_krBbC9361w4qIk7A-AgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1fWb83hculzH81oohMekwgcs1dCw%26client%3Dca-pub-8046275555674737%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:43:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 26 Apr 2024 15:43:03 GMT
truncated
/ Frame 696F
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9ecf36623d7ae48b3b1dda4f4d66966a2f062e2b754fd79d0fa63f8898947837

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
montserrat-400.css
static.criteo.net/design/googlefont/montserrat/ Frame 5995
2 KB
803 B
Stylesheet
General
Full URL
https://static.criteo.net/design/googlefont/montserrat/montserrat-400.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a81d25118c6f7d835e9ca132b995b8aca46e3575ee4ab2136ab96ac8d5e4688b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:43:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:06:54 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391ef7e-675"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 26 Apr 2024 15:43:03 GMT
montserrat-700.css
static.criteo.net/design/googlefont/montserrat/ Frame 5995
2 KB
803 B
Stylesheet
General
Full URL
https://static.criteo.net/design/googlefont/montserrat/montserrat-700.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
77a44f65bb6894c92e3c7ccab98de0fc357172221cc1dd45949ab938c0c7756a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:43:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:06:55 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391ef7f-675"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 26 Apr 2024 15:43:03 GMT
truncated
/ Frame 5BAB
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
09df6a6552e9ec0a635e7122ccc7d4c99ae36176c1c84ed34bda715ce29b0695

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
montserrat-400-latin.woff2
static.criteo.net/design/googlefont/montserrat/ Frame 5995
12 KB
13 KB
Font
General
Full URL
https://static.criteo.net/design/googlefont/montserrat/montserrat-400-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/montserrat/montserrat-400.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
5f9376c77618bf0ef43bcabf8228c9e2befde3731087b944e140a88c34066873
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/montserrat/montserrat-400.css
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:43:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:06:54 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391ef7e-31a4"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 26 Apr 2024 15:43:03 GMT
montserrat-700-latin.woff2
static.criteo.net/design/googlefont/montserrat/ Frame 5995
13 KB
13 KB
Font
General
Full URL
https://static.criteo.net/design/googlefont/montserrat/montserrat-700-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/montserrat/montserrat-700.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
28f403366c2c520bfff7d5a0883f1d53e1e87ba1c8202f3f29e6395a0b66806d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/montserrat/montserrat-700.css
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:43:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:06:55 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391ef7f-3230"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 26 Apr 2024 15:43:03 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame 5BAB
29 KB
29 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 22:26:30 GMT
x-content-type-options
nosniff
age
234993
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29728
x-xss-protection
0
last-modified
Mon, 03 Apr 2023 16:59:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 22:26:30 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304260101/
148 KB
50 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304260101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8046275555674737&plah=showbizstar.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3064985f885077e29c807522c002a661513396d58bdc3c1d4f21052812326d85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://showbizstar.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:43:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51489
x-xss-protection
0
server
cafe
etag
11101195180575534530
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 02 May 2023 15:43:03 GMT
C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js
pagead2.googlesyndication.com/bg/ Frame AB32
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8046275555674737&output=html&h=600&slotname=2633685742&adk=3568234344&adf=2458861518&pi=t.ma~as.2633685742&w=300&fwrn=4&fwrnh=100&lmt=1683042182&rafmt=1&format=300x600&url=http%3A%2F%2Fshowbizstar.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1683042182455&bpp=1&bdt=452&idt=274&shv=r20230426&mjsv=m202304260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280&nras=1&correlator=913133703214&frm=20&pv=1&ga_vid=1354988519.1683042183&ga_sid=1683042183&ga_hid=1240913754&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1045&ady=3543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44773809%2C44759842%2C44759927%2C44759876%2C44788441%2C44789761%2C44790154&oid=2&pvsid=3649869842442817&tmod=1750032204&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=IfZ7UgshdH&p=http%3A//showbizstar.ru&dtd=277
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b91400591617ff92c9fc737a11b29e3a82e22403987b29811432e1b700371e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 20:12:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
502234
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14118
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Apr 2024 20:12:29 GMT
integrator.js
adservice.google.de/adsid/
107 B
165 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=showbizstar.ru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8046275555674737&plah=showbizstar.ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://showbizstar.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:43:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
165 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=showbizstar.ru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8046275555674737&plah=showbizstar.ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://showbizstar.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:43:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/ Frame A00D
10 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8046275555674737&plah=showbizstar.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://showbizstar.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
32114
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4549
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 May 2023 06:47:49 GMT
etag
2378337311435320485
expires
Tue, 16 May 2023 06:47:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/ Frame F3A4
10 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8046275555674737&plah=showbizstar.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://showbizstar.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
32114
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4549
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 May 2023 06:47:49 GMT
etag
2378337311435320485
expires
Tue, 16 May 2023 06:47:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/ Frame EBB0
10 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8046275555674737&plah=showbizstar.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://showbizstar.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
32114
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4549
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 May 2023 06:47:49 GMT
etag
2378337311435320485
expires
Tue, 16 May 2023 06:47:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame 6099
176 KB
54 KB
Document
General
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZFEvhgALPEUK7erIAADcP-Z9wJCDX1bmJARyEQ&u=%7CcUQNteQ%2BFsPJGMOu8r3xWqschXUhf91gxSR%2Fcs5bzHE%3D%7C&c1=TEbw32HdmhlTb08vzaRE0-J3aJQULXRb6S19EAZ80X2gBTzv4Dq5xMxb2AiDpyinZYbjjDWoUakywjYenlSNcek6oZZCdZfoDcjY8GnP4pBllRv5p2m4U889pTFlmwvpJ0ZuHwAdZap1qmw8jzxUmNiVQWwBpn8QgDdIySWhf0fuzGumWH5In-PgvAT1R55FVxMkYkS2R39GCFceY94BQXZgV_kSW8f0wBqdfBrZQPLnyLnRw-Qo5f_4pSdY5d2xjPZdoTl6NF0q2RssMlPLhL7UBut5EGL1fx2mo9EP_YrijzDPckfpCcAGPI-CR5Qc2Tjkv4P_uPJSVuyfzmcgeTafi6XTGo0iURXWMaJdUlEVfIT1tA6mKN7j4Q-iVjoXQM_DpjCrBOKSIcl6Ke6aSIt8_qgYW-gsvtAEfpyt0IBuozv30b-G9i_b4_rPFNkPk8szWY8GRLh-kXtxacpn4Bmjsy9N63_XPR9WIGsQmjLgP2U7eiCkf0XL5ohAApGESTkYDFUhSHnxeSXMUljLAo8bDkH8kgmxk3OBXUueuLXYE-9LZoeDATCtvFUu37HYd0m34PtuLvwFjKP6Ll25mOoMA4DCF3MkP2um3Gs2ttJfaxfjRhI8tcgBtdgd0Xdv&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm8e8hi9RZMX4LMjVtwe_uIOQD8me0rFcjfDi1pMBwI23ARABIABgleKQgqAHggEXY2EtcHViLTgwNDYyNzU1NTU2NzQ3MzfIAQmpArhJv7UzZ7I-qAMBqgS8AU_QmGzyd4PbXmPT7FqqCPvIy2nh46q5ZhW_x5aY4Y0A8l-X8dYQPuVsayxEWLQpvSEKHmPXcz943NNEPElLxuL0wM3clCnXWz2kd_x5wSeYcLPUI8JJ5Mj8WIsV_YLPbnqAQS9_7hK_MliUilahan8vAm3hS9tcI4pJUeuZoPmV6c6XEPWv060EuHUeV8kxGMJJL804gGMUkMnTYNpnCOvSxugVzqXX4gNY5KdhPrBcm1TkbVPRC5wtXqqdgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1-KCxNJ-LerkFBzmGqTbI39oPYTQ%26client%3Dca-pub-8046275555674737%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4c6d0852e50ee0a548650e749858af9b0e5154a463f5c0e60839efb931e8dc45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Tue, 02 May 2023 15:43:03 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=1H5LyV1dNOfLt25_1NolGFVGWPqCE2PwhjrY1qu_6qLUP303K3LeOYr4j06IgvAhwEWTvRPZr4cJgvoGngEIu4ufDj76WlecdpQiPTi8_leqD6Zm10GLeWaTt72WILN0S216KAYzAwxunBlfoQbqC3QjzbkyD5EQNW43nKb9ri1GhVcO_aEnFLKLRCoqhRViaUzs6pqpLsUlP9dSm6QQie52lZwX4SK1qWYDdjNUE9YhskOwzJwHoR4FthKObyeSS5JhUw"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
67678987
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame A00D
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 14:39:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
3813
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 May 2023 14:39:30 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame A00D
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 09:20:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
22956
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7966
x-xss-protection
0
server
cafe
etag
10783182253924109600
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 May 2023 09:20:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A00D
160 KB
49 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dcef0a2eb37a3d8e32ddf11f664b3375a06980cf33792aa7bfb798b15cb646d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:43:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50021
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682940967289926"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 May 2023 15:43:03 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/ Frame F3A4
22 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ec81013fada9e239bb9d91316ba5cdfffaf0f7a1ea4220ae81c271db75b71a5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:12:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
1837
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8751
x-xss-protection
0
server
cafe
etag
8024400250147624166
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 May 2023 15:12:26 GMT
10687626274755950680
tpc.googlesyndication.com/simgad/ Frame F3A4
145 KB
145 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/10687626274755950680
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
846498b01abdb8f4be4e0806ff5144ca647e1ab278c570af13ffc9dafa345068
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 06:31:36 GMT
x-content-type-options
nosniff
age
292287
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
148440
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 15:39:35 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 28 Apr 2024 06:31:36 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame F3A4
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 14:39:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
3813
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 May 2023 14:39:30 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame F3A4
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 09:20:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
22956
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7966
x-xss-protection
0
server
cafe
etag
10783182253924109600
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 May 2023 09:20:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F3A4
160 KB
49 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dcef0a2eb37a3d8e32ddf11f664b3375a06980cf33792aa7bfb798b15cb646d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:43:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50021
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682940967289926"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 May 2023 15:43:03 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame F3A4
32 KB
13 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
19e108654cdad8d8c68a56b51a36b7412d0f1a5b3062d8f0dcef455e193fa324
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 22:12:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
63058
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13029
x-xss-protection
0
server
cafe
etag
10977537620671291280
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 15 May 2023 22:12:05 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame EEB5
624 B
245 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMvN-gEQ3_CHsQMYnIes5gEwAQ&v=APEucNXyHglAl3ibpHHlSNv6_nIs6eE1ORlmvg3YfHcCCQbfER95-BOUNH_uivTysxfpoI-oGcElNS_64ymelMusZI97BiawLpuvDXfsHPycfyGx0MMQmzFaCkEVH75FLAaVU_QyjpQ3mmxgzEGu1nKKhS6kbUMrwUTzeO0eWXBbjNFQHM4CUBo
Requested by
Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 May 2023 15:43:03 GMT
expires
Tue, 02 May 2023 15:43:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame FF05
78 KB
27 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:43:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28043
x-xss-protection
0
server
cafe
etag
15270303690107644053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 02 May 2023 15:43:03 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame FF05
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js
Requested by
Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 14:39:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
3813
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 May 2023 14:39:30 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame FF05
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 09:20:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
22956
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7966
x-xss-protection
0
server
cafe
etag
10783182253924109600
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 May 2023 09:20:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FF05
160 KB
49 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dcef0a2eb37a3d8e32ddf11f664b3375a06980cf33792aa7bfb798b15cb646d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:43:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50021
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682940967289926"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 May 2023 15:43:03 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FF05
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BLo_FQkAHaOQkZbLv9cT2nvevE5UhwyqT4BA_1szXfucJ9enSgNvkt4P3b_muOfYvn6vqqBzdYS28Ud5JlryGj8LGr8qNaUgDOyc9ixHe3S2Ik8qM
Requested by
Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 May 2023 15:43:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FF05
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=7146452841508732809&x=1&ct=119
Requested by
Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 May 2023 15:43:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame B8DD
143 B
166 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2011
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 May 2023 15:09:32 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
privacy_small.svg
static.criteo.net/flash/icon/ Frame 6099
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZFEvhgALPEUK7erIAADcP-Z9wJCDX1bmJARyEQ&u=%7CcUQNteQ%2BFsPJGMOu8r3xWqschXUhf91gxSR%2Fcs5bzHE%3D%7C&c1=TEbw32HdmhlTb08vzaRE0-J3aJQULXRb6S19EAZ80X2gBTzv4Dq5xMxb2AiDpyinZYbjjDWoUakywjYenlSNcek6oZZCdZfoDcjY8GnP4pBllRv5p2m4U889pTFlmwvpJ0ZuHwAdZap1qmw8jzxUmNiVQWwBpn8QgDdIySWhf0fuzGumWH5In-PgvAT1R55FVxMkYkS2R39GCFceY94BQXZgV_kSW8f0wBqdfBrZQPLnyLnRw-Qo5f_4pSdY5d2xjPZdoTl6NF0q2RssMlPLhL7UBut5EGL1fx2mo9EP_YrijzDPckfpCcAGPI-CR5Qc2Tjkv4P_uPJSVuyfzmcgeTafi6XTGo0iURXWMaJdUlEVfIT1tA6mKN7j4Q-iVjoXQM_DpjCrBOKSIcl6Ke6aSIt8_qgYW-gsvtAEfpyt0IBuozv30b-G9i_b4_rPFNkPk8szWY8GRLh-kXtxacpn4Bmjsy9N63_XPR9WIGsQmjLgP2U7eiCkf0XL5ohAApGESTkYDFUhSHnxeSXMUljLAo8bDkH8kgmxk3OBXUueuLXYE-9LZoeDATCtvFUu37HYd0m34PtuLvwFjKP6Ll25mOoMA4DCF3MkP2um3Gs2ttJfaxfjRhI8tcgBtdgd0Xdv&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm8e8hi9RZMX4LMjVtwe_uIOQD8me0rFcjfDi1pMBwI23ARABIABgleKQgqAHggEXY2EtcHViLTgwNDYyNzU1NTU2NzQ3MzfIAQmpArhJv7UzZ7I-qAMBqgS8AU_QmGzyd4PbXmPT7FqqCPvIy2nh46q5ZhW_x5aY4Y0A8l-X8dYQPuVsayxEWLQpvSEKHmPXcz943NNEPElLxuL0wM3clCnXWz2kd_x5wSeYcLPUI8JJ5Mj8WIsV_YLPbnqAQS9_7hK_MliUilahan8vAm3hS9tcI4pJUeuZoPmV6c6XEPWv060EuHUeV8kxGMJJL804gGMUkMnTYNpnCOvSxugVzqXX4gNY5KdhPrBcm1TkbVPRC5wtXqqdgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1-KCxNJ-LerkFBzmGqTbI39oPYTQ%26client%3Dca-pub-8046275555674737%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:43:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 26 Apr 2024 15:43:03 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 6099
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZFEvhgALPEUK7erIAADcP-Z9wJCDX1bmJARyEQ&u=%7CcUQNteQ%2BFsPJGMOu8r3xWqschXUhf91gxSR%2Fcs5bzHE%3D%7C&c1=TEbw32HdmhlTb08vzaRE0-J3aJQULXRb6S19EAZ80X2gBTzv4Dq5xMxb2AiDpyinZYbjjDWoUakywjYenlSNcek6oZZCdZfoDcjY8GnP4pBllRv5p2m4U889pTFlmwvpJ0ZuHwAdZap1qmw8jzxUmNiVQWwBpn8QgDdIySWhf0fuzGumWH5In-PgvAT1R55FVxMkYkS2R39GCFceY94BQXZgV_kSW8f0wBqdfBrZQPLnyLnRw-Qo5f_4pSdY5d2xjPZdoTl6NF0q2RssMlPLhL7UBut5EGL1fx2mo9EP_YrijzDPckfpCcAGPI-CR5Qc2Tjkv4P_uPJSVuyfzmcgeTafi6XTGo0iURXWMaJdUlEVfIT1tA6mKN7j4Q-iVjoXQM_DpjCrBOKSIcl6Ke6aSIt8_qgYW-gsvtAEfpyt0IBuozv30b-G9i_b4_rPFNkPk8szWY8GRLh-kXtxacpn4Bmjsy9N63_XPR9WIGsQmjLgP2U7eiCkf0XL5ohAApGESTkYDFUhSHnxeSXMUljLAo8bDkH8kgmxk3OBXUueuLXYE-9LZoeDATCtvFUu37HYd0m34PtuLvwFjKP6Ll25mOoMA4DCF3MkP2um3Gs2ttJfaxfjRhI8tcgBtdgd0Xdv&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm8e8hi9RZMX4LMjVtwe_uIOQD8me0rFcjfDi1pMBwI23ARABIABgleKQgqAHggEXY2EtcHViLTgwNDYyNzU1NTU2NzQ3MzfIAQmpArhJv7UzZ7I-qAMBqgS8AU_QmGzyd4PbXmPT7FqqCPvIy2nh46q5ZhW_x5aY4Y0A8l-X8dYQPuVsayxEWLQpvSEKHmPXcz943NNEPElLxuL0wM3clCnXWz2kd_x5wSeYcLPUI8JJ5Mj8WIsV_YLPbnqAQS9_7hK_MliUilahan8vAm3hS9tcI4pJUeuZoPmV6c6XEPWv060EuHUeV8kxGMJJL804gGMUkMnTYNpnCOvSxugVzqXX4gNY5KdhPrBcm1TkbVPRC5wtXqqdgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1-KCxNJ-LerkFBzmGqTbI39oPYTQ%26client%3Dca-pub-8046275555674737%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:43:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 26 Apr 2024 15:43:03 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 6099
308 B
636 B
Image
General
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZFEvhgALPEUK7erIAADcP-Z9wJCDX1bmJARyEQ&u=%7CcUQNteQ%2BFsPJGMOu8r3xWqschXUhf91gxSR%2Fcs5bzHE%3D%7C&c1=TEbw32HdmhlTb08vzaRE0-J3aJQULXRb6S19EAZ80X2gBTzv4Dq5xMxb2AiDpyinZYbjjDWoUakywjYenlSNcek6oZZCdZfoDcjY8GnP4pBllRv5p2m4U889pTFlmwvpJ0ZuHwAdZap1qmw8jzxUmNiVQWwBpn8QgDdIySWhf0fuzGumWH5In-PgvAT1R55FVxMkYkS2R39GCFceY94BQXZgV_kSW8f0wBqdfBrZQPLnyLnRw-Qo5f_4pSdY5d2xjPZdoTl6NF0q2RssMlPLhL7UBut5EGL1fx2mo9EP_YrijzDPckfpCcAGPI-CR5Qc2Tjkv4P_uPJSVuyfzmcgeTafi6XTGo0iURXWMaJdUlEVfIT1tA6mKN7j4Q-iVjoXQM_DpjCrBOKSIcl6Ke6aSIt8_qgYW-gsvtAEfpyt0IBuozv30b-G9i_b4_rPFNkPk8szWY8GRLh-kXtxacpn4Bmjsy9N63_XPR9WIGsQmjLgP2U7eiCkf0XL5ohAApGESTkYDFUhSHnxeSXMUljLAo8bDkH8kgmxk3OBXUueuLXYE-9LZoeDATCtvFUu37HYd0m34PtuLvwFjKP6Ll25mOoMA4DCF3MkP2um3Gs2ttJfaxfjRhI8tcgBtdgd0Xdv&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm8e8hi9RZMX4LMjVtwe_uIOQD8me0rFcjfDi1pMBwI23ARABIABgleKQgqAHggEXY2EtcHViLTgwNDYyNzU1NTU2NzQ3MzfIAQmpArhJv7UzZ7I-qAMBqgS8AU_QmGzyd4PbXmPT7FqqCPvIy2nh46q5ZhW_x5aY4Y0A8l-X8dYQPuVsayxEWLQpvSEKHmPXcz943NNEPElLxuL0wM3clCnXWz2kd_x5wSeYcLPUI8JJ5Mj8WIsV_YLPbnqAQS9_7hK_MliUilahan8vAm3hS9tcI4pJUeuZoPmV6c6XEPWv060EuHUeV8kxGMJJL804gGMUkMnTYNpnCOvSxugVzqXX4gNY5KdhPrBcm1TkbVPRC5wtXqqdgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1-KCxNJ-LerkFBzmGqTbI39oPYTQ%26client%3Dca-pub-8046275555674737%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:43:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Fri, 26 Apr 2024 15:43:03 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 6099
293 B
621 B
Image
General
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZFEvhgALPEUK7erIAADcP-Z9wJCDX1bmJARyEQ&u=%7CcUQNteQ%2BFsPJGMOu8r3xWqschXUhf91gxSR%2Fcs5bzHE%3D%7C&c1=TEbw32HdmhlTb08vzaRE0-J3aJQULXRb6S19EAZ80X2gBTzv4Dq5xMxb2AiDpyinZYbjjDWoUakywjYenlSNcek6oZZCdZfoDcjY8GnP4pBllRv5p2m4U889pTFlmwvpJ0ZuHwAdZap1qmw8jzxUmNiVQWwBpn8QgDdIySWhf0fuzGumWH5In-PgvAT1R55FVxMkYkS2R39GCFceY94BQXZgV_kSW8f0wBqdfBrZQPLnyLnRw-Qo5f_4pSdY5d2xjPZdoTl6NF0q2RssMlPLhL7UBut5EGL1fx2mo9EP_YrijzDPckfpCcAGPI-CR5Qc2Tjkv4P_uPJSVuyfzmcgeTafi6XTGo0iURXWMaJdUlEVfIT1tA6mKN7j4Q-iVjoXQM_DpjCrBOKSIcl6Ke6aSIt8_qgYW-gsvtAEfpyt0IBuozv30b-G9i_b4_rPFNkPk8szWY8GRLh-kXtxacpn4Bmjsy9N63_XPR9WIGsQmjLgP2U7eiCkf0XL5ohAApGESTkYDFUhSHnxeSXMUljLAo8bDkH8kgmxk3OBXUueuLXYE-9LZoeDATCtvFUu37HYd0m34PtuLvwFjKP6Ll25mOoMA4DCF3MkP2um3Gs2ttJfaxfjRhI8tcgBtdgd0Xdv&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm8e8hi9RZMX4LMjVtwe_uIOQD8me0rFcjfDi1pMBwI23ARABIABgleKQgqAHggEXY2EtcHViLTgwNDYyNzU1NTU2NzQ3MzfIAQmpArhJv7UzZ7I-qAMBqgS8AU_QmGzyd4PbXmPT7FqqCPvIy2nh46q5ZhW_x5aY4Y0A8l-X8dYQPuVsayxEWLQpvSEKHmPXcz943NNEPElLxuL0wM3clCnXWz2kd_x5wSeYcLPUI8JJ5Mj8WIsV_YLPbnqAQS9_7hK_MliUilahan8vAm3hS9tcI4pJUeuZoPmV6c6XEPWv060EuHUeV8kxGMJJL804gGMUkMnTYNpnCOvSxugVzqXX4gNY5KdhPrBcm1TkbVPRC5wtXqqdgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1-KCxNJ-LerkFBzmGqTbI39oPYTQ%26client%3Dca-pub-8046275555674737%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:43:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Fri, 26 Apr 2024 15:43:03 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 6099
43 B
347 B
Image
General
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=cIK5H7tN-RQUOohkDdd_K8QTT34jT94gB_B5zakmVxnHgO1mC792nHdd3QpqGZ3jjWU5198tyDhglB_CDCzTDcw6-kFwj8sMHtn0onoVxt53ldeghNiP0L3LxACYCIuCHebj9SJJPDXUrSolF7rE7KW9BgMDui_2SgPhal6DhL1l_141dnoldgrQZc9qc-ZH-e-oQSOe_VKNPQz_AOIQLkxfZcxFMAqP5pfaUiAkziwmgTtMFzk75PhjnDbrNX3KZmaWd0ZnhvIZZo2_2KUh3wIpvyV5hbrKMdFepgvMN_ouwOmxN3DZY-q1t77CSd-5cfQNelAjnRgkEbMwOdjb8ggWjb20TNQt8nm_2Ky0UqE2aG8tP-MUAgU2MaCliAeA-qU3dW5aNIPSeUkHrdjwl0Dasg8fFCzzgderayNcJpsACppB
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZFEvhgALPEUK7erIAADcP-Z9wJCDX1bmJARyEQ&u=%7CcUQNteQ%2BFsPJGMOu8r3xWqschXUhf91gxSR%2Fcs5bzHE%3D%7C&c1=TEbw32HdmhlTb08vzaRE0-J3aJQULXRb6S19EAZ80X2gBTzv4Dq5xMxb2AiDpyinZYbjjDWoUakywjYenlSNcek6oZZCdZfoDcjY8GnP4pBllRv5p2m4U889pTFlmwvpJ0ZuHwAdZap1qmw8jzxUmNiVQWwBpn8QgDdIySWhf0fuzGumWH5In-PgvAT1R55FVxMkYkS2R39GCFceY94BQXZgV_kSW8f0wBqdfBrZQPLnyLnRw-Qo5f_4pSdY5d2xjPZdoTl6NF0q2RssMlPLhL7UBut5EGL1fx2mo9EP_YrijzDPckfpCcAGPI-CR5Qc2Tjkv4P_uPJSVuyfzmcgeTafi6XTGo0iURXWMaJdUlEVfIT1tA6mKN7j4Q-iVjoXQM_DpjCrBOKSIcl6Ke6aSIt8_qgYW-gsvtAEfpyt0IBuozv30b-G9i_b4_rPFNkPk8szWY8GRLh-kXtxacpn4Bmjsy9N63_XPR9WIGsQmjLgP2U7eiCkf0XL5ohAApGESTkYDFUhSHnxeSXMUljLAo8bDkH8kgmxk3OBXUueuLXYE-9LZoeDATCtvFUu37HYd0m34PtuLvwFjKP6Ll25mOoMA4DCF3MkP2um3Gs2ttJfaxfjRhI8tcgBtdgd0Xdv&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm8e8hi9RZMX4LMjVtwe_uIOQD8me0rFcjfDi1pMBwI23ARABIABgleKQgqAHggEXY2EtcHViLTgwNDYyNzU1NTU2NzQ3MzfIAQmpArhJv7UzZ7I-qAMBqgS8AU_QmGzyd4PbXmPT7FqqCPvIy2nh46q5ZhW_x5aY4Y0A8l-X8dYQPuVsayxEWLQpvSEKHmPXcz943NNEPElLxuL0wM3clCnXWz2kd_x5wSeYcLPUI8JJ5Mj8WIsV_YLPbnqAQS9_7hK_MliUilahan8vAm3hS9tcI4pJUeuZoPmV6c6XEPWv060EuHUeV8kxGMJJL804gGMUkMnTYNpnCOvSxugVzqXX4gNY5KdhPrBcm1TkbVPRC5wtXqqdgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1-KCxNJ-LerkFBzmGqTbI39oPYTQ%26client%3Dca-pub-8046275555674737%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 May 2023 15:43:03 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1863085
expires
Mon, 26 Jul 1997 05:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 6099
12 KB
5 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZFEvhgALPEUK7erIAADcP-Z9wJCDX1bmJARyEQ&u=%7CcUQNteQ%2BFsPJGMOu8r3xWqschXUhf91gxSR%2Fcs5bzHE%3D%7C&c1=TEbw32HdmhlTb08vzaRE0-J3aJQULXRb6S19EAZ80X2gBTzv4Dq5xMxb2AiDpyinZYbjjDWoUakywjYenlSNcek6oZZCdZfoDcjY8GnP4pBllRv5p2m4U889pTFlmwvpJ0ZuHwAdZap1qmw8jzxUmNiVQWwBpn8QgDdIySWhf0fuzGumWH5In-PgvAT1R55FVxMkYkS2R39GCFceY94BQXZgV_kSW8f0wBqdfBrZQPLnyLnRw-Qo5f_4pSdY5d2xjPZdoTl6NF0q2RssMlPLhL7UBut5EGL1fx2mo9EP_YrijzDPckfpCcAGPI-CR5Qc2Tjkv4P_uPJSVuyfzmcgeTafi6XTGo0iURXWMaJdUlEVfIT1tA6mKN7j4Q-iVjoXQM_DpjCrBOKSIcl6Ke6aSIt8_qgYW-gsvtAEfpyt0IBuozv30b-G9i_b4_rPFNkPk8szWY8GRLh-kXtxacpn4Bmjsy9N63_XPR9WIGsQmjLgP2U7eiCkf0XL5ohAApGESTkYDFUhSHnxeSXMUljLAo8bDkH8kgmxk3OBXUueuLXYE-9LZoeDATCtvFUu37HYd0m34PtuLvwFjKP6Ll25mOoMA4DCF3MkP2um3Gs2ttJfaxfjRhI8tcgBtdgd0Xdv&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm8e8hi9RZMX4LMjVtwe_uIOQD8me0rFcjfDi1pMBwI23ARABIABgleKQgqAHggEXY2EtcHViLTgwNDYyNzU1NTU2NzQ3MzfIAQmpArhJv7UzZ7I-qAMBqgS8AU_QmGzyd4PbXmPT7FqqCPvIy2nh46q5ZhW_x5aY4Y0A8l-X8dYQPuVsayxEWLQpvSEKHmPXcz943NNEPElLxuL0wM3clCnXWz2kd_x5wSeYcLPUI8JJ5Mj8WIsV_YLPbnqAQS9_7hK_MliUilahan8vAm3hS9tcI4pJUeuZoPmV6c6XEPWv060EuHUeV8kxGMJJL804gGMUkMnTYNpnCOvSxugVzqXX4gNY5KdhPrBcm1TkbVPRC5wtXqqdgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1-KCxNJ-LerkFBzmGqTbI39oPYTQ%26client%3Dca-pub-8046275555674737%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:43:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
424769
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CZ3Jubf4WkuGjGq2Wwuw8%2FailzOedp3IGvTWDoSq87rVlL%2BdM4D48BGeYvMR9z9Bj%2Fi51VQAxO7eA2PlXSAwzW23xXG8LL%2FX%2FyYU5SMlUcNiGzlxfalBAwlBXanUJGwMP3JferGiyM9w8WGfxm1PdhXk"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c1160b17ed8927d-FRA
expires
Sun, 21 Apr 2024 15:43:03 GMT
animejs.js
static.criteo.net/animejs/ Frame 6099
12 KB
6 KB
Script
General
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZFEvhgALPEUK7erIAADcP-Z9wJCDX1bmJARyEQ&u=%7CcUQNteQ%2BFsPJGMOu8r3xWqschXUhf91gxSR%2Fcs5bzHE%3D%7C&c1=TEbw32HdmhlTb08vzaRE0-J3aJQULXRb6S19EAZ80X2gBTzv4Dq5xMxb2AiDpyinZYbjjDWoUakywjYenlSNcek6oZZCdZfoDcjY8GnP4pBllRv5p2m4U889pTFlmwvpJ0ZuHwAdZap1qmw8jzxUmNiVQWwBpn8QgDdIySWhf0fuzGumWH5In-PgvAT1R55FVxMkYkS2R39GCFceY94BQXZgV_kSW8f0wBqdfBrZQPLnyLnRw-Qo5f_4pSdY5d2xjPZdoTl6NF0q2RssMlPLhL7UBut5EGL1fx2mo9EP_YrijzDPckfpCcAGPI-CR5Qc2Tjkv4P_uPJSVuyfzmcgeTafi6XTGo0iURXWMaJdUlEVfIT1tA6mKN7j4Q-iVjoXQM_DpjCrBOKSIcl6Ke6aSIt8_qgYW-gsvtAEfpyt0IBuozv30b-G9i_b4_rPFNkPk8szWY8GRLh-kXtxacpn4Bmjsy9N63_XPR9WIGsQmjLgP2U7eiCkf0XL5ohAApGESTkYDFUhSHnxeSXMUljLAo8bDkH8kgmxk3OBXUueuLXYE-9LZoeDATCtvFUu37HYd0m34PtuLvwFjKP6Ll25mOoMA4DCF3MkP2um3Gs2ttJfaxfjRhI8tcgBtdgd0Xdv&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm8e8hi9RZMX4LMjVtwe_uIOQD8me0rFcjfDi1pMBwI23ARABIABgleKQgqAHggEXY2EtcHViLTgwNDYyNzU1NTU2NzQ3MzfIAQmpArhJv7UzZ7I-qAMBqgS8AU_QmGzyd4PbXmPT7FqqCPvIy2nh46q5ZhW_x5aY4Y0A8l-X8dYQPuVsayxEWLQpvSEKHmPXcz943NNEPElLxuL0wM3clCnXWz2kd_x5wSeYcLPUI8JJ5Mj8WIsV_YLPbnqAQS9_7hK_MliUilahan8vAm3hS9tcI4pJUeuZoPmV6c6XEPWv060EuHUeV8kxGMJJL804gGMUkMnTYNpnCOvSxugVzqXX4gNY5KdhPrBcm1TkbVPRC5wtXqqdgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1-KCxNJ-LerkFBzmGqTbI39oPYTQ%26client%3Dca-pub-8046275555674737%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:43:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 26 Apr 2024 15:43:03 GMT
rum
dsum-sec.casalemedia.com/ Frame EEB5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECLiF01rhXMiJcb3EplbdRo&google_cver=1
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECLiF01rhXMiJcb3EplbdRo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMvN-gEQ3_CHsQMYnIes5gEwAQ&v=APEucNXyHglAl3ibpHHlSNv6_nIs6eE1ORlmvg3YfHcCCQbfER95-BOUNH_uivTysxfpoI-oGcElNS_64ymelMusZI97BiawLpuvDXfsHPycfyGx0MMQmzFaCkEVH75FLAaVU_QyjpQ3mmxgzEGu1nKKhS6kbUMrwUTzeO0eWXBbjNFQHM4CUBo
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 May 2023 15:43:04 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 02 May 2023 15:43:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECLiF01rhXMiJcb3EplbdRo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame EEB5
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZFEvh.12LSE9NPxVh5auCgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECLiF01rhXMiJcb3EplbdRo&google_cver=1&google_hm=2
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECLiF01rhXMiJcb3EplbdRo&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMvN-gEQ3_CHsQMYnIes5gEwAQ&v=APEucNXyHglAl3ibpHHlSNv6_nIs6eE1ORlmvg3YfHcCCQbfER95-BOUNH_uivTysxfpoI-oGcElNS_64ymelMusZI97BiawLpuvDXfsHPycfyGx0MMQmzFaCkEVH75FLAaVU_QyjpQ3mmxgzEGu1nKKhS6kbUMrwUTzeO0eWXBbjNFQHM4CUBo
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 May 2023 15:43:04 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 02 May 2023 15:43:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECLiF01rhXMiJcb3EplbdRo&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame EEB5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESED-1Iar4g9F9wGMZkDex6EM&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESED-1Iar4g9F9wGMZkDex6EM%26google_cver%3D1
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESED-1Iar4g9F9wGMZkDex6EM%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMvN-gEQ3_CHsQMYnIes5gEwAQ&v=APEucNXyHglAl3ibpHHlSNv6_nIs6eE1ORlmvg3YfHcCCQbfER95-BOUNH_uivTysxfpoI-oGcElNS_64ymelMusZI97BiawLpuvDXfsHPycfyGx0MMQmzFaCkEVH75FLAaVU_QyjpQ3mmxgzEGu1nKKhS6kbUMrwUTzeO0eWXBbjNFQHM4CUBo
Protocol
HTTP/1.1
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 May 2023 15:43:04 GMT
AN-X-Request-Uuid
36bfda4e-e28a-448a-bd02-a2e97d73db68
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 02 May 2023 15:43:04 GMT
AN-X-Request-Uuid
fc6dee67-8afd-48b0-a2b9-667d777a8d6d
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESED-1Iar4g9F9wGMZkDex6EM%26google_cver%3D1
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EEB5
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE0MzA5Mjk2NTgzMTUyNDEyOQ%3D%3D
170 B
243 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE0MzA5Mjk2NTgzMTUyNDEyOQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMvN-gEQ3_CHsQMYnIes5gEwAQ&v=APEucNXyHglAl3ibpHHlSNv6_nIs6eE1ORlmvg3YfHcCCQbfER95-BOUNH_uivTysxfpoI-oGcElNS_64ymelMusZI97BiawLpuvDXfsHPycfyGx0MMQmzFaCkEVH75FLAaVU_QyjpQ3mmxgzEGu1nKKhS6kbUMrwUTzeO0eWXBbjNFQHM4CUBo
Protocol
H2
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 May 2023 15:43:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 02 May 2023 15:43:04 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
5afcfbba-a081-4718-9ae5-1420233c6610
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE0MzA5Mjk2NTgzMTUyNDEyOQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
all
csm.eu.criteo.net/ Frame 6099
0
127 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=1H5LyV1dNOfLt25_1NolGFVGWPqCE2PwhjrY1qu_6qLUP303K3LeOYr4j06IgvAhwEWTvRPZr4cJgvoGngEIu4ufDj76WlecdpQiPTi8_leqD6Zm10GLeWaTt72WILN0S216KAYzAwxunBlfoQbqC3QjzbkyD5EQNW43nKb9ri1GhVcO_aEnFLKLRCoqhRViaUzs6pqpLsUlP9dSm6QQie52lZwX4SK1qWYDdjNUE9YhskOwzJwHoR4FthKObyeSS5JhUw&sds=2&rev=86118&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZFEvhgALPEUK7erIAADcP-Z9wJCDX1bmJARyEQ&u=%7CcUQNteQ%2BFsPJGMOu8r3xWqschXUhf91gxSR%2Fcs5bzHE%3D%7C&c1=TEbw32HdmhlTb08vzaRE0-J3aJQULXRb6S19EAZ80X2gBTzv4Dq5xMxb2AiDpyinZYbjjDWoUakywjYenlSNcek6oZZCdZfoDcjY8GnP4pBllRv5p2m4U889pTFlmwvpJ0ZuHwAdZap1qmw8jzxUmNiVQWwBpn8QgDdIySWhf0fuzGumWH5In-PgvAT1R55FVxMkYkS2R39GCFceY94BQXZgV_kSW8f0wBqdfBrZQPLnyLnRw-Qo5f_4pSdY5d2xjPZdoTl6NF0q2RssMlPLhL7UBut5EGL1fx2mo9EP_YrijzDPckfpCcAGPI-CR5Qc2Tjkv4P_uPJSVuyfzmcgeTafi6XTGo0iURXWMaJdUlEVfIT1tA6mKN7j4Q-iVjoXQM_DpjCrBOKSIcl6Ke6aSIt8_qgYW-gsvtAEfpyt0IBuozv30b-G9i_b4_rPFNkPk8szWY8GRLh-kXtxacpn4Bmjsy9N63_XPR9WIGsQmjLgP2U7eiCkf0XL5ohAApGESTkYDFUhSHnxeSXMUljLAo8bDkH8kgmxk3OBXUueuLXYE-9LZoeDATCtvFUu37HYd0m34PtuLvwFjKP6Ll25mOoMA4DCF3MkP2um3Gs2ttJfaxfjRhI8tcgBtdgd0Xdv&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm8e8hi9RZMX4LMjVtwe_uIOQD8me0rFcjfDi1pMBwI23ARABIABgleKQgqAHggEXY2EtcHViLTgwNDYyNzU1NTU2NzQ3MzfIAQmpArhJv7UzZ7I-qAMBqgS8AU_QmGzyd4PbXmPT7FqqCPvIy2nh46q5ZhW_x5aY4Y0A8l-X8dYQPuVsayxEWLQpvSEKHmPXcz943NNEPElLxuL0wM3clCnXWz2kd_x5wSeYcLPUI8JJ5Mj8WIsV_YLPbnqAQS9_7hK_MliUilahan8vAm3hS9tcI4pJUeuZoPmV6c6XEPWv060EuHUeV8kxGMJJL804gGMUkMnTYNpnCOvSxugVzqXX4gNY5KdhPrBcm1TkbVPRC5wtXqqdgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1-KCxNJ-LerkFBzmGqTbI39oPYTQ%26client%3Dca-pub-8046275555674737%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 02 May 2023 15:43:03 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 6099
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZFEvhgALPEUK7erIAADcP-Z9wJCDX1bmJARyEQ&u=%7CcUQNteQ%2BFsPJGMOu8r3xWqschXUhf91gxSR%2Fcs5bzHE%3D%7C&c1=TEbw32HdmhlTb08vzaRE0-J3aJQULXRb6S19EAZ80X2gBTzv4Dq5xMxb2AiDpyinZYbjjDWoUakywjYenlSNcek6oZZCdZfoDcjY8GnP4pBllRv5p2m4U889pTFlmwvpJ0ZuHwAdZap1qmw8jzxUmNiVQWwBpn8QgDdIySWhf0fuzGumWH5In-PgvAT1R55FVxMkYkS2R39GCFceY94BQXZgV_kSW8f0wBqdfBrZQPLnyLnRw-Qo5f_4pSdY5d2xjPZdoTl6NF0q2RssMlPLhL7UBut5EGL1fx2mo9EP_YrijzDPckfpCcAGPI-CR5Qc2Tjkv4P_uPJSVuyfzmcgeTafi6XTGo0iURXWMaJdUlEVfIT1tA6mKN7j4Q-iVjoXQM_DpjCrBOKSIcl6Ke6aSIt8_qgYW-gsvtAEfpyt0IBuozv30b-G9i_b4_rPFNkPk8szWY8GRLh-kXtxacpn4Bmjsy9N63_XPR9WIGsQmjLgP2U7eiCkf0XL5ohAApGESTkYDFUhSHnxeSXMUljLAo8bDkH8kgmxk3OBXUueuLXYE-9LZoeDATCtvFUu37HYd0m34PtuLvwFjKP6Ll25mOoMA4DCF3MkP2um3Gs2ttJfaxfjRhI8tcgBtdgd0Xdv&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm8e8hi9RZMX4LMjVtwe_uIOQD8me0rFcjfDi1pMBwI23ARABIABgleKQgqAHggEXY2EtcHViLTgwNDYyNzU1NTU2NzQ3MzfIAQmpArhJv7UzZ7I-qAMBqgS8AU_QmGzyd4PbXmPT7FqqCPvIy2nh46q5ZhW_x5aY4Y0A8l-X8dYQPuVsayxEWLQpvSEKHmPXcz943NNEPElLxuL0wM3clCnXWz2kd_x5wSeYcLPUI8JJ5Mj8WIsV_YLPbnqAQS9_7hK_MliUilahan8vAm3hS9tcI4pJUeuZoPmV6c6XEPWv060EuHUeV8kxGMJJL804gGMUkMnTYNpnCOvSxugVzqXX4gNY5KdhPrBcm1TkbVPRC5wtXqqdgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1-KCxNJ-LerkFBzmGqTbI39oPYTQ%26client%3Dca-pub-8046275555674737%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:43:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 26 Apr 2024 15:43:03 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 6099
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZFEvhgALPEUK7erIAADcP-Z9wJCDX1bmJARyEQ&u=%7CcUQNteQ%2BFsPJGMOu8r3xWqschXUhf91gxSR%2Fcs5bzHE%3D%7C&c1=TEbw32HdmhlTb08vzaRE0-J3aJQULXRb6S19EAZ80X2gBTzv4Dq5xMxb2AiDpyinZYbjjDWoUakywjYenlSNcek6oZZCdZfoDcjY8GnP4pBllRv5p2m4U889pTFlmwvpJ0ZuHwAdZap1qmw8jzxUmNiVQWwBpn8QgDdIySWhf0fuzGumWH5In-PgvAT1R55FVxMkYkS2R39GCFceY94BQXZgV_kSW8f0wBqdfBrZQPLnyLnRw-Qo5f_4pSdY5d2xjPZdoTl6NF0q2RssMlPLhL7UBut5EGL1fx2mo9EP_YrijzDPckfpCcAGPI-CR5Qc2Tjkv4P_uPJSVuyfzmcgeTafi6XTGo0iURXWMaJdUlEVfIT1tA6mKN7j4Q-iVjoXQM_DpjCrBOKSIcl6Ke6aSIt8_qgYW-gsvtAEfpyt0IBuozv30b-G9i_b4_rPFNkPk8szWY8GRLh-kXtxacpn4Bmjsy9N63_XPR9WIGsQmjLgP2U7eiCkf0XL5ohAApGESTkYDFUhSHnxeSXMUljLAo8bDkH8kgmxk3OBXUueuLXYE-9LZoeDATCtvFUu37HYd0m34PtuLvwFjKP6Ll25mOoMA4DCF3MkP2um3Gs2ttJfaxfjRhI8tcgBtdgd0Xdv&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm8e8hi9RZMX4LMjVtwe_uIOQD8me0rFcjfDi1pMBwI23ARABIABgleKQgqAHggEXY2EtcHViLTgwNDYyNzU1NTU2NzQ3MzfIAQmpArhJv7UzZ7I-qAMBqgS8AU_QmGzyd4PbXmPT7FqqCPvIy2nh46q5ZhW_x5aY4Y0A8l-X8dYQPuVsayxEWLQpvSEKHmPXcz943NNEPElLxuL0wM3clCnXWz2kd_x5wSeYcLPUI8JJ5Mj8WIsV_YLPbnqAQS9_7hK_MliUilahan8vAm3hS9tcI4pJUeuZoPmV6c6XEPWv060EuHUeV8kxGMJJL804gGMUkMnTYNpnCOvSxugVzqXX4gNY5KdhPrBcm1TkbVPRC5wtXqqdgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1-KCxNJ-LerkFBzmGqTbI39oPYTQ%26client%3Dca-pub-8046275555674737%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:43:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 26 Apr 2024 15:43:03 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FF05
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3397626113560&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 May 2023 15:43:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FF05
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3397626113560&version=m202301230201&ct=119&x=1&cor=7146452841508733000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 May 2023 15:43:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame FF05
81 KB
34 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cwi0S36x11sqbjta2oA0cC0FGjmNLr7WXcNzog8AwrlLa-9Ogjun3vM0-q8axNEOeRCpNErNQ8X--YPqEjuJ9OJBWQz_s6Aq2ZG_tivqwaSPqch03bZdomBIp1js39niXYJxbs8VxTFigNp9y36iWw54YbGBfBstAXxDp2inIBRty6fQU&cry=1&dbm_d=AKAmf-Agy8--r2_-pex6YSDQmmG6MIxkgnjIFgarkFzIsByZSXcY1tbdH1QiUV4L-qn4_q5UP1LkzOpO2PKhVRwdorFHQttcqBrMlbhHhjO3iN2qRhrdURXUbHso-S2W8In-6TfWDRfiXHKsVR_Ulv3Qs0Xnm03v7XOndbvUfIYR7kPvwq1YxQkHisCuw3XCTQoIkoNJFBU_Q1ALDS-G-mN66m4UWbpMhVLHgQB2weBZs16sf2C7rc9t7UyCya0wHXzrxdx0EWoRVs5-Ir0Gv8Xw1NKiA7nPzheQ1GvislmktN6gtTdrqh_O4I8P99jjeq1KjqHQCFT4H_52wfwZ8JFAnAJKnhVwN-YiNw3KU7xaPB4PEoluCCNUB2WKcE4CtG_Ad_pv-0iRZd02-wsdwjqhm-yJhldy6PcPJJ5lXmrJDCq_iyWaIRd5-GVE6ynJ2vTYFj6oUJWj3dQpqhkhVYncGK7B6Z_2Ul9tjf5Fbo8-ue5Jyo4FLj1KUFw8zDMclkf4c26ZS7NNHdm5sPiHQSaEki09LdzT4IufgK06-QP32cVAGK1ORqcKejMO1t_QVM4adtmEwYJvSCnIIkimp-llTk4A1FNFPgu6adM_woMBC9j0z1meXivNF1E2H6WxW9r6FMYMmNgnkIlJZPkMyeT81OteA7GaP6a8PHIqpIk1CpA_dUwb_cbT0qK7r0bTH5TInJynFWLw1JO-LY8Fg4_YVMRlMaaCt4VlJwQ9nsl06vBmA7f6F_ujGYTPR8NyDgFC3pYIqoKGhPd17nTlnK98kJC_moIl6wljyJOidNuUz2hRevdTWMDzvojTOnlxSHTqSaARdNScAhEW5fCkMRDrEsthgJ5MULOZI70nRnQk-xwcn9657JocgZakTX3VxfEfegVQ4_Q2oJGGsxUTgblwPtg_gtQ5bT_yxwI1j01b80cAJHkcPURsAzjfnObCVmbg70nZYplyZzNI8htJroyTgpTFSyMW1s6tt1UVRr4ojbHR4Kh7PPCuxTVkInnfnzJNhfJdGweQhBxF7Jc_XUHTAN4r4Re8L3sSxI8S3U7XdnTp2ozxJdg1z-lj0OKdx_PH195E3l_BrveGUDjMOwsvKSewV_D0ZgS8X6NrVcmIOhJdoHYO2z8IZKBtAX3Rp6OZ3lc7qSrmxORvN3E4NmsHxgQcUCRqGwc4PpaXEGPBLu0vSn5EAAC6qKqa4FVcn5DgdmEjJiBfWDQK9y4ZZAjMAPkW48SX-FGVtsShLox2k2TeXCmXVseH1WOWNRgolY9qv6r3X2Arz1hjXFPpivPmfWz7AojWSb2ew8ZQeUs3Lc7U1EjXhafKpItUYRT-R2EYWg1Vm2WsQ12C7NAjygNbongnVEPjw8Ns6gt5QMdRA5GViMe5k8mb5NdrCCS4Mq2HzXCTTxyC_K_ugZMEbyS09ggaHd5C3Ccaz3rXqo69TCmYZuqiuX3KG0JQ_vI61nT3urZsxk1QiwaJaeNdBBbwXBmT0PMqi_5hDtNWnEczC36YGKHCirOJ4qeZ3lzGaMS1TBncjVqjaQ1ow-Y5_vbpUmB0aXPMXzqL5plW6qMyDvffg6PdyKhkzioMkVDaAeqtqN-_LAQxM5u69-N73d_NGFzB7m3W33HzU7dffrYnZ_ndKRPEqR-pLzUlrq1GscZ79-TiIHovbNY8rLviQBwKz_iez2b5MJ_za1vlryx3J8kW6BVlO7YZz31L2Pwndvy2LPAWeMTrEU_QbQIgbvZqsSIe9f58aYl_iD8Ey_IW-wBPQW3fr2RgVoJXnrHe-MoehB4oOMgLObHX-Jopvp1NLTjzs5wi-lKUZOZjZPiFJmwD_WO1z_amtvBbzyENckw4fN35GZcZd1m4BXxYgiWQV3rd1nv-5AYC8pk7m-tKMkBZc0iaDbU2VHQTc1A84CqKMMh4R9ZKXyJ3NSZpidE-n5Umu_mWQrqLsbwWu6QeUJUgqsiwuqlj2Jvdt18DyNG4GqKHTQCeazavNkDBOmx7XZO0OW_q3fMd0qNDoM2RpcDvCWBLF64mX-r2v96ye_GLx2HDgN_saQsuAsFPsmuALuFhQNu-e8AklFmBc8fsneE3Xkx7lQCPVvLNHL-GHZmxZEvU06iemg8z2cGyYnwYCanVe0UpwvAgvneqithDUzq7ZAcGlwj1o_TGt7-PXNlfGmSu5_hbsYq8zQx-3cdi_UC0n-Kd-6nRk6Y5zg1p_1E974by_2QHIJCRZk3UNXXZELKCWXzZ26RrCpLoA_fQycD71XRAjWN-QzaWJpCUaqUCf2Iyerc0k0KO9jCIUrWdLeBvYOWqqz5dZJDlNvEVCLuBmLgx0Y5npxiqCJXdzVpE6Fq04kSkjmjeeOqHimLz4lPs5jg8n8zPH9ft0AYchn4kCC11BczwNwlsoJUqfIHfOqqTQWH1gsch_oopX3QreeovuDWaz7WTqkWT529DE6xtSHddz4zwaNQJte7h6VEas5PjI8Sp4-D9_lnLuawEdB56SaibG8yd9MAQ_TgIcPIe16oIuh8GTaYRsK0ZOZ5lAWJuyCzBcPoZJsZwnrsVUHUjlPxEeO8X0hoajcBUsAP3m3LyTWS3N188v1p0ju_eNLVO_HLU5SmKxr348-D6lSWDv0UPfbOb3shUursdxlM_fnQ-mCkSF7o9kbPmKc_9iVmdzS60ZeA_-RH8s4uBZMSel74trnfhevQm3qChJSgrEOVvkyruSGmSE7-2PGEcvGp0I-gefw2K0xsXCSy8-78aYnhXIfA6-Mb1laS-HyoRTuSaUPUHnCQI7RY6VAi4ZuJ8dQr6TBcbY1Ynv-a4FvQammVENK3mYjoLmyQuywGnpay1lfBpE3nsynQ_qNa7opPPsWEwNTkRQduI9t0qM8h8xODXIvG7nDEFCtu7GR56mH-JQEdBkIlK_pKqKdkHzh43xDCAjQUCO1CrWGe3h1XNyCE0wORyF1KlHPbuqK5zNSxFriDkVv8AEeEFxvT5roL1z_HuU5rZ3HtY-ROGnvwHByeK-tKhLxrWqAuYslGeAf3gnm4grRm2vP8AL3RmBWW0A9uWwT3TYutOk75Zh8YDb5e8oPkDdpyZcsYDBUpUFmd-E1tgLhtH2Ac0-xhY-0FHPia8-Ee4_Kwd1EmmsA4gtcaZbMaCkJoZCWoS-GyeqQLmd6HiqRHi5g_vlcO2A0j9AU2AbHn_LBf6JgST3GUlvsnzSYmjVi2RI7fxoziU4Htg-zCsn2cd_pHS_SIYPokhpDUu798ndof2npVTJv7uABOkcrL6mlnj8OqfcBt8ByOH_QPc2VNf6twYxNxw-5OvhuD7P-1RrZjJ1RxoDVCj8Qx0nzObLBNRi5gRjBvF80PtGw&cid=CAQSGwBygQiD6GUGKRzrP4EMfzwbtr-SzTMFjhZUHBgB&dv3_ver=m202301230201&rfl=http%3A%2F%2Fshowbizstar.ru%2F&ds=l&xdt=1&iif=1&cor=7146452841508733000&adk=521587874&idt=99&cac=0&dtd=6
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d627d5f88f86813c582ecb5622da7243ab3327ebf83db188fd5211643ca5e6a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 May 2023 15:43:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34990
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame B8DD
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 May 2023 15:43:04 GMT
expires
Tue, 02 May 2023 15:43:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 May 2023 15:43:04 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
montserrat-400.css
static.criteo.net/design/googlefont/montserrat/ Frame 6099
2 KB
803 B
Stylesheet
General
Full URL
https://static.criteo.net/design/googlefont/montserrat/montserrat-400.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a81d25118c6f7d835e9ca132b995b8aca46e3575ee4ab2136ab96ac8d5e4688b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:43:04 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:06:54 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391ef7e-675"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 26 Apr 2024 15:43:04 GMT
montserrat-700.css
static.criteo.net/design/googlefont/montserrat/ Frame 6099
2 KB
803 B
Stylesheet
General
Full URL
https://static.criteo.net/design/googlefont/montserrat/montserrat-700.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
77a44f65bb6894c92e3c7ccab98de0fc357172221cc1dd45949ab938c0c7756a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:43:04 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:06:55 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391ef7f-675"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 26 Apr 2024 15:43:04 GMT
montserrat-400-latin.woff2
static.criteo.net/design/googlefont/montserrat/ Frame 6099
12 KB
13 KB
Font
General
Full URL
https://static.criteo.net/design/googlefont/montserrat/montserrat-400-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/montserrat/montserrat-400.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
5f9376c77618bf0ef43bcabf8228c9e2befde3731087b944e140a88c34066873
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/montserrat/montserrat-400.css
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:43:04 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:06:54 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391ef7e-31a4"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 26 Apr 2024 15:43:04 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame FF05
106 KB
37 KB
Script
General
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 09:27:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22551
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 03 May 2023 09:27:13 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/ Frame FF05
11 KB
4 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cwi0S36x11sqbjta2oA0cC0FGjmNLr7WXcNzog8AwrlLa-9Ogjun3vM0-q8axNEOeRCpNErNQ8X--YPqEjuJ9OJBWQz_s6Aq2ZG_tivqwaSPqch03bZdomBIp1js39niXYJxbs8VxTFigNp9y36iWw54YbGBfBstAXxDp2inIBRty6fQU&cry=1&dbm_d=AKAmf-Agy8--r2_-pex6YSDQmmG6MIxkgnjIFgarkFzIsByZSXcY1tbdH1QiUV4L-qn4_q5UP1LkzOpO2PKhVRwdorFHQttcqBrMlbhHhjO3iN2qRhrdURXUbHso-S2W8In-6TfWDRfiXHKsVR_Ulv3Qs0Xnm03v7XOndbvUfIYR7kPvwq1YxQkHisCuw3XCTQoIkoNJFBU_Q1ALDS-G-mN66m4UWbpMhVLHgQB2weBZs16sf2C7rc9t7UyCya0wHXzrxdx0EWoRVs5-Ir0Gv8Xw1NKiA7nPzheQ1GvislmktN6gtTdrqh_O4I8P99jjeq1KjqHQCFT4H_52wfwZ8JFAnAJKnhVwN-YiNw3KU7xaPB4PEoluCCNUB2WKcE4CtG_Ad_pv-0iRZd02-wsdwjqhm-yJhldy6PcPJJ5lXmrJDCq_iyWaIRd5-GVE6ynJ2vTYFj6oUJWj3dQpqhkhVYncGK7B6Z_2Ul9tjf5Fbo8-ue5Jyo4FLj1KUFw8zDMclkf4c26ZS7NNHdm5sPiHQSaEki09LdzT4IufgK06-QP32cVAGK1ORqcKejMO1t_QVM4adtmEwYJvSCnIIkimp-llTk4A1FNFPgu6adM_woMBC9j0z1meXivNF1E2H6WxW9r6FMYMmNgnkIlJZPkMyeT81OteA7GaP6a8PHIqpIk1CpA_dUwb_cbT0qK7r0bTH5TInJynFWLw1JO-LY8Fg4_YVMRlMaaCt4VlJwQ9nsl06vBmA7f6F_ujGYTPR8NyDgFC3pYIqoKGhPd17nTlnK98kJC_moIl6wljyJOidNuUz2hRevdTWMDzvojTOnlxSHTqSaARdNScAhEW5fCkMRDrEsthgJ5MULOZI70nRnQk-xwcn9657JocgZakTX3VxfEfegVQ4_Q2oJGGsxUTgblwPtg_gtQ5bT_yxwI1j01b80cAJHkcPURsAzjfnObCVmbg70nZYplyZzNI8htJroyTgpTFSyMW1s6tt1UVRr4ojbHR4Kh7PPCuxTVkInnfnzJNhfJdGweQhBxF7Jc_XUHTAN4r4Re8L3sSxI8S3U7XdnTp2ozxJdg1z-lj0OKdx_PH195E3l_BrveGUDjMOwsvKSewV_D0ZgS8X6NrVcmIOhJdoHYO2z8IZKBtAX3Rp6OZ3lc7qSrmxORvN3E4NmsHxgQcUCRqGwc4PpaXEGPBLu0vSn5EAAC6qKqa4FVcn5DgdmEjJiBfWDQK9y4ZZAjMAPkW48SX-FGVtsShLox2k2TeXCmXVseH1WOWNRgolY9qv6r3X2Arz1hjXFPpivPmfWz7AojWSb2ew8ZQeUs3Lc7U1EjXhafKpItUYRT-R2EYWg1Vm2WsQ12C7NAjygNbongnVEPjw8Ns6gt5QMdRA5GViMe5k8mb5NdrCCS4Mq2HzXCTTxyC_K_ugZMEbyS09ggaHd5C3Ccaz3rXqo69TCmYZuqiuX3KG0JQ_vI61nT3urZsxk1QiwaJaeNdBBbwXBmT0PMqi_5hDtNWnEczC36YGKHCirOJ4qeZ3lzGaMS1TBncjVqjaQ1ow-Y5_vbpUmB0aXPMXzqL5plW6qMyDvffg6PdyKhkzioMkVDaAeqtqN-_LAQxM5u69-N73d_NGFzB7m3W33HzU7dffrYnZ_ndKRPEqR-pLzUlrq1GscZ79-TiIHovbNY8rLviQBwKz_iez2b5MJ_za1vlryx3J8kW6BVlO7YZz31L2Pwndvy2LPAWeMTrEU_QbQIgbvZqsSIe9f58aYl_iD8Ey_IW-wBPQW3fr2RgVoJXnrHe-MoehB4oOMgLObHX-Jopvp1NLTjzs5wi-lKUZOZjZPiFJmwD_WO1z_amtvBbzyENckw4fN35GZcZd1m4BXxYgiWQV3rd1nv-5AYC8pk7m-tKMkBZc0iaDbU2VHQTc1A84CqKMMh4R9ZKXyJ3NSZpidE-n5Umu_mWQrqLsbwWu6QeUJUgqsiwuqlj2Jvdt18DyNG4GqKHTQCeazavNkDBOmx7XZO0OW_q3fMd0qNDoM2RpcDvCWBLF64mX-r2v96ye_GLx2HDgN_saQsuAsFPsmuALuFhQNu-e8AklFmBc8fsneE3Xkx7lQCPVvLNHL-GHZmxZEvU06iemg8z2cGyYnwYCanVe0UpwvAgvneqithDUzq7ZAcGlwj1o_TGt7-PXNlfGmSu5_hbsYq8zQx-3cdi_UC0n-Kd-6nRk6Y5zg1p_1E974by_2QHIJCRZk3UNXXZELKCWXzZ26RrCpLoA_fQycD71XRAjWN-QzaWJpCUaqUCf2Iyerc0k0KO9jCIUrWdLeBvYOWqqz5dZJDlNvEVCLuBmLgx0Y5npxiqCJXdzVpE6Fq04kSkjmjeeOqHimLz4lPs5jg8n8zPH9ft0AYchn4kCC11BczwNwlsoJUqfIHfOqqTQWH1gsch_oopX3QreeovuDWaz7WTqkWT529DE6xtSHddz4zwaNQJte7h6VEas5PjI8Sp4-D9_lnLuawEdB56SaibG8yd9MAQ_TgIcPIe16oIuh8GTaYRsK0ZOZ5lAWJuyCzBcPoZJsZwnrsVUHUjlPxEeO8X0hoajcBUsAP3m3LyTWS3N188v1p0ju_eNLVO_HLU5SmKxr348-D6lSWDv0UPfbOb3shUursdxlM_fnQ-mCkSF7o9kbPmKc_9iVmdzS60ZeA_-RH8s4uBZMSel74trnfhevQm3qChJSgrEOVvkyruSGmSE7-2PGEcvGp0I-gefw2K0xsXCSy8-78aYnhXIfA6-Mb1laS-HyoRTuSaUPUHnCQI7RY6VAi4ZuJ8dQr6TBcbY1Ynv-a4FvQammVENK3mYjoLmyQuywGnpay1lfBpE3nsynQ_qNa7opPPsWEwNTkRQduI9t0qM8h8xODXIvG7nDEFCtu7GR56mH-JQEdBkIlK_pKqKdkHzh43xDCAjQUCO1CrWGe3h1XNyCE0wORyF1KlHPbuqK5zNSxFriDkVv8AEeEFxvT5roL1z_HuU5rZ3HtY-ROGnvwHByeK-tKhLxrWqAuYslGeAf3gnm4grRm2vP8AL3RmBWW0A9uWwT3TYutOk75Zh8YDb5e8oPkDdpyZcsYDBUpUFmd-E1tgLhtH2Ac0-xhY-0FHPia8-Ee4_Kwd1EmmsA4gtcaZbMaCkJoZCWoS-GyeqQLmd6HiqRHi5g_vlcO2A0j9AU2AbHn_LBf6JgST3GUlvsnzSYmjVi2RI7fxoziU4Htg-zCsn2cd_pHS_SIYPokhpDUu798ndof2npVTJv7uABOkcrL6mlnj8OqfcBt8ByOH_QPc2VNf6twYxNxw-5OvhuD7P-1RrZjJ1RxoDVCj8Qx0nzObLBNRi5gRjBvF80PtGw&cid=CAQSGwBygQiD6GUGKRzrP4EMfzwbtr-SzTMFjhZUHBgB&dv3_ver=m202301230201&rfl=http%3A%2F%2Fshowbizstar.ru%2F&ds=l&xdt=1&iif=1&cor=7146452841508733000&adk=521587874&idt=99&cac=0&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 09:20:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
22956
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4122
x-xss-protection
0
server
cafe
etag
11429739870029468282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 May 2023 09:20:28 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/ Frame FF05
28 KB
11 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cwi0S36x11sqbjta2oA0cC0FGjmNLr7WXcNzog8AwrlLa-9Ogjun3vM0-q8axNEOeRCpNErNQ8X--YPqEjuJ9OJBWQz_s6Aq2ZG_tivqwaSPqch03bZdomBIp1js39niXYJxbs8VxTFigNp9y36iWw54YbGBfBstAXxDp2inIBRty6fQU&cry=1&dbm_d=AKAmf-Agy8--r2_-pex6YSDQmmG6MIxkgnjIFgarkFzIsByZSXcY1tbdH1QiUV4L-qn4_q5UP1LkzOpO2PKhVRwdorFHQttcqBrMlbhHhjO3iN2qRhrdURXUbHso-S2W8In-6TfWDRfiXHKsVR_Ulv3Qs0Xnm03v7XOndbvUfIYR7kPvwq1YxQkHisCuw3XCTQoIkoNJFBU_Q1ALDS-G-mN66m4UWbpMhVLHgQB2weBZs16sf2C7rc9t7UyCya0wHXzrxdx0EWoRVs5-Ir0Gv8Xw1NKiA7nPzheQ1GvislmktN6gtTdrqh_O4I8P99jjeq1KjqHQCFT4H_52wfwZ8JFAnAJKnhVwN-YiNw3KU7xaPB4PEoluCCNUB2WKcE4CtG_Ad_pv-0iRZd02-wsdwjqhm-yJhldy6PcPJJ5lXmrJDCq_iyWaIRd5-GVE6ynJ2vTYFj6oUJWj3dQpqhkhVYncGK7B6Z_2Ul9tjf5Fbo8-ue5Jyo4FLj1KUFw8zDMclkf4c26ZS7NNHdm5sPiHQSaEki09LdzT4IufgK06-QP32cVAGK1ORqcKejMO1t_QVM4adtmEwYJvSCnIIkimp-llTk4A1FNFPgu6adM_woMBC9j0z1meXivNF1E2H6WxW9r6FMYMmNgnkIlJZPkMyeT81OteA7GaP6a8PHIqpIk1CpA_dUwb_cbT0qK7r0bTH5TInJynFWLw1JO-LY8Fg4_YVMRlMaaCt4VlJwQ9nsl06vBmA7f6F_ujGYTPR8NyDgFC3pYIqoKGhPd17nTlnK98kJC_moIl6wljyJOidNuUz2hRevdTWMDzvojTOnlxSHTqSaARdNScAhEW5fCkMRDrEsthgJ5MULOZI70nRnQk-xwcn9657JocgZakTX3VxfEfegVQ4_Q2oJGGsxUTgblwPtg_gtQ5bT_yxwI1j01b80cAJHkcPURsAzjfnObCVmbg70nZYplyZzNI8htJroyTgpTFSyMW1s6tt1UVRr4ojbHR4Kh7PPCuxTVkInnfnzJNhfJdGweQhBxF7Jc_XUHTAN4r4Re8L3sSxI8S3U7XdnTp2ozxJdg1z-lj0OKdx_PH195E3l_BrveGUDjMOwsvKSewV_D0ZgS8X6NrVcmIOhJdoHYO2z8IZKBtAX3Rp6OZ3lc7qSrmxORvN3E4NmsHxgQcUCRqGwc4PpaXEGPBLu0vSn5EAAC6qKqa4FVcn5DgdmEjJiBfWDQK9y4ZZAjMAPkW48SX-FGVtsShLox2k2TeXCmXVseH1WOWNRgolY9qv6r3X2Arz1hjXFPpivPmfWz7AojWSb2ew8ZQeUs3Lc7U1EjXhafKpItUYRT-R2EYWg1Vm2WsQ12C7NAjygNbongnVEPjw8Ns6gt5QMdRA5GViMe5k8mb5NdrCCS4Mq2HzXCTTxyC_K_ugZMEbyS09ggaHd5C3Ccaz3rXqo69TCmYZuqiuX3KG0JQ_vI61nT3urZsxk1QiwaJaeNdBBbwXBmT0PMqi_5hDtNWnEczC36YGKHCirOJ4qeZ3lzGaMS1TBncjVqjaQ1ow-Y5_vbpUmB0aXPMXzqL5plW6qMyDvffg6PdyKhkzioMkVDaAeqtqN-_LAQxM5u69-N73d_NGFzB7m3W33HzU7dffrYnZ_ndKRPEqR-pLzUlrq1GscZ79-TiIHovbNY8rLviQBwKz_iez2b5MJ_za1vlryx3J8kW6BVlO7YZz31L2Pwndvy2LPAWeMTrEU_QbQIgbvZqsSIe9f58aYl_iD8Ey_IW-wBPQW3fr2RgVoJXnrHe-MoehB4oOMgLObHX-Jopvp1NLTjzs5wi-lKUZOZjZPiFJmwD_WO1z_amtvBbzyENckw4fN35GZcZd1m4BXxYgiWQV3rd1nv-5AYC8pk7m-tKMkBZc0iaDbU2VHQTc1A84CqKMMh4R9ZKXyJ3NSZpidE-n5Umu_mWQrqLsbwWu6QeUJUgqsiwuqlj2Jvdt18DyNG4GqKHTQCeazavNkDBOmx7XZO0OW_q3fMd0qNDoM2RpcDvCWBLF64mX-r2v96ye_GLx2HDgN_saQsuAsFPsmuALuFhQNu-e8AklFmBc8fsneE3Xkx7lQCPVvLNHL-GHZmxZEvU06iemg8z2cGyYnwYCanVe0UpwvAgvneqithDUzq7ZAcGlwj1o_TGt7-PXNlfGmSu5_hbsYq8zQx-3cdi_UC0n-Kd-6nRk6Y5zg1p_1E974by_2QHIJCRZk3UNXXZELKCWXzZ26RrCpLoA_fQycD71XRAjWN-QzaWJpCUaqUCf2Iyerc0k0KO9jCIUrWdLeBvYOWqqz5dZJDlNvEVCLuBmLgx0Y5npxiqCJXdzVpE6Fq04kSkjmjeeOqHimLz4lPs5jg8n8zPH9ft0AYchn4kCC11BczwNwlsoJUqfIHfOqqTQWH1gsch_oopX3QreeovuDWaz7WTqkWT529DE6xtSHddz4zwaNQJte7h6VEas5PjI8Sp4-D9_lnLuawEdB56SaibG8yd9MAQ_TgIcPIe16oIuh8GTaYRsK0ZOZ5lAWJuyCzBcPoZJsZwnrsVUHUjlPxEeO8X0hoajcBUsAP3m3LyTWS3N188v1p0ju_eNLVO_HLU5SmKxr348-D6lSWDv0UPfbOb3shUursdxlM_fnQ-mCkSF7o9kbPmKc_9iVmdzS60ZeA_-RH8s4uBZMSel74trnfhevQm3qChJSgrEOVvkyruSGmSE7-2PGEcvGp0I-gefw2K0xsXCSy8-78aYnhXIfA6-Mb1laS-HyoRTuSaUPUHnCQI7RY6VAi4ZuJ8dQr6TBcbY1Ynv-a4FvQammVENK3mYjoLmyQuywGnpay1lfBpE3nsynQ_qNa7opPPsWEwNTkRQduI9t0qM8h8xODXIvG7nDEFCtu7GR56mH-JQEdBkIlK_pKqKdkHzh43xDCAjQUCO1CrWGe3h1XNyCE0wORyF1KlHPbuqK5zNSxFriDkVv8AEeEFxvT5roL1z_HuU5rZ3HtY-ROGnvwHByeK-tKhLxrWqAuYslGeAf3gnm4grRm2vP8AL3RmBWW0A9uWwT3TYutOk75Zh8YDb5e8oPkDdpyZcsYDBUpUFmd-E1tgLhtH2Ac0-xhY-0FHPia8-Ee4_Kwd1EmmsA4gtcaZbMaCkJoZCWoS-GyeqQLmd6HiqRHi5g_vlcO2A0j9AU2AbHn_LBf6JgST3GUlvsnzSYmjVi2RI7fxoziU4Htg-zCsn2cd_pHS_SIYPokhpDUu798ndof2npVTJv7uABOkcrL6mlnj8OqfcBt8ByOH_QPc2VNf6twYxNxw-5OvhuD7P-1RrZjJ1RxoDVCj8Qx0nzObLBNRi5gRjBvF80PtGw&cid=CAQSGwBygQiD6GUGKRzrP4EMfzwbtr-SzTMFjhZUHBgB&dv3_ver=m202301230201&rfl=http%3A%2F%2Fshowbizstar.ru%2F&ds=l&xdt=1&iif=1&cor=7146452841508733000&adk=521587874&idt=99&cac=0&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
750d70bfb8a9982b827656699387de0b63da65b2e9a247768005d9775bad42b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 09:20:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
22956
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10878
x-xss-protection
0
server
cafe
etag
6410051166583139006
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 May 2023 09:20:28 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame FF05
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 09:20:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22956
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 May 2024 09:20:28 GMT
truncated
/ Frame FF05
217 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67269c188734c4a76b48b8b1d99901bfd340ae4af7293c6516cad1ac2bc62362

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 3B19
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1516
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 02 May 2023 15:17:48 GMT
expires
Wed, 01 May 2024 15:17:48 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame F3A4
217 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
569b25e02dcd9275b6dd46bfd1833287f2670730f770153e114dd94bfc6dfbe8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js
pagead2.googlesyndication.com/bg/ Frame 878F
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b91400591617ff92c9fc737a11b29e3a82e22403987b29811432e1b700371e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 20:12:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
502235
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14118
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Apr 2024 20:12:29 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame F3A4
0
19 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CRUXFhi9RZMb4LMjVtwe_uIOQD52T65xw_cWQ6p4R6aDC098VEAEgoZCCLmCV4pCCoAegAfKj-t4DyAEDqQK4Sb-1M2eyPqgDAcgDyQSqBMQBT9BjExDPIYvabHVNMXEVYdyXHlvzrXttuHwT0jp6j_oDh8rapn4prSB7UhZIAmthQpejAKvFqa0Ti_pnlqEeXmR7jq5uGvWx0ieCM2B8W2Sb62GO2P4vFCzOK_rN0RUik3D6VZyEAe3MV3pwcH-JnrEM1fjwGwITVhU0OEMkpUb54M9aGbPjL2l4i1zwhvk3rujWDvnTsjE5ArCinn55oPAfwwBEUnSeoIfYK9jTWZyFtHA2n2MbIO8-SzQCiSVN6qJC2cAEr7S3yKQEkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgOAB-KZqx2oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDXwQLSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi04MDQ2Mjc1NTU1Njc0NzM3GAA&sigh=3cy5q3oxFfE&uach_m=[UACH]&cid=CAQSGwBygQiD6GUGKRzrP4EMfzwbtr-SzTMFjhZUHBgB&vis=1
Requested by
Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 02 May 2023 15:43:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js
pagead2.googlesyndication.com/bg/ Frame 3B19
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b91400591617ff92c9fc737a11b29e3a82e22403987b29811432e1b700371e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 20:12:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
502235
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14118
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Apr 2024 20:12:29 GMT
aulus-728x90-DE.html
s0.2mdn.net/sadbundle/11207411921136063200/ Frame 8BAD
6 KB
2 KB
Document
General
Full URL
https://s0.2mdn.net/sadbundle/11207411921136063200/aulus-728x90-DE.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf5a32878407b7e1f4fae574fdd255f300dd3002c7cc3561b4d5b03df1edb5b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
234195
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2378
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 29 Apr 2023 22:39:49 GMT
expires
Sun, 28 Apr 2024 22:39:49 GMT
last-modified
Tue, 11 Apr 2023 12:03:09 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame FF05
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssx-5BfsSJJyPEPswM90wiKvEi6_EuILB_qI8RtOF6RuzkpbEHuErsYKUVd_RY05hMeNUoClOtkxtjr2m_A7EG_5jw5o4aP87DRgP8q1YDAl4ZCmURlA53L0lAF3MjMWxq4WfK2knnQpTpvRAYCT9rTu9ZedfYLBLMFMf7qxyQxjnzmXmSM2cSpDeKv-c1cTjxEmahwzf7OjqRehUg_LDUkPCvo5OHMO39kkTF_gUgQqbMSLIySJfl7-mLijkTgqoESi6ttUMkCg5--taPCa3hnwRdSb174PiOCzOuLEhBWKUKTFmqd1MhkpPbWlp8kvEuDy031P52D9WSoK3jSmCkKnXJOEL4rDPDeQifSCOb5gvF3hVlGi9WyhMUwBZ9oRyfC8dAWRIXYQu7HWyUrLuJwoOaxIHWBqnbhFJd7DnIx00GptbXzhnh56nXyTaQIjSecAzQz4kAO-wKALAkB88EKlrXeWiyki14eAkyAJ5KR0q1uvUdnp6tFCFer6-KjKCgQGpBdXL_s9R7OoXCF4AxQS82SggixtuFi_MJvGSx_sJadoE7Fdl1Ha4QOkU-P_wzG1TOH3KlIK9AGEphu7rA5AmZAk9ZPqbIzF9i3uLIpoiTauvVXolZwdaLiR7O1ezYZj7rdfSlQHI3RmlbXLl58dNw0m8oNKnO7sNcWbHOuT7zaem6ep7PKo7NCZ9O64J_YQ8tTgA33SGUXGFjxBnscZ3K6xUaiVAkm_KEvQBvr9NGsQgSrflfAYTRAqxO-c_r_0ApwKKwGhdXDAlzwTC0z5Dqitrw_DSSRziiz1ixkS-9XS3-6byQ6InayNPR4vTje3fWKBbWxEgyJy10O7CTrf5BdN3_z-47ZDrV6czKdL7MAGRJW2EoCsvPVMyw_yuN7uM_xcwi501kb614sXvl0Qa-ZQhFPItOIFTRqXm09XyNVUQ5ldsDq2momvmvCiMkDqYkBCaMeLbWKgv94wu_IDaIhJJTQzL9fTbqUIbJG_75hAbfAKadIT-Y5OqHMe4yBlf_CBS9QhlPgPr8qiwfdninUa6FTGyQCkoXBv9MoER6K5PXTorwvW14WpcQCNommpGcnNersI49atUlRKTPO9L3fHyWMjG7Iek5BuDgXf9OWr5zUCCS_7bbQT9Im4mMA81Rn_H_KynifsBhrzhH-JF2EwaPLUgZivps&sai=AMfl-YSufXheqaDiQ-A0VpiTMNI4Exs0cl2k2lxWkqvqzVBeZsn3tiSFR0C70S9CAUa89aAIHxl6GSmAAj40fsT6gwnYwczpBR4vIyVjApvhRMG5HIfcc2kni62oUwdPKOTWDVtTdVj1YbTa-IXS1M7xHPJzBs1yHZozKCLhSzCIP-VImoCGx6g&sig=Cg0ArKJSzBCsSjUkxfQuEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=179&cbvp=1&cstd=174&cisv=r20230426.73527&arae=0&ftch=1&adurl=
Requested by
Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 02 May 2023 15:43:04 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Tue, 02 May 2023 15:43:04 GMT
all
csm.eu.criteo.net/ Frame 5995
0
127 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=Rumj1F1dNOfLt25_fLCD8kDlYqSTgcNZJBFszBgd9Zng2LDISXLvgXSVWwHVcEZG8q5TigdTPHREuDG_modpcO5wYHcLFNMbanZOsNxOKDxYcMQkpq9UOsDbxNPg-mTprKOF0pr90HstPG8Q8u2lGYURHvBxa4TsSHmboP9vsWdQqM3RJ08Hs6DaL_z9zcjA3_5b28OhQecqMnVsOSNJ7eG1ByQasJO7vATmi3Z37XHZlUbsY6cDNX3_HRwR8-G3_YgcTQ&sds=2&rev=86118&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZFEvhgALU3kK7ZaGAA1C8J1sDX67kuyCYlOt6Q&u=%7CcUQNteQ%2BFsPR3eLSQqMwTkSqlG%2BWzMPMMzcsNIWE4zs%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37ds0oDHxEuxeKn7Xrp6ainli_Cmw5dJSudhYAqTqyTVI_Npph_ZNnhbOLEbwPSW-4xKkJuuhPiTYEg4EGTSn7cl0ckksiVKBJ62_coml-HSzG7Uq0bBCT9N56OChMUcdGWUe5RAJPldtXNow-DGp6_Suk0YnJjubu5SxrI0htH_-AS0SbYgKcfE25GbQiYKfcNbQnI9m1GRFDCRs5HywPfOyXVOWH_ngswRmyhEAK_ZBxX9nDpf70qOoJHHSVBfv1Amu9Mx861o0leLSwgW3-P7C6zUkjrdzqJVRbOTDOJfiM7USCfsULS1BzP6XJyABy1AugIWAp8CToeSM5nz2Z1SUiqJFZy7yK5CIKB4b_Rhi1LB2bFViat6UQbboOruKJ7zGm0YpX9pEGkRlG7_qaqDTw76t2CREtedZJhXXYmNndt-blwdPtWIlGp85nFscpmUissbLf_moR4eGIV-bzrE81XGsQBAQysUdIwgzfPvPUGrrARbMKHtrWko71pvTJj-JUCKRLguGKC6uorHZ7haa2YeZ299V06O6ObAj0EbiieVlFAnW6_WI2WrOxR9CGUYy557HyXj0O4kZKMF-upQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeaAChi9RZPmmLYattgfwhbXIAcme0rFczeGS93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODA0NjI3NTU1NTY3NDczN8gBCakCuEm_tTNnsj6oAwGqBL0BT9CnFK4lpXXEAJG-PBoD3RlHE79jkKBzpduKMXwYIK6nTuO1gcR725__qa6wvuZqUHwtAZhOoMZhqX5Pmo_XkxdwC1XanowzjXr_Boez3o5cA13wJ3UEyRqKY09DKWUEbYsm0U6bBAqS1VCCnnduwofw0r9UmWqWjav_YG0YooTgrH1aJ5HoG9fI5nQXybHFDlNAzbpFYRON5iIkatCvWmTiLs8Xugy_oJ8EzIXPJ_krBbC9361w4qIk7A-AgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1fWb83hculzH81oohMekwgcs1dCw%26client%3Dca-pub-8046275555674737%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 02 May 2023 15:43:04 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 8BAD
236 KB
63 KB
Script
General
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11207411921136063200/aulus-728x90-DE.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11207411921136063200/aulus-728x90-DE.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:43:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 02 May 2023 15:43:04 GMT
aulus-728x90-DE.js
s0.2mdn.net/sadbundle/11207411921136063200/ Frame 8BAD
142 KB
14 KB
Script
General
Full URL
https://s0.2mdn.net/sadbundle/11207411921136063200/aulus-728x90-DE.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11207411921136063200/aulus-728x90-DE.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8126a786b178c58984fe63249ce3fabaa0236797990fe6f75082bc49c9dcb0d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11207411921136063200/aulus-728x90-DE.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 16:41:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
514881
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14409
x-xss-protection
0
last-modified
Tue, 11 Apr 2023 12:03:09 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 25 Apr 2024 16:41:43 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 696F
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssYM3qRP2-_Zs8E2h1D0JGKf4TPv-QQMPaL-5MtF3AhNh2-x16FBH91PIeP2UJz45JjdNJ-OKsfE0z3WAIFZmHHwSY&sig=Cg0ArKJSzKlLsgUMXkXkEAE&id=lidar2&mcvt=1015&p=0,0,280,1090&mtos=1015,1015,1015,1015,1015&tos=1015,0,0,0,0&v=20230501&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3079527149&rs=2&la=1&cr=0&vs=4&r=v&rst=1683042182716&rpt=665&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 May 2023 15:43:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3B19
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BIcqPiC9RZNsTxPPfA_Dcm-gNAAAAADgB4AQC&bg=!eHuley_NAAb9Sbh13Uk7ADkAdvg8Wutpk2GYqBqQVh87F_ErLNj2ktn50izH4rZj6HcGEtAtr5OFUuRnGHrfG-2yDXRghyZSRTYCAAAAcFIAAAAJaAEHmQM396aOJ2jOr3xxqJdGOiW7BKgKAQ2hAfvghbyo93cBWYuksGAz0uhDQHgtMt7Ns9VC7HpdtNEzXxkUKTqlHVgRTpVMtom4TcP59-DG0mTKtNVIec7g5UB7zPAJFuc0AeOt1JwwOKMjdzmr41W2pXuG8O2SRuMru5rNE_lyf-kUC4XLAFei2qYJkpeA4XAK2gwLKA6tb02MWykxGR99rQqUa_BfPOYyVlTk98DJqYk64AaSpar659OHkXjrtK7NSDC2xFSv_XeRu5gKs3tmNvWFixusSIwFQJY-4J87T1acCsvU6delMwjkyywItnc0JhFboVGIMk_3I6d6lc2BU2r7hGvZjwLiyUQQiIUbX3i2QH2JanMnO7E5FEr7tBE5jggKzy0rbYOfMaLSENhlahvPI4HJd5fgNthhaXpgIx6P3TqMVJT8QEA8qO_xnofIHhhb9uzKF7eKM9CO8VWkh4YNi6qiNOd9F3gMpjgfZP4kYTSYRIGxXzIG46DiluTF3I1NjiYM_3quOQ3UDXgzNu4-2mMf8C3x9BCN4W2zalteKWTtk3kYDZ1QCH9sLz2MlC7iZb1EDssqTAjf3WR-LqDxHaVumq8UPdnpb7YYmGR5sKsOeJy2lAPOHof6mUy84u9IYl-qOUN3jpIkPzmOtAzjq_LgjmCPmueq89HKPJz51XFO9MEh_gljGngOlpW6_V-WI0wTp4IHBVGojHktGDtqPh3ml4ojXizGGK-xx9CmmXk9O2qvG5EmzLwycVteUgWesdnIkvqmc4zyeRh69b-7y2c6CA-CC3t6a8iv9ZYeKouL7VR88oSnFNJkhfsvNgSb0-rvWcVMs6Eo5OLZBwADXXGWUzm9k2un8SJPV1SGNd7kySXWkd8zAeeL1H9Gf3NHUsuBRJ4FcpJLKMqo3SIkbqx0MnaO5CCxXjrW5ueX4ybPHLQeHLfGZJCOB8b2JQgvkf3mPRZFtykyndCKPCOSLZqIKEQ1n0t-x6U0Q2LyodrscFWDlpocbk3zQjdO8Z8i7QtdeBh1f8oJo3RMP4fcIKTME-73MaMfIEorgKx2549yLQb4N22h1I8zk67vpauYBivvHjkbXw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 May 2023 15:43:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
aulus_728x90_DE_atlas_1.jpg
s0.2mdn.net/sadbundle/11207411921136063200/images/ Frame 8BAD
2 MB
2 MB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/11207411921136063200/images/aulus_728x90_DE_atlas_1.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1c57474d88bc77066cc29ddbaaa5e853c3dc5e4892ab6cfe64ec36be3058389
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11207411921136063200/aulus-728x90-DE.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 22:31:26 GMT
x-content-type-options
nosniff
age
234698
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2173118
x-xss-protection
0
last-modified
Tue, 11 Apr 2023 12:03:09 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 28 Apr 2024 22:31:26 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame FF05
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssx-5BfsSJJyPEPswM90wiKvEi6_EuILB_qI8RtOF6RuzkpbEHuErsYKUVd_RY05hMeNUoClOtkxtjr2m_A7EG_5jw5o4aP87DRgP8q1YDAl4ZCmURlA53L0lAF3MjMWxq4WfK2knnQpTpvRAYCT9rTu9ZedfYLBLMFMf7qxyQxjnzmXmSM2cSpDeKv-c1cTjxEmahwzf7OjqRehUg_LDUkPCvo5OHMO39kkTF_gUgQqbMSLIySJfl7-mLijkTgqoESi6ttUMkCg5--taPCa3hnwRdSb174PiOCzOuLEhBWKUKTFmqd1MhkpPbWlp8kvEuDy031P52D9WSoK3jSmCkKnXJOEL4rDPDeQifSCOb5gvF3hVlGi9WyhMUwBZ9oRyfC8dAWRIXYQu7HWyUrLuJwoOaxIHWBqnbhFJd7DnIx00GptbXzhnh56nXyTaQIjSecAzQz4kAO-wKALAkB88EKlrXeWiyki14eAkyAJ5KR0q1uvUdnp6tFCFer6-KjKCgQGpBdXL_s9R7OoXCF4AxQS82SggixtuFi_MJvGSx_sJadoE7Fdl1Ha4QOkU-P_wzG1TOH3KlIK9AGEphu7rA5AmZAk9ZPqbIzF9i3uLIpoiTauvVXolZwdaLiR7O1ezYZj7rdfSlQHI3RmlbXLl58dNw0m8oNKnO7sNcWbHOuT7zaem6ep7PKo7NCZ9O64J_YQ8tTgA33SGUXGFjxBnscZ3K6xUaiVAkm_KEvQBvr9NGsQgSrflfAYTRAqxO-c_r_0ApwKKwGhdXDAlzwTC0z5Dqitrw_DSSRziiz1ixkS-9XS3-6byQ6InayNPR4vTje3fWKBbWxEgyJy10O7CTrf5BdN3_z-47ZDrV6czKdL7MAGRJW2EoCsvPVMyw_yuN7uM_xcwi501kb614sXvl0Qa-ZQhFPItOIFTRqXm09XyNVUQ5ldsDq2momvmvCiMkDqYkBCaMeLbWKgv94wu_IDaIhJJTQzL9fTbqUIbJG_75hAbfAKadIT-Y5OqHMe4yBlf_CBS9QhlPgPr8qiwfdninUa6FTGyQCkoXBv9MoER6K5PXTorwvW14WpcQCNommpGcnNersI49atUlRKTPO9L3fHyWMjG7Iek5BuDgXf9OWr5zUCCS_7bbQT9Im4mMA81Rn_H_KynifsBhrzhH-JF2EwaPLUgZivps&sai=AMfl-YSufXheqaDiQ-A0VpiTMNI4Exs0cl2k2lxWkqvqzVBeZsn3tiSFR0C70S9CAUa89aAIHxl6GSmAAj40fsT6gwnYwczpBR4vIyVjApvhRMG5HIfcc2kni62oUwdPKOTWDVtTdVj1YbTa-IXS1M7xHPJzBs1yHZozKCLhSzCIP-VImoCGx6g&sig=Cg0ArKJSzBCsSjUkxfQuEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=436&vt=11&dtpt=257&dett=3&cstd=174&cisv=r20230426.73527&arae=0&ftch=1&adurl=
Requested by
Host: showbizstar.ru
URL: http://showbizstar.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:43:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 02 May 2023 15:43:04 GMT
sodar
pagead2.googlesyndication.com/getconfig/
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230426&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8046275555674737&plah=showbizstar.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdcee888032df2709f5e05a19b50a097665b34f0c9e8d5efa01f8ddf89af0fc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://showbizstar.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:43:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11120
x-xss-protection
0
%D0%BC%D0%B5%D0%BD%D1%8C%D1%88%D0%B8%D0%BA%D0%BE%D0%B23-330x140.jpg
showbizstar.ru/wp-content/uploads/2021/07/
8 KB
8 KB
Image
General
Full URL
https://showbizstar.ru/wp-content/uploads/2021/07/%D0%BC%D0%B5%D0%BD%D1%8C%D1%88%D0%B8%D0%BA%D0%BE%D0%B23-330x140.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.236.16.118 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
ssl.oscar1.beget.com
Software
nginx-reuseport/1.21.1 /
Resource Hash
f452f43e94619df02e38ca31500f265641541e9a06c89f3e0485cba8dd0035e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://showbizstar.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:43:04 GMT
last-modified
Mon, 12 Jul 2021 15:05:19 GMT
server
nginx-reuseport/1.21.1
etag
"60ec5a2f-209a"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
8346
expires
Thu, 01 Jun 2023 15:43:04 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8046275555674737&plah=showbizstar.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://showbizstar.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:43:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 02 May 2023 15:43:04 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D222
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://showbizstar.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1838
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 02 May 2023 15:12:26 GMT
expires
Wed, 01 May 2024 15:12:26 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8DD4
783 B
969 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
53e897e8d232c0aae8eed18b047f1fed63ce70f3a886ae36682712ea2898befb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-jquAAcU1vkebrzaZ90hi5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://showbizstar.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-jquAAcU1vkebrzaZ90hi5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 02 May 2023 15:43:04 GMT
expires
Tue, 02 May 2023 15:43:04 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js
pagead2.googlesyndication.com/bg/ Frame D222
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b91400591617ff92c9fc737a11b29e3a82e22403987b29811432e1b700371e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 20:12:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
502235
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14118
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Apr 2024 20:12:29 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 8DD4
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230426&jk=3649869842442817&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Kendall-Jenner-3-330x140.jpg
showbizstar.ru/wp-content/uploads/2023/05/
11 KB
11 KB
Image
General
Full URL
https://showbizstar.ru/wp-content/uploads/2023/05/Kendall-Jenner-3-330x140.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.236.16.118 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
ssl.oscar1.beget.com
Software
nginx-reuseport/1.21.1 /
Resource Hash
40e10f5100459ee5b1152009e90b790d5481b3c4e229f7012fecff548060ec97

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://showbizstar.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:43:04 GMT
last-modified
Tue, 02 May 2023 10:57:05 GMT
server
nginx-reuseport/1.21.1
etag
"6450ec81-2d12"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
11538
expires
Thu, 01 Jun 2023 15:43:04 GMT
generate_204
tpc.googlesyndication.com/ Frame D222
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?mcqPbw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 15:43:04 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame F3A4
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuliKPRJ2gf0hfCftxZmUijPkcpdEpSHgsNi1wSplMONHNKTAH-3ag-7yrw65tx_oQaLesmU85N8b5tVC70G-iKm7GB4kDuoHDrEJ4maGs7dQyZaJo3C-fRVoRwucaBRm_OKSoWFA&sai=AMfl-YQt1UxMrkViaqioS1B_bfXvHFB-xrMKHw818EnppeHiry1CGwoTnEPwHOiHfRrEl7Il59W5qj1SXvMw&sig=Cg0ArKJSzLpi9nrwhzL1EAE&cid=CAQSGwBygQiD6GUGKRzrP4EMfzwbtr-SzTMFjhZUHBgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230501&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271804&rs=2&la=0&cr=0&vs=4&r=v&rst=1683042183660&rpt=302&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 May 2023 15:43:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame FF05
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstA5TXyjnHBb9GIF-6gbw5IqeSc1vdWMWxJUFKEh-BsPeiqv6LAfItXdqsYge8lKv0955WQEa5sBGbcx8YL4XDu9yN6p0LpbQmF0FLYMia9RhIQc9ARS_ZPbnFE&sai=AMfl-YQhoX5cF9yn_rfTjd3jGI7qqeB6ULWzyCUweSfz8Q2VfydN4THOUIE3mgiG42g7x858cpbiVxX0BX9q&sig=Cg0ArKJSzFCrG0Chdo3JEAE&cid=CAQSGwBygQiD6GUGKRzrP4EMfzwbtr-SzTMFjhZUHBgB&id=lidar2&mcvt=1002&p=0,0,90,728&mtos=570,1002,1002,1002,1002&tos=570,432,0,0,0&v=20230501&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1683042183788&rpt=434&met=ce&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 May 2023 15:43:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230426&jk=3649869842442817&bg=!SkmlSR3NAAb9Sbh13Uk7ADkAdvg8WpVpNY3vafyLsen4PzOmXlwJ73ehI9yGdOR-0EXLjvPxdk6gMcpflYZHBKIHpJbMSqY0Z3ACAAAAn1IAAAACaAEHmQLY01MuhBK86JdYv0IH9rHNQpPxzBQrdxauPkXiBaQKnb_518B-s54qe5yKu8IjP4rqWypck4Ozjrq2WK7cxocIePo163y4soNxgF4Ra2_tombsshK_cTBSFHUXZNzX8G-K3k1MLA3PKWgru7mjKzkYSv1wDai5uzhBrgdCOH7F3GDhgXbgO1b6QGs4cfqVN4gz5Hj8Zu94zOyONay2eISEa2LAq1sl0WLB7LDwm5so5fk5uNevTJpUpFA39acAh4BBIdDlKMgJFU4b7hBwQomXmIn9RhNFkDoSHBr26T8bjT5b84qDruhT2Lt74Gxf9DWv2nEyEad5OhUEQIxR5w24i5Z0uR8a8SIjfvrIVeWJhYa6ENZp1wQPRg4F2t343DaSbkRbXN9WHOQ7iS-bfvruHD3a8smxgAeWp4CO44gsfXMuYDBaWGf1gQajRDEmpqZrtpqo7dXmxuGhe9SVr3PD8L78WHcnRsQmATlwWUj5nZeY77n8gFcAWYjqNgSTJsV01yZ-ePx3Q5reQa-V3HEgiIApPsR11yK4cxulAVpwhFYedOPXIo2I3dKmLTdTBkraHp119FgMzwulMOhdvk21mP1TSmtuNZ0wODQmo7TD_o3peB51AV2r6tB2y5JnYDz641gsnxMT2CGLSjIMDzxXP9h_Yl2JX-A9YvEM21fHG-ebbKtGuhFMarYD7g6FsjsW6tVCjr23utURl-6cSFB2vEvfIvxh6abutBNW7TC46q8qunEx7VqtdikXgXLpDYSpDI-medUTsjRXYUOJNXcTet0vcyc3e8p31xuXyBe3hUz0L-D59jfLhbcvAOll0UK8_Om5cWe1bXFnWHzKprq0juDjVk2bjrnlFZKfAneesLO0R3ubH9062PLCERyvpNcLdbdWKQpSShAuThM842IqmcWN7IqbsrzTLn_mpMe3deEij8oPuucmVq3mk4ji3f4N_MeQ2fCcJ5M
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://showbizstar.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

gen_204
pagead2.googlesyndication.com/pagead/ Frame FF05
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3397626113560&version=m202301230201&ct=119&x=1&cor=7146452841508733000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 May 2023 15:43:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 boolean| credentialless object| _wpemojiSettings undefined| $ function| jQuery function| gtag object| dataLayer object| adsbygoogle function| Swiper object| settings_array object| wps_ajax object| q2w3_sidebar_options function| extendStatics function| __extends function| __assign function| reactive function| StaticOffsets function| DynamicOffsets string| StopWidgetClassName string| FixedWidgetClassName function| BaseWidget function| getWidgetContainer function| compatabilty_FW_v5 function| queryElements function| findWithProperty function| PositionWidget function| FixedWidget function| StickyWidget function| StopWidget function| Sidebar function| Sidebars function| onDocumentLoaded object| lazySizes object| wpshopSwiper string| top_menu_mobile_position object| twemoji object| wp object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc number| google_rum_task_id_counter object| gaGlobal object| gaplugins object| gaData function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| googletag object| google_llp object| GoogleGcLKhOms object| google_image_requests

13 Cookies

Domain/Path Name / Value
.showbizstar.ru/ Name: _ga_WN83Y015T5
Value: GS1.1.1683042182.1.0.1683042182.0.0.0
.showbizstar.ru/ Name: _ga
Value: GA1.2.1354988519.1683042183
.showbizstar.ru/ Name: _gid
Value: GA1.2.928805372.1683042183
.showbizstar.ru/ Name: _gat_gtag_UA_200606446_1
Value: 1
.showbizstar.ru/ Name: __gads
Value: ID=eab98f321305df44-227214fab7dd00c0:T=1683042182:RT=1683042182:S=ALNI_MZwonmplgMuDsjysrG9KqqocZn1-A
.showbizstar.ru/ Name: __gpi
Value: UID=00000bf4e48886e1:T=1683042182:RT=1683042182:S=ALNI_MZhxAPZZC8GON3e-5E2BUyLYOmqxw
.doubleclick.net/ Name: IDE
Value: AHWqTUngRJ0yjA5RA0nsUbMlgycIgezTZp4t13u-Re_8bl7a1f6ybnUrDVN4D-c9wkM
.casalemedia.com/ Name: CMID
Value: ZFEvh.12LSE9NPxVh5auCgAA
.casalemedia.com/ Name: CMPS
Value: 5201
.casalemedia.com/ Name: CMPRO
Value: 5201
.adnxs.com/ Name: uuid2
Value: 1143092965831524129
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2C$GCky=0!@wnfH8K6pQK`!5=E<*L5?%KNkChA^f@bXnh-L0a5d-U1`HP2@A1sYUS`]*!%nugO%v4VB%nlFD)c^q$
.doubleclick.net/ Name: DSID
Value: NO_DATA

1 Console Messages

Source Level URL
Text
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8046275555674737&output=html&h=280&slotname=7341133236&adk=3079527149&adf=232494035&pi=t.ma~as.7341133236&w=1090&fwrn=4&fwrnh=100&lmt=1683042182&rafmt=1&format=1090x280&url=http%3A%2F%2Fshowbizstar.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1683042182453&bpp=2&bdt=450&idt=258&shv=r20230426&mjsv=m202304260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=913133703214&frm=20&pv=1&ga_vid=1354988519.1683042183&ga_sid=1683042183&ga_hid=1240913754&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=255&ady=199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44773809%2C44759842%2C44759927%2C44759876%2C44788441%2C44789761%2C44790154&oid=2&pvsid=3649869842442817&tmod=1750032204&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=iSrOsXr4vD&p=http%3A//showbizstar.ru&dtd=262
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.com
adservice.google.de
cat.nl3.eu.criteo.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
csm.eu.criteo.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
imageproxy.eu.criteo.net
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
rtb.fr3.eu.criteo.com
s0.2mdn.net
showbizstar.ru
static.criteo.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.250.185.130
142.250.186.34
178.250.1.6
185.80.39.216
185.89.210.180
2001:4860:4802:32::36
2606:4700::6811:190e
2a00:1450:4001:800::2004
2a00:1450:4001:803::2003
2a00:1450:4001:806::2002
2a00:1450:4001:806::2008
2a00:1450:4001:810::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::2002
2a00:1450:4001:827::2006
2a00:1450:4001:827::200a
2a00:1450:4001:828::2001
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2002
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:d::2
2a02:2638:d::c
87.236.16.118
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09df6a6552e9ec0a635e7122ccc7d4c99ae36176c1c84ed34bda715ce29b0695
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b91400591617ff92c9fc737a11b29e3a82e22403987b29811432e1b700371e9
108d4173838f9a382cf7d7f380bc034375ad25d28ca4e5ff0e25898c21a29030
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14c77f954be37da1e7fba8efd1279e7ece7e384d33b8375d6e6a1ce013daaf47
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19e108654cdad8d8c68a56b51a36b7412d0f1a5b3062d8f0dcef455e193fa324
1f63d37176e96d3a8468c7664a0a72d314f934c075bdf5c9d0eaa04a94bb94a6
21b54f30b2790a8254cb82b3b32645dfb5c6c7dd669767c62ce2d26e07301de7
251401c02761c0d8df753e9afaeedbacb107a74a57728aa5116044dc8bf4e79a
28f403366c2c520bfff7d5a0883f1d53e1e87ba1c8202f3f29e6395a0b66806d
29aab4e8ef36ac96b31bfdc7625207d595e2e0eb03dafe40c8beea0f58faae4e
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2cf2901ad1e74d326075770da72eb99ec5d628dbe603d13a296c79021c6f1965
2d8b6b74824a19961f715e79bb50029065b1aa5c81428e5b47fd1ccc854a477f
3064985f885077e29c807522c002a661513396d58bdc3c1d4f21052812326d85
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34566586b3286863c27e440e6f4a3c996f81ce53ba7eac835ae73ef537c66d96
3e34a2ad74039bbe3d9878c92bef7d872fdef7b72d3d37123ea452f6cc70b546
400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02
40e10f5100459ee5b1152009e90b790d5481b3c4e229f7012fecff548060ec97
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
46eb2c66cea96d8f2ff202f45b92c2590b4a98fc32b7a8c13d9ff7caddc29b8d
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c6d0852e50ee0a548650e749858af9b0e5154a463f5c0e60839efb931e8dc45
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53e897e8d232c0aae8eed18b047f1fed63ce70f3a886ae36682712ea2898befb
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
569b25e02dcd9275b6dd46bfd1833287f2670730f770153e114dd94bfc6dfbe8
5f9376c77618bf0ef43bcabf8228c9e2befde3731087b944e140a88c34066873
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64d219084b8cb14eb52e6081812e02d005a0f38830ef66f4f754319995913703
67269c188734c4a76b48b8b1d99901bfd340ae4af7293c6516cad1ac2bc62362
68babdfc4950d6f622a966498dbe69a5d2c99665f0388af533848f4f7c165cb4
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c229d6173666048f0654945567c56d6d159e3ec383b914c220ff68d26d8fdbc
6e64c296ec03016c7f655e77f99d655a71e2e98a4dc3613774c2a92fac79b77b
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72b32ba1353f8afe9c76396d3f7693e2b88e03a42193df47eccb62d775647e31
750d70bfb8a9982b827656699387de0b63da65b2e9a247768005d9775bad42b8
766c3d2bef584e25a10c0268e288ed28a8dc689351782db792a246e3a7c35d05
77a44f65bb6894c92e3c7ccab98de0fc357172221cc1dd45949ab938c0c7756a
7ad5a67597b873ba56a2f16364ac27d3626339da13749059f44cfc62d17e01a6
8126a786b178c58984fe63249ce3fabaa0236797990fe6f75082bc49c9dcb0d2
81f5a03e1b49cbe1692501481bd08328870b21f448be669a04666ae2a6c96855
846498b01abdb8f4be4e0806ff5144ca647e1ab278c570af13ffc9dafa345068
86423a6ca95e0453e3411953509af199ad1504fb91cc13b567021e7abeed683c
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f99bc8844fcea57f0e84019376b273077e20f295ef256612ea557d3a6f2cd51
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
9ea027ac2c8047e44a569d1625acb59c1e4f25a484de0bbd053ef1eb5d490f96
9ecf36623d7ae48b3b1dda4f4d66966a2f062e2b754fd79d0fa63f8898947837
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0034a8a0b3a99a5eec395ba97f4af69bb4dc4e0b560663cccea314501f9ac2a
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a440695e0a007d2ca741bbae89df69d572544c20f3da597531c42b4a856474d9
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a69c12ccd186a899db79fce802b46c08e71f69c2c422be2666ed8565e3add026
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a81d25118c6f7d835e9ca132b995b8aca46e3575ee4ab2136ab96ac8d5e4688b
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
aa58f33f239a0fb02f5c7a6c45c043d7a9ac9a093335806694ecd6d4edc0d6a8
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
ba50339919a90068858c8ef567edba5d9e31a0572f1a818fad26c6300b52610c
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bdcee888032df2709f5e05a19b50a097665b34f0c9e8d5efa01f8ddf89af0fc7
bdeaf8670e736c57d2205cf898e02ad5bd71320a3c0dc0fb6676d12033b61db7
bf5a32878407b7e1f4fae574fdd255f300dd3002c7cc3561b4d5b03df1edb5b3
c1c57474d88bc77066cc29ddbaaa5e853c3dc5e4892ab6cfe64ec36be3058389
c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
d47a786c6b9e0f114e0ff0c92a8ff81d27d822447e41279494336c84560ea675
d509c6a9542e235d1451c1215f69357c70dc358c33dab1f92ea929d19edc9829
d60d4a9508ed8edf15bde82fee4869abfa7d5f12671cdd002a7630304068d6c5
d627d5f88f86813c582ecb5622da7243ab3327ebf83db188fd5211643ca5e6a8
d69525c9d86a15cbe0863330ce2f39ede18ab33fd593117cc7955fa3a899d083
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d9d7a127e58c45ac16c95f2635500671e9b93bd932361f0dedeb085354d2d422
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
dcef0a2eb37a3d8e32ddf11f664b3375a06980cf33792aa7bfb798b15cb646d1
ddccbab392901d3cf7568f12976be1a9843afec38283c7d77c1f711eb4f8fc83
dfce7661990990ec6c1d5b9fc81ff67472dc95e685198a2a02d3d775d90ea75e
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e448f424e7e314ecb9ea1b1bf0e3337b6c7441886c563f7e98ea7da0a233e54d
e7ac8c213a39acac1c68e7764de0275c26a2ef93eab2ef8c91f542d65c230cfb
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e911424c07e0ce6aaaa9a92dbb80599bd7907400f1d42b990551c2fda16926ba
ec81013fada9e239bb9d91316ba5cdfffaf0f7a1ea4220ae81c271db75b71a5a
ed5b054b3d1d550e89618cfea32ea7d54d7b9b5cdb3294c77232fa3383a47c8d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f452f43e94619df02e38ca31500f265641541e9a06c89f3e0485cba8dd0035e5
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f64f60b60f581caadfa1cf9b012ca732c4f4a24c8475027e7b7a225f20ce4278
f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fbf413da8be4e1bf8fb4cb0f4e7d667ff0b7fe2bfeaca31d91205520a5111cad