www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru Open in urlscan Pro
45.147.197.153  Public Scan

URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Submission: On July 23 via api from US — Scanned from US

Summary

This website contacted 38 IPs in 6 countries across 39 domains to perform 242 HTTP transactions. The main IP is 45.147.197.153, located in Netherlands and belongs to ON-LINE-DATA Server location - Netherlands, Dronten, NL. The main domain is www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru.
TLS certificate: Issued by R3 on June 23rd 2023. Valid for: 3 months.
This is the only time www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 45.147.197.153 204601 (ON-LINE-D...)
2 12 2a02:6b8:20::215 208722 (GLOBAL_DC)
2 2a02:6b8:a::a 208722 (GLOBAL_DC)
5 2607:f8b0:400... 15169 (GOOGLE)
12 2606:4700:303... 13335 (CLOUDFLAR...)
11 2607:f8b0:400... 15169 (GOOGLE)
1 5 2a02:6b8::90 208722 (GLOBAL_DC)
1 2 88.212.201.198 39134 (UNITEDNET)
1 89.184.81.35 28907 (MIROHOST ...)
3 2607:f8b0:400... 15169 (GOOGLE)
10 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
8 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
4 2620:100:a001... 19750 (AS-CRITEO)
1 2620:116:800b... 14618 (AMAZON-AES)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 38.98.69.175 174 (COGENT-174)
1 26 142.250.176.194 15169 (GOOGLE)
2 2 151.101.2.49 54113 (FASTLY)
2 2 69.90.254.78 13768 (COGECO-PEER1)
1 74.119.119.150 19750 (AS-CRITEO)
3 3 35.207.24.140 15169 (GOOGLE)
36 2620:100:a001::4 19750 (AS-CRITEO)
4 74.119.119.147 19750 (AS-CRITEO)
34 2620:100:a001::9 19750 (AS-CRITEO)
9 2620:100:a001... 19750 (AS-CRITEO)
1 2a02:6b8::16b 208722 (GLOBAL_DC)
2 2 2620:1ec:21::14 8068 (MICROSOFT...)
1 1 35.190.0.66 15169 (GOOGLE)
2 2 20.85.134.6 8075 (MICROSOFT...)
1 1 2600:1f18:4e9... 14618 (AMAZON-AES)
2 2 18.214.189.251 14618 (AMAZON-AES)
3 3 104.66.251.81 16625 (AKAMAI-AS)
2 2 15.197.193.217 16509 (AMAZON-02)
1 34.96.105.8 396982 (GOOGLE-CL...)
1 1 52.1.202.173 14618 (AMAZON-AES)
2 202.233.84.1 131957 (MICROAD M...)
1 1 174.137.133.49 27257 (WEBAIR-IN...)
8 2600:141b:900... 20940 (AKAMAI-ASN1)
2 2600:9000:21d... 16509 (AMAZON-02)
2 4 142.251.40.134 15169 (GOOGLE)
2 34.193.152.182 14618 (AMAZON-AES)
4 2620:100:a001::3 19750 (AS-CRITEO)
2 2 185.167.164.39 198622 (ADFORM)
10 34.117.228.201 396982 (GOOGLE-CL...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
242 38
Apex Domain
Subdomains
Transfer
79 criteo.net
static.criteo.net — Cisco Umbrella Rank: 605
imageproxy.us.criteo.net — Cisco Umbrella Rank: 2841
csm.us.criteo.net — Cisco Umbrella Rank: 2844
513 KB
45 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 208
googleads.g.doubleclick.net — Cisco Umbrella Rank: 56
cm.g.doubleclick.net — Cisco Umbrella Rank: 242
ad.doubleclick.net — Cisco Umbrella Rank: 184
230 KB
20 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 134
acea364e80cf1beb2ac1d7f54c24f519.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 153
269 KB
18 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 496
rtb0.doubleverify.com — Cisco Umbrella Rank: 721
rtbc-ue1.doubleverify.com — Cisco Umbrella Rank: 2173
tps.doubleverify.com — Cisco Umbrella Rank: 513
tpsc-ue1.doubleverify.com — Cisco Umbrella Rank: 1398
258 KB
13 criteo.com
ads.us.criteo.com — Cisco Umbrella Rank: 2755
dis.criteo.com — Cisco Umbrella Rank: 607
cat.va.us.criteo.com — Cisco Umbrella Rank: 2571
rtb.va.us.criteo.com — Cisco Umbrella Rank: 6416
184 KB
12 frontroute.org
xp4stm90bvzr.frontroute.org — Cisco Umbrella Rank: 863840
12 yastatic.net
yastatic.net — Cisco Umbrella Rank: 6850
213 KB
11 bookmp3.ru
www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
297 KB
8 yandex.ru
yandex.ru — Cisco Umbrella Rank: 2029
an.yandex.ru — Cisco Umbrella Rank: 5297
mc.yandex.ru Failed
matchid.adfox.yandex.ru — Cisco Umbrella Rank: 32371
121 KB
5 google.com
adservice.google.com — Cisco Umbrella Rank: 117
www.google.com — Cisco Umbrella Rank: 3
621 B
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 207
225 KB
3 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 1833
3 KB
3 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1161
1 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 59
21 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 261
10 KB
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 610
1 KB
2 samplicio.us
tracker.samplicio.us — Cisco Umbrella Rank: 2007
780 B
2 agkn.com
d.agkn.com — Cisco Umbrella Rank: 672
1 KB
2 microad.jp
aid.send.microad.jp — Cisco Umbrella Rank: 6832
1 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 384
1 KB
2 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1706
1 KB
2 inmobi.com
mweb.ck.inmobi.com — Cisco Umbrella Rank: 4573
888 B
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 385
912 B
2 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1466
1 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 737
841 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 808
s.tribalfusion.com — Cisco Umbrella Rank: 1937
1 KB
2 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 11639
2 KB
1 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 7499
543 B
1 fksnk.com
fksnk.com — Cisco Umbrella Rank: 5329
611 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2149
173 B
1 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 470
716 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 8884
557 B
1 mxptint.net
aep.mxptint.net — Cisco Umbrella Rank: 6595
731 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 811
463 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 73
77 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1178
601 B
1 hit.ua
c.hit.ua — Cisco Umbrella Rank: 172151
739 B
0 mail.ru Failed
ad.mail.ru Failed
0 betweendigital.com Failed
ads.betweendigital.com Failed
242 39
Domain Requested by
36 static.criteo.net ads.us.criteo.com
cdnjs.cloudflare.com
static.criteo.net
34 imageproxy.us.criteo.net ads.us.criteo.com
www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
26 cm.g.doubleclick.net 1 redirects googleads.g.doubleclick.net
12 xp4stm90bvzr.frontroute.org www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
12 yastatic.net 2 redirects yastatic.net
11 pagead2.googlesyndication.com www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
11 www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
10 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
9 csm.us.criteo.net ads.us.criteo.com
8 cdn.doubleverify.com ads.us.criteo.com
cdn.doubleverify.com
www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
8 tpc.googlesyndication.com googleads.g.doubleclick.net
5 an.yandex.ru 1 redirects yastatic.net
googleads.g.doubleclick.net
5 securepubads.g.doubleclick.net www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
securepubads.g.doubleclick.net
4 rtbc-ue1.doubleverify.com cdn.doubleverify.com
4 rtb.va.us.criteo.com googleads.g.doubleclick.net
www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
4 ad.doubleclick.net 2 redirects ads.us.criteo.com
4 cat.va.us.criteo.com ads.us.criteo.com
4 ads.us.criteo.com googleads.g.doubleclick.net
4 www.googletagservices.com googleads.g.doubleclick.net
3 px.owneriq.net 3 redirects
3 rtb.mfadsrvr.com 3 redirects
3 www.google.com googleads.g.doubleclick.net
3 www.google-analytics.com www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
www.google-analytics.com
www.googletagmanager.com
2 tpsc-ue1.doubleverify.com cdn.doubleverify.com
2 tps.doubleverify.com cdn.doubleverify.com
2 cdnjs.cloudflare.com ads.us.criteo.com
2 rtb0.doubleverify.com cdn.doubleverify.com
2 c1.adform.net 2 redirects
2 tracker.samplicio.us ads.us.criteo.com
2 d.agkn.com ads.us.criteo.com
2 aid.send.microad.jp googleads.g.doubleclick.net
2 match.adsrvr.org 2 redirects
2 beacon.lynx.cognitivlabs.com 2 redirects
2 mweb.ck.inmobi.com 2 redirects
2 px.ads.linkedin.com 2 redirects
2 ums.acuityplatform.com 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 adservice.google.com pagead2.googlesyndication.com
2 counter.yadro.ru 1 redirects www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
2 yandex.ru www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
1 dsp.adkernel.com 1 redirects
1 fksnk.com 1 redirects
1 tr.blismedia.com googleads.g.doubleclick.net
1 pr-bh.ybp.yahoo.com 1 redirects
1 ads.travelaudience.com 1 redirects
1 matchid.adfox.yandex.ru yastatic.net
1 dis.criteo.com googleads.g.doubleclick.net
1 aep.mxptint.net 1 redirects
1 s.tribalfusion.com googleads.g.doubleclick.net
1 a.tribalfusion.com 1 redirects
1 cms.quantserve.com googleads.g.doubleclick.net
1 www.googletagmanager.com www.google-analytics.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 acea364e80cf1beb2ac1d7f54c24f519.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 c.hit.ua www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
0 ad.mail.ru Failed yastatic.net
0 ads.betweendigital.com Failed yastatic.net
0 mc.yandex.ru Failed www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
242 58

This site contains links to these domains. Also see Links.

Domain
mir-knigi.info
vk.com
www.facebook.com
twitter.com
bookmp3.ru
www.liveinternet.ru
hit.ua
Subject Issuer Validity Valid
pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
R3
2023-06-23 -
2023-09-21
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-07-03 -
2023-09-25
3 months crt.sh
frontroute.org
E1
2023-06-25 -
2023-09-23
3 months crt.sh
*.yastatic-net.ru
GlobalSign ECC OV SSL CA 2018
2023-07-10 -
2024-01-07
6 months crt.sh
bs.yandex.ru
GlobalSign ECC OV SSL CA 2018
2023-04-08 -
2023-10-07
6 months crt.sh
hit.ua
R3
2023-06-13 -
2023-09-11
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-07-03 -
2023-09-25
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2023-07-03 -
2023-09-25
3 months crt.sh
*.google.com
GTS CA 1C3
2023-07-03 -
2023-09-25
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-07-03 -
2023-09-25
3 months crt.sh
www.google.com
GTS CA 1C3
2023-07-03 -
2023-09-25
3 months crt.sh
*.us.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-06-27 -
2023-09-23
3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1
2022-08-09 -
2023-09-09
a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-07-19 -
2023-10-18
3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-05-27 -
2023-08-27
3 months crt.sh
*.va.us.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-07-11 -
2023-10-13
3 months crt.sh
*.us.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-06-04 -
2023-08-31
3 months crt.sh
matchid.adfox.yandex.ru
GlobalSign RSA OV SSL CA 2018
2023-06-01 -
2023-11-24
6 months crt.sh
tr.blismedia.com
GTS CA 1D4
2023-06-09 -
2023-09-07
3 months crt.sh
*.send.microad.jp
GlobalSign RSA OV SSL CA 2018
2022-10-05 -
2023-11-06
a year crt.sh
*.doubleverify.com
DigiCert TLS RSA SHA256 2020 CA1
2023-05-07 -
2024-05-07
a year crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1
2022-09-06 -
2023-09-21
a year crt.sh
*.samplicio.us
Amazon RSA 2048 M02
2023-02-16 -
2024-03-16
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-07-03 -
2024-07-02
a year crt.sh
*.tps.doubleverify.com
Go Daddy Secure Certificate Authority - G2
2022-09-28 -
2023-10-30
a year crt.sh

This page contains 18 frames:

Primary Page: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Frame ID: 58F72C7F030570EC7998EC3AF3F5E30A
Requests: 60 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20190131/zrt_lookup.html
Frame ID: 283FDFACFD6327A8A0BBA1101651F606
Requests: 1 HTTP requests in this frame

Frame: https://acea364e80cf1beb2ac1d7f54c24f519.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C913C60E5B3F9267040423A6DA5E3FDA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1618592205083780&output=html&h=178&slotname=2609168587&adk=1374432671&adf=4036610663&pi=t.ma~as.2609168587&w=710&fwrn=4&lmt=1690152109&rafmt=11&format=710x178&url=https%3A%2F%2Fwww.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690152109199&bpp=10&bdt=2334&idt=277&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&correlator=4611190033106&frm=20&pv=2&ga_vid=1167766464.1690152109&ga_sid=1690152109&ga_hid=1961258191&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=295&ady=1617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31076087%2C42531706%2C44788441%2C44797784&oid=2&pvsid=4066533587057257&tmod=1604677241&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=5ut2MxHbOz&p=https%3A//www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru&dtd=391
Frame ID: 3A3CD79218F31C7C63F26EB5B0538263
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1618592205083780&output=html&adk=1812271804&adf=3025194257&lmt=1690152109&plat=2%3A16777216%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fwww.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690152109227&bpp=3&bdt=2363&idt=397&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&prev_fmts=710x178&nras=1&correlator=4611190033106&frm=20&pv=1&ga_vid=1167766464.1690152109&ga_sid=1690152109&ga_hid=1961258191&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31076087%2C42531706%2C44788441%2C44797784&oid=2&pvsid=4066533587057257&tmod=1604677241&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=483
Frame ID: 95223A141478E5F86C6CEA03FC89ED97
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAJ78UFKNMXAANAL1ZjmMz9_9MSmeQpdg&u=%7CSjDzQLoKHiuuCPxM7LPYvqN8FUsLBhtYQkKBsl3HK%2F0%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78rklu3251mk0mb-RBzl6Q31aohG_DEjutoXymwHZ91Z5SU1mntZfa4vRc8nT5cTmKM7rUKSqosjXyKCO6jz5XzCxIlxCJefYRUBo36Loj-fUW_M0PUrQ8aLmuPBxSlf9kTqYj198CQ0QXv5xkn2PGMHP7Jlfkz4Bo___s7ReVMEc5icU6Zgj9uV0fMoFNdgFJp7KFnLj9yo5l8jpaGXtJ_h5bDH9yJxd9WOXsr17HBQUhWUJ2QfY3sJyM9QOj7BZgNfgGHciAYlbGo1Zr1Rwxr9y3gRd1-SpYj9QrPLCRiGeXcssGkE1ycjVHNF_G1thgitRAlntEyrerFwrWRFm42NrIvoNlj_apermKpE41PIdYyG7iGZiEDCP_ZJ_8Dsn4c2L2BNJSHEQfqclMERWLgICjY3BxgFoi5HCeBiWzM2Xkh8zEOg0EDkcTaq3YoA62yde8yzkCYLBUJry5FCkDVWcKHOFu16kzLzM0jq9XwvPMNuamfTROycTSA19jHAoZaIyFpxOyU3Nh7hIOB7MkA6R7bdvxGu2-E9ruvI66_sQ-FaSF1Owbdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPn4dray9ZMXfJ5emo9kPr4CNgAqcge-wXNKWqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoExQJP0GUzpYeEATZ465b5enwUkn9CZqrD9D3-kj7evH0GOnKaaytMEg-HfUZinFZ6kPN6jJxPJMx88c0sRPYiTkERNV1Xoe2gB00xPTa4y6a5SQTwAsMjpUMoIpfkyiasC4ibOaMIU5YDBm1v1gz8OG4LFb-JSKnF9bu_B3rwbHLCXQmDzB6atOKDfa08adj6wHnq_WkcZR7fjwMJmB3M0Ow9naY2W2xxoJEK_csXkeuViT_C0_zUhE0UzTVD4HxDTWby0N7CRc601z_6so5Px6vWH3PZTMRhoIwStl4PfnVmLsy6zZLijpG_u4LCCJsq6CnvXnmKStvlI9LrnobQzZBYX_L4d12LZzpbcwTUl3ak_x1VmsTXGGzFVwQOy7d7102Z8U9C8rvmgJAXA8xyurwoNWAmKENmMCLDRVqOxwQsd1cXlyLLgAbJx_363fjukhegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1ft_UO8uoXHKdC3d-9FDjyE1m4WA%26client%3Dca-pub-1618592205083780%26adurl%3D
Frame ID: 0F127DA029A0B9E9A64C786C71920FA5
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7A74B9E167BCB4BD1C3016B36573E0C5
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Frame ID: 81BD00682C0013416730CEB46B80C5D6
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Frame ID: 0D732A5DC5744E88080CC99751B34BE8
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Frame ID: 0AA1582E841638A8414D43DB5B869549
Requests: 9 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5MFKNxNAApLxecTK0pZheyfuCsMLA&u=%7CSjDzQLoKHiu4kmQHvxRrWwMUKlM6G4NxYLF2hNe%2BUPk%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78rklu3251mk0mb-RBzl6Q37qy_PLxz4NWIjSKjEB-Fx3Nu_gFFVO2d9LWvxlGa_DhrYjaZ_D82_b8Aa1j51kug1stgh2UZ_gWNCL5M_7hv5ju_cNRxqG79p6gpspd9qL_HVb-GRbHUwQKwvfqa52vnLW6gKDTHCpgssUK_Dsg0k9uMtB57Pqm1iSSU3G274xWToN3Sl9mPGDQV80lHr7QgiqdSHW_n8MfWenyNBRThsT4bi_gIesGNF3TS9cZbyeDc79EF5Gk03OP_w0q2zRRz9Tpt_WbySnJu_S_604-Ryj6QfuEtQgBsJOWJWaBTXkZap22GShSWQ-CyTyKZvHeBFafVMQmk-mRPrDi6-edMs72TMMJJLJFDSf9x4AmCT7fJk1Ykh6c7V9mVPbHfeK5GDD5nUtVfjLLhsEMq9GY2YwVV0BxkLf67Ypwlx9bsiyOxUgwD0wM3glJQLZqc0Edrr-wCIcCdjcR9IOZy8vq-WgyO6DQUbyXaYhOT0k_QzxPOiMnr58phNRRqsXXz62bRDWqrSjusSO90M0LK-tZ1_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7Xfxray9ZJOPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEwAJP0FAxIDHQjn_OBE-waXHWgdm9cDx1gpdhaORFdoeTQvT7VAqzHi2bUZyRKhcZ2Q3hgiPyobMaLo-4rnHj4fqkOkfr78_GeVtYaqdrbdtI2FbgkAqz6iIrxQQzX8Uc_pHuOKZ0apei0yhNrh7uy0CumKKXeio7ZBeijXTn3RxjqHtQiIUC1Wmjlej6l3u_tL0UWLLuuivIA6Z_9TBVmnnS753vbelclmM3zsd-gAqCvhkEfc2A0Nd3TIb0IwK0KwpmQkcWFtglRKzyubSXl80UyB6iYHNhvNfZniCuaOrxW1BXpakphD8Dp59z1kSELQNCVjz4QzUr5dqY4fkTKxIVpyd9jdSEX5UDokOD1K0DjrDUkCDqD209OpffZ8W1KFMw3Lz6qTeEnq1kMJUuxdCFw40IlgTqcbeKKRhudKQjFoAGycf9-t347pIXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1GC3B3Kw-TOK45YC_aPQWf5tT8bw%26client%3Dca-pub-1618592205083780%26adurl%3D
Frame ID: 9491F356091988F4777377EE6E2C0624
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F18846BEB4B69593671CB2D6140C24AA
Requests: 9 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5QFKNxNAApLxcfAYaMUBXzK6NraFA&u=%7CSjDzQLoKHiuKzFT8OZYMKpD6EKoZ1VzCRIJX3j2d7Wc%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv2s2u2dplnKJtVkuzLzx_KV4fN7d1ufgtaTz-Ku7eGDRd5R4EKT3I_GMMLHiGjs_TodfHlURqc7LuTzRQ3slKmZ8DQsjiL3h8nvC3T8_zTZRKLvKkEdkqcXGwMnqvz2sVffV3WjPpV1OBSwIZsXQH_mMosLJ_qqzNf7Y2Nu5kXXCAvvVSBIlPk29qGnS03mwSFnVv5ZvqXWsJdm3P618DjbVnDITmANU-LplsDG30tWNuJtdi5wqmAKJIGSWluPZQ7MQQf-pKq4ymOx5DU1AtOlNXDmvT4i0gU2TZMCuMqRZE5LNMyWdyy0VCnvrcyMG_Msvv1rQu00Ei66O_JGo0N89btVJEU3zQSQ-QnD1rXVND9y6CDelEXPBU8Kgs2xgddtTqq_lmYouufidv_dF0CPFbwOVChR-g2OuNsWgFIuVGoz5qkEx2CwfYQXxwNolP-DadjGuIbRFtFIApZbcrhsU-ncXpTHeu6WPz4YuB5gt5E04owbleLtAF66UB4jJeT0VhlEFT_Xf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHBghray9ZJSPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0AiGg0LW9IZGpNTTCpmHAISEqvNmnc8TM3xu6WmZHgq1Qqquh2H71cg6mgmwOlYpzeOhssMf61DChKa3xtFTsrAbuZmdYtVi9k_PYYfoWCL0fSdogIjSGWcApsse1SkuyeF5erG5RsfHukps-Hs1tQH_QHNt8WvAzSd_-fBZ7nePAhoAx6Le1dGG2Bt4lPlQdnziGsNK8r69l3CVkWmMpXrKRw8BetKjCNxJp6BWrkYgk_aNdXeWaECyHRhz9E5wR71DMAhiMZn7m457UtQBrIsPtELAd34ioQQw57aF_pfN4ByU6rXhk0wUoNP3uRIGkWYD-h29WqzP5kR5o_JsUHQSi7Ne7geHvyXiNTJBQxSY_VMttLjBIgICrT4OlISyCwNYnvbMZUzVQ5m1ThvcC5G8eF48UIrepPu1lz4mgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3K-I8gnC4nlhQ0RUUUFC8dxv_unw%26client%3Dca-pub-1618592205083780%26adurl%3D
Frame ID: 593DC9230C3E58CEDDFF850C37E17D5A
Requests: 36 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F31E4A1AC74B14BA1B4CFC0427A9E5F4
Requests: 9 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5UFKNxNAApLxfHDqOKPtAWOCWnI1A&u=%7CSjDzQLoKHiu%2FHvtcMH2GIp%2BUpmMJy17Qx3YskfURbe4%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv8woe_caJE_VUAicvkuo4T4WuabUPEUl3LeKzAq_pgTek-KblTtvdwbtUm5EnXa_EpKX7NBZFrgFRvbSDW4ZgPknzANXSqeQhVssTmp8HPODGB1YTUM_VRwYXAIRWcjPZOTJFCJALJpKAHkBLr0hJzP-B30IwWo5-uNkZIvIHSaSptMNoUlkrRgcLTwYixLsmHLvbQxaFohAZ9WbsD3ThQhk-R0I1TYADCvCl2Emijc6nzVZpR9zseC1MNkKBFCnrFZu6w2WLMssbU8yy1bjtK01D1BMNmZ-Gjvd-7S6T3kNU_kbOLEJ-kdFZ5tTbBqvKXiFDa5DJyZpo-PVwS7B2UtBpLiQwF6vm3UeV1EjZgEeGiecYADMA8ZleWdXtAPhnbakoTywcrtpzCeiKBKk1nLUoxfk3n7gejjSaHw9MmxuwszorHbqyoajrZeD_rpmeOxLKttZyS5Q1uaOuxC2wnGCwiOMdyYgPz21o3LqitUOQvKn1jfgVT4ZOEHVmXqRlAEq4TiIGM9IM_q774lwakA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRBCtray9ZJWPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0BTlMUhuBlZKl-3E-7xxCFSS3ePazj0-EdIxKbBm8DEMcJjoXroi8Wts3wSpE1XTNqlviiuDGx2SvmOfKCOuHOm17zhTptml28Ee_H5Voy4u4m1bKvUKkBtkZiAGysySEEzOi52z7tKzrpwIU349b1rJx2ZLREfgKtv8c_gnSnzmT76IbxuG_QrykK_fNVA_jrnxHRWbTB7wmOMeZmntIOT1w-3jyUJpYS8VNs85R0cYARVgiUkVA9B_Zg1ZgtgoWZy4ug94OTs6LxpBfOiEye4p66prgGH7WGa7xIthICvcFxEGxSD_cz-mhH0uQFPYVk2K_nY2p8l9vwHlL7CFwGk1402N3u38W22N0kEr39k-N2Bz6nb8fJI0hnLHRKoNjdTwmWirEgAM_Yt5rSUP5om8rPD2gje53BHzFctIgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3uvvs6CwprmmrFVVTiB1hl4mqEuA%26client%3Dca-pub-1618592205083780%26adurl%3D
Frame ID: BDEF404B81E060C24DC4C866FC5EBB04
Requests: 45 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D8C0172A4D51849DB7BC414F146DF9AB
Requests: 9 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements4309.js
Frame ID: FD3E996EC1A765BF9DA28CEB61EB0FBA
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements4309.js
Frame ID: DE2DA710BC4819A90E469D049D666279
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

Аудиокниги слушать онлайн бесплатно :: bookmp3.ru

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

242
Requests

87 %
HTTPS

55 %
IPv6

39
Domains

58
Subdomains

38
IPs

6
Countries

2422 kB
Transfer

6919 kB
Size

52
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://yastatic.net/pcode/adfox/header-bidding.js HTTP 302
  • https://yandex.ru/ads/system/header-bidding.js
Request Chain 5
  • https://yastatic.net/pcode/adfox/loader.js HTTP 302
  • https://yandex.ru/ads/system/context.js
Request Chain 34
  • https://counter.yadro.ru/hit?t11.6;r;s1600*1200*24;uhttps%3A//www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/;0.9873473415885374 HTTP 302
  • https://counter.yadro.ru/hit?q;t11.6;r;s1600*1200*24;uhttps%3A//www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/;0.9873473415885374
Request Chain 59
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEDp7ZjmpSSv19F5blXCu2UY&google_cver=1&google_push=AaAOQGENFt9ymBLrzhq2YpBEvIEdW_wxkZx7Dv5OFOWYboI6PGcpd8ZmomJoyhRnC5yIb2PwkC0gBqvHTfZxhObR38qg0zsPhXzDDQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGENFt9ymBLrzhq2YpBEvIEdW_wxkZx7Dv5OFOWYboI6PGcpd8ZmomJoyhRnC5yIb2PwkC0gBqvHTfZxhObR38qg0zsPhXzDDQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDp7ZjmpSSv19F5blXCu2UY&google_cver=1&google_push=AaAOQGENFt9ymBLrzhq2YpBEvIEdW_wxkZx7Dv5OFOWYboI6PGcpd8ZmomJoyhRnC5yIb2PwkC0gBqvHTfZxhObR38qg0zsPhXzDDQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGENFt9ymBLrzhq2YpBEvIEdW_wxkZx7Dv5OFOWYboI6PGcpd8ZmomJoyhRnC5yIb2PwkC0gBqvHTfZxhObR38qg0zsPhXzDDQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 60
  • https://aep.mxptint.net/sn.ashx?google_gid=CAESEEneW3wRnQ48ngkCq3S-uHM&google_cver=1&google_push=AaAOQGHpH5KKIw3YezFRxStb-IvLkI6I7yr9pbPrhveoabIpkZKGk3YQsDqQRjwgKY-gb7Kkoo5rwHG-5v4HpDW18VkHf30OTODd3Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AaAOQGHpH5KKIw3YezFRxStb-IvLkI6I7yr9pbPrhveoabIpkZKGk3YQsDqQRjwgKY-gb7Kkoo5rwHG-5v4HpDW18VkHf30OTODd3Q&google_hm=UjMzNjQ2XzEwNjQ5MDQyN19COUE2MzcyRQ%3D%3D
Request Chain 61
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEN65EBbZ-18SQF6OVg1ngGU&google_cver=1&google_push=AaAOQGH-Jf3z5c-TTO_pssQNrAQUO9PPFZVl_CwHdh2npbRFdyy4sdqOmLrWT2Wsz5AYxfBsf_CYV2YXkxElwtKWs5w3WRjMzlRrDg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEN65EBbZ-18SQF6OVg1ngGU&google_push=AaAOQGH-Jf3z5c-TTO_pssQNrAQUO9PPFZVl_CwHdh2npbRFdyy4sdqOmLrWT2Wsz5AYxfBsf_CYV2YXkxElwtKWs5w3WRjMzlRrDg
Request Chain 62
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESENw7_fRklOb0-qngjYUi0hI&google_cver=1&google_push=AaAOQGE4mTmxJ9nExJKQpoNcHRuntl7kLznkWZuBQseWZiE1lBnxyhub6XpkjhTORhP4v3eQGhuOBsENeTd_7gIkgnBPCiaWLVkZ9A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=803754168391
Request Chain 64
  • https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESEBVzX-dG_DDwJ0NMmNty4eM&google_cver=1&google_push=AaAOQGHlRyAqyU4S8XgA30uGUw2fqCJi2WZQN9V_cyVSb3vamwQ91uzYrepxIny_oQNwZEFgULU5TrVsgE0666dhMqIcGLd8JiBtfQ HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=google&ssp_init=step1&google_gid=CAESEBVzX-dG_DDwJ0NMmNty4eM&google_cver=1&google_push=AaAOQGHlRyAqyU4S8XgA30uGUw2fqCJi2WZQN9V_cyVSb3vamwQ91uzYrepxIny_oQNwZEFgULU5TrVsgE0666dhMqIcGLd8JiBtfQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=mEJ_QxQ6QQORmDvQsavBSA==&no_redirect=1&google_push=AaAOQGHlRyAqyU4S8XgA30uGUw2fqCJi2WZQN9V_cyVSb3vamwQ91uzYrepxIny_oQNwZEFgULU5TrVsgE0666dhMqIcGLd8JiBtfQ
Request Chain 113
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEEL-ilPYYEPll6MiHuJXurE&google_cver=1&google_push=AaAOQGFGrHi1E9YO99_DvKTXljn24IPcsuIeWhgSC48WYhOn6XvsHEclUREHVA-EtULlMKQl40x9FXw4FU4r4gPRyzzd0CXArCiN3w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AaAOQGFGrHi1E9YO99_DvKTXljn24IPcsuIeWhgSC48WYhOn6XvsHEclUREHVA-EtULlMKQl40x9FXw4FU4r4gPRyzzd0CXArCiN3w
Request Chain 114
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESECtep4f_dmBPcTywV19_faQ&google_cver=1&google_push=AaAOQGGVKKS4KKvHhOs2vvvkfo5ZiZRzKZVuVozyGj3eRBpeYr7gsTLgCIFby6gxCHGsq-XincKr4MfaHzC-c0fbg9QQ8lxyUkO_tTg HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=uUbzPUYgRd-rvjX1LEBHhA2&google_push=AaAOQGGVKKS4KKvHhOs2vvvkfo5ZiZRzKZVuVozyGj3eRBpeYr7gsTLgCIFby6gxCHGsq-XincKr4MfaHzC-c0fbg9QQ8lxyUkO_tTg
Request Chain 115
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEOMEbAOUjO0a8farYEG7vLo&google_cver=1&google_push=AaAOQGH4jjv9Ao-J_M1cemJul7k9bcTEI5OfBWDhJoE3JyVw7TMdW7jT-r2fPT04FbLqmHJEN8g5Z9X8LVqqZ3dxdjbCvSgp9o2mNQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=Zjc4N2IzODEtYTBkNy00YmExLWE3NDItNTczYzU0YTA1ZmI2&google_gid=CAESEOMEbAOUjO0a8farYEG7vLo&google_cver=1&google_push=AaAOQGH4jjv9Ao-J_M1cemJul7k9bcTEI5OfBWDhJoE3JyVw7TMdW7jT-r2fPT04FbLqmHJEN8g5Z9X8LVqqZ3dxdjbCvSgp9o2mNQ
Request Chain 116
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEBbWhk_4CvvAC4GbeUXt5rU&google_cver=1&google_push=AaAOQGGS0Br68XvLyUGHc8RuXUU_7l84IfhkxYRQO8H0qI9fK-0SdwhqhQorx9GrCkbVWr5FFh_AKm2WRwkCpYA9uwk9rhUOPau4pg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=803754168391
Request Chain 117
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEARadEqESJPL5GZ6Y5_J5CA&google_cver=1&google_push=AaAOQGEgY3ggBPKVy8W92if5hO7ZE80r4uMeDQRkP-6UPS0cofKMfXl4nTsrKs7JF9Z3mCkQYsVVqJM8e7dnDzkQDD7fnLpKHVZdNoA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGEgY3ggBPKVy8W92if5hO7ZE80r4uMeDQRkP-6UPS0cofKMfXl4nTsrKs7JF9Z3mCkQYsVVqJM8e7dnDzkQDD7fnLpKHVZdNoA&google_hm=eS0wQ0FHdEUxRTJwR0JDR29nTk9qMmJtdThMQlc5Y1Y1eH5B
Request Chain 118
  • https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESEKD-Y2iQBhUghgqMERA2Dvo&google_cver=1&google_push=AaAOQGHg2Mswjc_jqGk1Z1LkjF2r8KQtLbvGyvS3tHpRj65mUyiE2UealSUzuF6w5EE1QTu9wt0Auio4AeopedDYV1jFLjvVHlmZuwv5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=mEJ_QxQ6QQORmDvQsavBSA==&no_redirect=1&google_push=AaAOQGHg2Mswjc_jqGk1Z1LkjF2r8KQtLbvGyvS3tHpRj65mUyiE2UealSUzuF6w5EE1QTu9wt0Auio4AeopedDYV1jFLjvVHlmZuwv5
Request Chain 119
  • https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESEMmCFcFgWtVzsT-xscRuHq0&google_cver=1&google_push=AaAOQGFdPTt8HmCgsXKad3IyLXI5oF6LRoOzd99pcfdkeNl_4oaw7c7K0ZjlLrfkRTDFG_x_w9HcC1w6DdF1c-GoLpKDGTd6D1JHYr6M HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=h3r3HcumL0-cy2u62u4oGQ&google_push=AaAOQGFdPTt8HmCgsXKad3IyLXI5oF6LRoOzd99pcfdkeNl_4oaw7c7K0ZjlLrfkRTDFG_x_w9HcC1w6DdF1c-GoLpKDGTd6D1JHYr6M
Request Chain 128
  • https://px.owneriq.net/ecmg?google_gid=CAESENnBL5YoBEPnHVbWLVB99Fs&google_cver=1&google_push=AaAOQGHkTyrJ6tX4JdrX3_7gI2SWeYClIf0zskgMZlz1sXnkK8OZlpJnzc9GdFZ--rtwHzsJjd3GGD-NRwSCvI_H9tZ2W6rqlSrNoTM HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fcm.g.doubleclick.net%2fpixel%3fgoogle_nid%3downeriq1%26google_sc%26google_push%3dAaAOQGHkTyrJ6tX4JdrX3_7gI2SWeYClIf0zskgMZlz1sXnkK8OZlpJnzc9GdFZ--rtwHzsJjd3GGD-NRwSCvI_H9tZ2W6rqlSrNoTM%26google_cver%3d1%26google_gid%3dCAESENnBL5YoBEPnHVbWLVB99Fs%26google_hm%3dUTc0MzQzODUxMzEyMjU5NDU3NjU%3d&uid=Q7434385131225945765&ref=%2Fecmg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AaAOQGHkTyrJ6tX4JdrX3_7gI2SWeYClIf0zskgMZlz1sXnkK8OZlpJnzc9GdFZ--rtwHzsJjd3GGD-NRwSCvI_H9tZ2W6rqlSrNoTM&google_cver=1&google_gid=CAESENnBL5YoBEPnHVbWLVB99Fs&google_hm=UTc0MzQzODUxMzEyMjU5NDU3NjU=
Request Chain 129
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEFfdBfTyh48TFp6Ww3WvC6o&google_cver=1&google_push=AaAOQGFBq7uZrhaAV_cAVnKpVmR2PBSWyfLIpUv1MjlliM7hq5IaGDosAYCy-pZIAHVNJsYV_oXXAT4BK068KKPpHy7qaNs4ihqG9KE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=Wkwyc3JnQURGLTBrMlFCWQ==&google_gid=CAESEFfdBfTyh48TFp6Ww3WvC6o&google_cver=1&google_push=AaAOQGFBq7uZrhaAV_cAVnKpVmR2PBSWyfLIpUv1MjlliM7hq5IaGDosAYCy-pZIAHVNJsYV_oXXAT4BK068KKPpHy7qaNs4ihqG9KE
Request Chain 130
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESENMrFMGzvYgWuLvrYcxfSSQ&google_cver=1&google_push=AaAOQGGq6dvuUVGtzKVzv8NtokY7IBQR-FpPprcZnfPlQQiTzBbluVCzm7oCCFoQKkK9GKqQ8JySjN4wYSf1SDIXKLgPdeqxx2Y-CbY HTTP 302
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESENMrFMGzvYgWuLvrYcxfSSQ&google_cver=1&google_push=AaAOQGGq6dvuUVGtzKVzv8NtokY7IBQR-FpPprcZnfPlQQiTzBbluVCzm7oCCFoQKkK9GKqQ8JySjN4wYSf1SDIXKLgPdeqxx2Y-CbY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZWNlOTM3MDYtZWM3YS00NGMzLTlhM2YtM2Y1M2YxODM1MjY1&google_push&gdpr=0&gdpr_consent=&ttd_tdid=ece93706-ec7a-44c3-9a3f-3f53f1835265
Request Chain 132
  • https://fksnk.com/cs/google?google_gid=CAESEAGG2YdViTPEOvL-aTMRN3Q&google_cver=1&google_push=AaAOQGGQ7lxbfwv7gEkmm9ANnwFqmlCF4Wux0Vp8fXQc4DH6lFcvzTM3Wqpjyp-oFIr0PoRxk9KAnaiXgFoKK3IEtmAGDALJJGLCVz0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NjJGNzcwMjVGMjg5RTQ1MQ==
Request Chain 134
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEFu_1kV4HM1-0LHymZ8EPFQ&google_cver=1&google_push=AaAOQGF5Cm4EXOVE7rszmDml2tZqNZc6sAe9FRtaVrwXwXLpDACY6XYbHLyrkFg-3iIwA2F_RJ-bT3I-f0A0agaUKdOXOCpZLNsV9Tk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTI2NjIxNzU2ODUxODE0ODQ3OTY&google_push=AaAOQGF5Cm4EXOVE7rszmDml2tZqNZc6sAe9FRtaVrwXwXLpDACY6XYbHLyrkFg-3iIwA2F_RJ-bT3I-f0A0agaUKdOXOCpZLNsV9Tk
Request Chain 144
  • https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B29214310.358196926;dc_trk_aid=549043976;dc_trk_cid=186144873;dcopt=anid;ord=64bdacb02222ee95bfc9a6d04938f15b;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B29214310.358196926;dc_pre=COip6qLzpYADFXkWiAkdwN4EmA;dc_trk_aid=549043976;dc_trk_cid=186144873;dcopt=anid;ord=64bdacb02222ee95bfc9a6d04938f15b;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;;ltd=
Request Chain 156
  • https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B29214310.358196926;dc_trk_aid=549043976;dc_trk_cid=186144873;dcopt=anid;ord=64bdacb0b57359311642e59c2f8c83af;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B29214310.358196926;dc_pre=CN-v6qLzpYADFXoXiAkdorYMAg;dc_trk_aid=549043976;dc_trk_cid=186144873;dcopt=anid;ord=64bdacb0b57359311642e59c2f8c83af;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;;ltd=
Request Chain 158
  • https://px.owneriq.net/ecmg?google_gid=CAESENnBL5YoBEPnHVbWLVB99Fs&google_cver=1&google_push=AaAOQGFwy9j7xrH5McFuNKcffadGMgQYLGh39ddOgBkCHlTHGRdabb4kzNPfJkmpn3M5AYLB5JauZlrLfk0k95QWnJ_fPx8Fk4NBnuc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AaAOQGFwy9j7xrH5McFuNKcffadGMgQYLGh39ddOgBkCHlTHGRdabb4kzNPfJkmpn3M5AYLB5JauZlrLfk0k95QWnJ_fPx8Fk4NBnuc&google_cver=1&google_gid=CAESENnBL5YoBEPnHVbWLVB99Fs&google_hm=UTc0MzQzODUxMzEyMjU5NDU3NjVQ
Request Chain 159
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEEL-ilPYYEPll6MiHuJXurE&google_cver=1&google_push=AaAOQGFKa82a2ngg8Pf1Z2Iow-nPglWv0gJjWTSxzt5wjN-Sy86iB2qoB6Cj0iaWnjsGABY2nlFrQ67-zB8OQdDMSAN8aCCrPsjkTY4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AaAOQGFKa82a2ngg8Pf1Z2Iow-nPglWv0gJjWTSxzt5wjN-Sy86iB2qoB6Cj0iaWnjsGABY2nlFrQ67-zB8OQdDMSAN8aCCrPsjkTY4
Request Chain 160
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEOMEbAOUjO0a8farYEG7vLo&google_cver=1&google_push=AaAOQGHv_4CYUOioe83mu-RwvRIrcDskjBZ5jWkjFR0v80wOK3jEAouJluKxb67OHAB4taK16PVT1KOF40szrOPf9E7l2Tao5VcxxVQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=Zjc4N2IzODEtYTBkNy00YmExLWE3NDItNTczYzU0YTA1ZmI2&google_gid=CAESEOMEbAOUjO0a8farYEG7vLo&google_cver=1&google_push=AaAOQGHv_4CYUOioe83mu-RwvRIrcDskjBZ5jWkjFR0v80wOK3jEAouJluKxb67OHAB4taK16PVT1KOF40szrOPf9E7l2Tao5VcxxVQ
Request Chain 162
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHm9KJVjBFwwd1cDqMilngI&google_cver=1&google_push=AaAOQGEegt4wRflgR4RcEcCJ4DdXiKR-f-lo4fVBByK5pTHzqfr5vbg5mWy5EUIZDVhzpEV6ai4VaGDCQbdcDJkH_cTapvK6d8gy_J4 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHm9KJVjBFwwd1cDqMilngI&google_cver=1&google_push=AaAOQGEegt4wRflgR4RcEcCJ4DdXiKR-f-lo4fVBByK5pTHzqfr5vbg5mWy5EUIZDVhzpEV6ai4VaGDCQbdcDJkH_cTapvK6d8gy_J4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njg0NzcwNTQ2NzU3OTQ1NTA0Mw&google_push=AaAOQGEegt4wRflgR4RcEcCJ4DdXiKR-f-lo4fVBByK5pTHzqfr5vbg5mWy5EUIZDVhzpEV6ai4VaGDCQbdcDJkH_cTapvK6d8gy_J4
Request Chain 163
  • https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESEMmCFcFgWtVzsT-xscRuHq0&google_cver=1&google_push=AaAOQGGEuPjsG2vXCRp7b5855e4Lr355RIpAY87uXl1sfuDd4V_T75kwlXm1VD_7mrL_Z0YlKjIPJpoKnYFb1yjUz48HT0JoHyr1K7wf HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=h3r3HcumL0-cy2u62u4oGQ&google_push=AaAOQGGEuPjsG2vXCRp7b5855e4Lr355RIpAY87uXl1sfuDd4V_T75kwlXm1VD_7mrL_Z0YlKjIPJpoKnYFb1yjUz48HT0JoHyr1K7wf
Request Chain 164
  • https://an.yandex.ru/mapuid/google/CAESEAZ4L9UawxFOju4NZcxYa84?ext-param=AaAOQGEe-utf3PiT-_dtWYjR-UwDKpLKWdatlB2CNICfNwM7FXqj6npXEoMbTeNZm3_dzO1STnLjKEIN_2_uw-7mU2hXOlUXWe8Zj_aq&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEAZ4L9UawxFOju4NZcxYa84&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif

242 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
69 KB
14 KB
Document
General
Full URL
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.153 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
vm1670795.nvme.had.yt
Software
ddos-guard / PHP/7.1.33
Resource Hash
38e28838e82e723c0937fd7a7a445231d26da9a3471f935b70a1590ebf334b4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
cache-control
max-age=1, private, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 23 Jul 2023 22:41:46 GMT
expires
Sun, 23 Jul 2023 22:41:47 GMT
server
ddos-guard
strict-transport-security
max-age=31536000;
vary
Accept-Encoding
x-powered-by
PHP/7.1.33
jquery.js
www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/js/
334 KB
94 KB
Script
General
Full URL
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/js/jquery.js
Requested by
Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.153 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
vm1670795.nvme.had.yt
Software
ddos-guard /
Resource Hash
b9db30db84c353b393ebed43c0803e40d62453ec010584b9449a28f0348cd01b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000;
last-modified
Tue, 10 Oct 2017 08:53:06 GMT
server
ddos-guard
age
1
etag
W/"536b8-55b2d6f820080-gzip"
vary
Accept-Encoding
content-type
application/javascript
ddg-cache-status
MISS
cache-control
max-age=2592000, private
accept-ranges
bytes
expires
Sun, 23 Jul 2023 22:41:48 GMT
main.js
www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/js/
860 B
537 B
Script
General
Full URL
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/js/main.js
Requested by
Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.153 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
vm1670795.nvme.had.yt
Software
ddos-guard /
Resource Hash
a94755ecd90a113ceb5ffbb9a9834639bbf215711895074c4181eb309929ca25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000;
last-modified
Wed, 25 Oct 2017 18:13:28 GMT
server
ddos-guard
age
1
etag
W/"35c-55c630327a200-gzip"
vary
Accept-Encoding
content-type
application/javascript
ddg-cache-status
MISS
cache-control
max-age=2592000, private
accept-ranges
bytes
expires
Sun, 23 Jul 2023 22:41:48 GMT
style.css
www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/css/
94 KB
15 KB
Stylesheet
General
Full URL
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/css/style.css?v=2.6
Requested by
Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.153 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
vm1670795.nvme.had.yt
Software
ddos-guard /
Resource Hash
47a37cabd33f930dd28119e3ba60cca269770f1b2a774a52bad0a75d8076cd8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000;
last-modified
Wed, 30 Jun 2021 13:22:17 GMT
server
ddos-guard
age
1
etag
W/"17698-5c5fb9c888be4-gzip"
vary
Accept-Encoding
content-type
text/css
ddg-cache-status
MISS
cache-control
max-age=2592000, public
accept-ranges
bytes
expires
Tue, 22 Aug 2023 22:41:47 GMT
font-awesome.min.css
www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/css/font-awesome.min.css
Requested by
Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.153 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
vm1670795.nvme.had.yt
Software
ddos-guard /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000;
last-modified
Tue, 10 Oct 2017 15:14:28 GMT
server
ddos-guard
age
1
etag
W/"7918-55b32c3619d00-gzip"
vary
Accept-Encoding
content-type
text/css
ddg-cache-status
MISS
cache-control
max-age=2592000, public
accept-ranges
bytes
expires
Tue, 22 Aug 2023 22:41:47 GMT
header-bidding.js
yandex.ru/ads/system/
Redirect Chain
  • https://yastatic.net/pcode/adfox/header-bidding.js
  • https://yandex.ru/ads/system/header-bidding.js
110 KB
32 KB
Script
General
Full URL
https://yandex.ru/ads/system/header-bidding.js
Requested by
Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Protocol
H2
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
b38bb9174e4b7d8a2dcf5eb8cc14bf1a817b1cf9b4fe89be4cdca41d81a9fe4a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-encoding
br
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id
1690152109784890-2578126979290290759-balancer-l7leveler-kubr-yp-vla-89-BAL-660
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sun, 23 Jul 2023 23:41:49 GMT

Redirect headers

date
Sun, 23 Jul 2023 22:41:48 GMT
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
server
nginx/1.17.9
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
location
https://yandex.ru/ads/system/header-bidding.js
access-control-allow-origin
*
timing-allow-origin
*
content-length
0
context.js
yandex.ru/ads/system/
Redirect Chain
  • https://yastatic.net/pcode/adfox/loader.js
  • https://yandex.ru/ads/system/context.js
299 KB
86 KB
Script
General
Full URL
https://yandex.ru/ads/system/context.js
Requested by
Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Protocol
H2
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
14183a716359538cd1a83370852fde94873368c0a9f25ab7c3d49998a9a4e45e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-encoding
br
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id
1690152107843789-11712827879497655329-balancer-l7leveler-kubr-yp-vla-39-BAL-633
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sun, 23 Jul 2023 23:41:47 GMT

Redirect headers

date
Sun, 23 Jul 2023 22:41:47 GMT
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
server
nginx/1.17.9
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
location
https://yandex.ru/ads/system/context.js
access-control-allow-origin
*
timing-allow-origin
*
content-length
0
gpt.js
securepubads.g.doubleclick.net/tag/js/
80 KB
27 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5778015c5eae392238e71afe2e2f9671279706b000e79702f3e7ccf061825a84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27593
x-xss-protection
0
server
cafe
etag
536 / 19561 / m202307180101 / config-hash: 3532551707473895787
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 23 Jul 2023 22:41:48 GMT
audiobook-kryzhovnik-4.jpg
xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/4/6/6/5/
0
0
Image
General
Full URL
https://xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/4/6/6/5/audiobook-kryzhovnik-4.jpg
Requested by
Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:e9e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

audiobook-morskie-piraty-1.jpg
xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/4/6/6/4/
0
0
Image
General
Full URL
https://xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/4/6/6/4/audiobook-morskie-piraty-1.jpg
Requested by
Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:e9e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

audiobook-ballada-o-bete-2-1.jpg
xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/4/6/6/3/
0
0
Image
General
Full URL
https://xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/4/6/6/3/audiobook-ballada-o-bete-2-1.jpg
Requested by
Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:e9e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

audiobook-rasskazy-192.jpg
xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/4/6/6/2/
0
0
Image
General
Full URL
https://xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/4/6/6/2/audiobook-rasskazy-192.jpg
Requested by
Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:e9e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

audiobook-paromshhik.jpg
xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/4/6/6/1/
0
0
Image
General
Full URL
https://xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/4/6/6/1/audiobook-paromshhik.jpg
Requested by
Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:e9e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

audiobook-iskopaemoe.jpg
xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/4/6/6/0/
0
0
Image
General
Full URL
https://xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/4/6/6/0/audiobook-iskopaemoe.jpg
Requested by
Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:e9e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

audiobook-lermontov-odin-mezh-nebom-i-zemlejj.jpg
xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/4/6/5/9/
0
0
Image
General
Full URL
https://xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/4/6/5/9/audiobook-lermontov-odin-mezh-nebom-i-zemlejj.jpg
Requested by
Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:e9e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

audiobook-chelovek-v-vozdukhe-2.jpg
xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/4/6/5/8/
0
0
Image
General
Full URL
https://xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/4/6/5/8/audiobook-chelovek-v-vozdukhe-2.jpg
Requested by
Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:e9e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

audiobook-chelovek-na-zemle.jpg
xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/4/6/5/7/
0
0
Image
General
Full URL
https://xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/4/6/5/7/audiobook-chelovek-na-zemle.jpg
Requested by
Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:e9e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

audiobook-dvojjnjashki.jpg
xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/4/6/5/6/
0
0
Image
General
Full URL
https://xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/4/6/5/6/audiobook-dvojjnjashki.jpg
Requested by
Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:e9e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

audiobook-zelenoglazaja.jpg
xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/4/6/5/5/
0
0
Image
General
Full URL
https://xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/4/6/5/5/audiobook-zelenoglazaja.jpg
Requested by
Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:e9e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

audiobook-poslednjaja-dver.jpg
xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/4/6/5/4/
0
0
Image
General
Full URL
https://xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/4/6/5/4/audiobook-poslednjaja-dver.jpg
Requested by
Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:e9e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
143 KB
50 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dc25fc67607a742cbb41927e3bfae89fc997eec43403def4504eff6196be9247
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50552
x-xss-protection
0
server
cafe
etag
4821215974486258649
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 23 Jul 2023 22:41:48 GMT
webfont.js
www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/js/
13 KB
5 KB
Script
General
Full URL
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/js/webfont.js
Requested by
Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.153 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
vm1670795.nvme.had.yt
Software
ddos-guard /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000;
last-modified
Tue, 10 Oct 2017 08:53:02 GMT
server
ddos-guard
age
0
etag
W/"3384-55b2d6f44f780-gzip"
vary
Accept-Encoding
content-type
application/javascript
ddg-cache-status
MISS
cache-control
max-age=2592000, private
accept-ranges
bytes
expires
Sun, 23 Jul 2023 22:41:48 GMT
audioplayer.js
www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/js/
386 KB
58 KB
Script
General
Full URL
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/js/audioplayer.js
Requested by
Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.153 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
vm1670795.nvme.had.yt
Software
ddos-guard /
Resource Hash
f919c02713441d1502a5297ec6201783ecf8070a47d5df866a78ca2fb83bc865
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000;
last-modified
Tue, 10 Oct 2017 14:24:22 GMT
server
ddos-guard
age
1
etag
W/"607be-55b321035b180-gzip"
vary
Accept-Encoding
content-type
application/javascript
ddg-cache-status
MISS
cache-control
max-age=2592000, private
accept-ranges
bytes
expires
Sun, 23 Jul 2023 22:41:49 GMT
75b0c05746e0ec17b275.js
yastatic.net/partner-code-bundles/811264/
14 KB
5 KB
Script
General
Full URL
https://yastatic.net/partner-code-bundles/811264/75b0c05746e0ec17b275.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
01bbd04b53f2ec0af5db711376da442d3e2429f314d69d5322c41aef639ab4f2
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Origin
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:48 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
4773
last-modified
Fri, 21 Jul 2023 12:54:34 GMT
server
nginx/1.17.9
etag
"8efb03ed386b64d610dfc40892984c47"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Wed, 23 Jul 2053 05:13:45 GMT
4cac75b844ecfdb16518.js
yastatic.net/partner-code-bundles/811264/
24 KB
8 KB
Script
General
Full URL
https://yastatic.net/partner-code-bundles/811264/4cac75b844ecfdb16518.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
973e69880577fa077648ed919cbaa1bf4a9bf6f79c2c316f81f8ada445d2ccef
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Origin
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:48 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
7954
last-modified
Fri, 21 Jul 2023 12:54:34 GMT
server
nginx/1.17.9
etag
"9c4e8779668d7e8232e4487094226f1b"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Wed, 23 Jul 2053 05:13:45 GMT
3657ae4844a1b50d2af1.js
yastatic.net/partner-code-bundles/811264/
126 KB
26 KB
Script
General
Full URL
https://yastatic.net/partner-code-bundles/811264/3657ae4844a1b50d2af1.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
1108265cb00e11491bfbec9fca7a6e0a4b1009230a6f234c2aa8a0939b94d8e5
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Origin
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:48 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
26350
last-modified
Fri, 21 Jul 2023 12:54:34 GMT
server
nginx/1.17.9
etag
"4afe10371848c0467a1fbf12db107d69"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Wed, 23 Jul 2053 05:13:45 GMT
host.js
yastatic.net/safeframe-bundles/0.83/
33 KB
9 KB
Script
General
Full URL
https://yastatic.net/safeframe-bundles/0.83/host.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Origin
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:48 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
8878
last-modified
Wed, 03 Nov 2021 13:42:58 GMT
server
nginx/1.17.9
etag
"f80882bf67cf261aa08d636da095149a"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Wed, 23 Jul 2053 05:15:18 GMT
text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/
25 KB
26 KB
Font
General
Full URL
https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Origin
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:48 GMT
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
26004
x-amz-meta-owner
{"role":"admin","login":"4eb0da"}
last-modified
Mon, 25 Apr 2022 14:02:39 GMT
server
nginx/1.17.9
etag
"7f0cdaf91230f9789ca4162aedff612e"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31556952
x-nginx-request-id
2090d1a1e8f5548d
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 Jul 2024 04:28:30 GMT
8c2c23f3dd1516c65c21.js
yastatic.net/partner-code-bundles/811264/
7 KB
3 KB
Script
General
Full URL
https://yastatic.net/partner-code-bundles/811264/8c2c23f3dd1516c65c21.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
7601820eaeeeb9533f50dec8af4fb8925130830b6aade82a713ce07435502925
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Origin
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:48 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
2086
last-modified
Fri, 21 Jul 2023 12:54:34 GMT
server
nginx/1.17.9
etag
"6d449c77cac5ea1ba8d08d79bd6b43ec"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Wed, 23 Jul 2053 05:13:45 GMT
f190aa208013171cae70.js
yastatic.net/partner-code-bundles/811264/
621 KB
117 KB
Script
General
Full URL
https://yastatic.net/partner-code-bundles/811264/f190aa208013171cae70.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
26a07b147c245d38b2dc84b78a2fbd46f303e703099e871ba8ae9a84ba6cb865
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Origin
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:48 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
119482
last-modified
Fri, 21 Jul 2023 12:54:35 GMT
server
nginx/1.17.9
etag
"fe0efcee5a4ef656aae2604358722dcf"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Wed, 23 Jul 2053 05:13:45 GMT
fontawesome-webfont.woff2
www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/fonts/
75 KB
76 KB
Font
General
Full URL
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.153 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
vm1670795.nvme.had.yt
Software
ddos-guard /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/css/font-awesome.min.css
Origin
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:48 GMT
strict-transport-security
max-age=31536000;
last-modified
Tue, 10 Oct 2017 15:17:21 GMT
server
ddos-guard
age
0
etag
"12d68-55b32cdb16240"
ddg-cache-status
MISS
cache-control
max-age=1
accept-ranges
bytes
content-length
77160
expires
Sun, 23 Jul 2023 22:41:49 GMT
bookmp3-logo.png
www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/images/
27 KB
27 KB
Image
General
Full URL
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/images/bookmp3-logo.png?v1
Requested by
Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/css/style.css?v=2.6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.153 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
vm1670795.nvme.had.yt
Software
ddos-guard /
Resource Hash
12d8aae0cf51d039bfbef1c8f7ec828851423f05c8f9e5d290b2c2e15cd9a8a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/css/style.css?v=2.6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:49 GMT
strict-transport-security
max-age=31536000;
last-modified
Sat, 21 Oct 2017 10:38:23 GMT
server
ddos-guard
age
1
etag
"6d15-55c0c3048e5c0"
content-type
image/png
ddg-cache-status
MISS
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
27925
expires
Tue, 22 Aug 2023 22:41:49 GMT
icon-menu-dd.png
www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/images/
190 B
267 B
Image
General
Full URL
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/images/icon-menu-dd.png?v1
Requested by
Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/css/style.css?v=2.6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.153 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
vm1670795.nvme.had.yt
Software
ddos-guard /
Resource Hash
db0d17ee9c24794dc313d2588c0c19bccccb2f7439a0dcb6be8cc985df84baf3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/css/style.css?v=2.6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:48 GMT
strict-transport-security
max-age=31536000;
last-modified
Thu, 12 Oct 2017 17:43:11 GMT
server
ddos-guard
age
0
etag
"be-55b5d12ea89c0"
content-type
image/png
ddg-cache-status
MISS
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
190
expires
Tue, 22 Aug 2023 22:41:48 GMT
icon-search.png
www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/images/
380 B
490 B
Image
General
Full URL
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/images/icon-search.png?v1
Requested by
Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/css/style.css?v=2.6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.153 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
vm1670795.nvme.had.yt
Software
ddos-guard /
Resource Hash
3be3f024c46ff93eb55bb00f599911ef69c7957b19c8c3df9aca743259f35ae3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/css/style.css?v=2.6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:48 GMT
strict-transport-security
max-age=31536000;
last-modified
Thu, 12 Oct 2017 17:41:41 GMT
server
ddos-guard
age
0
etag
"17c-55b5d0d8d3f40"
content-type
image/png
ddg-cache-status
MISS
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
380
expires
Tue, 22 Aug 2023 22:41:48 GMT
v2
an.yandex.ru/adfox/264109/getBulk/
211 B
822 B
XHR
General
Full URL
https://an.yandex.ru/adfox/264109/getBulk/v2?pr=2876910802&pr1=1191866169&dl=https%3A%2F%2Fwww.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru%2F&prr=&extid_loader=&extid_tag_loader=www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru&date=2023-07-23T22%3A41%3A48.849%2B00%3A00&pd=23&pw=0&pv=22&pdw=1600&pdh=1200&ylv=0.811264&ybv=0.811264&ytt=140737488617477&is-turbo=0&skip-token=&ad-session-id=9492481690152108864&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22supportHDRBrightness%22%3Afalse%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1600%2C%22h%22%3A0%2C%22width%22%3A0%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A810%2C%22top%22%3A-12%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=811264&p1=cmaqk&p2=gxwa&slotNumber=3&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=801254%2C0%2C2%3B810503%2C0%2C92%3B810464%2C0%2C51%3B806543%2C0%2C64%3B806797%2C0%2C69%3B802999%2C0%2C55%3B808036%2C0%2C14%3B810140%2C0%2C84%3B801975%2C0%2C85%3B798890%2C0%2C42%3B803894%2C0%2C7%3B802013%2C0%2C96%3B803550%2C0%2C91%3B805234%2C0%2C98%3B800948%2C0%2C93%3B811264%2C0%2C75%3B681846%2C0%2C60&pcode-flags-map=eJy1WNl22zYQ%2FRc9Ryn3xW8gAVKouKgAKEfJ8cFRbdVR6yXHdtLEOf73DgBaFmUFcpb6QeY2l4NZ7lzw62iOuOST9lgiLCuUkUoWLZO0kRlqGsJGR%2B%2B%2Bjj4tLz6uRkcjwToyejW6W93e0TM4jyLfD%2BLRw8mrJ5gZa3GXCy7bRs5Qx4kVIXbTwDcIpEFZRSTJ2%2FoJpKJcKGfmFJNWHcDdrJWI1QPY1ecPO6ihH2pUTLmGzduuEZIRTBnJFSSazeyeeU4QeJu1wUJk3VWCsraqAK0R6oAweYxEPiFYCloT2RYFJ8KO63tOvBMzQQW4iBossxYvVCZmiKGaCMDHpEDw3gFmgSo%2BBA3iIHoCZUSwhUpAQ8Rxy6aSMNbaUxmHURCnG4Q%2BGTxH8FvRKRx2bE4WgHgMLnFaNna4yIn9%2BBncz2BUbVPKokKlillXYQkZrBaST%2BnMBH%2BOqu5AtcVRnEQbRMhbPoWiX7SdkLxq4Ye%2BJZCDrsGIUcIPgCVu4A7dI29mxkUo4JxwTuEa3BTyTV3ZwRLfDeKXg8lsAUHFki%2BgHX49NMJY1tRcz6uWQ31nDOXTQyH5oVXkLSayY9WLsVW2VcpmjOhufOpLQxP9%2FQGc68DfAC%2F109g5gJd1RQE9SOqZWEAb1HQX9LsR5zNE8a%2F3sOjg%2BEdRG0XVv9jTb2D%2BVH72Y%2F5%2FEfjR7KvaLxnKZEWaUkwGRjBVkm2zxEmcOHgaB0IT5ZwwTtshPcJzaRgObF3Hj31tu4DhQd5I1knc1og2tukYOrHnR3vNJIxLwWhmNfdcJwp6c2VpTCSqjtGCWy1h1KeGMWe66WGMctIIu03oOc5glPcjPOfMapi6cWLc1Bk1ckZ2DS0o0BltYLgWKCd2jMTrZ7WaWYwUjPAJ8FpJc5td5CZ%2BHyJYYkFZrZiOAWGrQgV5BbWWUWyFgCh77mDdIEEYKiFe%2FeBSFc9zRkgjOZ%2FZ%2FUndoPcHQWG3Te8LKpTEoIUSG7AshIndqThJIyMSlB4qYEY2GGawsYfy2RVVdvtsqgcu1yEZKjw7Sho48QalIqCXAMGqCKMoCSITzq2wlQwYDpTIVLR2v5MocP3t%2BGlBJY8nALKF14CE0AkvO6ZGZqcUZ07o3B7W2HWC2MhVxqSpNNGxpk9PXlHItpiwtisn9hnpApKJb4XeLnRGpW61bbOvo79Wd6fv6%2BXN%2BfpqdOSGzqvR5fWf64sVP11erK%2FOR0fewwA1hDbQqLxGTMg%2FOtIRPdizCikFBQyw%2FYJ3o8vl%2BuL1zUfw7cvy6mz1GY5%2FW18uz1e3g0vny0t95ex%2BdWUeX35a312bw8vXWydnV%2Bv%2BqkLeIMCFm%2BX9xfX9%2B%2F72%2FY35%2F%2FFm%2Bfpq9e%2Ftswf%2BXl5frrXpyf4lNkhAvmRNWKl%2BMUVSoNLKayDpvb64dFsQyD0jKBdA4QcMQ98xewzYNjxKfRD%2F8OqmqzNiZbg4dP1%2B4uiNlt7UgCXMsozkpiPnlFPgjgMwsWOqD2gEpF%2BtCK7UlENxgfakl%2BDCQ7EXjV1SeOMgyNE4y3A2xjny%2FCQhJArxML5JGKb9cBzu5La6R7RdPjE9pCSnWgeMQ6Z66Hcg%2FAM9BC0Kk1W9QY1eTzECUCwGXFRbmztO4sCN9vmm92aw16oyVeUz%2BIErQvlFGyr2bKqeIQdB6A6Rt9arKZCWEnFIPtdUaEVLXSiXAzFUmLlAei%2B52dD3u1V7Ke5B38KtaDkRwEGkfqmPwGSPuz6oKq34wQ8QNtZxH6fA1N4egL4tXwSRhj2EURmCcEExfzYkPy1v74ZSLPbCR2EDlSdobno5q1rIP4yK4wkVZE8%2FsDEde0HqgrgbuwC5fe7tnPs754E%2BR2MvBKEae2B%2FMvApjdynHeujXhUtNIVpDqhGEBgqupOuAVGA6HA7OBCpoBhDx9%2FAISGUuOXfg5eav2%2BgIszxdL7DW3A%2FiIIdi6AXSDu1XKu6a1thp77EiUBMbn82UlNz06EH9MSH5ek%2Ft%2B%2Bv766vLr7soMZp%2FzHqRV%2BhVOMCYU3ocMCOTu8uhrieithgtaJEktWzgYjTn8%2B2WMbUnZFq9mgkjh8dxNc6wmwv1FMvROzju4VjPt0Mg9y%2F7oWYmvmY4iijlmSNmkX%2FwVEVo%2Fqgc2DJruMGzpMGVB%2FRiDLehrV746a95nrmjVE5glbWrMZpkvQzTWeua%2BoO2GE3LPbC8JM02Dih6VUDPFL3gapyelGqGVa%2FEzJkiBJGuH35fhg6vaIVMHY5KoiR8bpMuP3Noef324kJakrD0P0GSzFKhcSBhnDSflhrin5OGK63Sxj6ysPJw3%2FY8qCB&use-server-side-rendering=1&pcode-icookie=Nl4X0sWzxEvbTZ34QF36nY9ABWXk%2BoRqzLQLlcUNpMaFF2y3ZZ5E2Y2HROEx2Gc7HB%2FXzuSSFJ0PBPVOOuIEq10%2BPB0%3D&top-ancestor=https%3A%2F%2Fwww.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru&top-ancestor-undetermined=0&grab-orig-len=3052&grab=eyJncmFiX3ZlcnNpb24iOjIsIm9sZF9ncmFiX3NpemUiOjE2MH0KEqW0kOQ27kEEqIuHaTt4VwqFv4zwtvH-fZNvA_-d13LTvdt437gJEXJt08DfpqOlMVEeiolCMT5Y-yuc03Ubr7-BvgjANagqzOtgbcPJ_OHXvy2ziLCKigooKioqYNyAr0QNs8maqElbeABYTdYrSZNUogqzyStxxe9XDJukyRt6C3vDadEV0Fa_El9d1PO8m5KETK-lodWQInY0gB187ErQon7ZXC0Q2xtQVdWiQ4kvNIxt-LbYTd6vdJnRwRaN5govXT3uxh0xTQN_JVFvaNMTs4D_zpKqfDfi92wYy-uo4VTlNpJXmAtxjldikLc_kK9M2TDOu0oy8pt4C7SSx3qDxUqeZpQWa2yMDakFdGTW6ip9rPo0zrou06cI3JSpmkpj1MbGROfuVIkuTnUxAndTvI-k4l_gqNudB-aY8UNJlmv8xW-aRcLSZJudlRGkvF8D74WJGnq_qvRySWh7gzbZxHq_SxdfCdyUcF6LUOLPtvNTtKzw_G8CVNNTtkx8GHmF_cJltG4XPzfIUhDgJhpKtQBP5Milg57DQQUqZSubm4m3XldhDlNCCYLFSmmE16kMmVqNwG2iC0rtJjq4mkzr5lWKE60p0_BpxZnJkPLpahK4fPpUqcFwbVKDr28wquPrG4wWayagSWcw6sjcFgBBbBDOc7TucDqtruz1rDSUpQD_g5x2V1UlQKoEKJPsX3KufaY7rAypoM2X-1_9fyJFRMU7iBoWUiVB9hkRVYqL1MCdsa4xwiff5Km1mc7SIFWCv2SfLKqwabe4H1lZCXOra-RzJWF6ud6KDSCONzebyRMDZapxs1Ux6nSp5hpppqEwgshOpj4z6njU9mpcbYqW2fwPCnRCzWACP3FbUOmzT9OQpc4lQVz88gU0JbGAgKj5Q5WtT3WkApINRg6SzcY41W8xhUV9uasVsEMDDvWvhT0FT-2lFz9NB42d2FNhbvFR6q1owDSgGy5YgQn5ZBGUhtugcIM3f6FINHoujqrPvFTk-4VVQIkp1IlmqDhyNF9NPqGR3IGquGcZMrHrHxGRd_Efexy8TbSJOlbzn6PwkF_uCnSgKQ0lBbOZKoE3NDaQmbGRay4pYkvbBWWcqseJ3s3f0hTrOr_c0pKH7OLOfSVCuniTLzfbEkbJ7J98f_Eo80yM-FIOHYY45auHMoszpBOencKoeVChSgykep1Hkq-rY41RB3_oWLh0bN118I8ohFsJ2yMi3xX39O8-YJ83Yg0HZBX2kx567GcHJbfZkCfjBQAxjgW2x4I00YZk_YGN8WhnU9WIQcAsf8L9tVTjr6kWLw7QCv1PlFQSj-fsp_97Jel4LeFxyqrVxdmsj8ux54Hl7UDUuRMUxoFYeiDFmVcynuvgYo-bVaxD1iI6O7P8B8jfSVzx9ki9QX2aJYcLl9Tx_E1AkVJQGHUdCBlF6rG_055TI8ydCBm_YumvIF50kolL8obBJCFqg-DEvkc79H4nZ43va1YnBnNHH-JBKvm5b477JrILPvFj8Vyeu9lsuZ0Rplj5J6AuuuodxBUGUzhQvUFcw-WQ_L8o5MX2eXvWcgXmEtsQBpuB1eTe4hVN7qTO7Qw3ipUHgzIxS3RvSv7Auq5lxCTnAvDEwscrCBumNrVVOdzH9uRKQV0rxliHphHus_HMPOXe2tmocxsjXLHyTsAMkbi3KlgS7Lw3oEe0cG0BUQNX0J0XiV88KM0Yc5PFZaMzyUmgjecR-beD9KcRTvySgLk3D3nwXLJ1EPrjTDS38NLRAWpuQ5TbaBgHYelBwI8JarE0x7Us6v9hRT8P5ksnZJIQc_8d-v5IUVWHxwz8LG9YTo4me2jrAT0ghIsM6M1sb88X9ZVxIQD0hQZRSRiAmOREL0Vo9cQd3q8XgenF5rltq2IJX0jvBGO6gKlX7UCU09gZL2Lpi6BOXEK_p668UFIfQYm5HgXwCXFDQZcyog3xIPWEL-WI_Le5CGcUjbE0ZrbVkSf09-McnYhyB8PKycoHATthKBpCDmvwDhgXS8kcyJkBignouyUgQQI84AADWJAA7cV65HTmdkZkYp25czans2rcqKTc_Sf2EHH4TBKOxmokLhajYigMwdwQDwhDmpJ5-5YjdyLMbWDtOXELn1HCoxM-m0_DZEioyFBcs2sz-EZdFica_ulyoLXrv7IFDxbjAUDU1beDZ-Rt59Gn4dG38ehT8-iDyr3H5htuc_NccE0XpyDGnReCLhjMai0N2q5Oyx5PVma3wjE4fZ95XiXq49HN6izqx1hiz8RQXiZj2MIbh2XZJe8VVgmOi54Dcm8AKYOvcJBwBoOBM7Rb3ORAPE7YX3_5nors1BjOBrKVX4Z2axZf2Aqn4BAqQSXsK_hrDoecWJJ-DfWPUIIrqjWLbnHBHm2s1ehjyQ5mU5ePdhEJyipNPkb7nckSC3dkm2XMpen0m2aRv68teRfNkpL4_JkcBqGZJ38lk2WZRjwmR_xS7fkKfYoV7-rx_mVV9EGrlu_S_fzZ5C0HI2FmtlrOC2Naq0trsZLbLaB_PWR1vfG-XHHls_7ussrQV3APRnStaHMrnwm1qAfLIMmqwRp00zWh4S20EC-7MIG16QmRvvcOmM72m64pTxwQDzPLL1mQCd6Yd7FT8TYJJY14O41bwincFJVt1HiEhLSLuRbs5HNdVJ5wYY6NFjZ8A2UPyBX85cGwxFuRDIagvGDXRJvsXdqU4dy6KBd0QcNY9_rdnuTVH9ep_A_2tCIRpOArqCyYxgwjFzJ961pMqqhsn7ZYv8zBiJVZqbgUpix9B8rnIrhiul-mhjP9Ivo-idzt-JSyaHPSPlv3NbwXQ2bIxSyc3v0_9rmjdoacPaClskLrBfE2D-I-ze4lK_sRDE5TGs5C05esigasgtCHNmyubBJf0edo4VHQ56DzpcZnnbHucbPOCLORNiyZmhUajj_mn-A9GCTMYolC40g56Tf1866SIWFU3-8LDkrC8aGwA674Lv3b4g3SZZSfAu4wAoA%3D&tga-with-creatives=1
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
14facf711b8ccec81c7aac3fbaffb254f4a151188821e380ba881fae86f15a87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sun, 23 Jul 2023 22:41:50 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sun, 23 Jul 2023 22:41:50 GMT
x-yandex-req-id
1690152110433672-672265383983212751400210-production-app-host-sas-pcode-177
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
content-type
application/json
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 23 Jul 2023 22:41:50 GMT
hit
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit?t11.6;r;s1600*1200*24;uhttps%3A//www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/;0.9873473415885374
  • https://counter.yadro.ru/hit?q;t11.6;r;s1600*1200*24;uhttps%3A//www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/;0.9873473415885374
753 B
1 KB
Image
General
Full URL
https://counter.yadro.ru/hit?q;t11.6;r;s1600*1200*24;uhttps%3A//www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/;0.9873473415885374
Requested by
Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Protocol
HTTP/1.1
Server
88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host198.rax.ru
Software
nginx/1.17.9 /
Resource Hash
a61735542ef93f832ab8321f9670a83ff11f58b5e122b2fb014199e32de05312
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 23 Jul 2023 22:41:50 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
image/gif
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Length
753
Expires
Sat, 23 Jul 2022 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 23 Jul 2023 22:41:49 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
text/html
Location
https://counter.yadro.ru/hit?q;t11.6;r;s1600*1200*24;uhttps%3A//www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/;0.9873473415885374
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Length
32
Expires
Sat, 23 Jul 2022 21:00:00 GMT
hit
c.hit.ua/
471 B
739 B
Image
General
Full URL
https://c.hit.ua/hit?i=84925&g=0&x=1&s=1&c=1&t=0&w=1600&h=1200&d=24&0.8316217694922123&r=&u=https%3A//www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Requested by
Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.184.81.35 Kyiv, Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, US),
Reverse DNS
c.hit.ua
Software
nginx/1.17.9 /
Resource Hash
705ac0c572d53dd9bc0678c171794e9463e8100858f936681dec07c838881993

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

p3p
policyref="/w3c/p3p.xml", CP="UNI"
pragma
no-cache
date
Sun, 23 Jul 2023 22:41:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/png
server
nginx/1.17.9
expires
0
watch.js
mc.yandex.ru/metrika/
0
0

analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 23 Jul 2023 22:11:08 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
1841
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 24 Jul 2023 00:11:08 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/
385 KB
122 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3f98d2733f3cacaf5152fd4d55f778410f391312016cadb5162545357302cdee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 18:13:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
16104
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125179
x-xss-protection
0
server
cafe
etag
2430563369519042680
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 22 Jul 2024 18:13:25 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
83 B
99 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bb9b602388460394170e0c1a372d28a241c1eb711ed6c20c3fa2caa6140d8eed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74
x-xss-protection
0
expires
Sun, 23 Jul 2023 22:41:49 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307180101/
360 KB
123 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307180101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c2498e5a286c71ac73c23682741374ca2a7d5d144722dfd7612d027f1b8abb51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126189
x-xss-protection
0
server
cafe
etag
10275990977203466
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 23 Jul 2023 22:41:49 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230719/r20190131/ Frame 283F
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230719/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
49561
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4544
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 23 Jul 2023 08:55:48 GMT
etag
12368291122986407432
expires
Sun, 06 Aug 2023 08:55:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/
15 B
256 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1961258191&t=pageview&_s=1&dl=https%3A%2F%2Fwww.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru%2F&ul=en-us&de=UTF-8&dt=%D0%90%D1%83%D0%B4%D0%B8%D0%BE%D0%BA%D0%BD%D0%B8%D0%B3%D0%B8%20%D1%81%D0%BB%D1%83%D1%88%D0%B0%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%3A%3A%20bookmp3.ru&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1060233520&gjid=1557946413&cid=1167766464.1690152109&tid=UA-109514583-1&_gid=1500015306.1690152109&_r=1&_slc=1&z=444379814
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
bc4540a14193a6537e0c03127bbf19848e6226bd437f2550d18f1f385c55eccb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 23 Jul 2023 22:41:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
1 KB
529 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4066533587057257&correlator=4485492980103824&eid=31072019%2C31076312%2C44797784&output=ldjh&gdfp_req=1&vrg=202307180101&ptt=17&impl=fif&iu_parts=21635236099%2Cbookmp3.ru%2CM_Interstitial&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=3&adks=218515113&sfv=1-0-40&ists=1&fas=8&sc=1&cookie_enabled=1&abxe=1&dt=1690152109419&lmt=1690152109&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1167766464.1690152109&ga_sid=1690152109&ga_hid=1961258191&ga_fc=true&dlt=1690152106865&idt=2499
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ba59d70cd5715a82ce131dd651b62a84831867180a256af80e37ab7be800f7c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:49 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
499
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
acea364e80cf1beb2ac1d7f54c24f519.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C913
6 KB
3 KB
Document
General
Full URL
https://acea364e80cf1beb2ac1d7f54c24f519.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 23 Jul 2023 22:41:49 GMT
expires
Mon, 22 Jul 2024 22:41:49 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/
37 KB
13 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1f0f1071ab7fcf6a87e947376a3d52b3cdbffe66c5a0acfc72a6e17fbd4a4eab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 13:11:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
34248
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13169
x-xss-protection
0
server
cafe
etag
3859843786994776570
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 22 Jul 2024 13:11:01 GMT
cookie.js
partner.googleadservices.com/gampad/
387 B
601 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru&callback=_gfp_s_&client=ca-pub-1618592205083780
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307180101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
200e85dab4757803a718dcf0212602887d28fe0dfb611053c9f405be297a2305
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
456 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307180101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3A3C
37 KB
16 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1618592205083780&output=html&h=178&slotname=2609168587&adk=1374432671&adf=4036610663&pi=t.ma~as.2609168587&w=710&fwrn=4&lmt=1690152109&rafmt=11&format=710x178&url=https%3A%2F%2Fwww.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690152109199&bpp=10&bdt=2334&idt=277&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&correlator=4611190033106&frm=20&pv=2&ga_vid=1167766464.1690152109&ga_sid=1690152109&ga_hid=1961258191&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=295&ady=1617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31076087%2C42531706%2C44788441%2C44797784&oid=2&pvsid=4066533587057257&tmod=1604677241&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=5ut2MxHbOz&p=https%3A//www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru&dtd=391
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307180101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
362eca2bf586d629b5654ef69c17502743d189c7c843a88e88e8aaf86cee9dd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
15911
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 23 Jul 2023 22:41:49 GMT
expires
Sun, 23 Jul 2023 22:41:49 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=b-topbar&ign=false&pw=1600&ph=1200&x=800&y=0
Requested by
Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Jul 2023 22:41:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 9522
172 KB
26 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1618592205083780&output=html&adk=1812271804&adf=3025194257&lmt=1690152109&plat=2%3A16777216%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fwww.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690152109227&bpp=3&bdt=2363&idt=397&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&prev_fmts=710x178&nras=1&correlator=4611190033106&frm=20&pv=1&ga_vid=1167766464.1690152109&ga_sid=1690152109&ga_hid=1961258191&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31076087%2C42531706%2C44788441%2C44797784&oid=2&pvsid=4066533587057257&tmod=1604677241&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=483
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307180101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
305c4903bc22a439c99750026f138ca1ed69dbde08deb64a57b39675b1f943c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
26679
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 23 Jul 2023 22:41:50 GMT
expires
Sun, 23 Jul 2023 22:41:50 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/
213 KB
77 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-XR25G8TDFM&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2008 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c0452617e9015b85a178244fb2a35ace28b1db77bd4a2a58dbe25acc66e01522
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77990
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 23 Jul 2023 22:41:49 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 3A3C
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1618592205083780&output=html&h=178&slotname=2609168587&adk=1374432671&adf=4036610663&pi=t.ma~as.2609168587&w=710&fwrn=4&lmt=1690152109&rafmt=11&format=710x178&url=https%3A%2F%2Fwww.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690152109199&bpp=10&bdt=2334&idt=277&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&correlator=4611190033106&frm=20&pv=2&ga_vid=1167766464.1690152109&ga_sid=1690152109&ga_hid=1961258191&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=295&ady=1617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31076087%2C42531706%2C44788441%2C44797784&oid=2&pvsid=4066533587057257&tmod=1604677241&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=5ut2MxHbOz&p=https%3A//www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru&dtd=391
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 17:22:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
19151
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Aug 2023 17:22:38 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 3A3C
20 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1618592205083780&output=html&h=178&slotname=2609168587&adk=1374432671&adf=4036610663&pi=t.ma~as.2609168587&w=710&fwrn=4&lmt=1690152109&rafmt=11&format=710x178&url=https%3A%2F%2Fwww.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690152109199&bpp=10&bdt=2334&idt=277&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&correlator=4611190033106&frm=20&pv=2&ga_vid=1167766464.1690152109&ga_sid=1690152109&ga_hid=1961258191&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=295&ady=1617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31076087%2C42531706%2C44788441%2C44797784&oid=2&pvsid=4066533587057257&tmod=1604677241&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=5ut2MxHbOz&p=https%3A//www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru&dtd=391
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 17:22:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
19151
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8309
x-xss-protection
0
server
cafe
etag
1379281626718990200
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Aug 2023 17:22:38 GMT
l
www.google.com/ads/measurement/ Frame 3A3C
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRipI2mq2cxGLVsdomC0z_F_kYWGyZrrTIhf0HXIpV3z9gELtmu8kDzWahSTeDge0nDpHCThkD1LnZDQIVIq7ScRfGSiw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1618592205083780&output=html&h=178&slotname=2609168587&adk=1374432671&adf=4036610663&pi=t.ma~as.2609168587&w=710&fwrn=4&lmt=1690152109&rafmt=11&format=710x178&url=https%3A%2F%2Fwww.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690152109199&bpp=10&bdt=2334&idt=277&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&correlator=4611190033106&frm=20&pv=2&ga_vid=1167766464.1690152109&ga_sid=1690152109&ga_hid=1961258191&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=295&ady=1617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31076087%2C42531706%2C44788441%2C44797784&oid=2&pvsid=4066533587057257&tmod=1604677241&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=5ut2MxHbOz&p=https%3A//www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru&dtd=391
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2004 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3A3C
179 KB
57 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1618592205083780&output=html&h=178&slotname=2609168587&adk=1374432671&adf=4036610663&pi=t.ma~as.2609168587&w=710&fwrn=4&lmt=1690152109&rafmt=11&format=710x178&url=https%3A%2F%2Fwww.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690152109199&bpp=10&bdt=2334&idt=277&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&correlator=4611190033106&frm=20&pv=2&ga_vid=1167766464.1690152109&ga_sid=1690152109&ga_hid=1961258191&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=295&ady=1617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31076087%2C42531706%2C44788441%2C44797784&oid=2&pvsid=4066533587057257&tmod=1604677241&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=5ut2MxHbOz&p=https%3A//www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru&dtd=391
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57333
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1689766554590483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 23 Jul 2023 22:41:50 GMT
afr.php
ads.us.criteo.com/delivery/r/ Frame 0F12
105 KB
39 KB
Document
General
Full URL
https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAJ78UFKNMXAANAL1ZjmMz9_9MSmeQpdg&u=%7CSjDzQLoKHiuuCPxM7LPYvqN8FUsLBhtYQkKBsl3HK%2F0%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78rklu3251mk0mb-RBzl6Q31aohG_DEjutoXymwHZ91Z5SU1mntZfa4vRc8nT5cTmKM7rUKSqosjXyKCO6jz5XzCxIlxCJefYRUBo36Loj-fUW_M0PUrQ8aLmuPBxSlf9kTqYj198CQ0QXv5xkn2PGMHP7Jlfkz4Bo___s7ReVMEc5icU6Zgj9uV0fMoFNdgFJp7KFnLj9yo5l8jpaGXtJ_h5bDH9yJxd9WOXsr17HBQUhWUJ2QfY3sJyM9QOj7BZgNfgGHciAYlbGo1Zr1Rwxr9y3gRd1-SpYj9QrPLCRiGeXcssGkE1ycjVHNF_G1thgitRAlntEyrerFwrWRFm42NrIvoNlj_apermKpE41PIdYyG7iGZiEDCP_ZJ_8Dsn4c2L2BNJSHEQfqclMERWLgICjY3BxgFoi5HCeBiWzM2Xkh8zEOg0EDkcTaq3YoA62yde8yzkCYLBUJry5FCkDVWcKHOFu16kzLzM0jq9XwvPMNuamfTROycTSA19jHAoZaIyFpxOyU3Nh7hIOB7MkA6R7bdvxGu2-E9ruvI66_sQ-FaSF1Owbdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPn4dray9ZMXfJ5emo9kPr4CNgAqcge-wXNKWqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoExQJP0GUzpYeEATZ465b5enwUkn9CZqrD9D3-kj7evH0GOnKaaytMEg-HfUZinFZ6kPN6jJxPJMx88c0sRPYiTkERNV1Xoe2gB00xPTa4y6a5SQTwAsMjpUMoIpfkyiasC4ibOaMIU5YDBm1v1gz8OG4LFb-JSKnF9bu_B3rwbHLCXQmDzB6atOKDfa08adj6wHnq_WkcZR7fjwMJmB3M0Ow9naY2W2xxoJEK_csXkeuViT_C0_zUhE0UzTVD4HxDTWby0N7CRc601z_6so5Px6vWH3PZTMRhoIwStl4PfnVmLsy6zZLijpG_u4LCCJsq6CnvXnmKStvlI9LrnobQzZBYX_L4d12LZzpbcwTUl3ak_x1VmsTXGGzFVwQOy7d7102Z8U9C8rvmgJAXA8xyurwoNWAmKENmMCLDRVqOxwQsd1cXlyLLgAbJx_363fjukhegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1ft_UO8uoXHKdC3d-9FDjyE1m4WA%26client%3Dca-pub-1618592205083780%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1618592205083780&output=html&h=178&slotname=2609168587&adk=1374432671&adf=4036610663&pi=t.ma~as.2609168587&w=710&fwrn=4&lmt=1690152109&rafmt=11&format=710x178&url=https%3A%2F%2Fwww.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690152109199&bpp=10&bdt=2334&idt=277&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&correlator=4611190033106&frm=20&pv=2&ga_vid=1167766464.1690152109&ga_sid=1690152109&ga_hid=1961258191&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=295&ady=1617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31076087%2C42531706%2C44788441%2C44797784&oid=2&pvsid=4066533587057257&tmod=1604677241&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=5ut2MxHbOz&p=https%3A//www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru&dtd=391
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e5de6df9647a24fced4405f1069a8088d9518a96d1cf6c1396c959987c0a6568
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sun, 23 Jul 2023 22:41:49 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=mYGSzk5XRp0-3kmALDl6o2kKcwQWJqUbZ-HM7YqkKskYgnLxKHIJlqQiOyNRzcqONNB4Sbt5dDxPgn-RTV9F3DRtCk-c1orqrGZwe6qe8q3MTQxi4ckHjILwV523uokCEAg0hweGYtYsAATYUHMtWcqEeuTJf5DdEMC9kA6GedwTOT0vosQxRvf3oArmaP4hMiiKqTzJ_Jt0wTV7psmhPh1OnbeoKEkEEEmU4pbnffanuUDrtmHaMX66qMzLcIdyTIP0OA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
16114821
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 7A74
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1618592205083780&output=html&h=178&slotname=2609168587&adk=1374432671&adf=4036610663&pi=t.ma~as.2609168587&w=710&fwrn=4&lmt=1690152109&rafmt=11&format=710x178&url=https%3A%2F%2Fwww.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690152109199&bpp=10&bdt=2334&idt=277&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&correlator=4611190033106&frm=20&pv=2&ga_vid=1167766464.1690152109&ga_sid=1690152109&ga_hid=1961258191&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=295&ady=1617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31076087%2C42531706%2C44788441%2C44797784&oid=2&pvsid=4066533587057257&tmod=1604677241&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=5ut2MxHbOz&p=https%3A//www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru&dtd=391
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
45709
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 23 Jul 2023 10:00:00 GMT
etag
48472445140208031
expires
Mon, 24 Jul 2023 10:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dpixel
cms.quantserve.com/ Frame 7A74
35 B
463 B
Image
General
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKMSrF1PzBmQ8MkVMjnuzNs&google_cver=1&google_push=AaAOQGFZIeTpkZW7ZLDuG1dg8ll-cRmZJHtmZ32C3naRn_B-5o5PSUYVh3eTjfd_u_aMvDIhKrL_hVaW3CAkPwFWEff2me7njRtLSA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1618592205083780&output=html&h=178&slotname=2609168587&adk=1374432671&adf=4036610663&pi=t.ma~as.2609168587&w=710&fwrn=4&lmt=1690152109&rafmt=11&format=710x178&url=https%3A%2F%2Fwww.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690152109199&bpp=10&bdt=2334&idt=277&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&correlator=4611190033106&frm=20&pv=2&ga_vid=1167766464.1690152109&ga_sid=1690152109&ga_hid=1961258191&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=295&ady=1617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31076087%2C42531706%2C44788441%2C44797784&oid=2&pvsid=4066533587057257&tmod=1604677241&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=5ut2MxHbOz&p=https%3A//www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru&dtd=391
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:f059:4f7e:28a9:1588 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Jul 2023 22:41:50 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame 7A74
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEDp7ZjmpSSv19F5blXCu2UY&google_cver=1&google_push=AaAOQGENFt9ymBLrzhq2YpBEvIEdW_wxkZx7Dv5OFOWYboI6PGcpd8ZmomJoyhRnC5yIb2PwkC0gBqvHTfZxhObR38qg0zsPhXzDD...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDp7ZjmpSSv19F5blXCu2UY&google_cver=1&google_push=AaAOQGENFt9ymBLrzhq2YpBEvIEdW_wxkZx7Dv5OFOWYboI6PGcpd8ZmomJoyhRnC5yIb2PwkC0gBqvHTfZxhObR38qg0zsPhXz...
43 B
420 B
Image
General
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDp7ZjmpSSv19F5blXCu2UY&google_cver=1&google_push=AaAOQGENFt9ymBLrzhq2YpBEvIEdW_wxkZx7Dv5OFOWYboI6PGcpd8ZmomJoyhRnC5yIb2PwkC0gBqvHTfZxhObR38qg0zsPhXzDDQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGENFt9ymBLrzhq2YpBEvIEdW_wxkZx7Dv5OFOWYboI6PGcpd8ZmomJoyhRnC5yIb2PwkC0gBqvHTfZxhObR38qg0zsPhXzDDQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1618592205083780&output=html&h=178&slotname=2609168587&adk=1374432671&adf=4036610663&pi=t.ma~as.2609168587&w=710&fwrn=4&lmt=1690152109&rafmt=11&format=710x178&url=https%3A%2F%2Fwww.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690152109199&bpp=10&bdt=2334&idt=277&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&correlator=4611190033106&frm=20&pv=2&ga_vid=1167766464.1690152109&ga_sid=1690152109&ga_hid=1961258191&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=295&ady=1617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31076087%2C42531706%2C44788441%2C44797784&oid=2&pvsid=4066533587057257&tmod=1604677241&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=5ut2MxHbOz&p=https%3A//www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru&dtd=391
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Jul 2023 22:41:50 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7eb76ee1a8334bc0-BUF
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 23 Jul 2023 22:41:50 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
5571
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDp7ZjmpSSv19F5blXCu2UY&google_cver=1&google_push=AaAOQGENFt9ymBLrzhq2YpBEvIEdW_wxkZx7Dv5OFOWYboI6PGcpd8ZmomJoyhRnC5yIb2PwkC0gBqvHTfZxhObR38qg0zsPhXzDDQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGENFt9ymBLrzhq2YpBEvIEdW_wxkZx7Dv5OFOWYboI6PGcpd8ZmomJoyhRnC5yIb2PwkC0gBqvHTfZxhObR38qg0zsPhXzDDQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7eb76ee098244bc0-BUF
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7A74
Redirect Chain
  • https://aep.mxptint.net/sn.ashx?google_gid=CAESEEneW3wRnQ48ngkCq3S-uHM&google_cver=1&google_push=AaAOQGHpH5KKIw3YezFRxStb-IvLkI6I7yr9pbPrhveoabIpkZKGk3YQsDqQRjwgKY-gb7Kkoo5rwHG-5v4HpDW18VkHf30OTODd3Q
  • https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AaAOQGHpH5KKIw3YezFRxStb-IvLkI6I7yr9pbPrhveoabIpkZKGk3YQsDqQRjwgKY-gb7Kkoo5rwHG-5v4HpDW18VkHf30OTODd3Q&google_hm=UjMzNjQ2XzEwNj...
170 B
329 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AaAOQGHpH5KKIw3YezFRxStb-IvLkI6I7yr9pbPrhveoabIpkZKGk3YQsDqQRjwgKY-gb7Kkoo5rwHG-5v4HpDW18VkHf30OTODd3Q&google_hm=UjMzNjQ2XzEwNjQ5MDQyN19COUE2MzcyRQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1618592205083780&output=html&h=178&slotname=2609168587&adk=1374432671&adf=4036610663&pi=t.ma~as.2609168587&w=710&fwrn=4&lmt=1690152109&rafmt=11&format=710x178&url=https%3A%2F%2Fwww.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690152109199&bpp=10&bdt=2334&idt=277&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&correlator=4611190033106&frm=20&pv=2&ga_vid=1167766464.1690152109&ga_sid=1690152109&ga_hid=1961258191&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=295&ady=1617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31076087%2C42531706%2C44788441%2C44797784&oid=2&pvsid=4066533587057257&tmod=1604677241&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=5ut2MxHbOz&p=https%3A//www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru&dtd=391
Protocol
H2
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Jul 2023 22:41:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AaAOQGHpH5KKIw3YezFRxStb-IvLkI6I7yr9pbPrhveoabIpkZKGk3YQsDqQRjwgKY-gb7Kkoo5rwHG-5v4HpDW18VkHf30OTODd3Q&google_hm=UjMzNjQ2XzEwNjQ5MDQyN19COUE2MzcyRQ%3D%3D
Date
Sun, 23 Jul 2023 22:41:49 GMT
Cache-Control
private
Strict-Transport-Security
max-age=-373156890; includeSubDomains
P3P
CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE", CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length
348
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 7A74
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEN65EBbZ-18SQF6OVg1ngGU&google_push=AaAOQGH-Jf3z5c-TTO_pssQNrAQUO9PPFZVl_CwHdh2npbRFdyy4sdqOmL...
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEN65EBbZ-18SQF6OVg1ngGU&google_push=AaAOQGH-Jf3z5c-TTO_pssQNrAQUO9PPFZVl_CwHdh2npbRFdyy4sdqOmLrWT2Wsz5AYxfBsf_CYV2YXkxElwtKWs5w3WRjMzlRrDg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1618592205083780&output=html&h=178&slotname=2609168587&adk=1374432671&adf=4036610663&pi=t.ma~as.2609168587&w=710&fwrn=4&lmt=1690152109&rafmt=11&format=710x178&url=https%3A%2F%2Fwww.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690152109199&bpp=10&bdt=2334&idt=277&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&correlator=4611190033106&frm=20&pv=2&ga_vid=1167766464.1690152109&ga_sid=1690152109&ga_hid=1961258191&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=295&ady=1617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31076087%2C42531706%2C44788441%2C44797784&oid=2&pvsid=4066533587057257&tmod=1604677241&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=5ut2MxHbOz&p=https%3A//www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru&dtd=391
Protocol
H2
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Jul 2023 22:41:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-yyz4545-YYZ
pragma
no-cache
date
Sun, 23 Jul 2023 22:41:50 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1690152110.197488,VS0,VE21
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEN65EBbZ-18SQF6OVg1ngGU&google_push=AaAOQGH-Jf3z5c-TTO_pssQNrAQUO9PPFZVl_CwHdh2npbRFdyy4sdqOmLrWT2Wsz5AYxfBsf_CYV2YXkxElwtKWs5w3WRjMzlRrDg
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 7A74
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESENw7_fRklOb0-qngjYUi0hI&google_cver=1&google_push=AaAOQGE4mTmxJ9nExJKQpoNcHRuntl7kLznkWZuBQseWZiE1lBnxyhub6XpkjhTORhP4v3eQGhuOBsENeTd_7gIkgnBPCiaWL...
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=803754168391
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=803754168391
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1618592205083780&output=html&h=178&slotname=2609168587&adk=1374432671&adf=4036610663&pi=t.ma~as.2609168587&w=710&fwrn=4&lmt=1690152109&rafmt=11&format=710x178&url=https%3A%2F%2Fwww.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690152109199&bpp=10&bdt=2334&idt=277&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&correlator=4611190033106&frm=20&pv=2&ga_vid=1167766464.1690152109&ga_sid=1690152109&ga_hid=1961258191&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=295&ady=1617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31076087%2C42531706%2C44788441%2C44797784&oid=2&pvsid=4066533587057257&tmod=1604677241&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=5ut2MxHbOz&p=https%3A//www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru&dtd=391
Protocol
H2
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Jul 2023 22:41:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=803754168391
Content-Length
0
usersync.aspx
dis.criteo.com/dis/ Frame 7A74
43 B
363 B
Image
General
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3D%25%25GOOGLE_PUSH%25%25&google_gid=CAESECxs0wIpXEKpefbkCeLOm7w&google_cver=1&google_push=AaAOQGGncP0glK_Fud34gY3uEWv2md2gMrCzXEaoVl4qpbePjyHLNAjGlX6Jv-82BW7xwUGtge6r8RisaV7eXolwcRgmO2aYgReY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1618592205083780&output=html&h=178&slotname=2609168587&adk=1374432671&adf=4036610663&pi=t.ma~as.2609168587&w=710&fwrn=4&lmt=1690152109&rafmt=11&format=710x178&url=https%3A%2F%2Fwww.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690152109199&bpp=10&bdt=2334&idt=277&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&correlator=4611190033106&frm=20&pv=2&ga_vid=1167766464.1690152109&ga_sid=1690152109&ga_hid=1961258191&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=295&ady=1617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31076087%2C42531706%2C44788441%2C44797784&oid=2&pvsid=4066533587057257&tmod=1604677241&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=5ut2MxHbOz&p=https%3A//www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru&dtd=391
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Jul 2023 22:41:49 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
380619
expires
Sun, 23 Jul 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7A74
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESEBVzX-dG_DDwJ0NMmNty4eM&google_cver=1&google_push=AaAOQGHlRyAqyU4S8XgA30uGUw2fqCJi2WZQN9V_cyVSb3vamwQ91uzYrepxIny_oQNwZEFgULU5...
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=google&ssp_init=step1&google_gid=CAESEBVzX-dG_DDwJ0NMmNty4eM&google_cver=1&google_push=AaAOQGHlRyAqyU4S8XgA30uGUw2fqCJi2WZQN9V_cyVSb3vamwQ91uzYrepxIny_oQNwZE...
  • https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=mEJ_QxQ6QQORmDvQsavBSA==&no_redirect=1&google_push=AaAOQGHlRyAqyU4S8XgA30uGUw2fqCJi2WZQN9V_cyVSb3vamwQ91u...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=mEJ_QxQ6QQORmDvQsavBSA==&no_redirect=1&google_push=AaAOQGHlRyAqyU4S8XgA30uGUw2fqCJi2WZQN9V_cyVSb3vamwQ91uzYrepxIny_oQNwZEFgULU5TrVsgE0666dhMqIcGLd8JiBtfQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1618592205083780&output=html&h=178&slotname=2609168587&adk=1374432671&adf=4036610663&pi=t.ma~as.2609168587&w=710&fwrn=4&lmt=1690152109&rafmt=11&format=710x178&url=https%3A%2F%2Fwww.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690152109199&bpp=10&bdt=2334&idt=277&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&correlator=4611190033106&frm=20&pv=2&ga_vid=1167766464.1690152109&ga_sid=1690152109&ga_hid=1961258191&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=295&ady=1617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31076087%2C42531706%2C44788441%2C44797784&oid=2&pvsid=4066533587057257&tmod=1604677241&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=5ut2MxHbOz&p=https%3A//www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru&dtd=391
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Jul 2023 22:41:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=mEJ_QxQ6QQORmDvQsavBSA==&no_redirect=1&google_push=AaAOQGHlRyAqyU4S8XgA30uGUw2fqCJi2WZQN9V_cyVSb3vamwQ91uzYrepxIny_oQNwZEFgULU5TrVsgE0666dhMqIcGLd8JiBtfQ
date
Sun, 23 Jul 2023 22:41:50 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 7A74
0
130 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KA_GuajAgxAycS4JJkTbwvf3DzTKhNfKbFe6MYRTbQIrZyaRnGTFMmjHxGpKFDflrXB1A7Fg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1618592205083780&output=html&h=178&slotname=2609168587&adk=1374432671&adf=4036610663&pi=t.ma~as.2609168587&w=710&fwrn=4&lmt=1690152109&rafmt=11&format=710x178&url=https%3A%2F%2Fwww.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690152109199&bpp=10&bdt=2334&idt=277&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&correlator=4611190033106&frm=20&pv=2&ga_vid=1167766464.1690152109&ga_sid=1690152109&ga_hid=1961258191&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=295&ady=1617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31076087%2C42531706%2C44788441%2C44797784&oid=2&pvsid=4066533587057257&tmod=1604677241&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=5ut2MxHbOz&p=https%3A//www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru&dtd=391
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:50 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
collect
www.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-XR25G8TDFM&gtm=45je37j0&_p=1961258191&ul=en-us&sr=1600x1200&cid=1167766464.1690152109&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru%2F&dt=%D0%90%D1%83%D0%B4%D0%B8%D0%BE%D0%BA%D0%BD%D0%B8%D0%B3%D0%B8%20%D1%81%D0%BB%D1%83%D1%88%D0%B0%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%3A%3A%20bookmp3.ru&sid=1690152110&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XR25G8TDFM&cx=c&_slc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Jul 2023 22:41:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 0F12
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAJ78UFKNMXAANAL1ZjmMz9_9MSmeQpdg&u=%7CSjDzQLoKHiuuCPxM7LPYvqN8FUsLBhtYQkKBsl3HK%2F0%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78rklu3251mk0mb-RBzl6Q31aohG_DEjutoXymwHZ91Z5SU1mntZfa4vRc8nT5cTmKM7rUKSqosjXyKCO6jz5XzCxIlxCJefYRUBo36Loj-fUW_M0PUrQ8aLmuPBxSlf9kTqYj198CQ0QXv5xkn2PGMHP7Jlfkz4Bo___s7ReVMEc5icU6Zgj9uV0fMoFNdgFJp7KFnLj9yo5l8jpaGXtJ_h5bDH9yJxd9WOXsr17HBQUhWUJ2QfY3sJyM9QOj7BZgNfgGHciAYlbGo1Zr1Rwxr9y3gRd1-SpYj9QrPLCRiGeXcssGkE1ycjVHNF_G1thgitRAlntEyrerFwrWRFm42NrIvoNlj_apermKpE41PIdYyG7iGZiEDCP_ZJ_8Dsn4c2L2BNJSHEQfqclMERWLgICjY3BxgFoi5HCeBiWzM2Xkh8zEOg0EDkcTaq3YoA62yde8yzkCYLBUJry5FCkDVWcKHOFu16kzLzM0jq9XwvPMNuamfTROycTSA19jHAoZaIyFpxOyU3Nh7hIOB7MkA6R7bdvxGu2-E9ruvI66_sQ-FaSF1Owbdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPn4dray9ZMXfJ5emo9kPr4CNgAqcge-wXNKWqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoExQJP0GUzpYeEATZ465b5enwUkn9CZqrD9D3-kj7evH0GOnKaaytMEg-HfUZinFZ6kPN6jJxPJMx88c0sRPYiTkERNV1Xoe2gB00xPTa4y6a5SQTwAsMjpUMoIpfkyiasC4ibOaMIU5YDBm1v1gz8OG4LFb-JSKnF9bu_B3rwbHLCXQmDzB6atOKDfa08adj6wHnq_WkcZR7fjwMJmB3M0Ow9naY2W2xxoJEK_csXkeuViT_C0_zUhE0UzTVD4HxDTWby0N7CRc601z_6so5Px6vWH3PZTMRhoIwStl4PfnVmLsy6zZLijpG_u4LCCJsq6CnvXnmKStvlI9LrnobQzZBYX_L4d12LZzpbcwTUl3ak_x1VmsTXGGzFVwQOy7d7102Z8U9C8rvmgJAXA8xyurwoNWAmKENmMCLDRVqOxwQsd1cXlyLLgAbJx_363fjukhegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1ft_UO8uoXHKdC3d-9FDjyE1m4WA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:50 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 17 Jul 2024 22:41:50 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 0F12
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAJ78UFKNMXAANAL1ZjmMz9_9MSmeQpdg&u=%7CSjDzQLoKHiuuCPxM7LPYvqN8FUsLBhtYQkKBsl3HK%2F0%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78rklu3251mk0mb-RBzl6Q31aohG_DEjutoXymwHZ91Z5SU1mntZfa4vRc8nT5cTmKM7rUKSqosjXyKCO6jz5XzCxIlxCJefYRUBo36Loj-fUW_M0PUrQ8aLmuPBxSlf9kTqYj198CQ0QXv5xkn2PGMHP7Jlfkz4Bo___s7ReVMEc5icU6Zgj9uV0fMoFNdgFJp7KFnLj9yo5l8jpaGXtJ_h5bDH9yJxd9WOXsr17HBQUhWUJ2QfY3sJyM9QOj7BZgNfgGHciAYlbGo1Zr1Rwxr9y3gRd1-SpYj9QrPLCRiGeXcssGkE1ycjVHNF_G1thgitRAlntEyrerFwrWRFm42NrIvoNlj_apermKpE41PIdYyG7iGZiEDCP_ZJ_8Dsn4c2L2BNJSHEQfqclMERWLgICjY3BxgFoi5HCeBiWzM2Xkh8zEOg0EDkcTaq3YoA62yde8yzkCYLBUJry5FCkDVWcKHOFu16kzLzM0jq9XwvPMNuamfTROycTSA19jHAoZaIyFpxOyU3Nh7hIOB7MkA6R7bdvxGu2-E9ruvI66_sQ-FaSF1Owbdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPn4dray9ZMXfJ5emo9kPr4CNgAqcge-wXNKWqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoExQJP0GUzpYeEATZ465b5enwUkn9CZqrD9D3-kj7evH0GOnKaaytMEg-HfUZinFZ6kPN6jJxPJMx88c0sRPYiTkERNV1Xoe2gB00xPTa4y6a5SQTwAsMjpUMoIpfkyiasC4ibOaMIU5YDBm1v1gz8OG4LFb-JSKnF9bu_B3rwbHLCXQmDzB6atOKDfa08adj6wHnq_WkcZR7fjwMJmB3M0Ow9naY2W2xxoJEK_csXkeuViT_C0_zUhE0UzTVD4HxDTWby0N7CRc601z_6so5Px6vWH3PZTMRhoIwStl4PfnVmLsy6zZLijpG_u4LCCJsq6CnvXnmKStvlI9LrnobQzZBYX_L4d12LZzpbcwTUl3ak_x1VmsTXGGzFVwQOy7d7102Z8U9C8rvmgJAXA8xyurwoNWAmKENmMCLDRVqOxwQsd1cXlyLLgAbJx_363fjukhegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1ft_UO8uoXHKdC3d-9FDjyE1m4WA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:50 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 17 Jul 2024 22:41:50 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 0F12
308 B
637 B
Image
General
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAJ78UFKNMXAANAL1ZjmMz9_9MSmeQpdg&u=%7CSjDzQLoKHiuuCPxM7LPYvqN8FUsLBhtYQkKBsl3HK%2F0%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78rklu3251mk0mb-RBzl6Q31aohG_DEjutoXymwHZ91Z5SU1mntZfa4vRc8nT5cTmKM7rUKSqosjXyKCO6jz5XzCxIlxCJefYRUBo36Loj-fUW_M0PUrQ8aLmuPBxSlf9kTqYj198CQ0QXv5xkn2PGMHP7Jlfkz4Bo___s7ReVMEc5icU6Zgj9uV0fMoFNdgFJp7KFnLj9yo5l8jpaGXtJ_h5bDH9yJxd9WOXsr17HBQUhWUJ2QfY3sJyM9QOj7BZgNfgGHciAYlbGo1Zr1Rwxr9y3gRd1-SpYj9QrPLCRiGeXcssGkE1ycjVHNF_G1thgitRAlntEyrerFwrWRFm42NrIvoNlj_apermKpE41PIdYyG7iGZiEDCP_ZJ_8Dsn4c2L2BNJSHEQfqclMERWLgICjY3BxgFoi5HCeBiWzM2Xkh8zEOg0EDkcTaq3YoA62yde8yzkCYLBUJry5FCkDVWcKHOFu16kzLzM0jq9XwvPMNuamfTROycTSA19jHAoZaIyFpxOyU3Nh7hIOB7MkA6R7bdvxGu2-E9ruvI66_sQ-FaSF1Owbdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPn4dray9ZMXfJ5emo9kPr4CNgAqcge-wXNKWqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoExQJP0GUzpYeEATZ465b5enwUkn9CZqrD9D3-kj7evH0GOnKaaytMEg-HfUZinFZ6kPN6jJxPJMx88c0sRPYiTkERNV1Xoe2gB00xPTa4y6a5SQTwAsMjpUMoIpfkyiasC4ibOaMIU5YDBm1v1gz8OG4LFb-JSKnF9bu_B3rwbHLCXQmDzB6atOKDfa08adj6wHnq_WkcZR7fjwMJmB3M0Ow9naY2W2xxoJEK_csXkeuViT_C0_zUhE0UzTVD4HxDTWby0N7CRc601z_6so5Px6vWH3PZTMRhoIwStl4PfnVmLsy6zZLijpG_u4LCCJsq6CnvXnmKStvlI9LrnobQzZBYX_L4d12LZzpbcwTUl3ak_x1VmsTXGGzFVwQOy7d7102Z8U9C8rvmgJAXA8xyurwoNWAmKENmMCLDRVqOxwQsd1cXlyLLgAbJx_363fjukhegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1ft_UO8uoXHKdC3d-9FDjyE1m4WA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:50 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Wed, 17 Jul 2024 22:41:50 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 0F12
293 B
621 B
Image
General
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAJ78UFKNMXAANAL1ZjmMz9_9MSmeQpdg&u=%7CSjDzQLoKHiuuCPxM7LPYvqN8FUsLBhtYQkKBsl3HK%2F0%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78rklu3251mk0mb-RBzl6Q31aohG_DEjutoXymwHZ91Z5SU1mntZfa4vRc8nT5cTmKM7rUKSqosjXyKCO6jz5XzCxIlxCJefYRUBo36Loj-fUW_M0PUrQ8aLmuPBxSlf9kTqYj198CQ0QXv5xkn2PGMHP7Jlfkz4Bo___s7ReVMEc5icU6Zgj9uV0fMoFNdgFJp7KFnLj9yo5l8jpaGXtJ_h5bDH9yJxd9WOXsr17HBQUhWUJ2QfY3sJyM9QOj7BZgNfgGHciAYlbGo1Zr1Rwxr9y3gRd1-SpYj9QrPLCRiGeXcssGkE1ycjVHNF_G1thgitRAlntEyrerFwrWRFm42NrIvoNlj_apermKpE41PIdYyG7iGZiEDCP_ZJ_8Dsn4c2L2BNJSHEQfqclMERWLgICjY3BxgFoi5HCeBiWzM2Xkh8zEOg0EDkcTaq3YoA62yde8yzkCYLBUJry5FCkDVWcKHOFu16kzLzM0jq9XwvPMNuamfTROycTSA19jHAoZaIyFpxOyU3Nh7hIOB7MkA6R7bdvxGu2-E9ruvI66_sQ-FaSF1Owbdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPn4dray9ZMXfJ5emo9kPr4CNgAqcge-wXNKWqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoExQJP0GUzpYeEATZ465b5enwUkn9CZqrD9D3-kj7evH0GOnKaaytMEg-HfUZinFZ6kPN6jJxPJMx88c0sRPYiTkERNV1Xoe2gB00xPTa4y6a5SQTwAsMjpUMoIpfkyiasC4ibOaMIU5YDBm1v1gz8OG4LFb-JSKnF9bu_B3rwbHLCXQmDzB6atOKDfa08adj6wHnq_WkcZR7fjwMJmB3M0Ow9naY2W2xxoJEK_csXkeuViT_C0_zUhE0UzTVD4HxDTWby0N7CRc601z_6so5Px6vWH3PZTMRhoIwStl4PfnVmLsy6zZLijpG_u4LCCJsq6CnvXnmKStvlI9LrnobQzZBYX_L4d12LZzpbcwTUl3ak_x1VmsTXGGzFVwQOy7d7102Z8U9C8rvmgJAXA8xyurwoNWAmKENmMCLDRVqOxwQsd1cXlyLLgAbJx_363fjukhegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1ft_UO8uoXHKdC3d-9FDjyE1m4WA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:50 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Wed, 17 Jul 2024 22:41:50 GMT
lg.php
cat.va.us.criteo.com/delivery/ Frame 0F12
43 B
348 B
Image
General
Full URL
https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=8mv_raGCShzmOLQz9Dw8IboXfVQzwX87-TAJjGGARC-uOURt_lK2kWNjI_phkclzh-HMY6JxLuxleJW-1TCFXGpQ4IOVbPQwRcmS0ARJWuWx7nBwJ1Rupn2a1a3ly5dPviq38oJh-sDg7-7w40Lqn7HXgsdz6QKBM89asbxsvE8tjxEzb0XpBIK6EiCs7zhKkW1KgFe5G0ChzcZqSeI8TlGrW65snexHrrn7rKBXeMpXc3CT0jPLT1wghZvjfNzgUEdykUZYLfNucGZxQAlOdIfuJgwWRFS-VIRygXf9RVdrxgUuGtgcDijI5LGXrim8lLWnQjz7GH1rbAipxGPzuB12Gm6VN0vZmisgHoCiKL6bDYZN7TfYTXJOWGAq_Qwps_6r-V8MzqJ0wp0BlXI_vtj47BPpVsf2ZV2_AvlN9nxvQ9On
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAJ78UFKNMXAANAL1ZjmMz9_9MSmeQpdg&u=%7CSjDzQLoKHiuuCPxM7LPYvqN8FUsLBhtYQkKBsl3HK%2F0%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78rklu3251mk0mb-RBzl6Q31aohG_DEjutoXymwHZ91Z5SU1mntZfa4vRc8nT5cTmKM7rUKSqosjXyKCO6jz5XzCxIlxCJefYRUBo36Loj-fUW_M0PUrQ8aLmuPBxSlf9kTqYj198CQ0QXv5xkn2PGMHP7Jlfkz4Bo___s7ReVMEc5icU6Zgj9uV0fMoFNdgFJp7KFnLj9yo5l8jpaGXtJ_h5bDH9yJxd9WOXsr17HBQUhWUJ2QfY3sJyM9QOj7BZgNfgGHciAYlbGo1Zr1Rwxr9y3gRd1-SpYj9QrPLCRiGeXcssGkE1ycjVHNF_G1thgitRAlntEyrerFwrWRFm42NrIvoNlj_apermKpE41PIdYyG7iGZiEDCP_ZJ_8Dsn4c2L2BNJSHEQfqclMERWLgICjY3BxgFoi5HCeBiWzM2Xkh8zEOg0EDkcTaq3YoA62yde8yzkCYLBUJry5FCkDVWcKHOFu16kzLzM0jq9XwvPMNuamfTROycTSA19jHAoZaIyFpxOyU3Nh7hIOB7MkA6R7bdvxGu2-E9ruvI66_sQ-FaSF1Owbdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPn4dray9ZMXfJ5emo9kPr4CNgAqcge-wXNKWqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoExQJP0GUzpYeEATZ465b5enwUkn9CZqrD9D3-kj7evH0GOnKaaytMEg-HfUZinFZ6kPN6jJxPJMx88c0sRPYiTkERNV1Xoe2gB00xPTa4y6a5SQTwAsMjpUMoIpfkyiasC4ibOaMIU5YDBm1v1gz8OG4LFb-JSKnF9bu_B3rwbHLCXQmDzB6atOKDfa08adj6wHnq_WkcZR7fjwMJmB3M0Ow9naY2W2xxoJEK_csXkeuViT_C0_zUhE0UzTVD4HxDTWby0N7CRc601z_6so5Px6vWH3PZTMRhoIwStl4PfnVmLsy6zZLijpG_u4LCCJsq6CnvXnmKStvlI9LrnobQzZBYX_L4d12LZzpbcwTUl3ak_x1VmsTXGGzFVwQOy7d7102Z8U9C8rvmgJAXA8xyurwoNWAmKENmMCLDRVqOxwQsd1cXlyLLgAbJx_363fjukhegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1ft_UO8uoXHKdC3d-9FDjyE1m4WA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Jul 2023 22:41:50 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1810570
expires
Mon, 26 Jul 1997 05:00:00 GMT
truncated
/ Frame 3A3C
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e39a0733fc0ca48ac56314b49afc2cceb7d10b0c1102974a588bc6a307d3f134

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type
image/png
animejs.js
static.criteo.net/animejs/ Frame 0F12
12 KB
6 KB
Script
General
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAJ78UFKNMXAANAL1ZjmMz9_9MSmeQpdg&u=%7CSjDzQLoKHiuuCPxM7LPYvqN8FUsLBhtYQkKBsl3HK%2F0%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78rklu3251mk0mb-RBzl6Q31aohG_DEjutoXymwHZ91Z5SU1mntZfa4vRc8nT5cTmKM7rUKSqosjXyKCO6jz5XzCxIlxCJefYRUBo36Loj-fUW_M0PUrQ8aLmuPBxSlf9kTqYj198CQ0QXv5xkn2PGMHP7Jlfkz4Bo___s7ReVMEc5icU6Zgj9uV0fMoFNdgFJp7KFnLj9yo5l8jpaGXtJ_h5bDH9yJxd9WOXsr17HBQUhWUJ2QfY3sJyM9QOj7BZgNfgGHciAYlbGo1Zr1Rwxr9y3gRd1-SpYj9QrPLCRiGeXcssGkE1ycjVHNF_G1thgitRAlntEyrerFwrWRFm42NrIvoNlj_apermKpE41PIdYyG7iGZiEDCP_ZJ_8Dsn4c2L2BNJSHEQfqclMERWLgICjY3BxgFoi5HCeBiWzM2Xkh8zEOg0EDkcTaq3YoA62yde8yzkCYLBUJry5FCkDVWcKHOFu16kzLzM0jq9XwvPMNuamfTROycTSA19jHAoZaIyFpxOyU3Nh7hIOB7MkA6R7bdvxGu2-E9ruvI66_sQ-FaSF1Owbdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPn4dray9ZMXfJ5emo9kPr4CNgAqcge-wXNKWqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoExQJP0GUzpYeEATZ465b5enwUkn9CZqrD9D3-kj7evH0GOnKaaytMEg-HfUZinFZ6kPN6jJxPJMx88c0sRPYiTkERNV1Xoe2gB00xPTa4y6a5SQTwAsMjpUMoIpfkyiasC4ibOaMIU5YDBm1v1gz8OG4LFb-JSKnF9bu_B3rwbHLCXQmDzB6atOKDfa08adj6wHnq_WkcZR7fjwMJmB3M0Ow9naY2W2xxoJEK_csXkeuViT_C0_zUhE0UzTVD4HxDTWby0N7CRc601z_6so5Px6vWH3PZTMRhoIwStl4PfnVmLsy6zZLijpG_u4LCCJsq6CnvXnmKStvlI9LrnobQzZBYX_L4d12LZzpbcwTUl3ak_x1VmsTXGGzFVwQOy7d7102Z8U9C8rvmgJAXA8xyurwoNWAmKENmMCLDRVqOxwQsd1cXlyLLgAbJx_363fjukhegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1ft_UO8uoXHKdC3d-9FDjyE1m4WA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:50 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 17 Jul 2024 22:41:50 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307180101/
154 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307180101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307180101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
360d4bb90ef57dc44ffeb05fe364a73b2728671c2fe122685f6f558a83e39d3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53531
x-xss-protection
0
server
cafe
etag
7369311847679854289
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 23 Jul 2023 22:41:50 GMT
img
imageproxy.us.criteo.net/img/ Frame 0F12
27 KB
28 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?h=352&m=0&partner=52383&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F52383%2F4774029%2Fd776ec11ea57494ba0020202cc6e56d5_black_logo_600.png&v=3&w=284&s=HBfvElW0S6jGqeYZrlSX19Qx
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAJ78UFKNMXAANAL1ZjmMz9_9MSmeQpdg&u=%7CSjDzQLoKHiuuCPxM7LPYvqN8FUsLBhtYQkKBsl3HK%2F0%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78rklu3251mk0mb-RBzl6Q31aohG_DEjutoXymwHZ91Z5SU1mntZfa4vRc8nT5cTmKM7rUKSqosjXyKCO6jz5XzCxIlxCJefYRUBo36Loj-fUW_M0PUrQ8aLmuPBxSlf9kTqYj198CQ0QXv5xkn2PGMHP7Jlfkz4Bo___s7ReVMEc5icU6Zgj9uV0fMoFNdgFJp7KFnLj9yo5l8jpaGXtJ_h5bDH9yJxd9WOXsr17HBQUhWUJ2QfY3sJyM9QOj7BZgNfgGHciAYlbGo1Zr1Rwxr9y3gRd1-SpYj9QrPLCRiGeXcssGkE1ycjVHNF_G1thgitRAlntEyrerFwrWRFm42NrIvoNlj_apermKpE41PIdYyG7iGZiEDCP_ZJ_8Dsn4c2L2BNJSHEQfqclMERWLgICjY3BxgFoi5HCeBiWzM2Xkh8zEOg0EDkcTaq3YoA62yde8yzkCYLBUJry5FCkDVWcKHOFu16kzLzM0jq9XwvPMNuamfTROycTSA19jHAoZaIyFpxOyU3Nh7hIOB7MkA6R7bdvxGu2-E9ruvI66_sQ-FaSF1Owbdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPn4dray9ZMXfJ5emo9kPr4CNgAqcge-wXNKWqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoExQJP0GUzpYeEATZ465b5enwUkn9CZqrD9D3-kj7evH0GOnKaaytMEg-HfUZinFZ6kPN6jJxPJMx88c0sRPYiTkERNV1Xoe2gB00xPTa4y6a5SQTwAsMjpUMoIpfkyiasC4ibOaMIU5YDBm1v1gz8OG4LFb-JSKnF9bu_B3rwbHLCXQmDzB6atOKDfa08adj6wHnq_WkcZR7fjwMJmB3M0Ow9naY2W2xxoJEK_csXkeuViT_C0_zUhE0UzTVD4HxDTWby0N7CRc601z_6so5Px6vWH3PZTMRhoIwStl4PfnVmLsy6zZLijpG_u4LCCJsq6CnvXnmKStvlI9LrnobQzZBYX_L4d12LZzpbcwTUl3ak_x1VmsTXGGzFVwQOy7d7102Z8U9C8rvmgJAXA8xyurwoNWAmKENmMCLDRVqOxwQsd1cXlyLLgAbJx_363fjukhegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1ft_UO8uoXHKdC3d-9FDjyE1m4WA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
50e4c20b2a1596f5618dbccb3ad11d4f42f18066d9f89bfe7cb6b6b633a1afcb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
content-length
28037
expires
Sat, 01 Jun 2024 17:02:46 GMT
all
csm.us.criteo.net/ Frame 0F12
0
128 B
Ping
General
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=mYGSzk5XRp0-3kmALDl6o2kKcwQWJqUbZ-HM7YqkKskYgnLxKHIJlqQiOyNRzcqONNB4Sbt5dDxPgn-RTV9F3DRtCk-c1orqrGZwe6qe8q3MTQxi4ckHjILwV523uokCEAg0hweGYtYsAATYUHMtWcqEeuTJf5DdEMC9kA6GedwTOT0vosQxRvf3oArmaP4hMiiKqTzJ_Jt0wTV7psmhPh1OnbeoKEkEEEmU4pbnffanuUDrtmHaMX66qMzLcIdyTIP0OA&sds=2&rev=87574&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAJ78UFKNMXAANAL1ZjmMz9_9MSmeQpdg&u=%7CSjDzQLoKHiuuCPxM7LPYvqN8FUsLBhtYQkKBsl3HK%2F0%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78rklu3251mk0mb-RBzl6Q31aohG_DEjutoXymwHZ91Z5SU1mntZfa4vRc8nT5cTmKM7rUKSqosjXyKCO6jz5XzCxIlxCJefYRUBo36Loj-fUW_M0PUrQ8aLmuPBxSlf9kTqYj198CQ0QXv5xkn2PGMHP7Jlfkz4Bo___s7ReVMEc5icU6Zgj9uV0fMoFNdgFJp7KFnLj9yo5l8jpaGXtJ_h5bDH9yJxd9WOXsr17HBQUhWUJ2QfY3sJyM9QOj7BZgNfgGHciAYlbGo1Zr1Rwxr9y3gRd1-SpYj9QrPLCRiGeXcssGkE1ycjVHNF_G1thgitRAlntEyrerFwrWRFm42NrIvoNlj_apermKpE41PIdYyG7iGZiEDCP_ZJ_8Dsn4c2L2BNJSHEQfqclMERWLgICjY3BxgFoi5HCeBiWzM2Xkh8zEOg0EDkcTaq3YoA62yde8yzkCYLBUJry5FCkDVWcKHOFu16kzLzM0jq9XwvPMNuamfTROycTSA19jHAoZaIyFpxOyU3Nh7hIOB7MkA6R7bdvxGu2-E9ruvI66_sQ-FaSF1Owbdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPn4dray9ZMXfJ5emo9kPr4CNgAqcge-wXNKWqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoExQJP0GUzpYeEATZ465b5enwUkn9CZqrD9D3-kj7evH0GOnKaaytMEg-HfUZinFZ6kPN6jJxPJMx88c0sRPYiTkERNV1Xoe2gB00xPTa4y6a5SQTwAsMjpUMoIpfkyiasC4ibOaMIU5YDBm1v1gz8OG4LFb-JSKnF9bu_B3rwbHLCXQmDzB6atOKDfa08adj6wHnq_WkcZR7fjwMJmB3M0Ow9naY2W2xxoJEK_csXkeuViT_C0_zUhE0UzTVD4HxDTWby0N7CRc601z_6so5Px6vWH3PZTMRhoIwStl4PfnVmLsy6zZLijpG_u4LCCJsq6CnvXnmKStvlI9LrnobQzZBYX_L4d12LZzpbcwTUl3ak_x1VmsTXGGzFVwQOy7d7102Z8U9C8rvmgJAXA8xyurwoNWAmKENmMCLDRVqOxwQsd1cXlyLLgAbJx_363fjukhegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1ft_UO8uoXHKdC3d-9FDjyE1m4WA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 23 Jul 2023 22:41:52 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 0F12
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAJ78UFKNMXAANAL1ZjmMz9_9MSmeQpdg&u=%7CSjDzQLoKHiuuCPxM7LPYvqN8FUsLBhtYQkKBsl3HK%2F0%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78rklu3251mk0mb-RBzl6Q31aohG_DEjutoXymwHZ91Z5SU1mntZfa4vRc8nT5cTmKM7rUKSqosjXyKCO6jz5XzCxIlxCJefYRUBo36Loj-fUW_M0PUrQ8aLmuPBxSlf9kTqYj198CQ0QXv5xkn2PGMHP7Jlfkz4Bo___s7ReVMEc5icU6Zgj9uV0fMoFNdgFJp7KFnLj9yo5l8jpaGXtJ_h5bDH9yJxd9WOXsr17HBQUhWUJ2QfY3sJyM9QOj7BZgNfgGHciAYlbGo1Zr1Rwxr9y3gRd1-SpYj9QrPLCRiGeXcssGkE1ycjVHNF_G1thgitRAlntEyrerFwrWRFm42NrIvoNlj_apermKpE41PIdYyG7iGZiEDCP_ZJ_8Dsn4c2L2BNJSHEQfqclMERWLgICjY3BxgFoi5HCeBiWzM2Xkh8zEOg0EDkcTaq3YoA62yde8yzkCYLBUJry5FCkDVWcKHOFu16kzLzM0jq9XwvPMNuamfTROycTSA19jHAoZaIyFpxOyU3Nh7hIOB7MkA6R7bdvxGu2-E9ruvI66_sQ-FaSF1Owbdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPn4dray9ZMXfJ5emo9kPr4CNgAqcge-wXNKWqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoExQJP0GUzpYeEATZ465b5enwUkn9CZqrD9D3-kj7evH0GOnKaaytMEg-HfUZinFZ6kPN6jJxPJMx88c0sRPYiTkERNV1Xoe2gB00xPTa4y6a5SQTwAsMjpUMoIpfkyiasC4ibOaMIU5YDBm1v1gz8OG4LFb-JSKnF9bu_B3rwbHLCXQmDzB6atOKDfa08adj6wHnq_WkcZR7fjwMJmB3M0Ow9naY2W2xxoJEK_csXkeuViT_C0_zUhE0UzTVD4HxDTWby0N7CRc601z_6so5Px6vWH3PZTMRhoIwStl4PfnVmLsy6zZLijpG_u4LCCJsq6CnvXnmKStvlI9LrnobQzZBYX_L4d12LZzpbcwTUl3ak_x1VmsTXGGzFVwQOy7d7102Z8U9C8rvmgJAXA8xyurwoNWAmKENmMCLDRVqOxwQsd1cXlyLLgAbJx_363fjukhegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1ft_UO8uoXHKdC3d-9FDjyE1m4WA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:50 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 17 Jul 2024 22:41:50 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 0F12
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAJ78UFKNMXAANAL1ZjmMz9_9MSmeQpdg&u=%7CSjDzQLoKHiuuCPxM7LPYvqN8FUsLBhtYQkKBsl3HK%2F0%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78rklu3251mk0mb-RBzl6Q31aohG_DEjutoXymwHZ91Z5SU1mntZfa4vRc8nT5cTmKM7rUKSqosjXyKCO6jz5XzCxIlxCJefYRUBo36Loj-fUW_M0PUrQ8aLmuPBxSlf9kTqYj198CQ0QXv5xkn2PGMHP7Jlfkz4Bo___s7ReVMEc5icU6Zgj9uV0fMoFNdgFJp7KFnLj9yo5l8jpaGXtJ_h5bDH9yJxd9WOXsr17HBQUhWUJ2QfY3sJyM9QOj7BZgNfgGHciAYlbGo1Zr1Rwxr9y3gRd1-SpYj9QrPLCRiGeXcssGkE1ycjVHNF_G1thgitRAlntEyrerFwrWRFm42NrIvoNlj_apermKpE41PIdYyG7iGZiEDCP_ZJ_8Dsn4c2L2BNJSHEQfqclMERWLgICjY3BxgFoi5HCeBiWzM2Xkh8zEOg0EDkcTaq3YoA62yde8yzkCYLBUJry5FCkDVWcKHOFu16kzLzM0jq9XwvPMNuamfTROycTSA19jHAoZaIyFpxOyU3Nh7hIOB7MkA6R7bdvxGu2-E9ruvI66_sQ-FaSF1Owbdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPn4dray9ZMXfJ5emo9kPr4CNgAqcge-wXNKWqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoExQJP0GUzpYeEATZ465b5enwUkn9CZqrD9D3-kj7evH0GOnKaaytMEg-HfUZinFZ6kPN6jJxPJMx88c0sRPYiTkERNV1Xoe2gB00xPTa4y6a5SQTwAsMjpUMoIpfkyiasC4ibOaMIU5YDBm1v1gz8OG4LFb-JSKnF9bu_B3rwbHLCXQmDzB6atOKDfa08adj6wHnq_WkcZR7fjwMJmB3M0Ow9naY2W2xxoJEK_csXkeuViT_C0_zUhE0UzTVD4HxDTWby0N7CRc601z_6so5Px6vWH3PZTMRhoIwStl4PfnVmLsy6zZLijpG_u4LCCJsq6CnvXnmKStvlI9LrnobQzZBYX_L4d12LZzpbcwTUl3ak_x1VmsTXGGzFVwQOy7d7102Z8U9C8rvmgJAXA8xyurwoNWAmKENmMCLDRVqOxwQsd1cXlyLLgAbJx_363fjukhegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1ft_UO8uoXHKdC3d-9FDjyE1m4WA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:50 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 17 Jul 2024 22:41:50 GMT
getcookie
matchid.adfox.yandex.ru/
88 B
310 B
XHR
General
Full URL
https://matchid.adfox.yandex.ru/getcookie
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::16b Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
60a02319effc380c190f1fe251c649cad498678f82213c4a2485dc9fc019612a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
date
Sun, 23 Jul 2023 22:41:54 GMT
access-control-allow-credentials
true
x-content-type-options
nosniff
timing-allow-origin
*
content-length
88
content-type
application/json
906c3b67d31bb71b1927.js
yastatic.net/partner-code-bundles/811262/
9 KB
4 KB
Script
General
Full URL
https://yastatic.net/partner-code-bundles/811262/906c3b67d31bb71b1927.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
1e2ac6f9a72032fd1d20e9edb74a8e7362119620364823014ac430dcd0f18825
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Origin
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:50 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
3557
last-modified
Fri, 21 Jul 2023 12:47:14 GMT
server
nginx/1.17.9
etag
"c1e6b8b79ac59bf5520aaab779170b9f"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Wed, 23 Jul 2053 05:13:48 GMT
e76fe8226b615546d098.js
yastatic.net/partner-code-bundles/811262/
30 KB
9 KB
Script
General
Full URL
https://yastatic.net/partner-code-bundles/811262/e76fe8226b615546d098.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
2c30928825264af3ce25cd2cfa08e921439b52efcc30a328e94b4e84064bd6fc
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Origin
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:50 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
8616
last-modified
Fri, 21 Jul 2023 12:47:15 GMT
server
nginx/1.17.9
etag
"b87d61b180274a86374839d6a37215bc"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Wed, 23 Jul 2053 05:14:28 GMT
adjson
ads.betweendigital.com/
0
0

/
ad.mail.ru/hbid_yandex/
0
0

integrator.js
adservice.google.com/adsid/
107 B
165 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307180101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/ Frame 81BD
10 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307180101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
14913
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4544
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 23 Jul 2023 18:33:20 GMT
etag
12368291122986407432
expires
Sun, 06 Aug 2023 18:33:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/ Frame 0D73
10 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307180101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
14913
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4544
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 23 Jul 2023 18:33:20 GMT
etag
12368291122986407432
expires
Sun, 06 Aug 2023 18:33:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/ Frame 0AA1
10 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307180101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
14913
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4544
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 23 Jul 2023 18:33:20 GMT
etag
12368291122986407432
expires
Sun, 06 Aug 2023 18:33:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
v2
an.yandex.ru/adfox/264109/getBulk/
211 B
411 B
XHR
General
Full URL
https://an.yandex.ru/adfox/264109/getBulk/v2?pr=2876910802&pr1=4235483678&dl=https%3A%2F%2Fwww.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru%2F&prr=&extid_loader=&extid_tag_loader=www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru&date=2023-07-23T22%3A41%3A51.163%2B00%3A00&pd=23&pw=0&pv=22&pdw=1600&pdh=1200&ylv=0.811264&ybv=0.811264&ytt=140737488617477&is-turbo=0&skip-token=&ad-session-id=9492481690152108864&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22supportHDRBrightness%22%3Afalse%2C%22isInIframe%22%3Afalse%2C%22w%22%3A300%2C%22h%22%3A0%2C%22width%22%3A300%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A1015%2C%22top%22%3A107%2C%22req_no%22%3A1%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=811264&p1=cmaok&p2=gxvo&slotNumber=2&bids=W3siYmlkZGVyTmFtZSI6ImJldHdlZW5kaWdpdGFsIiwiY2FtcGFpZ25faWQiOjgxMjk1NywicmVzcG9uc2VfdGltZSI6NTA0LCJlcnJvciI6eyJjb2RlIjozfSwicGxhY2VtZW50X2lkIjoiMzk0NTIxOCJ9LHsiYmlkZGVyTmFtZSI6Im15dGFyZ2V0IiwiY2FtcGFpZ25faWQiOjEwMzI3OTUsInJlc3BvbnNlX3RpbWUiOjUwNSwiZXJyb3IiOnsiY29kZSI6M30sInBsYWNlbWVudF9pZCI6IjgxNjAxNiJ9XQ%3D%3D&utf8=%E2%9C%93&pcode-test-ids=801254%2C0%2C2%3B810503%2C0%2C92%3B810464%2C0%2C51%3B806543%2C0%2C64%3B806797%2C0%2C69%3B802999%2C0%2C55%3B808036%2C0%2C14%3B810140%2C0%2C84%3B801975%2C0%2C85%3B798890%2C0%2C42%3B803894%2C0%2C7%3B802013%2C0%2C96%3B803550%2C0%2C91%3B805234%2C0%2C98%3B800948%2C0%2C93%3B811264%2C0%2C75%3B681846%2C0%2C60&pcode-flags-map=eJy1WNl22zYQ%2FRc9Ryn3xW8gAVKouKgAKEfJ8cFRbdVR6yXHdtLEOf73DgBaFmUFcpb6QeY2l4NZ7lzw62iOuOST9lgiLCuUkUoWLZO0kRlqGsJGR%2B%2B%2Bjj4tLz6uRkcjwToyejW6W93e0TM4jyLfD%2BLRw8mrJ5gZa3GXCy7bRs5Qx4kVIXbTwDcIpEFZRSTJ2%2FoJpKJcKGfmFJNWHcDdrJWI1QPY1ecPO6ihH2pUTLmGzduuEZIRTBnJFSSazeyeeU4QeJu1wUJk3VWCsraqAK0R6oAweYxEPiFYCloT2RYFJ8KO63tOvBMzQQW4iBossxYvVCZmiKGaCMDHpEDw3gFmgSo%2BBA3iIHoCZUSwhUpAQ8Rxy6aSMNbaUxmHURCnG4Q%2BGTxH8FvRKRx2bE4WgHgMLnFaNna4yIn9%2BBncz2BUbVPKokKlillXYQkZrBaST%2BnMBH%2BOqu5AtcVRnEQbRMhbPoWiX7SdkLxq4Ye%2BJZCDrsGIUcIPgCVu4A7dI29mxkUo4JxwTuEa3BTyTV3ZwRLfDeKXg8lsAUHFki%2BgHX49NMJY1tRcz6uWQ31nDOXTQyH5oVXkLSayY9WLsVW2VcpmjOhufOpLQxP9%2FQGc68DfAC%2F109g5gJd1RQE9SOqZWEAb1HQX9LsR5zNE8a%2F3sOjg%2BEdRG0XVv9jTb2D%2BVH72Y%2F5%2FEfjR7KvaLxnKZEWaUkwGRjBVkm2zxEmcOHgaB0IT5ZwwTtshPcJzaRgObF3Hj31tu4DhQd5I1knc1og2tukYOrHnR3vNJIxLwWhmNfdcJwp6c2VpTCSqjtGCWy1h1KeGMWe66WGMctIIu03oOc5glPcjPOfMapi6cWLc1Bk1ckZ2DS0o0BltYLgWKCd2jMTrZ7WaWYwUjPAJ8FpJc5td5CZ%2BHyJYYkFZrZiOAWGrQgV5BbWWUWyFgCh77mDdIEEYKiFe%2FeBSFc9zRkgjOZ%2FZ%2FUndoPcHQWG3Te8LKpTEoIUSG7AshIndqThJIyMSlB4qYEY2GGawsYfy2RVVdvtsqgcu1yEZKjw7Sho48QalIqCXAMGqCKMoCSITzq2wlQwYDpTIVLR2v5MocP3t%2BGlBJY8nALKF14CE0AkvO6ZGZqcUZ07o3B7W2HWC2MhVxqSpNNGxpk9PXlHItpiwtisn9hnpApKJb4XeLnRGpW61bbOvo79Wd6fv6%2BXN%2BfpqdOSGzqvR5fWf64sVP11erK%2FOR0fewwA1hDbQqLxGTMg%2FOtIRPdizCikFBQyw%2FYJ3o8vl%2BuL1zUfw7cvy6mz1GY5%2FW18uz1e3g0vny0t95ex%2BdWUeX35a312bw8vXWydnV%2Bv%2BqkLeIMCFm%2BX9xfX9%2B%2F72%2FY35%2F%2FFm%2Bfpq9e%2Ftswf%2BXl5frrXpyf4lNkhAvmRNWKl%2BMUVSoNLKayDpvb64dFsQyD0jKBdA4QcMQ98xewzYNjxKfRD%2F8OqmqzNiZbg4dP1%2B4uiNlt7UgCXMsozkpiPnlFPgjgMwsWOqD2gEpF%2BtCK7UlENxgfakl%2BDCQ7EXjV1SeOMgyNE4y3A2xjny%2FCQhJArxML5JGKb9cBzu5La6R7RdPjE9pCSnWgeMQ6Z66Hcg%2FAM9BC0Kk1W9QY1eTzECUCwGXFRbmztO4sCN9vmm92aw16oyVeUz%2BIErQvlFGyr2bKqeIQdB6A6Rt9arKZCWEnFIPtdUaEVLXSiXAzFUmLlAei%2B52dD3u1V7Ke5B38KtaDkRwEGkfqmPwGSPuz6oKq34wQ8QNtZxH6fA1N4egL4tXwSRhj2EURmCcEExfzYkPy1v74ZSLPbCR2EDlSdobno5q1rIP4yK4wkVZE8%2FsDEde0HqgrgbuwC5fe7tnPs754E%2BR2MvBKEae2B%2FMvApjdynHeujXhUtNIVpDqhGEBgqupOuAVGA6HA7OBCpoBhDx9%2FAISGUuOXfg5eav2%2BgIszxdL7DW3A%2FiIIdi6AXSDu1XKu6a1thp77EiUBMbn82UlNz06EH9MSH5ek%2Ft%2B%2Bv766vLr7soMZp%2FzHqRV%2BhVOMCYU3ocMCOTu8uhrieithgtaJEktWzgYjTn8%2B2WMbUnZFq9mgkjh8dxNc6wmwv1FMvROzju4VjPt0Mg9y%2F7oWYmvmY4iijlmSNmkX%2FwVEVo%2Fqgc2DJruMGzpMGVB%2FRiDLehrV746a95nrmjVE5glbWrMZpkvQzTWeua%2BoO2GE3LPbC8JM02Dih6VUDPFL3gapyelGqGVa%2FEzJkiBJGuH35fhg6vaIVMHY5KoiR8bpMuP3Noef324kJakrD0P0GSzFKhcSBhnDSflhrin5OGK63Sxj6ysPJw3%2FY8qCB&use-server-side-rendering=1&pcode-icookie=Nl4X0sWzxEvbTZ34QF36nY9ABWXk%2BoRqzLQLlcUNpMaFF2y3ZZ5E2Y2HROEx2Gc7HB%2FXzuSSFJ0PBPVOOuIEq10%2BPB0%3D&top-ancestor=https%3A%2F%2Fwww.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru&top-ancestor-undetermined=0&grab-orig-len=3052&grab=eyJncmFiX3ZlcnNpb24iOjIsIm9sZF9ncmFiX3NpemUiOjE2MH0KEqW0kOQ27kEEqIuHaTt4VwqFv4zwtvH-fZNvA_-d13LTvdt437gJEXJt08DfpqOlMVEeiolCMT5Y-yuc03Ubr7-BvgjANagqzOtgbcPJ_OHXvy2ziLCKigooKioqYNyAr0QNs8maqElbeABYTdYrSZNUogqzyStxxe9XDJukyRt6C3vDadEV0Fa_El9d1PO8m5KETK-lodWQInY0gB187ErQon7ZXC0Q2xtQVdWiQ4kvNIxt-LbYTd6vdJnRwRaN5govXT3uxh0xTQN_JVFvaNMTs4D_zpKqfDfi92wYy-uo4VTlNpJXmAtxjldikLc_kK9M2TDOu0oy8pt4C7SSx3qDxUqeZpQWa2yMDakFdGTW6ip9rPo0zrou06cI3JSpmkpj1MbGROfuVIkuTnUxAndTvI-k4l_gqNudB-aY8UNJlmv8xW-aRcLSZJudlRGkvF8D74WJGnq_qvRySWh7gzbZxHq_SxdfCdyUcF6LUOLPtvNTtKzw_G8CVNNTtkx8GHmF_cJltG4XPzfIUhDgJhpKtQBP5Milg57DQQUqZSubm4m3XldhDlNCCYLFSmmE16kMmVqNwG2iC0rtJjq4mkzr5lWKE60p0_BpxZnJkPLpahK4fPpUqcFwbVKDr28wquPrG4wWayagSWcw6sjcFgBBbBDOc7TucDqtruz1rDSUpQD_g5x2V1UlQKoEKJPsX3KufaY7rAypoM2X-1_9fyJFRMU7iBoWUiVB9hkRVYqL1MCdsa4xwiff5Km1mc7SIFWCv2SfLKqwabe4H1lZCXOra-RzJWF6ud6KDSCONzebyRMDZapxs1Ux6nSp5hpppqEwgshOpj4z6njU9mpcbYqW2fwPCnRCzWACP3FbUOmzT9OQpc4lQVz88gU0JbGAgKj5Q5WtT3WkApINRg6SzcY41W8xhUV9uasVsEMDDvWvhT0FT-2lFz9NB42d2FNhbvFR6q1owDSgGy5YgQn5ZBGUhtugcIM3f6FINHoujqrPvFTk-4VVQIkp1IlmqDhyNF9NPqGR3IGquGcZMrHrHxGRd_Efexy8TbSJOlbzn6PwkF_uCnSgKQ0lBbOZKoE3NDaQmbGRay4pYkvbBWWcqseJ3s3f0hTrOr_c0pKH7OLOfSVCuniTLzfbEkbJ7J98f_Eo80yM-FIOHYY45auHMoszpBOencKoeVChSgykep1Hkq-rY41RB3_oWLh0bN118I8ohFsJ2yMi3xX39O8-YJ83Yg0HZBX2kx567GcHJbfZkCfjBQAxjgW2x4I00YZk_YGN8WhnU9WIQcAsf8L9tVTjr6kWLw7QCv1PlFQSj-fsp_97Jel4LeFxyqrVxdmsj8ux54Hl7UDUuRMUxoFYeiDFmVcynuvgYo-bVaxD1iI6O7P8B8jfSVzx9ki9QX2aJYcLl9Tx_E1AkVJQGHUdCBlF6rG_055TI8ydCBm_YumvIF50kolL8obBJCFqg-DEvkc79H4nZ43va1YnBnNHH-JBKvm5b477JrILPvFj8Vyeu9lsuZ0Rplj5J6AuuuodxBUGUzhQvUFcw-WQ_L8o5MX2eXvWcgXmEtsQBpuB1eTe4hVN7qTO7Qw3ipUHgzIxS3RvSv7Auq5lxCTnAvDEwscrCBumNrVVOdzH9uRKQV0rxliHphHus_HMPOXe2tmocxsjXLHyTsAMkbi3KlgS7Lw3oEe0cG0BUQNX0J0XiV88KM0Yc5PFZaMzyUmgjecR-beD9KcRTvySgLk3D3nwXLJ1EPrjTDS38NLRAWpuQ5TbaBgHYelBwI8JarE0x7Us6v9hRT8P5ksnZJIQc_8d-v5IUVWHxwz8LG9YTo4me2jrAT0ghIsM6M1sb88X9ZVxIQD0hQZRSRiAmOREL0Vo9cQd3q8XgenF5rltq2IJX0jvBGO6gKlX7UCU09gZL2Lpi6BOXEK_p668UFIfQYm5HgXwCXFDQZcyog3xIPWEL-WI_Le5CGcUjbE0ZrbVkSf09-McnYhyB8PKycoHATthKBpCDmvwDhgXS8kcyJkBignouyUgQQI84AADWJAA7cV65HTmdkZkYp25czans2rcqKTc_Sf2EHH4TBKOxmokLhajYigMwdwQDwhDmpJ5-5YjdyLMbWDtOXELn1HCoxM-m0_DZEioyFBcs2sz-EZdFica_ulyoLXrv7IFDxbjAUDU1beDZ-Rt59Gn4dG38ehT8-iDyr3H5htuc_NccE0XpyDGnReCLhjMai0N2q5Oyx5PVma3wjE4fZ95XiXq49HN6izqx1hiz8RQXiZj2MIbh2XZJe8VVgmOi54Dcm8AKYOvcJBwBoOBM7Rb3ORAPE7YX3_5nors1BjOBrKVX4Z2axZf2Aqn4BAqQSXsK_hrDoecWJJ-DfWPUIIrqjWLbnHBHm2s1ehjyQ5mU5ePdhEJyipNPkb7nckSC3dkm2XMpen0m2aRv68teRfNkpL4_JkcBqGZJ38lk2WZRjwmR_xS7fkKfYoV7-rx_mVV9EGrlu_S_fzZ5C0HI2FmtlrOC2Naq0trsZLbLaB_PWR1vfG-XHHls_7ussrQV3APRnStaHMrnwm1qAfLIMmqwRp00zWh4S20EC-7MIG16QmRvvcOmM72m64pTxwQDzPLL1mQCd6Yd7FT8TYJJY14O41bwincFJVt1HiEhLSLuRbs5HNdVJ5wYY6NFjZ8A2UPyBX85cGwxFuRDIagvGDXRJvsXdqU4dy6KBd0QcNY9_rdnuTVH9ep_A_2tCIRpOArqCyYxgwjFzJ961pMqqhsn7ZYv8zBiJVZqbgUpix9B8rnIrhiul-mhjP9Ivo-idzt-JSyaHPSPlv3NbwXQ2bIxSyc3v0_9rmjdoacPaClskLrBfE2D-I-ze4lK_sRDE5TGs5C05esigasgtCHNmyubBJf0edo4VHQ56DzpcZnnbHucbPOCLORNiyZmhUajj_mn-A9GCTMYolC40g56Tf1866SIWFU3-8LDkrC8aGwA674Lv3b4g3SZZSfAu4wAoA%3D&tga-with-creatives=1
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
ecd441a44422e3c539ad09527fd242a032432dcd4ee226952e2b1d547b05fabb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sun, 23 Jul 2023 22:41:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sun, 23 Jul 2023 22:41:53 GMT
x-yandex-req-id
1690152113414057-679961023490111415900241-production-app-host-vla-pcode-151
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
content-type
application/json
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 23 Jul 2023 22:41:53 GMT
v2
an.yandex.ru/adfox/264109/getBulk/
211 B
254 B
XHR
General
Full URL
https://an.yandex.ru/adfox/264109/getBulk/v2?pr=2876910802&pr1=1978093031&dl=https%3A%2F%2Fwww.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru%2F&prr=&extid_loader=&extid_tag_loader=www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru&date=2023-07-23T22%3A41%3A51.171%2B00%3A00&pd=23&pw=0&pv=22&pdw=1600&pdh=1200&ylv=0.811264&ybv=0.811264&ytt=140737488748549&is-turbo=0&skip-token=&ad-session-id=9492481690152108864&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22supportHDRBrightness%22%3Afalse%2C%22isInIframe%22%3Afalse%2C%22w%22%3A300%2C%22h%22%3A0%2C%22width%22%3A300%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A1015%2C%22top%22%3A107%2C%22req_no%22%3A2%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=811264&p1=cmaon&p2=gxvp&slotNumber=5&bids=W3siYmlkZGVyTmFtZSI6ImJldHdlZW5kaWdpdGFsIiwiY2FtcGFpZ25faWQiOjgxMjk1NywicmVzcG9uc2VfdGltZSI6NTA0LCJlcnJvciI6eyJjb2RlIjozfSwicGxhY2VtZW50X2lkIjoiMzk0NTIxOSJ9LHsiYmlkZGVyTmFtZSI6Im15dGFyZ2V0IiwiY2FtcGFpZ25faWQiOjEwMzI3OTUsInJlc3BvbnNlX3RpbWUiOjUwNSwiZXJyb3IiOnsiY29kZSI6M30sInBsYWNlbWVudF9pZCI6IjgxNjAxOCJ9XQ%3D%3D&utf8=%E2%9C%93&pcode-test-ids=801254%2C0%2C2%3B810503%2C0%2C92%3B810464%2C0%2C51%3B806543%2C0%2C64%3B806797%2C0%2C69%3B802999%2C0%2C55%3B808036%2C0%2C14%3B810140%2C0%2C84%3B801975%2C0%2C85%3B798890%2C0%2C42%3B803894%2C0%2C7%3B802013%2C0%2C96%3B803550%2C0%2C91%3B805234%2C0%2C98%3B800948%2C0%2C93%3B811264%2C0%2C75%3B681846%2C0%2C60&pcode-flags-map=eJy1WNl22zYQ%2FRc9Ryn3xW8gAVKouKgAKEfJ8cFRbdVR6yXHdtLEOf73DgBaFmUFcpb6QeY2l4NZ7lzw62iOuOST9lgiLCuUkUoWLZO0kRlqGsJGR%2B%2B%2Bjj4tLz6uRkcjwToyejW6W93e0TM4jyLfD%2BLRw8mrJ5gZa3GXCy7bRs5Qx4kVIXbTwDcIpEFZRSTJ2%2FoJpKJcKGfmFJNWHcDdrJWI1QPY1ecPO6ihH2pUTLmGzduuEZIRTBnJFSSazeyeeU4QeJu1wUJk3VWCsraqAK0R6oAweYxEPiFYCloT2RYFJ8KO63tOvBMzQQW4iBossxYvVCZmiKGaCMDHpEDw3gFmgSo%2BBA3iIHoCZUSwhUpAQ8Rxy6aSMNbaUxmHURCnG4Q%2BGTxH8FvRKRx2bE4WgHgMLnFaNna4yIn9%2BBncz2BUbVPKokKlillXYQkZrBaST%2BnMBH%2BOqu5AtcVRnEQbRMhbPoWiX7SdkLxq4Ye%2BJZCDrsGIUcIPgCVu4A7dI29mxkUo4JxwTuEa3BTyTV3ZwRLfDeKXg8lsAUHFki%2BgHX49NMJY1tRcz6uWQ31nDOXTQyH5oVXkLSayY9WLsVW2VcpmjOhufOpLQxP9%2FQGc68DfAC%2F109g5gJd1RQE9SOqZWEAb1HQX9LsR5zNE8a%2F3sOjg%2BEdRG0XVv9jTb2D%2BVH72Y%2F5%2FEfjR7KvaLxnKZEWaUkwGRjBVkm2zxEmcOHgaB0IT5ZwwTtshPcJzaRgObF3Hj31tu4DhQd5I1knc1og2tukYOrHnR3vNJIxLwWhmNfdcJwp6c2VpTCSqjtGCWy1h1KeGMWe66WGMctIIu03oOc5glPcjPOfMapi6cWLc1Bk1ckZ2DS0o0BltYLgWKCd2jMTrZ7WaWYwUjPAJ8FpJc5td5CZ%2BHyJYYkFZrZiOAWGrQgV5BbWWUWyFgCh77mDdIEEYKiFe%2FeBSFc9zRkgjOZ%2FZ%2FUndoPcHQWG3Te8LKpTEoIUSG7AshIndqThJIyMSlB4qYEY2GGawsYfy2RVVdvtsqgcu1yEZKjw7Sho48QalIqCXAMGqCKMoCSITzq2wlQwYDpTIVLR2v5MocP3t%2BGlBJY8nALKF14CE0AkvO6ZGZqcUZ07o3B7W2HWC2MhVxqSpNNGxpk9PXlHItpiwtisn9hnpApKJb4XeLnRGpW61bbOvo79Wd6fv6%2BXN%2BfpqdOSGzqvR5fWf64sVP11erK%2FOR0fewwA1hDbQqLxGTMg%2FOtIRPdizCikFBQyw%2FYJ3o8vl%2BuL1zUfw7cvy6mz1GY5%2FW18uz1e3g0vny0t95ex%2BdWUeX35a312bw8vXWydnV%2Bv%2BqkLeIMCFm%2BX9xfX9%2B%2F72%2FY35%2F%2FFm%2Bfpq9e%2Ftswf%2BXl5frrXpyf4lNkhAvmRNWKl%2BMUVSoNLKayDpvb64dFsQyD0jKBdA4QcMQ98xewzYNjxKfRD%2F8OqmqzNiZbg4dP1%2B4uiNlt7UgCXMsozkpiPnlFPgjgMwsWOqD2gEpF%2BtCK7UlENxgfakl%2BDCQ7EXjV1SeOMgyNE4y3A2xjny%2FCQhJArxML5JGKb9cBzu5La6R7RdPjE9pCSnWgeMQ6Z66Hcg%2FAM9BC0Kk1W9QY1eTzECUCwGXFRbmztO4sCN9vmm92aw16oyVeUz%2BIErQvlFGyr2bKqeIQdB6A6Rt9arKZCWEnFIPtdUaEVLXSiXAzFUmLlAei%2B52dD3u1V7Ke5B38KtaDkRwEGkfqmPwGSPuz6oKq34wQ8QNtZxH6fA1N4egL4tXwSRhj2EURmCcEExfzYkPy1v74ZSLPbCR2EDlSdobno5q1rIP4yK4wkVZE8%2FsDEde0HqgrgbuwC5fe7tnPs754E%2BR2MvBKEae2B%2FMvApjdynHeujXhUtNIVpDqhGEBgqupOuAVGA6HA7OBCpoBhDx9%2FAISGUuOXfg5eav2%2BgIszxdL7DW3A%2FiIIdi6AXSDu1XKu6a1thp77EiUBMbn82UlNz06EH9MSH5ek%2Ft%2B%2Bv766vLr7soMZp%2FzHqRV%2BhVOMCYU3ocMCOTu8uhrieithgtaJEktWzgYjTn8%2B2WMbUnZFq9mgkjh8dxNc6wmwv1FMvROzju4VjPt0Mg9y%2F7oWYmvmY4iijlmSNmkX%2FwVEVo%2Fqgc2DJruMGzpMGVB%2FRiDLehrV746a95nrmjVE5glbWrMZpkvQzTWeua%2BoO2GE3LPbC8JM02Dih6VUDPFL3gapyelGqGVa%2FEzJkiBJGuH35fhg6vaIVMHY5KoiR8bpMuP3Noef324kJakrD0P0GSzFKhcSBhnDSflhrin5OGK63Sxj6ysPJw3%2FY8qCB&use-server-side-rendering=1&pcode-icookie=Nl4X0sWzxEvbTZ34QF36nY9ABWXk%2BoRqzLQLlcUNpMaFF2y3ZZ5E2Y2HROEx2Gc7HB%2FXzuSSFJ0PBPVOOuIEq10%2BPB0%3D&top-ancestor=https%3A%2F%2Fwww.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru&top-ancestor-undetermined=0&grab-orig-len=3052&grab=eyJncmFiX3ZlcnNpb24iOjIsIm9sZF9ncmFiX3NpemUiOjE2MH0KEqW0kOQ27kEEqIuHaTt4VwqFv4zwtvH-fZNvA_-d13LTvdt437gJEXJt08DfpqOlMVEeiolCMT5Y-yuc03Ubr7-BvgjANagqzOtgbcPJ_OHXvy2ziLCKigooKioqYNyAr0QNs8maqElbeABYTdYrSZNUogqzyStxxe9XDJukyRt6C3vDadEV0Fa_El9d1PO8m5KETK-lodWQInY0gB187ErQon7ZXC0Q2xtQVdWiQ4kvNIxt-LbYTd6vdJnRwRaN5govXT3uxh0xTQN_JVFvaNMTs4D_zpKqfDfi92wYy-uo4VTlNpJXmAtxjldikLc_kK9M2TDOu0oy8pt4C7SSx3qDxUqeZpQWa2yMDakFdGTW6ip9rPo0zrou06cI3JSpmkpj1MbGROfuVIkuTnUxAndTvI-k4l_gqNudB-aY8UNJlmv8xW-aRcLSZJudlRGkvF8D74WJGnq_qvRySWh7gzbZxHq_SxdfCdyUcF6LUOLPtvNTtKzw_G8CVNNTtkx8GHmF_cJltG4XPzfIUhDgJhpKtQBP5Milg57DQQUqZSubm4m3XldhDlNCCYLFSmmE16kMmVqNwG2iC0rtJjq4mkzr5lWKE60p0_BpxZnJkPLpahK4fPpUqcFwbVKDr28wquPrG4wWayagSWcw6sjcFgBBbBDOc7TucDqtruz1rDSUpQD_g5x2V1UlQKoEKJPsX3KufaY7rAypoM2X-1_9fyJFRMU7iBoWUiVB9hkRVYqL1MCdsa4xwiff5Km1mc7SIFWCv2SfLKqwabe4H1lZCXOra-RzJWF6ud6KDSCONzebyRMDZapxs1Ux6nSp5hpppqEwgshOpj4z6njU9mpcbYqW2fwPCnRCzWACP3FbUOmzT9OQpc4lQVz88gU0JbGAgKj5Q5WtT3WkApINRg6SzcY41W8xhUV9uasVsEMDDvWvhT0FT-2lFz9NB42d2FNhbvFR6q1owDSgGy5YgQn5ZBGUhtugcIM3f6FINHoujqrPvFTk-4VVQIkp1IlmqDhyNF9NPqGR3IGquGcZMrHrHxGRd_Efexy8TbSJOlbzn6PwkF_uCnSgKQ0lBbOZKoE3NDaQmbGRay4pYkvbBWWcqseJ3s3f0hTrOr_c0pKH7OLOfSVCuniTLzfbEkbJ7J98f_Eo80yM-FIOHYY45auHMoszpBOencKoeVChSgykep1Hkq-rY41RB3_oWLh0bN118I8ohFsJ2yMi3xX39O8-YJ83Yg0HZBX2kx567GcHJbfZkCfjBQAxjgW2x4I00YZk_YGN8WhnU9WIQcAsf8L9tVTjr6kWLw7QCv1PlFQSj-fsp_97Jel4LeFxyqrVxdmsj8ux54Hl7UDUuRMUxoFYeiDFmVcynuvgYo-bVaxD1iI6O7P8B8jfSVzx9ki9QX2aJYcLl9Tx_E1AkVJQGHUdCBlF6rG_055TI8ydCBm_YumvIF50kolL8obBJCFqg-DEvkc79H4nZ43va1YnBnNHH-JBKvm5b477JrILPvFj8Vyeu9lsuZ0Rplj5J6AuuuodxBUGUzhQvUFcw-WQ_L8o5MX2eXvWcgXmEtsQBpuB1eTe4hVN7qTO7Qw3ipUHgzIxS3RvSv7Auq5lxCTnAvDEwscrCBumNrVVOdzH9uRKQV0rxliHphHus_HMPOXe2tmocxsjXLHyTsAMkbi3KlgS7Lw3oEe0cG0BUQNX0J0XiV88KM0Yc5PFZaMzyUmgjecR-beD9KcRTvySgLk3D3nwXLJ1EPrjTDS38NLRAWpuQ5TbaBgHYelBwI8JarE0x7Us6v9hRT8P5ksnZJIQc_8d-v5IUVWHxwz8LG9YTo4me2jrAT0ghIsM6M1sb88X9ZVxIQD0hQZRSRiAmOREL0Vo9cQd3q8XgenF5rltq2IJX0jvBGO6gKlX7UCU09gZL2Lpi6BOXEK_p668UFIfQYm5HgXwCXFDQZcyog3xIPWEL-WI_Le5CGcUjbE0ZrbVkSf09-McnYhyB8PKycoHATthKBpCDmvwDhgXS8kcyJkBignouyUgQQI84AADWJAA7cV65HTmdkZkYp25czans2rcqKTc_Sf2EHH4TBKOxmokLhajYigMwdwQDwhDmpJ5-5YjdyLMbWDtOXELn1HCoxM-m0_DZEioyFBcs2sz-EZdFica_ulyoLXrv7IFDxbjAUDU1beDZ-Rt59Gn4dG38ehT8-iDyr3H5htuc_NccE0XpyDGnReCLhjMai0N2q5Oyx5PVma3wjE4fZ95XiXq49HN6izqx1hiz8RQXiZj2MIbh2XZJe8VVgmOi54Dcm8AKYOvcJBwBoOBM7Rb3ORAPE7YX3_5nors1BjOBrKVX4Z2axZf2Aqn4BAqQSXsK_hrDoecWJJ-DfWPUIIrqjWLbnHBHm2s1ehjyQ5mU5ePdhEJyipNPkb7nckSC3dkm2XMpen0m2aRv68teRfNkpL4_JkcBqGZJ38lk2WZRjwmR_xS7fkKfYoV7-rx_mVV9EGrlu_S_fzZ5C0HI2FmtlrOC2Naq0trsZLbLaB_PWR1vfG-XHHls_7ussrQV3APRnStaHMrnwm1qAfLIMmqwRp00zWh4S20EC-7MIG16QmRvvcOmM72m64pTxwQDzPLL1mQCd6Yd7FT8TYJJY14O41bwincFJVt1HiEhLSLuRbs5HNdVJ5wYY6NFjZ8A2UPyBX85cGwxFuRDIagvGDXRJvsXdqU4dy6KBd0QcNY9_rdnuTVH9ep_A_2tCIRpOArqCyYxgwjFzJ961pMqqhsn7ZYv8zBiJVZqbgUpix9B8rnIrhiul-mhjP9Ivo-idzt-JSyaHPSPlv3NbwXQ2bIxSyc3v0_9rmjdoacPaClskLrBfE2D-I-ze4lK_sRDE5TGs5C05esigasgtCHNmyubBJf0edo4VHQ56DzpcZnnbHucbPOCLORNiyZmhUajj_mn-A9GCTMYolC40g56Tf1866SIWFU3-8LDkrC8aGwA674Lv3b4g3SZZSfAu4wAoA%3D&tga-with-creatives=1
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
bd0e1926d63d557f4d3b980aa76ee662825145c450b5b12951a5124a255f1282
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sun, 23 Jul 2023 22:41:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sun, 23 Jul 2023 22:41:53 GMT
x-yandex-req-id
1690152113563575-944933343808143400253-production-app-host-vla-pcode-116
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
content-type
application/json
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 23 Jul 2023 22:41:53 GMT
afr.php
ads.us.criteo.com/delivery/r/ Frame 9491
121 KB
43 KB
Document
General
Full URL
https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5MFKNxNAApLxecTK0pZheyfuCsMLA&u=%7CSjDzQLoKHiu4kmQHvxRrWwMUKlM6G4NxYLF2hNe%2BUPk%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78rklu3251mk0mb-RBzl6Q37qy_PLxz4NWIjSKjEB-Fx3Nu_gFFVO2d9LWvxlGa_DhrYjaZ_D82_b8Aa1j51kug1stgh2UZ_gWNCL5M_7hv5ju_cNRxqG79p6gpspd9qL_HVb-GRbHUwQKwvfqa52vnLW6gKDTHCpgssUK_Dsg0k9uMtB57Pqm1iSSU3G274xWToN3Sl9mPGDQV80lHr7QgiqdSHW_n8MfWenyNBRThsT4bi_gIesGNF3TS9cZbyeDc79EF5Gk03OP_w0q2zRRz9Tpt_WbySnJu_S_604-Ryj6QfuEtQgBsJOWJWaBTXkZap22GShSWQ-CyTyKZvHeBFafVMQmk-mRPrDi6-edMs72TMMJJLJFDSf9x4AmCT7fJk1Ykh6c7V9mVPbHfeK5GDD5nUtVfjLLhsEMq9GY2YwVV0BxkLf67Ypwlx9bsiyOxUgwD0wM3glJQLZqc0Edrr-wCIcCdjcR9IOZy8vq-WgyO6DQUbyXaYhOT0k_QzxPOiMnr58phNRRqsXXz62bRDWqrSjusSO90M0LK-tZ1_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7Xfxray9ZJOPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEwAJP0FAxIDHQjn_OBE-waXHWgdm9cDx1gpdhaORFdoeTQvT7VAqzHi2bUZyRKhcZ2Q3hgiPyobMaLo-4rnHj4fqkOkfr78_GeVtYaqdrbdtI2FbgkAqz6iIrxQQzX8Uc_pHuOKZ0apei0yhNrh7uy0CumKKXeio7ZBeijXTn3RxjqHtQiIUC1Wmjlej6l3u_tL0UWLLuuivIA6Z_9TBVmnnS753vbelclmM3zsd-gAqCvhkEfc2A0Nd3TIb0IwK0KwpmQkcWFtglRKzyubSXl80UyB6iYHNhvNfZniCuaOrxW1BXpakphD8Dp59z1kSELQNCVjz4QzUr5dqY4fkTKxIVpyd9jdSEX5UDokOD1K0DjrDUkCDqD209OpffZ8W1KFMw3Lz6qTeEnq1kMJUuxdCFw40IlgTqcbeKKRhudKQjFoAGycf9-t347pIXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1GC3B3Kw-TOK45YC_aPQWf5tT8bw%26client%3Dca-pub-1618592205083780%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
6eb6d3fd684b604f10aee97339afa67a92d421e49c11d9041892bc6c5829c54f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sun, 23 Jul 2023 22:41:52 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=HoAmOk5XRp0-3kmAyEdEJfldQe1I7gDBQ2iost85VJsmTqsd8on-ErQUXEE9ScSWMFc1gnnuFJIElaJbPYvhskG2mLJWkapV4UTseBUQa5uvACQD0BctwwJH8B7sk6c7iHwfmH_C311kcGTpU_aj97XaEWb5mqWkHfzgVHpJ5QawM4gon-kCPQs-UTc8Z7gxZgXgGMzEpUnGNYJQh-P06Vsy3Bn_BrDWiwzDyO4g-mgBANO4jo3HqlQ3j1ofh79aSjXW2g"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
18109607
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 81BD
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 17:22:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
19155
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Aug 2023 17:22:38 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame F188
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
45713
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 23 Jul 2023 10:00:00 GMT
etag
48472445140208031
expires
Mon, 24 Jul 2023 10:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 81BD
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 17:22:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
19155
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8309
x-xss-protection
0
server
cafe
etag
1379281626718990200
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Aug 2023 17:22:38 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 81BD
179 KB
56 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57333
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1689766554590483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 23 Jul 2023 22:41:53 GMT
afr.php
ads.us.criteo.com/delivery/r/ Frame 593D
139 KB
47 KB
Document
General
Full URL
https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5QFKNxNAApLxcfAYaMUBXzK6NraFA&u=%7CSjDzQLoKHiuKzFT8OZYMKpD6EKoZ1VzCRIJX3j2d7Wc%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv2s2u2dplnKJtVkuzLzx_KV4fN7d1ufgtaTz-Ku7eGDRd5R4EKT3I_GMMLHiGjs_TodfHlURqc7LuTzRQ3slKmZ8DQsjiL3h8nvC3T8_zTZRKLvKkEdkqcXGwMnqvz2sVffV3WjPpV1OBSwIZsXQH_mMosLJ_qqzNf7Y2Nu5kXXCAvvVSBIlPk29qGnS03mwSFnVv5ZvqXWsJdm3P618DjbVnDITmANU-LplsDG30tWNuJtdi5wqmAKJIGSWluPZQ7MQQf-pKq4ymOx5DU1AtOlNXDmvT4i0gU2TZMCuMqRZE5LNMyWdyy0VCnvrcyMG_Msvv1rQu00Ei66O_JGo0N89btVJEU3zQSQ-QnD1rXVND9y6CDelEXPBU8Kgs2xgddtTqq_lmYouufidv_dF0CPFbwOVChR-g2OuNsWgFIuVGoz5qkEx2CwfYQXxwNolP-DadjGuIbRFtFIApZbcrhsU-ncXpTHeu6WPz4YuB5gt5E04owbleLtAF66UB4jJeT0VhlEFT_Xf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHBghray9ZJSPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0AiGg0LW9IZGpNTTCpmHAISEqvNmnc8TM3xu6WmZHgq1Qqquh2H71cg6mgmwOlYpzeOhssMf61DChKa3xtFTsrAbuZmdYtVi9k_PYYfoWCL0fSdogIjSGWcApsse1SkuyeF5erG5RsfHukps-Hs1tQH_QHNt8WvAzSd_-fBZ7nePAhoAx6Le1dGG2Bt4lPlQdnziGsNK8r69l3CVkWmMpXrKRw8BetKjCNxJp6BWrkYgk_aNdXeWaECyHRhz9E5wR71DMAhiMZn7m457UtQBrIsPtELAd34ioQQw57aF_pfN4ByU6rXhk0wUoNP3uRIGkWYD-h29WqzP5kR5o_JsUHQSi7Ne7geHvyXiNTJBQxSY_VMttLjBIgICrT4OlISyCwNYnvbMZUzVQ5m1ThvcC5G8eF48UIrepPu1lz4mgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3K-I8gnC4nlhQ0RUUUFC8dxv_unw%26client%3Dca-pub-1618592205083780%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
ca2d72fd740518dea6a019bb57ec196bb9bd32f17c35666875beaa01b9e0b4fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sun, 23 Jul 2023 22:41:52 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=KpzLkU5XRp0-3kmA9spnG-_H7VScIidpARH0Rte5zRtKdh3oeGV6KF2MoUjaAULAdSuzgPy37GxMjKCiIXCNKZJ9gf_-cpf8a8jhKsmTYAdwzD6kGIiOg9vESKWxAZkK8ygSghpyFUerU4RrZcY56f2CBYPivqvA1wQFhd50gbyIpy71j7RBa1bw3c2mmOiAHwDRFvGbIE1f862typX9JVg6k3LFJQLzAl-h7ddC9FU_1a5al5bs92z7PueqSXogS9OKUxfT6qEEuTpG"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
67932260
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 0D73
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 17:22:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
19155
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Aug 2023 17:22:38 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame F31E
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
45713
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 23 Jul 2023 10:00:00 GMT
etag
48472445140208031
expires
Mon, 24 Jul 2023 10:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 0D73
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 17:22:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
19155
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8309
x-xss-protection
0
server
cafe
etag
1379281626718990200
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Aug 2023 17:22:38 GMT
l
www.google.com/ads/measurement/ Frame 0D73
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSJJh6ast00pe_BHjRjaibq3DQE1eMiRhuLT1Z2z1GABNs0tvsOOBTgAr56STYJNSLFCAMjtV392bfpDEFXkPqZQMnXzw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2004 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0D73
179 KB
56 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57333
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1689766554590483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 23 Jul 2023 22:41:53 GMT
afr.php
ads.us.criteo.com/delivery/r/ Frame BDEF
170 KB
53 KB
Document
General
Full URL
https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5UFKNxNAApLxfHDqOKPtAWOCWnI1A&u=%7CSjDzQLoKHiu%2FHvtcMH2GIp%2BUpmMJy17Qx3YskfURbe4%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv8woe_caJE_VUAicvkuo4T4WuabUPEUl3LeKzAq_pgTek-KblTtvdwbtUm5EnXa_EpKX7NBZFrgFRvbSDW4ZgPknzANXSqeQhVssTmp8HPODGB1YTUM_VRwYXAIRWcjPZOTJFCJALJpKAHkBLr0hJzP-B30IwWo5-uNkZIvIHSaSptMNoUlkrRgcLTwYixLsmHLvbQxaFohAZ9WbsD3ThQhk-R0I1TYADCvCl2Emijc6nzVZpR9zseC1MNkKBFCnrFZu6w2WLMssbU8yy1bjtK01D1BMNmZ-Gjvd-7S6T3kNU_kbOLEJ-kdFZ5tTbBqvKXiFDa5DJyZpo-PVwS7B2UtBpLiQwF6vm3UeV1EjZgEeGiecYADMA8ZleWdXtAPhnbakoTywcrtpzCeiKBKk1nLUoxfk3n7gejjSaHw9MmxuwszorHbqyoajrZeD_rpmeOxLKttZyS5Q1uaOuxC2wnGCwiOMdyYgPz21o3LqitUOQvKn1jfgVT4ZOEHVmXqRlAEq4TiIGM9IM_q774lwakA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRBCtray9ZJWPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0BTlMUhuBlZKl-3E-7xxCFSS3ePazj0-EdIxKbBm8DEMcJjoXroi8Wts3wSpE1XTNqlviiuDGx2SvmOfKCOuHOm17zhTptml28Ee_H5Voy4u4m1bKvUKkBtkZiAGysySEEzOi52z7tKzrpwIU349b1rJx2ZLREfgKtv8c_gnSnzmT76IbxuG_QrykK_fNVA_jrnxHRWbTB7wmOMeZmntIOT1w-3jyUJpYS8VNs85R0cYARVgiUkVA9B_Zg1ZgtgoWZy4ug94OTs6LxpBfOiEye4p66prgGH7WGa7xIthICvcFxEGxSD_cz-mhH0uQFPYVk2K_nY2p8l9vwHlL7CFwGk1402N3u38W22N0kEr39k-N2Bz6nb8fJI0hnLHRKoNjdTwmWirEgAM_Yt5rSUP5om8rPD2gje53BHzFctIgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3uvvs6CwprmmrFVVTiB1hl4mqEuA%26client%3Dca-pub-1618592205083780%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
8187bc16f60a08222ac7465b0a3cbcbb7968d5913f5a24e76b643bf39211441b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sun, 23 Jul 2023 22:41:53 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=AGQ5Ik5XRp0-3kmAmD1hOfkZarC76cmtbcIu6bIuJR8BRGoBjKBsUph6a5IVcyZesgQrtm-XVwrbTq_EVEa8n8F0dYQu4I4lTZe70M0Nsu6bwBjVh3JI6w2RePkJ9cpMjHSXaNQwslP9wD7n941OpW1jERnuFY30gOFBsUQ1L2P5IM0qSCyLBWTfYdLTPmT_2wjSMrv6DRRmsRABvCWW44do7FEGLTZ5yyoxBTUOtR5efycvkr86jXTxMcZ5c9N1o9MgAw"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
67582821
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 0AA1
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 17:22:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
19155
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Aug 2023 17:22:38 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D8C0
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
45713
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 23 Jul 2023 10:00:00 GMT
etag
48472445140208031
expires
Mon, 24 Jul 2023 10:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 0AA1
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 17:22:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
19155
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8309
x-xss-protection
0
server
cafe
etag
1379281626718990200
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Aug 2023 17:22:38 GMT
l
www.google.com/ads/measurement/ Frame 0AA1
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT7gqkgbFEGOVCKXBStOaNFwtaF85RdK68kq3xOgNOWeSbOJ0-fbEDCDR3giyTCVkZopv_1IBuyXzJ_G7PsVKnx0dEfRg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2004 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0AA1
179 KB
56 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57333
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1689766554590483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 23 Jul 2023 22:41:53 GMT
img
imageproxy.us.criteo.net/img/ Frame 0F12
27 KB
28 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?h=352&m=0&partner=52383&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F52383%2F4774029%2Fd776ec11ea57494ba0020202cc6e56d5_black_logo_600.png&v=3&w=284&s=HBfvElW0S6jGqeYZrlSX19Qx
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAJ78UFKNMXAANAL1ZjmMz9_9MSmeQpdg&u=%7CSjDzQLoKHiuuCPxM7LPYvqN8FUsLBhtYQkKBsl3HK%2F0%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78rklu3251mk0mb-RBzl6Q31aohG_DEjutoXymwHZ91Z5SU1mntZfa4vRc8nT5cTmKM7rUKSqosjXyKCO6jz5XzCxIlxCJefYRUBo36Loj-fUW_M0PUrQ8aLmuPBxSlf9kTqYj198CQ0QXv5xkn2PGMHP7Jlfkz4Bo___s7ReVMEc5icU6Zgj9uV0fMoFNdgFJp7KFnLj9yo5l8jpaGXtJ_h5bDH9yJxd9WOXsr17HBQUhWUJ2QfY3sJyM9QOj7BZgNfgGHciAYlbGo1Zr1Rwxr9y3gRd1-SpYj9QrPLCRiGeXcssGkE1ycjVHNF_G1thgitRAlntEyrerFwrWRFm42NrIvoNlj_apermKpE41PIdYyG7iGZiEDCP_ZJ_8Dsn4c2L2BNJSHEQfqclMERWLgICjY3BxgFoi5HCeBiWzM2Xkh8zEOg0EDkcTaq3YoA62yde8yzkCYLBUJry5FCkDVWcKHOFu16kzLzM0jq9XwvPMNuamfTROycTSA19jHAoZaIyFpxOyU3Nh7hIOB7MkA6R7bdvxGu2-E9ruvI66_sQ-FaSF1Owbdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPn4dray9ZMXfJ5emo9kPr4CNgAqcge-wXNKWqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoExQJP0GUzpYeEATZ465b5enwUkn9CZqrD9D3-kj7evH0GOnKaaytMEg-HfUZinFZ6kPN6jJxPJMx88c0sRPYiTkERNV1Xoe2gB00xPTa4y6a5SQTwAsMjpUMoIpfkyiasC4ibOaMIU5YDBm1v1gz8OG4LFb-JSKnF9bu_B3rwbHLCXQmDzB6atOKDfa08adj6wHnq_WkcZR7fjwMJmB3M0Ow9naY2W2xxoJEK_csXkeuViT_C0_zUhE0UzTVD4HxDTWby0N7CRc601z_6so5Px6vWH3PZTMRhoIwStl4PfnVmLsy6zZLijpG_u4LCCJsq6CnvXnmKStvlI9LrnobQzZBYX_L4d12LZzpbcwTUl3ak_x1VmsTXGGzFVwQOy7d7102Z8U9C8rvmgJAXA8xyurwoNWAmKENmMCLDRVqOxwQsd1cXlyLLgAbJx_363fjukhegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1ft_UO8uoXHKdC3d-9FDjyE1m4WA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
50e4c20b2a1596f5618dbccb3ad11d4f42f18066d9f89bfe7cb6b6b633a1afcb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
content-length
28037
expires
Sat, 01 Jun 2024 17:02:46 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 9491
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5MFKNxNAApLxecTK0pZheyfuCsMLA&u=%7CSjDzQLoKHiu4kmQHvxRrWwMUKlM6G4NxYLF2hNe%2BUPk%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78rklu3251mk0mb-RBzl6Q37qy_PLxz4NWIjSKjEB-Fx3Nu_gFFVO2d9LWvxlGa_DhrYjaZ_D82_b8Aa1j51kug1stgh2UZ_gWNCL5M_7hv5ju_cNRxqG79p6gpspd9qL_HVb-GRbHUwQKwvfqa52vnLW6gKDTHCpgssUK_Dsg0k9uMtB57Pqm1iSSU3G274xWToN3Sl9mPGDQV80lHr7QgiqdSHW_n8MfWenyNBRThsT4bi_gIesGNF3TS9cZbyeDc79EF5Gk03OP_w0q2zRRz9Tpt_WbySnJu_S_604-Ryj6QfuEtQgBsJOWJWaBTXkZap22GShSWQ-CyTyKZvHeBFafVMQmk-mRPrDi6-edMs72TMMJJLJFDSf9x4AmCT7fJk1Ykh6c7V9mVPbHfeK5GDD5nUtVfjLLhsEMq9GY2YwVV0BxkLf67Ypwlx9bsiyOxUgwD0wM3glJQLZqc0Edrr-wCIcCdjcR9IOZy8vq-WgyO6DQUbyXaYhOT0k_QzxPOiMnr58phNRRqsXXz62bRDWqrSjusSO90M0LK-tZ1_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7Xfxray9ZJOPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEwAJP0FAxIDHQjn_OBE-waXHWgdm9cDx1gpdhaORFdoeTQvT7VAqzHi2bUZyRKhcZ2Q3hgiPyobMaLo-4rnHj4fqkOkfr78_GeVtYaqdrbdtI2FbgkAqz6iIrxQQzX8Uc_pHuOKZ0apei0yhNrh7uy0CumKKXeio7ZBeijXTn3RxjqHtQiIUC1Wmjlej6l3u_tL0UWLLuuivIA6Z_9TBVmnnS753vbelclmM3zsd-gAqCvhkEfc2A0Nd3TIb0IwK0KwpmQkcWFtglRKzyubSXl80UyB6iYHNhvNfZniCuaOrxW1BXpakphD8Dp59z1kSELQNCVjz4QzUr5dqY4fkTKxIVpyd9jdSEX5UDokOD1K0DjrDUkCDqD209OpffZ8W1KFMw3Lz6qTeEnq1kMJUuxdCFw40IlgTqcbeKKRhudKQjFoAGycf9-t347pIXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1GC3B3Kw-TOK45YC_aPQWf5tT8bw%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 17 Jul 2024 22:41:53 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 9491
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5MFKNxNAApLxecTK0pZheyfuCsMLA&u=%7CSjDzQLoKHiu4kmQHvxRrWwMUKlM6G4NxYLF2hNe%2BUPk%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78rklu3251mk0mb-RBzl6Q37qy_PLxz4NWIjSKjEB-Fx3Nu_gFFVO2d9LWvxlGa_DhrYjaZ_D82_b8Aa1j51kug1stgh2UZ_gWNCL5M_7hv5ju_cNRxqG79p6gpspd9qL_HVb-GRbHUwQKwvfqa52vnLW6gKDTHCpgssUK_Dsg0k9uMtB57Pqm1iSSU3G274xWToN3Sl9mPGDQV80lHr7QgiqdSHW_n8MfWenyNBRThsT4bi_gIesGNF3TS9cZbyeDc79EF5Gk03OP_w0q2zRRz9Tpt_WbySnJu_S_604-Ryj6QfuEtQgBsJOWJWaBTXkZap22GShSWQ-CyTyKZvHeBFafVMQmk-mRPrDi6-edMs72TMMJJLJFDSf9x4AmCT7fJk1Ykh6c7V9mVPbHfeK5GDD5nUtVfjLLhsEMq9GY2YwVV0BxkLf67Ypwlx9bsiyOxUgwD0wM3glJQLZqc0Edrr-wCIcCdjcR9IOZy8vq-WgyO6DQUbyXaYhOT0k_QzxPOiMnr58phNRRqsXXz62bRDWqrSjusSO90M0LK-tZ1_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7Xfxray9ZJOPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEwAJP0FAxIDHQjn_OBE-waXHWgdm9cDx1gpdhaORFdoeTQvT7VAqzHi2bUZyRKhcZ2Q3hgiPyobMaLo-4rnHj4fqkOkfr78_GeVtYaqdrbdtI2FbgkAqz6iIrxQQzX8Uc_pHuOKZ0apei0yhNrh7uy0CumKKXeio7ZBeijXTn3RxjqHtQiIUC1Wmjlej6l3u_tL0UWLLuuivIA6Z_9TBVmnnS753vbelclmM3zsd-gAqCvhkEfc2A0Nd3TIb0IwK0KwpmQkcWFtglRKzyubSXl80UyB6iYHNhvNfZniCuaOrxW1BXpakphD8Dp59z1kSELQNCVjz4QzUr5dqY4fkTKxIVpyd9jdSEX5UDokOD1K0DjrDUkCDqD209OpffZ8W1KFMw3Lz6qTeEnq1kMJUuxdCFw40IlgTqcbeKKRhudKQjFoAGycf9-t347pIXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1GC3B3Kw-TOK45YC_aPQWf5tT8bw%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 17 Jul 2024 22:41:53 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 9491
308 B
636 B
Image
General
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5MFKNxNAApLxecTK0pZheyfuCsMLA&u=%7CSjDzQLoKHiu4kmQHvxRrWwMUKlM6G4NxYLF2hNe%2BUPk%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78rklu3251mk0mb-RBzl6Q37qy_PLxz4NWIjSKjEB-Fx3Nu_gFFVO2d9LWvxlGa_DhrYjaZ_D82_b8Aa1j51kug1stgh2UZ_gWNCL5M_7hv5ju_cNRxqG79p6gpspd9qL_HVb-GRbHUwQKwvfqa52vnLW6gKDTHCpgssUK_Dsg0k9uMtB57Pqm1iSSU3G274xWToN3Sl9mPGDQV80lHr7QgiqdSHW_n8MfWenyNBRThsT4bi_gIesGNF3TS9cZbyeDc79EF5Gk03OP_w0q2zRRz9Tpt_WbySnJu_S_604-Ryj6QfuEtQgBsJOWJWaBTXkZap22GShSWQ-CyTyKZvHeBFafVMQmk-mRPrDi6-edMs72TMMJJLJFDSf9x4AmCT7fJk1Ykh6c7V9mVPbHfeK5GDD5nUtVfjLLhsEMq9GY2YwVV0BxkLf67Ypwlx9bsiyOxUgwD0wM3glJQLZqc0Edrr-wCIcCdjcR9IOZy8vq-WgyO6DQUbyXaYhOT0k_QzxPOiMnr58phNRRqsXXz62bRDWqrSjusSO90M0LK-tZ1_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7Xfxray9ZJOPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEwAJP0FAxIDHQjn_OBE-waXHWgdm9cDx1gpdhaORFdoeTQvT7VAqzHi2bUZyRKhcZ2Q3hgiPyobMaLo-4rnHj4fqkOkfr78_GeVtYaqdrbdtI2FbgkAqz6iIrxQQzX8Uc_pHuOKZ0apei0yhNrh7uy0CumKKXeio7ZBeijXTn3RxjqHtQiIUC1Wmjlej6l3u_tL0UWLLuuivIA6Z_9TBVmnnS753vbelclmM3zsd-gAqCvhkEfc2A0Nd3TIb0IwK0KwpmQkcWFtglRKzyubSXl80UyB6iYHNhvNfZniCuaOrxW1BXpakphD8Dp59z1kSELQNCVjz4QzUr5dqY4fkTKxIVpyd9jdSEX5UDokOD1K0DjrDUkCDqD209OpffZ8W1KFMw3Lz6qTeEnq1kMJUuxdCFw40IlgTqcbeKKRhudKQjFoAGycf9-t347pIXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1GC3B3Kw-TOK45YC_aPQWf5tT8bw%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:53 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Wed, 17 Jul 2024 22:41:53 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 9491
293 B
621 B
Image
General
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5MFKNxNAApLxecTK0pZheyfuCsMLA&u=%7CSjDzQLoKHiu4kmQHvxRrWwMUKlM6G4NxYLF2hNe%2BUPk%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78rklu3251mk0mb-RBzl6Q37qy_PLxz4NWIjSKjEB-Fx3Nu_gFFVO2d9LWvxlGa_DhrYjaZ_D82_b8Aa1j51kug1stgh2UZ_gWNCL5M_7hv5ju_cNRxqG79p6gpspd9qL_HVb-GRbHUwQKwvfqa52vnLW6gKDTHCpgssUK_Dsg0k9uMtB57Pqm1iSSU3G274xWToN3Sl9mPGDQV80lHr7QgiqdSHW_n8MfWenyNBRThsT4bi_gIesGNF3TS9cZbyeDc79EF5Gk03OP_w0q2zRRz9Tpt_WbySnJu_S_604-Ryj6QfuEtQgBsJOWJWaBTXkZap22GShSWQ-CyTyKZvHeBFafVMQmk-mRPrDi6-edMs72TMMJJLJFDSf9x4AmCT7fJk1Ykh6c7V9mVPbHfeK5GDD5nUtVfjLLhsEMq9GY2YwVV0BxkLf67Ypwlx9bsiyOxUgwD0wM3glJQLZqc0Edrr-wCIcCdjcR9IOZy8vq-WgyO6DQUbyXaYhOT0k_QzxPOiMnr58phNRRqsXXz62bRDWqrSjusSO90M0LK-tZ1_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7Xfxray9ZJOPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEwAJP0FAxIDHQjn_OBE-waXHWgdm9cDx1gpdhaORFdoeTQvT7VAqzHi2bUZyRKhcZ2Q3hgiPyobMaLo-4rnHj4fqkOkfr78_GeVtYaqdrbdtI2FbgkAqz6iIrxQQzX8Uc_pHuOKZ0apei0yhNrh7uy0CumKKXeio7ZBeijXTn3RxjqHtQiIUC1Wmjlej6l3u_tL0UWLLuuivIA6Z_9TBVmnnS753vbelclmM3zsd-gAqCvhkEfc2A0Nd3TIb0IwK0KwpmQkcWFtglRKzyubSXl80UyB6iYHNhvNfZniCuaOrxW1BXpakphD8Dp59z1kSELQNCVjz4QzUr5dqY4fkTKxIVpyd9jdSEX5UDokOD1K0DjrDUkCDqD209OpffZ8W1KFMw3Lz6qTeEnq1kMJUuxdCFw40IlgTqcbeKKRhudKQjFoAGycf9-t347pIXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1GC3B3Kw-TOK45YC_aPQWf5tT8bw%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:53 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Wed, 17 Jul 2024 22:41:53 GMT
lg.php
cat.va.us.criteo.com/delivery/ Frame 9491
43 B
347 B
Image
General
Full URL
https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=OtM6vhPHr5zmT5vujDNQWadiDnkmDRifo8Z8FQGtdlzLzgt3jvGn3pBG6TQogdolKHLucIMLloUoNegdrFEGuPUHBjgyQQvvpYEnGyEpZWzhErd3eYPfARLYefRRnbo6iuadjy3sVlgOE9IKNdbrFkaunGEmV3pgGjly3gLzVTF0OcHAG2MOitxCws1tIC_jkmcAIY33YdGu_p44GmUjJXafWqw57l-j9iYcd66gf87nNbmfIImE6mkBTr96Qb0VOqKEGg5Y3ZDp75CCtf25NQZD93BJSmwEV6M7_Kvdl-kbrW4DHZUIFkZ-wK0OQXHQOPHqsAvKRy4gWN7901WI5pGeoqv8PN9WBx7QMB-AWwgB7iW3snyZ3oe2yt5gvjeRV7XQgpfoQDL9h6HlvZHyKfWRjpQCvD-P4ThFYhl39tro8nnl
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5MFKNxNAApLxecTK0pZheyfuCsMLA&u=%7CSjDzQLoKHiu4kmQHvxRrWwMUKlM6G4NxYLF2hNe%2BUPk%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78rklu3251mk0mb-RBzl6Q37qy_PLxz4NWIjSKjEB-Fx3Nu_gFFVO2d9LWvxlGa_DhrYjaZ_D82_b8Aa1j51kug1stgh2UZ_gWNCL5M_7hv5ju_cNRxqG79p6gpspd9qL_HVb-GRbHUwQKwvfqa52vnLW6gKDTHCpgssUK_Dsg0k9uMtB57Pqm1iSSU3G274xWToN3Sl9mPGDQV80lHr7QgiqdSHW_n8MfWenyNBRThsT4bi_gIesGNF3TS9cZbyeDc79EF5Gk03OP_w0q2zRRz9Tpt_WbySnJu_S_604-Ryj6QfuEtQgBsJOWJWaBTXkZap22GShSWQ-CyTyKZvHeBFafVMQmk-mRPrDi6-edMs72TMMJJLJFDSf9x4AmCT7fJk1Ykh6c7V9mVPbHfeK5GDD5nUtVfjLLhsEMq9GY2YwVV0BxkLf67Ypwlx9bsiyOxUgwD0wM3glJQLZqc0Edrr-wCIcCdjcR9IOZy8vq-WgyO6DQUbyXaYhOT0k_QzxPOiMnr58phNRRqsXXz62bRDWqrSjusSO90M0LK-tZ1_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7Xfxray9ZJOPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEwAJP0FAxIDHQjn_OBE-waXHWgdm9cDx1gpdhaORFdoeTQvT7VAqzHi2bUZyRKhcZ2Q3hgiPyobMaLo-4rnHj4fqkOkfr78_GeVtYaqdrbdtI2FbgkAqz6iIrxQQzX8Uc_pHuOKZ0apei0yhNrh7uy0CumKKXeio7ZBeijXTn3RxjqHtQiIUC1Wmjlej6l3u_tL0UWLLuuivIA6Z_9TBVmnnS753vbelclmM3zsd-gAqCvhkEfc2A0Nd3TIb0IwK0KwpmQkcWFtglRKzyubSXl80UyB6iYHNhvNfZniCuaOrxW1BXpakphD8Dp59z1kSELQNCVjz4QzUr5dqY4fkTKxIVpyd9jdSEX5UDokOD1K0DjrDUkCDqD209OpffZ8W1KFMw3Lz6qTeEnq1kMJUuxdCFw40IlgTqcbeKKRhudKQjFoAGycf9-t347pIXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1GC3B3Kw-TOK45YC_aPQWf5tT8bw%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Jul 2023 22:41:52 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2142900
expires
Mon, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F188
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEEL-ilPYYEPll6MiHuJXurE&google_cver=1&google_push=AaAOQGFGrHi1E9YO99_DvKTXljn24IPcsuIeWhgSC48WYhOn6XvsHEclUREHVA-EtULlMKQl40x9F...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AaAOQGFGrHi1E9YO99_DvKTXljn24IPcsuIeWhgSC48WYhOn6XvsHEclUREHVA-EtULlMKQl40x9FXw4FU4r4gPRyzzd0CXArCiN3w
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AaAOQGFGrHi1E9YO99_DvKTXljn24IPcsuIeWhgSC48WYhOn6XvsHEclUREHVA-EtULlMKQl40x9FXw4FU4r4gPRyzzd0CXArCiN3w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Jul 2023 22:41:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 23 Jul 2023 22:41:52 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: D8E9CEA4A74D4EC88FDBF33D62F92493 Ref B: EWR311000102037 Ref C: 2023-07-23T22:41:53Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AaAOQGFGrHi1E9YO99_DvKTXljn24IPcsuIeWhgSC48WYhOn6XvsHEclUREHVA-EtULlMKQl40x9FXw4FU4r4gPRyzzd0CXArCiN3w
x-li-proto
http/2
content-length
0
x-li-uuid
AAYBLzRVLpIO3tIXr/9pPQ==
pixel
cm.g.doubleclick.net/ Frame F188
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESECtep4f_dmBPcTywV19_faQ&google_cver=1&google_push=AaAOQGGVKKS4KKvHhOs2vvvkfo5ZiZRzKZVuVozyGj3eRBpeYr7gsTLgCIFby6gxCHGsq-XincKr4MfaHzC-c0fb...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=uUbzPUYgRd-rvjX1LEBHhA2&google_push=AaAOQGGVKKS4KKvHhOs2vvvkfo5ZiZRzKZVuVozyGj3eRBpeYr7gsTLgCIFby6gxCHGsq-XincKr4MfaHzC-c0fbg9QQ8lxyUkO_tTg
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=uUbzPUYgRd-rvjX1LEBHhA2&google_push=AaAOQGGVKKS4KKvHhOs2vvvkfo5ZiZRzKZVuVozyGj3eRBpeYr7gsTLgCIFby6gxCHGsq-XincKr4MfaHzC-c0fbg9QQ8lxyUkO_tTg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Jul 2023 22:41:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 23 Jul 2023 22:41:53 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=uUbzPUYgRd-rvjX1LEBHhA2&google_push=AaAOQGGVKKS4KKvHhOs2vvvkfo5ZiZRzKZVuVozyGj3eRBpeYr7gsTLgCIFby6gxCHGsq-XincKr4MfaHzC-c0fbg9QQ8lxyUkO_tTg
x-host
tde-deliveryengine-production-75c9d7b6d6-9vzgg
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame F188
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEOMEbAOUjO0a8farYEG7vLo&google_cver=...
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=Zjc4N2IzODEtYTBkNy00YmExLWE3NDItNTczYzU0YTA1ZmI2&google_gid=CAESEOMEbAOUjO0a8farYEG7vLo&google_cver=1&google_push=AaAOQGH4...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=Zjc4N2IzODEtYTBkNy00YmExLWE3NDItNTczYzU0YTA1ZmI2&google_gid=CAESEOMEbAOUjO0a8farYEG7vLo&google_cver=1&google_push=AaAOQGH4jjv9Ao-J_M1cemJul7k9bcTEI5OfBWDhJoE3JyVw7TMdW7jT-r2fPT04FbLqmHJEN8g5Z9X8LVqqZ3dxdjbCvSgp9o2mNQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Jul 2023 22:41:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=Zjc4N2IzODEtYTBkNy00YmExLWE3NDItNTczYzU0YTA1ZmI2&google_gid=CAESEOMEbAOUjO0a8farYEG7vLo&google_cver=1&google_push=AaAOQGH4jjv9Ao-J_M1cemJul7k9bcTEI5OfBWDhJoE3JyVw7TMdW7jT-r2fPT04FbLqmHJEN8g5Z9X8LVqqZ3dxdjbCvSgp9o2mNQ
date
Sun, 23 Jul 2023 22:41:53 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F188
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEBbWhk_4CvvAC4GbeUXt5rU&google_cver=1&google_push=AaAOQGGS0Br68XvLyUGHc8RuXUU_7l84IfhkxYRQO8H0qI9fK-0SdwhqhQorx9GrCkbVWr5FFh_AKm2WRwkCpYA9uwk9rhUOP...
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=803754168391
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=803754168391
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Jul 2023 22:41:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=803754168391
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame F188
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEARadEqESJPL5GZ6Y5_J5CA&google_cver=1&google_push=AaAOQGEgY3ggBPKVy8W92if5hO7ZE80r4uMeDQRkP-6UPS0cofKMfXl4nTsrKs7JF9Z3mCkQYsVVqJM8e7dnDzkQDD7fnLp...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGEgY3ggBPKVy8W92if5hO7ZE80r4uMeDQRkP-6UPS0cofKMfXl4nTsrKs7JF9Z3mCkQYsVVqJM8e7dnDzkQDD7fnLpKHVZdNoA&google_hm=eS0wQ0FHdEUxRTJwR0J...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGEgY3ggBPKVy8W92if5hO7ZE80r4uMeDQRkP-6UPS0cofKMfXl4nTsrKs7JF9Z3mCkQYsVVqJM8e7dnDzkQDD7fnLpKHVZdNoA&google_hm=eS0wQ0FHdEUxRTJwR0JDR29nTk9qMmJtdThMQlc5Y1Y1eH5B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Jul 2023 22:41:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 23 Jul 2023 22:41:53 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGEgY3ggBPKVy8W92if5hO7ZE80r4uMeDQRkP-6UPS0cofKMfXl4nTsrKs7JF9Z3mCkQYsVVqJM8e7dnDzkQDD7fnLpKHVZdNoA&google_hm=eS0wQ0FHdEUxRTJwR0JDR29nTk9qMmJtdThMQlc5Y1Y1eH5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame F188
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESEKD-Y2iQBhUghgqMERA2Dvo&google_cver=1&google_push=AaAOQGHg2Mswjc_jqGk1Z1LkjF2r8KQtLbvGyvS3tHpRj65mUyiE2UealSUzuF6w5EE1QTu9wt0A...
  • https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=mEJ_QxQ6QQORmDvQsavBSA==&no_redirect=1&google_push=AaAOQGHg2Mswjc_jqGk1Z1LkjF2r8KQtLbvGyvS3tHpRj65mUyiE2U...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=mEJ_QxQ6QQORmDvQsavBSA==&no_redirect=1&google_push=AaAOQGHg2Mswjc_jqGk1Z1LkjF2r8KQtLbvGyvS3tHpRj65mUyiE2UealSUzuF6w5EE1QTu9wt0Auio4AeopedDYV1jFLjvVHlmZuwv5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Jul 2023 22:41:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=mEJ_QxQ6QQORmDvQsavBSA==&no_redirect=1&google_push=AaAOQGHg2Mswjc_jqGk1Z1LkjF2r8KQtLbvGyvS3tHpRj65mUyiE2UealSUzuF6w5EE1QTu9wt0Auio4AeopedDYV1jFLjvVHlmZuwv5
date
Sun, 23 Jul 2023 22:41:53 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame F188
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESEMmCFcFgWtVzsT-xscRuHq0&google_cver=1&google_push=AaAOQGFdPTt8HmCgsXKad3IyLXI5oF6LRoOzd99pcfdkeNl_4oaw7c7K0ZjlLrfkRTDFG_x_w9HcC1w6DdF1c-G...
  • https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=h3r3HcumL0-cy2u62u4oGQ&google_push=AaAOQGFdPTt8HmCgsXKad3IyLXI5oF6LRoOzd99pcfdkeNl_4oaw7c7K0ZjlLrfkRTDFG_x_w9HcC1w6DdF1c-GoLpKDGTd6D...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=h3r3HcumL0-cy2u62u4oGQ&google_push=AaAOQGFdPTt8HmCgsXKad3IyLXI5oF6LRoOzd99pcfdkeNl_4oaw7c7K0ZjlLrfkRTDFG_x_w9HcC1w6DdF1c-GoLpKDGTd6D1JHYr6M
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Jul 2023 22:41:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=h3r3HcumL0-cy2u62u4oGQ&google_push=AaAOQGFdPTt8HmCgsXKad3IyLXI5oF6LRoOzd99pcfdkeNl_4oaw7c7K0ZjlLrfkRTDFG_x_w9HcC1w6DdF1c-GoLpKDGTd6D1JHYr6M
Date
Sun, 23 Jul 2023 22:41:53 GMT
Server
Kestrel
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame F188
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LlSy_kfhs0OT7HQ862f534IAiFAJUdcdOOydXUKXpJODpEYAL37NN1nlH3rX8f_psTItO7NoI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:53 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
animejs.js
static.criteo.net/animejs/ Frame 9491
12 KB
6 KB
Script
General
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5MFKNxNAApLxecTK0pZheyfuCsMLA&u=%7CSjDzQLoKHiu4kmQHvxRrWwMUKlM6G4NxYLF2hNe%2BUPk%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78rklu3251mk0mb-RBzl6Q37qy_PLxz4NWIjSKjEB-Fx3Nu_gFFVO2d9LWvxlGa_DhrYjaZ_D82_b8Aa1j51kug1stgh2UZ_gWNCL5M_7hv5ju_cNRxqG79p6gpspd9qL_HVb-GRbHUwQKwvfqa52vnLW6gKDTHCpgssUK_Dsg0k9uMtB57Pqm1iSSU3G274xWToN3Sl9mPGDQV80lHr7QgiqdSHW_n8MfWenyNBRThsT4bi_gIesGNF3TS9cZbyeDc79EF5Gk03OP_w0q2zRRz9Tpt_WbySnJu_S_604-Ryj6QfuEtQgBsJOWJWaBTXkZap22GShSWQ-CyTyKZvHeBFafVMQmk-mRPrDi6-edMs72TMMJJLJFDSf9x4AmCT7fJk1Ykh6c7V9mVPbHfeK5GDD5nUtVfjLLhsEMq9GY2YwVV0BxkLf67Ypwlx9bsiyOxUgwD0wM3glJQLZqc0Edrr-wCIcCdjcR9IOZy8vq-WgyO6DQUbyXaYhOT0k_QzxPOiMnr58phNRRqsXXz62bRDWqrSjusSO90M0LK-tZ1_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7Xfxray9ZJOPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEwAJP0FAxIDHQjn_OBE-waXHWgdm9cDx1gpdhaORFdoeTQvT7VAqzHi2bUZyRKhcZ2Q3hgiPyobMaLo-4rnHj4fqkOkfr78_GeVtYaqdrbdtI2FbgkAqz6iIrxQQzX8Uc_pHuOKZ0apei0yhNrh7uy0CumKKXeio7ZBeijXTn3RxjqHtQiIUC1Wmjlej6l3u_tL0UWLLuuivIA6Z_9TBVmnnS753vbelclmM3zsd-gAqCvhkEfc2A0Nd3TIb0IwK0KwpmQkcWFtglRKzyubSXl80UyB6iYHNhvNfZniCuaOrxW1BXpakphD8Dp59z1kSELQNCVjz4QzUr5dqY4fkTKxIVpyd9jdSEX5UDokOD1K0DjrDUkCDqD209OpffZ8W1KFMw3Lz6qTeEnq1kMJUuxdCFw40IlgTqcbeKKRhudKQjFoAGycf9-t347pIXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1GC3B3Kw-TOK45YC_aPQWf5tT8bw%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 17 Jul 2024 22:41:53 GMT
truncated
/ Frame 81BD
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee5038150826ee3d0d1698fe83e35680353b6620296108f41722b6c2e9adb5e7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type
image/png
img
imageproxy.us.criteo.net/img/ Frame 9491
20 KB
20 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?h=208&m=0&partner=52383&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F52383%2F4774029%2Fd776ec11ea57494ba0020202cc6e56d5_black_logo_600.png&v=3&w=416&s=7hqYw6-SPcI3ce8C0xja8ssP
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5MFKNxNAApLxecTK0pZheyfuCsMLA&u=%7CSjDzQLoKHiu4kmQHvxRrWwMUKlM6G4NxYLF2hNe%2BUPk%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78rklu3251mk0mb-RBzl6Q37qy_PLxz4NWIjSKjEB-Fx3Nu_gFFVO2d9LWvxlGa_DhrYjaZ_D82_b8Aa1j51kug1stgh2UZ_gWNCL5M_7hv5ju_cNRxqG79p6gpspd9qL_HVb-GRbHUwQKwvfqa52vnLW6gKDTHCpgssUK_Dsg0k9uMtB57Pqm1iSSU3G274xWToN3Sl9mPGDQV80lHr7QgiqdSHW_n8MfWenyNBRThsT4bi_gIesGNF3TS9cZbyeDc79EF5Gk03OP_w0q2zRRz9Tpt_WbySnJu_S_604-Ryj6QfuEtQgBsJOWJWaBTXkZap22GShSWQ-CyTyKZvHeBFafVMQmk-mRPrDi6-edMs72TMMJJLJFDSf9x4AmCT7fJk1Ykh6c7V9mVPbHfeK5GDD5nUtVfjLLhsEMq9GY2YwVV0BxkLf67Ypwlx9bsiyOxUgwD0wM3glJQLZqc0Edrr-wCIcCdjcR9IOZy8vq-WgyO6DQUbyXaYhOT0k_QzxPOiMnr58phNRRqsXXz62bRDWqrSjusSO90M0LK-tZ1_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7Xfxray9ZJOPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEwAJP0FAxIDHQjn_OBE-waXHWgdm9cDx1gpdhaORFdoeTQvT7VAqzHi2bUZyRKhcZ2Q3hgiPyobMaLo-4rnHj4fqkOkfr78_GeVtYaqdrbdtI2FbgkAqz6iIrxQQzX8Uc_pHuOKZ0apei0yhNrh7uy0CumKKXeio7ZBeijXTn3RxjqHtQiIUC1Wmjlej6l3u_tL0UWLLuuivIA6Z_9TBVmnnS753vbelclmM3zsd-gAqCvhkEfc2A0Nd3TIb0IwK0KwpmQkcWFtglRKzyubSXl80UyB6iYHNhvNfZniCuaOrxW1BXpakphD8Dp59z1kSELQNCVjz4QzUr5dqY4fkTKxIVpyd9jdSEX5UDokOD1K0DjrDUkCDqD209OpffZ8W1KFMw3Lz6qTeEnq1kMJUuxdCFw40IlgTqcbeKKRhudKQjFoAGycf9-t347pIXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1GC3B3Kw-TOK45YC_aPQWf5tT8bw%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
a957363cc35d3bea7ad224679b1ef7ebc099b5036b49ecb37b1cd3f5369c7875
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
content-length
20112
expires
Sat, 01 Jun 2024 17:02:46 GMT
img
imageproxy.us.criteo.net/img/ Frame 9491
45 KB
45 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?m=0&partner=52383&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F52383%2F4823245%2F55d02136f9374c4f9cc8c5b5423080bb_112.jpg&v=3&s=n_-4LSvjfyqeaUh15MgAHkpu
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5MFKNxNAApLxecTK0pZheyfuCsMLA&u=%7CSjDzQLoKHiu4kmQHvxRrWwMUKlM6G4NxYLF2hNe%2BUPk%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78rklu3251mk0mb-RBzl6Q37qy_PLxz4NWIjSKjEB-Fx3Nu_gFFVO2d9LWvxlGa_DhrYjaZ_D82_b8Aa1j51kug1stgh2UZ_gWNCL5M_7hv5ju_cNRxqG79p6gpspd9qL_HVb-GRbHUwQKwvfqa52vnLW6gKDTHCpgssUK_Dsg0k9uMtB57Pqm1iSSU3G274xWToN3Sl9mPGDQV80lHr7QgiqdSHW_n8MfWenyNBRThsT4bi_gIesGNF3TS9cZbyeDc79EF5Gk03OP_w0q2zRRz9Tpt_WbySnJu_S_604-Ryj6QfuEtQgBsJOWJWaBTXkZap22GShSWQ-CyTyKZvHeBFafVMQmk-mRPrDi6-edMs72TMMJJLJFDSf9x4AmCT7fJk1Ykh6c7V9mVPbHfeK5GDD5nUtVfjLLhsEMq9GY2YwVV0BxkLf67Ypwlx9bsiyOxUgwD0wM3glJQLZqc0Edrr-wCIcCdjcR9IOZy8vq-WgyO6DQUbyXaYhOT0k_QzxPOiMnr58phNRRqsXXz62bRDWqrSjusSO90M0LK-tZ1_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7Xfxray9ZJOPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEwAJP0FAxIDHQjn_OBE-waXHWgdm9cDx1gpdhaORFdoeTQvT7VAqzHi2bUZyRKhcZ2Q3hgiPyobMaLo-4rnHj4fqkOkfr78_GeVtYaqdrbdtI2FbgkAqz6iIrxQQzX8Uc_pHuOKZ0apei0yhNrh7uy0CumKKXeio7ZBeijXTn3RxjqHtQiIUC1Wmjlej6l3u_tL0UWLLuuivIA6Z_9TBVmnnS753vbelclmM3zsd-gAqCvhkEfc2A0Nd3TIb0IwK0KwpmQkcWFtglRKzyubSXl80UyB6iYHNhvNfZniCuaOrxW1BXpakphD8Dp59z1kSELQNCVjz4QzUr5dqY4fkTKxIVpyd9jdSEX5UDokOD1K0DjrDUkCDqD209OpffZ8W1KFMw3Lz6qTeEnq1kMJUuxdCFw40IlgTqcbeKKRhudKQjFoAGycf9-t347pIXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1GC3B3Kw-TOK45YC_aPQWf5tT8bw%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
0ebe5f6953ec39f33065045f3c3657cbe0850288f1a4421b5fe0a12605cb9cc0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:53 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
46110
expires
Fri, 28 Jun 2024 20:09:18 GMT
all
csm.us.criteo.net/ Frame 9491
0
127 B
Ping
General
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=HoAmOk5XRp0-3kmAyEdEJfldQe1I7gDBQ2iost85VJsmTqsd8on-ErQUXEE9ScSWMFc1gnnuFJIElaJbPYvhskG2mLJWkapV4UTseBUQa5uvACQD0BctwwJH8B7sk6c7iHwfmH_C311kcGTpU_aj97XaEWb5mqWkHfzgVHpJ5QawM4gon-kCPQs-UTc8Z7gxZgXgGMzEpUnGNYJQh-P06Vsy3Bn_BrDWiwzDyO4g-mgBANO4jo3HqlQ3j1ofh79aSjXW2g&sds=2&rev=87574&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5MFKNxNAApLxecTK0pZheyfuCsMLA&u=%7CSjDzQLoKHiu4kmQHvxRrWwMUKlM6G4NxYLF2hNe%2BUPk%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78rklu3251mk0mb-RBzl6Q37qy_PLxz4NWIjSKjEB-Fx3Nu_gFFVO2d9LWvxlGa_DhrYjaZ_D82_b8Aa1j51kug1stgh2UZ_gWNCL5M_7hv5ju_cNRxqG79p6gpspd9qL_HVb-GRbHUwQKwvfqa52vnLW6gKDTHCpgssUK_Dsg0k9uMtB57Pqm1iSSU3G274xWToN3Sl9mPGDQV80lHr7QgiqdSHW_n8MfWenyNBRThsT4bi_gIesGNF3TS9cZbyeDc79EF5Gk03OP_w0q2zRRz9Tpt_WbySnJu_S_604-Ryj6QfuEtQgBsJOWJWaBTXkZap22GShSWQ-CyTyKZvHeBFafVMQmk-mRPrDi6-edMs72TMMJJLJFDSf9x4AmCT7fJk1Ykh6c7V9mVPbHfeK5GDD5nUtVfjLLhsEMq9GY2YwVV0BxkLf67Ypwlx9bsiyOxUgwD0wM3glJQLZqc0Edrr-wCIcCdjcR9IOZy8vq-WgyO6DQUbyXaYhOT0k_QzxPOiMnr58phNRRqsXXz62bRDWqrSjusSO90M0LK-tZ1_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7Xfxray9ZJOPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEwAJP0FAxIDHQjn_OBE-waXHWgdm9cDx1gpdhaORFdoeTQvT7VAqzHi2bUZyRKhcZ2Q3hgiPyobMaLo-4rnHj4fqkOkfr78_GeVtYaqdrbdtI2FbgkAqz6iIrxQQzX8Uc_pHuOKZ0apei0yhNrh7uy0CumKKXeio7ZBeijXTn3RxjqHtQiIUC1Wmjlej6l3u_tL0UWLLuuivIA6Z_9TBVmnnS753vbelclmM3zsd-gAqCvhkEfc2A0Nd3TIb0IwK0KwpmQkcWFtglRKzyubSXl80UyB6iYHNhvNfZniCuaOrxW1BXpakphD8Dp59z1kSELQNCVjz4QzUr5dqY4fkTKxIVpyd9jdSEX5UDokOD1K0DjrDUkCDqD209OpffZ8W1KFMw3Lz6qTeEnq1kMJUuxdCFw40IlgTqcbeKKRhudKQjFoAGycf9-t347pIXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1GC3B3Kw-TOK45YC_aPQWf5tT8bw%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 23 Jul 2023 22:41:52 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 9491
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5MFKNxNAApLxecTK0pZheyfuCsMLA&u=%7CSjDzQLoKHiu4kmQHvxRrWwMUKlM6G4NxYLF2hNe%2BUPk%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78rklu3251mk0mb-RBzl6Q37qy_PLxz4NWIjSKjEB-Fx3Nu_gFFVO2d9LWvxlGa_DhrYjaZ_D82_b8Aa1j51kug1stgh2UZ_gWNCL5M_7hv5ju_cNRxqG79p6gpspd9qL_HVb-GRbHUwQKwvfqa52vnLW6gKDTHCpgssUK_Dsg0k9uMtB57Pqm1iSSU3G274xWToN3Sl9mPGDQV80lHr7QgiqdSHW_n8MfWenyNBRThsT4bi_gIesGNF3TS9cZbyeDc79EF5Gk03OP_w0q2zRRz9Tpt_WbySnJu_S_604-Ryj6QfuEtQgBsJOWJWaBTXkZap22GShSWQ-CyTyKZvHeBFafVMQmk-mRPrDi6-edMs72TMMJJLJFDSf9x4AmCT7fJk1Ykh6c7V9mVPbHfeK5GDD5nUtVfjLLhsEMq9GY2YwVV0BxkLf67Ypwlx9bsiyOxUgwD0wM3glJQLZqc0Edrr-wCIcCdjcR9IOZy8vq-WgyO6DQUbyXaYhOT0k_QzxPOiMnr58phNRRqsXXz62bRDWqrSjusSO90M0LK-tZ1_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7Xfxray9ZJOPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEwAJP0FAxIDHQjn_OBE-waXHWgdm9cDx1gpdhaORFdoeTQvT7VAqzHi2bUZyRKhcZ2Q3hgiPyobMaLo-4rnHj4fqkOkfr78_GeVtYaqdrbdtI2FbgkAqz6iIrxQQzX8Uc_pHuOKZ0apei0yhNrh7uy0CumKKXeio7ZBeijXTn3RxjqHtQiIUC1Wmjlej6l3u_tL0UWLLuuivIA6Z_9TBVmnnS753vbelclmM3zsd-gAqCvhkEfc2A0Nd3TIb0IwK0KwpmQkcWFtglRKzyubSXl80UyB6iYHNhvNfZniCuaOrxW1BXpakphD8Dp59z1kSELQNCVjz4QzUr5dqY4fkTKxIVpyd9jdSEX5UDokOD1K0DjrDUkCDqD209OpffZ8W1KFMw3Lz6qTeEnq1kMJUuxdCFw40IlgTqcbeKKRhudKQjFoAGycf9-t347pIXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1GC3B3Kw-TOK45YC_aPQWf5tT8bw%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 17 Jul 2024 22:41:53 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 9491
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5MFKNxNAApLxecTK0pZheyfuCsMLA&u=%7CSjDzQLoKHiu4kmQHvxRrWwMUKlM6G4NxYLF2hNe%2BUPk%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78rklu3251mk0mb-RBzl6Q37qy_PLxz4NWIjSKjEB-Fx3Nu_gFFVO2d9LWvxlGa_DhrYjaZ_D82_b8Aa1j51kug1stgh2UZ_gWNCL5M_7hv5ju_cNRxqG79p6gpspd9qL_HVb-GRbHUwQKwvfqa52vnLW6gKDTHCpgssUK_Dsg0k9uMtB57Pqm1iSSU3G274xWToN3Sl9mPGDQV80lHr7QgiqdSHW_n8MfWenyNBRThsT4bi_gIesGNF3TS9cZbyeDc79EF5Gk03OP_w0q2zRRz9Tpt_WbySnJu_S_604-Ryj6QfuEtQgBsJOWJWaBTXkZap22GShSWQ-CyTyKZvHeBFafVMQmk-mRPrDi6-edMs72TMMJJLJFDSf9x4AmCT7fJk1Ykh6c7V9mVPbHfeK5GDD5nUtVfjLLhsEMq9GY2YwVV0BxkLf67Ypwlx9bsiyOxUgwD0wM3glJQLZqc0Edrr-wCIcCdjcR9IOZy8vq-WgyO6DQUbyXaYhOT0k_QzxPOiMnr58phNRRqsXXz62bRDWqrSjusSO90M0LK-tZ1_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7Xfxray9ZJOPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEwAJP0FAxIDHQjn_OBE-waXHWgdm9cDx1gpdhaORFdoeTQvT7VAqzHi2bUZyRKhcZ2Q3hgiPyobMaLo-4rnHj4fqkOkfr78_GeVtYaqdrbdtI2FbgkAqz6iIrxQQzX8Uc_pHuOKZ0apei0yhNrh7uy0CumKKXeio7ZBeijXTn3RxjqHtQiIUC1Wmjlej6l3u_tL0UWLLuuivIA6Z_9TBVmnnS753vbelclmM3zsd-gAqCvhkEfc2A0Nd3TIb0IwK0KwpmQkcWFtglRKzyubSXl80UyB6iYHNhvNfZniCuaOrxW1BXpakphD8Dp59z1kSELQNCVjz4QzUr5dqY4fkTKxIVpyd9jdSEX5UDokOD1K0DjrDUkCDqD209OpffZ8W1KFMw3Lz6qTeEnq1kMJUuxdCFw40IlgTqcbeKKRhudKQjFoAGycf9-t347pIXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1GC3B3Kw-TOK45YC_aPQWf5tT8bw%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 17 Jul 2024 22:41:53 GMT
pixel
cm.g.doubleclick.net/ Frame F31E
Redirect Chain
  • https://px.owneriq.net/ecmg?google_gid=CAESENnBL5YoBEPnHVbWLVB99Fs&google_cver=1&google_push=AaAOQGHkTyrJ6tX4JdrX3_7gI2SWeYClIf0zskgMZlz1sXnkK8OZlpJnzc9GdFZ--rtwHzsJjd3GGD-NRwSCvI_H9tZ2W6rqlSrNoTM
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fcm.g.doubleclick.net%2fpixel%3fgoogle_nid%3downeriq1%26google_sc%26google_push%3dAaAOQGHkTyrJ6tX4JdrX3_7gI2SWeYClIf0zskgMZlz1sXnkK8OZlpJnzc9GdFZ--rtwH...
  • https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AaAOQGHkTyrJ6tX4JdrX3_7gI2SWeYClIf0zskgMZlz1sXnkK8OZlpJnzc9GdFZ--rtwHzsJjd3GGD-NRwSCvI_H9tZ2W6rqlSrNoTM&google_cver=1&go...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AaAOQGHkTyrJ6tX4JdrX3_7gI2SWeYClIf0zskgMZlz1sXnkK8OZlpJnzc9GdFZ--rtwHzsJjd3GGD-NRwSCvI_H9tZ2W6rqlSrNoTM&google_cver=1&google_gid=CAESENnBL5YoBEPnHVbWLVB99Fs&google_hm=UTc0MzQzODUxMzEyMjU5NDU3NjU=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Jul 2023 22:41:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 23 Jul 2023 22:41:53 GMT
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AaAOQGHkTyrJ6tX4JdrX3_7gI2SWeYClIf0zskgMZlz1sXnkK8OZlpJnzc9GdFZ--rtwHzsJjd3GGD-NRwSCvI_H9tZ2W6rqlSrNoTM&google_cver=1&google_gid=CAESENnBL5YoBEPnHVbWLVB99Fs&google_hm=UTc0MzQzODUxMzEyMjU5NDU3NjU=
Content-Type
text/html
Cache-Control
max-age=44327
Connection
keep-alive
Content-Length
154
pixel
cm.g.doubleclick.net/ Frame F31E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=Wkwyc3JnQURGLTBrMlFCWQ==&google_gid=CAESEFfdBfTyh48TFp6Ww3WvC6o&google_cver=1&google_push=AaAOQGFBq7uZrhaAV_cAVnKpVmR2PBSWyf...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=Wkwyc3JnQURGLTBrMlFCWQ==&google_gid=CAESEFfdBfTyh48TFp6Ww3WvC6o&google_cver=1&google_push=AaAOQGFBq7uZrhaAV_cAVnKpVmR2PBSWyfLIpUv1MjlliM7hq5IaGDosAYCy-pZIAHVNJsYV_oXXAT4BK068KKPpHy7qaNs4ihqG9KE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Jul 2023 22:41:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-yyz4545-YYZ
pragma
no-cache
date
Sun, 23 Jul 2023 22:41:53 GMT
via
1.1 varnish
server
Varnish
x-timer
S1690152113.367554,VS0,VE0
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=Wkwyc3JnQURGLTBrMlFCWQ==&google_gid=CAESEFfdBfTyh48TFp6Ww3WvC6o&google_cver=1&google_push=AaAOQGFBq7uZrhaAV_cAVnKpVmR2PBSWyfLIpUv1MjlliM7hq5IaGDosAYCy-pZIAHVNJsYV_oXXAT4BK068KKPpHy7qaNs4ihqG9KE
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame F31E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESENMrFMGzvYgWuLvrYcxfSSQ&google_cver=1&google_push=AaAOQGGq6dvuUVGtzKVzv8NtokY7IBQR-FpPprcZnfPlQQiTzBbluVCzm7oCCFoQKkK9GKqQ8JySjN4wYSf1SDIXKL...
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESENMrFMGzvYgWuLvrYcxfSSQ&google_cver=1&google_push=AaAOQGGq6dvuUVGtzKVzv8NtokY7IBQR-FpPprcZnfPlQQiTzBbluVCzm7oCCFoQKkK9GKqQ8JySjN4wYSf1SDIXKL...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZWNlOTM3MDYtZWM3YS00NGMzLTlhM2YtM2Y1M2YxODM1MjY1&google_push&gdpr=0&gdpr_consent=&ttd_tdid=ece93706-ec7a-44c3-9a3f-3f53f1835265
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZWNlOTM3MDYtZWM3YS00NGMzLTlhM2YtM2Y1M2YxODM1MjY1&google_push&gdpr=0&gdpr_consent=&ttd_tdid=ece93706-ec7a-44c3-9a3f-3f53f1835265
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Jul 2023 22:41:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 23 Jul 2023 22:41:53 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZWNlOTM3MDYtZWM3YS00NGMzLTlhM2YtM2Y1M2YxODM1MjY1&google_push&gdpr=0&gdpr_consent=&ttd_tdid=ece93706-ec7a-44c3-9a3f-3f53f1835265
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
423
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame F31E
0
173 B
Image
General
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESECB0YtackytGkRlkk3YlPdY&google_cver=1&google_push=AaAOQGF5T5STbgU5bM4_EaELZt626zIhluk6XV8dvUKsZTrxPB6ybONBQNxDVdBSkgCwS_urThw4TY9eaJZtqq39FwhkSkjrsoWX7t4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:53 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame F31E
Redirect Chain
  • https://fksnk.com/cs/google?google_gid=CAESEAGG2YdViTPEOvL-aTMRN3Q&google_cver=1&google_push=AaAOQGGQ7lxbfwv7gEkmm9ANnwFqmlCF4Wux0Vp8fXQc4DH6lFcvzTM3Wqpjyp-oFIr0PoRxk9KAnaiXgFoKK3IEtmAGDALJJGLCVz0
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NjJGNzcwMjVGMjg5RTQ1MQ==
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NjJGNzcwMjVGMjg5RTQ1MQ==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Jul 2023 22:41:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NjJGNzcwMjVGMjg5RTQ1MQ==
date
Sun, 23 Jul 2023 22:41:53 GMT
content-language
en-US
content-type
text/html;charset=ISO-8859-1
asr
aid.send.microad.jp/g/ Frame F31E
43 B
641 B
Image
General
Full URL
https://aid.send.microad.jp/g/asr?google_gid=CAESEFYOTeDGq9yXZvZnfRbA-Ls&google_cver=1&google_push=AaAOQGFBxuwBihfXkdr-pExZkC06C8qsSqCbHeRJc_YTbg7i0YXHQGWiBye7c5eaJMZFuaKguXlL8-snGcb2MsI_YvzgQdnZ8X8TtvI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
202.233.84.1 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date
Sun, 23 Jul 2023 22:41:53 GMT
Strict-Transport-Security
max-age=3600
Server
Apache
P3P
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Connection
close
Access-Control-Allow-Headers
origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length
43
pixel
cm.g.doubleclick.net/ Frame F31E
Redirect Chain
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEFu_1kV4HM1-0LHymZ8EPFQ&google_cver=1&google_push=AaAOQGF5Cm4EXOVE7rszmDml2tZqNZc6sAe9FRtaVrwXwXLpDACY6XYbHLyrkFg-3iIwA2F_RJ-bT3I-f0A0agaUKd...
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTI2NjIxNzU2ODUxODE0ODQ3OTY&google_push=AaAOQGF5Cm4EXOVE7rszmDml2tZqNZc6sAe9FRtaVrwXwXLpDACY6XYbHLyrkFg-3iIwA2F_RJ-bT3I-f0A0agaUKdOX...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTI2NjIxNzU2ODUxODE0ODQ3OTY&google_push=AaAOQGF5Cm4EXOVE7rszmDml2tZqNZc6sAe9FRtaVrwXwXLpDACY6XYbHLyrkFg-3iIwA2F_RJ-bT3I-f0A0agaUKdOXOCpZLNsV9Tk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Jul 2023 22:41:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTI2NjIxNzU2ODUxODE0ODQ3OTY&google_push=AaAOQGF5Cm4EXOVE7rszmDml2tZqNZc6sAe9FRtaVrwXwXLpDACY6XYbHLyrkFg-3iIwA2F_RJ-bT3I-f0A0agaUKdOXOCpZLNsV9Tk
Date
Sun, 23 Jul 2023 22:41:53 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame F31E
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KTRzUHCIJF0L_LXQUZnzy8jJRlEHdC5D9CSj51qT_N3Aa_Q822zUbIZ6IQJ5_dMgqjJ9Wv
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:53 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
privacy_small.svg
static.criteo.net/flash/icon/ Frame 593D
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5QFKNxNAApLxcfAYaMUBXzK6NraFA&u=%7CSjDzQLoKHiuKzFT8OZYMKpD6EKoZ1VzCRIJX3j2d7Wc%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv2s2u2dplnKJtVkuzLzx_KV4fN7d1ufgtaTz-Ku7eGDRd5R4EKT3I_GMMLHiGjs_TodfHlURqc7LuTzRQ3slKmZ8DQsjiL3h8nvC3T8_zTZRKLvKkEdkqcXGwMnqvz2sVffV3WjPpV1OBSwIZsXQH_mMosLJ_qqzNf7Y2Nu5kXXCAvvVSBIlPk29qGnS03mwSFnVv5ZvqXWsJdm3P618DjbVnDITmANU-LplsDG30tWNuJtdi5wqmAKJIGSWluPZQ7MQQf-pKq4ymOx5DU1AtOlNXDmvT4i0gU2TZMCuMqRZE5LNMyWdyy0VCnvrcyMG_Msvv1rQu00Ei66O_JGo0N89btVJEU3zQSQ-QnD1rXVND9y6CDelEXPBU8Kgs2xgddtTqq_lmYouufidv_dF0CPFbwOVChR-g2OuNsWgFIuVGoz5qkEx2CwfYQXxwNolP-DadjGuIbRFtFIApZbcrhsU-ncXpTHeu6WPz4YuB5gt5E04owbleLtAF66UB4jJeT0VhlEFT_Xf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHBghray9ZJSPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0AiGg0LW9IZGpNTTCpmHAISEqvNmnc8TM3xu6WmZHgq1Qqquh2H71cg6mgmwOlYpzeOhssMf61DChKa3xtFTsrAbuZmdYtVi9k_PYYfoWCL0fSdogIjSGWcApsse1SkuyeF5erG5RsfHukps-Hs1tQH_QHNt8WvAzSd_-fBZ7nePAhoAx6Le1dGG2Bt4lPlQdnziGsNK8r69l3CVkWmMpXrKRw8BetKjCNxJp6BWrkYgk_aNdXeWaECyHRhz9E5wR71DMAhiMZn7m457UtQBrIsPtELAd34ioQQw57aF_pfN4ByU6rXhk0wUoNP3uRIGkWYD-h29WqzP5kR5o_JsUHQSi7Ne7geHvyXiNTJBQxSY_VMttLjBIgICrT4OlISyCwNYnvbMZUzVQ5m1ThvcC5G8eF48UIrepPu1lz4mgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3K-I8gnC4nlhQ0RUUUFC8dxv_unw%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 17 Jul 2024 22:41:53 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 593D
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5QFKNxNAApLxcfAYaMUBXzK6NraFA&u=%7CSjDzQLoKHiuKzFT8OZYMKpD6EKoZ1VzCRIJX3j2d7Wc%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv2s2u2dplnKJtVkuzLzx_KV4fN7d1ufgtaTz-Ku7eGDRd5R4EKT3I_GMMLHiGjs_TodfHlURqc7LuTzRQ3slKmZ8DQsjiL3h8nvC3T8_zTZRKLvKkEdkqcXGwMnqvz2sVffV3WjPpV1OBSwIZsXQH_mMosLJ_qqzNf7Y2Nu5kXXCAvvVSBIlPk29qGnS03mwSFnVv5ZvqXWsJdm3P618DjbVnDITmANU-LplsDG30tWNuJtdi5wqmAKJIGSWluPZQ7MQQf-pKq4ymOx5DU1AtOlNXDmvT4i0gU2TZMCuMqRZE5LNMyWdyy0VCnvrcyMG_Msvv1rQu00Ei66O_JGo0N89btVJEU3zQSQ-QnD1rXVND9y6CDelEXPBU8Kgs2xgddtTqq_lmYouufidv_dF0CPFbwOVChR-g2OuNsWgFIuVGoz5qkEx2CwfYQXxwNolP-DadjGuIbRFtFIApZbcrhsU-ncXpTHeu6WPz4YuB5gt5E04owbleLtAF66UB4jJeT0VhlEFT_Xf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHBghray9ZJSPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0AiGg0LW9IZGpNTTCpmHAISEqvNmnc8TM3xu6WmZHgq1Qqquh2H71cg6mgmwOlYpzeOhssMf61DChKa3xtFTsrAbuZmdYtVi9k_PYYfoWCL0fSdogIjSGWcApsse1SkuyeF5erG5RsfHukps-Hs1tQH_QHNt8WvAzSd_-fBZ7nePAhoAx6Le1dGG2Bt4lPlQdnziGsNK8r69l3CVkWmMpXrKRw8BetKjCNxJp6BWrkYgk_aNdXeWaECyHRhz9E5wR71DMAhiMZn7m457UtQBrIsPtELAd34ioQQw57aF_pfN4ByU6rXhk0wUoNP3uRIGkWYD-h29WqzP5kR5o_JsUHQSi7Ne7geHvyXiNTJBQxSY_VMttLjBIgICrT4OlISyCwNYnvbMZUzVQ5m1ThvcC5G8eF48UIrepPu1lz4mgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3K-I8gnC4nlhQ0RUUUFC8dxv_unw%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 17 Jul 2024 22:41:53 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 593D
308 B
636 B
Image
General
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5QFKNxNAApLxcfAYaMUBXzK6NraFA&u=%7CSjDzQLoKHiuKzFT8OZYMKpD6EKoZ1VzCRIJX3j2d7Wc%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv2s2u2dplnKJtVkuzLzx_KV4fN7d1ufgtaTz-Ku7eGDRd5R4EKT3I_GMMLHiGjs_TodfHlURqc7LuTzRQ3slKmZ8DQsjiL3h8nvC3T8_zTZRKLvKkEdkqcXGwMnqvz2sVffV3WjPpV1OBSwIZsXQH_mMosLJ_qqzNf7Y2Nu5kXXCAvvVSBIlPk29qGnS03mwSFnVv5ZvqXWsJdm3P618DjbVnDITmANU-LplsDG30tWNuJtdi5wqmAKJIGSWluPZQ7MQQf-pKq4ymOx5DU1AtOlNXDmvT4i0gU2TZMCuMqRZE5LNMyWdyy0VCnvrcyMG_Msvv1rQu00Ei66O_JGo0N89btVJEU3zQSQ-QnD1rXVND9y6CDelEXPBU8Kgs2xgddtTqq_lmYouufidv_dF0CPFbwOVChR-g2OuNsWgFIuVGoz5qkEx2CwfYQXxwNolP-DadjGuIbRFtFIApZbcrhsU-ncXpTHeu6WPz4YuB5gt5E04owbleLtAF66UB4jJeT0VhlEFT_Xf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHBghray9ZJSPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0AiGg0LW9IZGpNTTCpmHAISEqvNmnc8TM3xu6WmZHgq1Qqquh2H71cg6mgmwOlYpzeOhssMf61DChKa3xtFTsrAbuZmdYtVi9k_PYYfoWCL0fSdogIjSGWcApsse1SkuyeF5erG5RsfHukps-Hs1tQH_QHNt8WvAzSd_-fBZ7nePAhoAx6Le1dGG2Bt4lPlQdnziGsNK8r69l3CVkWmMpXrKRw8BetKjCNxJp6BWrkYgk_aNdXeWaECyHRhz9E5wR71DMAhiMZn7m457UtQBrIsPtELAd34ioQQw57aF_pfN4ByU6rXhk0wUoNP3uRIGkWYD-h29WqzP5kR5o_JsUHQSi7Ne7geHvyXiNTJBQxSY_VMttLjBIgICrT4OlISyCwNYnvbMZUzVQ5m1ThvcC5G8eF48UIrepPu1lz4mgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3K-I8gnC4nlhQ0RUUUFC8dxv_unw%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:53 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Wed, 17 Jul 2024 22:41:53 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 593D
293 B
621 B
Image
General
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5QFKNxNAApLxcfAYaMUBXzK6NraFA&u=%7CSjDzQLoKHiuKzFT8OZYMKpD6EKoZ1VzCRIJX3j2d7Wc%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv2s2u2dplnKJtVkuzLzx_KV4fN7d1ufgtaTz-Ku7eGDRd5R4EKT3I_GMMLHiGjs_TodfHlURqc7LuTzRQ3slKmZ8DQsjiL3h8nvC3T8_zTZRKLvKkEdkqcXGwMnqvz2sVffV3WjPpV1OBSwIZsXQH_mMosLJ_qqzNf7Y2Nu5kXXCAvvVSBIlPk29qGnS03mwSFnVv5ZvqXWsJdm3P618DjbVnDITmANU-LplsDG30tWNuJtdi5wqmAKJIGSWluPZQ7MQQf-pKq4ymOx5DU1AtOlNXDmvT4i0gU2TZMCuMqRZE5LNMyWdyy0VCnvrcyMG_Msvv1rQu00Ei66O_JGo0N89btVJEU3zQSQ-QnD1rXVND9y6CDelEXPBU8Kgs2xgddtTqq_lmYouufidv_dF0CPFbwOVChR-g2OuNsWgFIuVGoz5qkEx2CwfYQXxwNolP-DadjGuIbRFtFIApZbcrhsU-ncXpTHeu6WPz4YuB5gt5E04owbleLtAF66UB4jJeT0VhlEFT_Xf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHBghray9ZJSPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0AiGg0LW9IZGpNTTCpmHAISEqvNmnc8TM3xu6WmZHgq1Qqquh2H71cg6mgmwOlYpzeOhssMf61DChKa3xtFTsrAbuZmdYtVi9k_PYYfoWCL0fSdogIjSGWcApsse1SkuyeF5erG5RsfHukps-Hs1tQH_QHNt8WvAzSd_-fBZ7nePAhoAx6Le1dGG2Bt4lPlQdnziGsNK8r69l3CVkWmMpXrKRw8BetKjCNxJp6BWrkYgk_aNdXeWaECyHRhz9E5wR71DMAhiMZn7m457UtQBrIsPtELAd34ioQQw57aF_pfN4ByU6rXhk0wUoNP3uRIGkWYD-h29WqzP5kR5o_JsUHQSi7Ne7geHvyXiNTJBQxSY_VMttLjBIgICrT4OlISyCwNYnvbMZUzVQ5m1ThvcC5G8eF48UIrepPu1lz4mgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3K-I8gnC4nlhQ0RUUUFC8dxv_unw%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:53 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Wed, 17 Jul 2024 22:41:53 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame 593D
2 KB
1 KB
Script
General
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=13846930&cmp=29214310&plc=358196926&sid=1340728&dvregion=0&unit=200x600
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5QFKNxNAApLxcfAYaMUBXzK6NraFA&u=%7CSjDzQLoKHiuKzFT8OZYMKpD6EKoZ1VzCRIJX3j2d7Wc%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv2s2u2dplnKJtVkuzLzx_KV4fN7d1ufgtaTz-Ku7eGDRd5R4EKT3I_GMMLHiGjs_TodfHlURqc7LuTzRQ3slKmZ8DQsjiL3h8nvC3T8_zTZRKLvKkEdkqcXGwMnqvz2sVffV3WjPpV1OBSwIZsXQH_mMosLJ_qqzNf7Y2Nu5kXXCAvvVSBIlPk29qGnS03mwSFnVv5ZvqXWsJdm3P618DjbVnDITmANU-LplsDG30tWNuJtdi5wqmAKJIGSWluPZQ7MQQf-pKq4ymOx5DU1AtOlNXDmvT4i0gU2TZMCuMqRZE5LNMyWdyy0VCnvrcyMG_Msvv1rQu00Ei66O_JGo0N89btVJEU3zQSQ-QnD1rXVND9y6CDelEXPBU8Kgs2xgddtTqq_lmYouufidv_dF0CPFbwOVChR-g2OuNsWgFIuVGoz5qkEx2CwfYQXxwNolP-DadjGuIbRFtFIApZbcrhsU-ncXpTHeu6WPz4YuB5gt5E04owbleLtAF66UB4jJeT0VhlEFT_Xf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHBghray9ZJSPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0AiGg0LW9IZGpNTTCpmHAISEqvNmnc8TM3xu6WmZHgq1Qqquh2H71cg6mgmwOlYpzeOhssMf61DChKa3xtFTsrAbuZmdYtVi9k_PYYfoWCL0fSdogIjSGWcApsse1SkuyeF5erG5RsfHukps-Hs1tQH_QHNt8WvAzSd_-fBZ7nePAhoAx6Le1dGG2Bt4lPlQdnziGsNK8r69l3CVkWmMpXrKRw8BetKjCNxJp6BWrkYgk_aNdXeWaECyHRhz9E5wR71DMAhiMZn7m457UtQBrIsPtELAd34ioQQw57aF_pfN4ByU6rXhk0wUoNP3uRIGkWYD-h29WqzP5kR5o_JsUHQSi7Ne7geHvyXiNTJBQxSY_VMttLjBIgICrT4OlISyCwNYnvbMZUzVQ5m1ThvcC5G8eF48UIrepPu1lz4mgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3K-I8gnC4nlhQ0RUUUFC8dxv_unw%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000::1725:7bd1 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
db556c877765791cfa9dc4febd9a83ab0dfdd29245b4c0ca786911f4ada39bbf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date
Sun, 23 Jul 2023 22:41:53 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Jul 2023 08:57:29 GMT
Server
UploadServer
ETag
"0a227e506cc4cb4f9940be0b4f6d5c1e"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
max-age=86400,no-transform
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
925
Expires
Wed, 12 Jul 2023 08:57:55 GMT
dvtp_src.js
cdn.doubleverify.com/ Frame 593D
8 KB
4 KB
Script
General
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=13846930&cmp=29214310&plc=358196926&sid=1340728&adsrv=169&btreg=banner_content&btadsrv=banner_content&tagtype=&dvtagver=6.1.src
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5QFKNxNAApLxcfAYaMUBXzK6NraFA&u=%7CSjDzQLoKHiuKzFT8OZYMKpD6EKoZ1VzCRIJX3j2d7Wc%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv2s2u2dplnKJtVkuzLzx_KV4fN7d1ufgtaTz-Ku7eGDRd5R4EKT3I_GMMLHiGjs_TodfHlURqc7LuTzRQ3slKmZ8DQsjiL3h8nvC3T8_zTZRKLvKkEdkqcXGwMnqvz2sVffV3WjPpV1OBSwIZsXQH_mMosLJ_qqzNf7Y2Nu5kXXCAvvVSBIlPk29qGnS03mwSFnVv5ZvqXWsJdm3P618DjbVnDITmANU-LplsDG30tWNuJtdi5wqmAKJIGSWluPZQ7MQQf-pKq4ymOx5DU1AtOlNXDmvT4i0gU2TZMCuMqRZE5LNMyWdyy0VCnvrcyMG_Msvv1rQu00Ei66O_JGo0N89btVJEU3zQSQ-QnD1rXVND9y6CDelEXPBU8Kgs2xgddtTqq_lmYouufidv_dF0CPFbwOVChR-g2OuNsWgFIuVGoz5qkEx2CwfYQXxwNolP-DadjGuIbRFtFIApZbcrhsU-ncXpTHeu6WPz4YuB5gt5E04owbleLtAF66UB4jJeT0VhlEFT_Xf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHBghray9ZJSPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0AiGg0LW9IZGpNTTCpmHAISEqvNmnc8TM3xu6WmZHgq1Qqquh2H71cg6mgmwOlYpzeOhssMf61DChKa3xtFTsrAbuZmdYtVi9k_PYYfoWCL0fSdogIjSGWcApsse1SkuyeF5erG5RsfHukps-Hs1tQH_QHNt8WvAzSd_-fBZ7nePAhoAx6Le1dGG2Bt4lPlQdnziGsNK8r69l3CVkWmMpXrKRw8BetKjCNxJp6BWrkYgk_aNdXeWaECyHRhz9E5wR71DMAhiMZn7m457UtQBrIsPtELAd34ioQQw57aF_pfN4ByU6rXhk0wUoNP3uRIGkWYD-h29WqzP5kR5o_JsUHQSi7Ne7geHvyXiNTJBQxSY_VMttLjBIgICrT4OlISyCwNYnvbMZUzVQ5m1ThvcC5G8eF48UIrepPu1lz4mgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3K-I8gnC4nlhQ0RUUUFC8dxv_unw%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000::1725:7bd1 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
005b888fe4472e6243d74f7a7ffc92dc1ad096e9c804f77b061a1ea1fc57403a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date
Sun, 23 Jul 2023 22:41:53 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 Jul 2023 10:45:50 GMT
Server
UploadServer
ETag
"408da7fec113d9180ca8c3f8cc59bbea"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
max-age=900,no-transform
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3389
Expires
Thu, 20 Jul 2023 11:01:12 GMT
lg.php
cat.va.us.criteo.com/delivery/ Frame 593D
43 B
347 B
Image
General
Full URL
https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=OjIld8al2szQIPBKfCmByVFNlJp-hdayw5p18h_nUxuCVhIUKQ5xQRvIjcsTFQs1HtmVHtEpTa51lQtSR26GKpJB01I4qnNMnzY4pWMKVIlMtVirBicE5EWmX2sb7iCR7-ZFQxSG_1k4xT38a8ATLf08XkfCQUTZBAxr8k_NwAu8aO3NrLYeoK3EjoGo25sLWlrIQ2woKQc-YtZnoglM3hsMqNZUpoGJGjo_lMcy0GVlBPJyi39LO3b3-HzqDBr3ToB1lakoeGdqoSe8mNd_m7O1ii22_0YbXZXIkqH1OL1_DhsIbGlcyvjlzsbqrkQAqrMr5bN_t-vSMF2I5sZlNsqvtOYQ--FWkDCUy7GyTI1__WLq2ahmQZPk1_YR87NQV2NXoeKynGkYRw0ApQIQTNFJAUI2OhNFeWPW48CiJrPz5yZx
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5QFKNxNAApLxcfAYaMUBXzK6NraFA&u=%7CSjDzQLoKHiuKzFT8OZYMKpD6EKoZ1VzCRIJX3j2d7Wc%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv2s2u2dplnKJtVkuzLzx_KV4fN7d1ufgtaTz-Ku7eGDRd5R4EKT3I_GMMLHiGjs_TodfHlURqc7LuTzRQ3slKmZ8DQsjiL3h8nvC3T8_zTZRKLvKkEdkqcXGwMnqvz2sVffV3WjPpV1OBSwIZsXQH_mMosLJ_qqzNf7Y2Nu5kXXCAvvVSBIlPk29qGnS03mwSFnVv5ZvqXWsJdm3P618DjbVnDITmANU-LplsDG30tWNuJtdi5wqmAKJIGSWluPZQ7MQQf-pKq4ymOx5DU1AtOlNXDmvT4i0gU2TZMCuMqRZE5LNMyWdyy0VCnvrcyMG_Msvv1rQu00Ei66O_JGo0N89btVJEU3zQSQ-QnD1rXVND9y6CDelEXPBU8Kgs2xgddtTqq_lmYouufidv_dF0CPFbwOVChR-g2OuNsWgFIuVGoz5qkEx2CwfYQXxwNolP-DadjGuIbRFtFIApZbcrhsU-ncXpTHeu6WPz4YuB5gt5E04owbleLtAF66UB4jJeT0VhlEFT_Xf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHBghray9ZJSPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0AiGg0LW9IZGpNTTCpmHAISEqvNmnc8TM3xu6WmZHgq1Qqquh2H71cg6mgmwOlYpzeOhssMf61DChKa3xtFTsrAbuZmdYtVi9k_PYYfoWCL0fSdogIjSGWcApsse1SkuyeF5erG5RsfHukps-Hs1tQH_QHNt8WvAzSd_-fBZ7nePAhoAx6Le1dGG2Bt4lPlQdnziGsNK8r69l3CVkWmMpXrKRw8BetKjCNxJp6BWrkYgk_aNdXeWaECyHRhz9E5wR71DMAhiMZn7m457UtQBrIsPtELAd34ioQQw57aF_pfN4ByU6rXhk0wUoNP3uRIGkWYD-h29WqzP5kR5o_JsUHQSi7Ne7geHvyXiNTJBQxSY_VMttLjBIgICrT4OlISyCwNYnvbMZUzVQ5m1ThvcC5G8eF48UIrepPu1lz4mgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3K-I8gnC4nlhQ0RUUUFC8dxv_unw%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Jul 2023 22:41:52 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2678194
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
d.agkn.com/pixel/8538/ Frame 593D
43 B
561 B
Image
General
Full URL
https://d.agkn.com/pixel/8538/?che=64bdacb02222ee95bfc9a6d04938f15b&col=308271,0,0,0,11120203,64bdacb02222ee95bfc9a6d04938f15b
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5QFKNxNAApLxcfAYaMUBXzK6NraFA&u=%7CSjDzQLoKHiuKzFT8OZYMKpD6EKoZ1VzCRIJX3j2d7Wc%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv2s2u2dplnKJtVkuzLzx_KV4fN7d1ufgtaTz-Ku7eGDRd5R4EKT3I_GMMLHiGjs_TodfHlURqc7LuTzRQ3slKmZ8DQsjiL3h8nvC3T8_zTZRKLvKkEdkqcXGwMnqvz2sVffV3WjPpV1OBSwIZsXQH_mMosLJ_qqzNf7Y2Nu5kXXCAvvVSBIlPk29qGnS03mwSFnVv5ZvqXWsJdm3P618DjbVnDITmANU-LplsDG30tWNuJtdi5wqmAKJIGSWluPZQ7MQQf-pKq4ymOx5DU1AtOlNXDmvT4i0gU2TZMCuMqRZE5LNMyWdyy0VCnvrcyMG_Msvv1rQu00Ei66O_JGo0N89btVJEU3zQSQ-QnD1rXVND9y6CDelEXPBU8Kgs2xgddtTqq_lmYouufidv_dF0CPFbwOVChR-g2OuNsWgFIuVGoz5qkEx2CwfYQXxwNolP-DadjGuIbRFtFIApZbcrhsU-ncXpTHeu6WPz4YuB5gt5E04owbleLtAF66UB4jJeT0VhlEFT_Xf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHBghray9ZJSPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0AiGg0LW9IZGpNTTCpmHAISEqvNmnc8TM3xu6WmZHgq1Qqquh2H71cg6mgmwOlYpzeOhssMf61DChKa3xtFTsrAbuZmdYtVi9k_PYYfoWCL0fSdogIjSGWcApsse1SkuyeF5erG5RsfHukps-Hs1tQH_QHNt8WvAzSd_-fBZ7nePAhoAx6Le1dGG2Bt4lPlQdnziGsNK8r69l3CVkWmMpXrKRw8BetKjCNxJp6BWrkYgk_aNdXeWaECyHRhz9E5wR71DMAhiMZn7m457UtQBrIsPtELAd34ioQQw57aF_pfN4ByU6rXhk0wUoNP3uRIGkWYD-h29WqzP5kR5o_JsUHQSi7Ne7geHvyXiNTJBQxSY_VMttLjBIgICrT4OlISyCwNYnvbMZUzVQ5m1ThvcC5G8eF48UIrepPu1lz4mgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3K-I8gnC4nlhQ0RUUUFC8dxv_unw%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:1400:19:fc2c:a140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Jul 2023 22:41:53 GMT
via
1.1 3425db2c749d144a96b60e99c2493db0.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
image/gif
cache-control
no-cache, must-revalidate
content-length
43
x-amz-cf-id
BTZ0SyaarFScINWiImAkB3s8VSMXR90biVViYsGkX1sLHY3vx5HUCA==
expires
Sat, 01 Jan 2000 00:00:00 GMT
B29214310.358196926;dc_pre=COip6qLzpYADFXkWiAkdwN4EmA;dc_trk_aid=549043976;dc_trk_cid=186144873;dcopt=anid;ord=64bdacb02222ee95bfc9a6d04938f15b;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tf...
ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/ Frame 593D
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B29214310.358196926;dc_trk_aid=549043976;dc_trk_cid=186144873;dcopt=anid;ord=64bdacb02222ee95bfc9a6d04938f15b;dc_lat=;dc_rdid=;tag_for_ch...
  • https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B29214310.358196926;dc_pre=COip6qLzpYADFXkWiAkdwN4EmA;dc_trk_aid=549043976;dc_trk_cid=186144873;dcopt=anid;ord=64bdacb02222ee95bfc9a6d049...
42 B
246 B
Image
General
Full URL
https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B29214310.358196926;dc_pre=COip6qLzpYADFXkWiAkdwN4EmA;dc_trk_aid=549043976;dc_trk_cid=186144873;dcopt=anid;ord=64bdacb02222ee95bfc9a6d04938f15b;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;;ltd=?
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5QFKNxNAApLxcfAYaMUBXzK6NraFA&u=%7CSjDzQLoKHiuKzFT8OZYMKpD6EKoZ1VzCRIJX3j2d7Wc%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv2s2u2dplnKJtVkuzLzx_KV4fN7d1ufgtaTz-Ku7eGDRd5R4EKT3I_GMMLHiGjs_TodfHlURqc7LuTzRQ3slKmZ8DQsjiL3h8nvC3T8_zTZRKLvKkEdkqcXGwMnqvz2sVffV3WjPpV1OBSwIZsXQH_mMosLJ_qqzNf7Y2Nu5kXXCAvvVSBIlPk29qGnS03mwSFnVv5ZvqXWsJdm3P618DjbVnDITmANU-LplsDG30tWNuJtdi5wqmAKJIGSWluPZQ7MQQf-pKq4ymOx5DU1AtOlNXDmvT4i0gU2TZMCuMqRZE5LNMyWdyy0VCnvrcyMG_Msvv1rQu00Ei66O_JGo0N89btVJEU3zQSQ-QnD1rXVND9y6CDelEXPBU8Kgs2xgddtTqq_lmYouufidv_dF0CPFbwOVChR-g2OuNsWgFIuVGoz5qkEx2CwfYQXxwNolP-DadjGuIbRFtFIApZbcrhsU-ncXpTHeu6WPz4YuB5gt5E04owbleLtAF66UB4jJeT0VhlEFT_Xf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHBghray9ZJSPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0AiGg0LW9IZGpNTTCpmHAISEqvNmnc8TM3xu6WmZHgq1Qqquh2H71cg6mgmwOlYpzeOhssMf61DChKa3xtFTsrAbuZmdYtVi9k_PYYfoWCL0fSdogIjSGWcApsse1SkuyeF5erG5RsfHukps-Hs1tQH_QHNt8WvAzSd_-fBZ7nePAhoAx6Le1dGG2Bt4lPlQdnziGsNK8r69l3CVkWmMpXrKRw8BetKjCNxJp6BWrkYgk_aNdXeWaECyHRhz9E5wR71DMAhiMZn7m457UtQBrIsPtELAd34ioQQw57aF_pfN4ByU6rXhk0wUoNP3uRIGkWYD-h29WqzP5kR5o_JsUHQSi7Ne7geHvyXiNTJBQxSY_VMttLjBIgICrT4OlISyCwNYnvbMZUzVQ5m1ThvcC5G8eF48UIrepPu1lz4mgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3K-I8gnC4nlhQ0RUUUFC8dxv_unw%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Server
142.251.40.134 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Jul 2023 22:41:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 23 Jul 2023 22:41:53 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B29214310.358196926;dc_pre=COip6qLzpYADFXkWiAkdwN4EmA;dc_trk_aid=549043976;dc_trk_cid=186144873;dcopt=anid;ord=64bdacb02222ee95bfc9a6d04938f15b;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;;ltd=?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
tracker.samplicio.us/tracker/135ae744-093c-4f69-8b53-a36ce6361ac1/ Frame 593D
35 B
390 B
Image
General
Full URL
https://tracker.samplicio.us/tracker/135ae744-093c-4f69-8b53-a36ce6361ac1/pixel.gif?c1=11120203&pid=141491&sid=8873202347851648892&crid=308271&device_id=&cachebuster=64bdacb02222ee95bfc9a6d04938f15b&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5QFKNxNAApLxcfAYaMUBXzK6NraFA&u=%7CSjDzQLoKHiuKzFT8OZYMKpD6EKoZ1VzCRIJX3j2d7Wc%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv2s2u2dplnKJtVkuzLzx_KV4fN7d1ufgtaTz-Ku7eGDRd5R4EKT3I_GMMLHiGjs_TodfHlURqc7LuTzRQ3slKmZ8DQsjiL3h8nvC3T8_zTZRKLvKkEdkqcXGwMnqvz2sVffV3WjPpV1OBSwIZsXQH_mMosLJ_qqzNf7Y2Nu5kXXCAvvVSBIlPk29qGnS03mwSFnVv5ZvqXWsJdm3P618DjbVnDITmANU-LplsDG30tWNuJtdi5wqmAKJIGSWluPZQ7MQQf-pKq4ymOx5DU1AtOlNXDmvT4i0gU2TZMCuMqRZE5LNMyWdyy0VCnvrcyMG_Msvv1rQu00Ei66O_JGo0N89btVJEU3zQSQ-QnD1rXVND9y6CDelEXPBU8Kgs2xgddtTqq_lmYouufidv_dF0CPFbwOVChR-g2OuNsWgFIuVGoz5qkEx2CwfYQXxwNolP-DadjGuIbRFtFIApZbcrhsU-ncXpTHeu6WPz4YuB5gt5E04owbleLtAF66UB4jJeT0VhlEFT_Xf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHBghray9ZJSPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0AiGg0LW9IZGpNTTCpmHAISEqvNmnc8TM3xu6WmZHgq1Qqquh2H71cg6mgmwOlYpzeOhssMf61DChKa3xtFTsrAbuZmdYtVi9k_PYYfoWCL0fSdogIjSGWcApsse1SkuyeF5erG5RsfHukps-Hs1tQH_QHNt8WvAzSd_-fBZ7nePAhoAx6Le1dGG2Bt4lPlQdnziGsNK8r69l3CVkWmMpXrKRw8BetKjCNxJp6BWrkYgk_aNdXeWaECyHRhz9E5wR71DMAhiMZn7m457UtQBrIsPtELAd34ioQQw57aF_pfN4ByU6rXhk0wUoNP3uRIGkWYD-h29WqzP5kR5o_JsUHQSi7Ne7geHvyXiNTJBQxSY_VMttLjBIgICrT4OlISyCwNYnvbMZUzVQ5m1ThvcC5G8eF48UIrepPu1lz4mgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3K-I8gnC4nlhQ0RUUUFC8dxv_unw%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.152.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-152-182.compute-1.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date
Sun, 23 Jul 2023 22:41:53 GMT
Strict-Transport-Security
max-age=604800
Server
nginx/1.20.0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
adview
googleads.g.doubleclick.net/pagead/ Frame 3A3C
0
19 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cpmocray9ZMXfJ5emo9kPr4CNgAqcge-wXNKWqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEwgJP0GUzpYeEATZ465b5enwUkn9CZqrD9D3-kj7evH0GOnKaaytMEg-HfUZinFZ6kPN6jJxPJMx88c0sRPYiTkERNV1Xoe2gB00xPTa4y6a5SQTwAsMjpUMoIpfkyiasC4ibOaMIU5YDBm1v1gz8OG4LFb-JSKnF9bu_B3rwbHLCXQmDzB6atOKDfa08adj6wHnq_WkcZR7fjwMJmB3M0Ow9naY2W2xxoJEK_csXkeuViT_C0_zUhE0UzTVD4HxDTWby0N7CRc601z_6so5Px6vWH3PZTMRhoIwStl4PfnVmLsy6zZLijpG_u4LCCJsq6CnvXnmKStvlI9LrnobQzZBYX_L4d12LZzpbcwTUl3ak_x1VmsTXGGzFVwQOy7c51W0LWr3L8nhv7Rz8eUWxDYAAPE4-7NiVSqsK-0Si36365lfUgAbJx_363fjukhegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTE2MTg1OTIyMDUwODM3ODAYAA&sigh=W4SJ5p6apmo&uach_m=[UACH]&cid=CAQSKQBpAlJWn1WQNpqNVBmyu3cKx-lNBxGaK0Ht218pE1M9FSCWbCyOPj8oGAE&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1618592205083780&output=html&h=178&slotname=2609168587&adk=1374432671&adf=4036610663&pi=t.ma~as.2609168587&w=710&fwrn=4&lmt=1690152109&rafmt=11&format=710x178&url=https%3A%2F%2Fwww.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690152109199&bpp=10&bdt=2334&idt=277&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&correlator=4611190033106&frm=20&pv=2&ga_vid=1167766464.1690152109&ga_sid=1690152109&ga_hid=1961258191&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=295&ady=1617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31076087%2C42531706%2C44788441%2C44797784&oid=2&pvsid=4066533587057257&tmod=1604677241&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=5ut2MxHbOz&p=https%3A//www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru&dtd=391
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1618592205083780&output=html&h=178&slotname=2609168587&adk=1374432671&adf=4036610663&pi=t.ma~as.2609168587&w=710&fwrn=4&lmt=1690152109&rafmt=11&format=710x178&url=https%3A%2F%2Fwww.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690152109199&bpp=10&bdt=2334&idt=277&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&correlator=4611190033106&frm=20&pv=2&ga_vid=1167766464.1690152109&ga_sid=1690152109&ga_hid=1961258191&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=295&ady=1617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31076087%2C42531706%2C44788441%2C44797784&oid=2&pvsid=4066533587057257&tmod=1604677241&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=5ut2MxHbOz&p=https%3A//www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru&dtd=391
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 23 Jul 2023 22:41:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
notify
rtb.va.us.criteo.com/google/auction/ Frame 3A3C
0
126 B
Image
General
Full URL
https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=kOSJF836RMYFsgHiIp0XAgAAAIHwBbb3yQw3EK2svWTO0gNriY0ZhP8_AAASAAAKCkFRVURDZ0VQQ2c&wp=ZL2srQAJ78UFKNMXAANAL1ZjmMz9_9MSmeQpdg&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1618592205083780&output=html&h=178&slotname=2609168587&adk=1374432671&adf=4036610663&pi=t.ma~as.2609168587&w=710&fwrn=4&lmt=1690152109&rafmt=11&format=710x178&url=https%3A%2F%2Fwww.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690152109199&bpp=10&bdt=2334&idt=277&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&correlator=4611190033106&frm=20&pv=2&ga_vid=1167766464.1690152109&ga_sid=1690152109&ga_hid=1961258191&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=295&ady=1617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31076087%2C42531706%2C44788441%2C44797784&oid=2&pvsid=4066533587057257&tmod=1604677241&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=5ut2MxHbOz&p=https%3A//www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru&dtd=391
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:53 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
161493
server
Kestrel
content-length
0
privacy_small.svg
static.criteo.net/flash/icon/ Frame BDEF
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5UFKNxNAApLxfHDqOKPtAWOCWnI1A&u=%7CSjDzQLoKHiu%2FHvtcMH2GIp%2BUpmMJy17Qx3YskfURbe4%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv8woe_caJE_VUAicvkuo4T4WuabUPEUl3LeKzAq_pgTek-KblTtvdwbtUm5EnXa_EpKX7NBZFrgFRvbSDW4ZgPknzANXSqeQhVssTmp8HPODGB1YTUM_VRwYXAIRWcjPZOTJFCJALJpKAHkBLr0hJzP-B30IwWo5-uNkZIvIHSaSptMNoUlkrRgcLTwYixLsmHLvbQxaFohAZ9WbsD3ThQhk-R0I1TYADCvCl2Emijc6nzVZpR9zseC1MNkKBFCnrFZu6w2WLMssbU8yy1bjtK01D1BMNmZ-Gjvd-7S6T3kNU_kbOLEJ-kdFZ5tTbBqvKXiFDa5DJyZpo-PVwS7B2UtBpLiQwF6vm3UeV1EjZgEeGiecYADMA8ZleWdXtAPhnbakoTywcrtpzCeiKBKk1nLUoxfk3n7gejjSaHw9MmxuwszorHbqyoajrZeD_rpmeOxLKttZyS5Q1uaOuxC2wnGCwiOMdyYgPz21o3LqitUOQvKn1jfgVT4ZOEHVmXqRlAEq4TiIGM9IM_q774lwakA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRBCtray9ZJWPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0BTlMUhuBlZKl-3E-7xxCFSS3ePazj0-EdIxKbBm8DEMcJjoXroi8Wts3wSpE1XTNqlviiuDGx2SvmOfKCOuHOm17zhTptml28Ee_H5Voy4u4m1bKvUKkBtkZiAGysySEEzOi52z7tKzrpwIU349b1rJx2ZLREfgKtv8c_gnSnzmT76IbxuG_QrykK_fNVA_jrnxHRWbTB7wmOMeZmntIOT1w-3jyUJpYS8VNs85R0cYARVgiUkVA9B_Zg1ZgtgoWZy4ug94OTs6LxpBfOiEye4p66prgGH7WGa7xIthICvcFxEGxSD_cz-mhH0uQFPYVk2K_nY2p8l9vwHlL7CFwGk1402N3u38W22N0kEr39k-N2Bz6nb8fJI0hnLHRKoNjdTwmWirEgAM_Yt5rSUP5om8rPD2gje53BHzFctIgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3uvvs6CwprmmrFVVTiB1hl4mqEuA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 17 Jul 2024 22:41:53 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame BDEF
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5UFKNxNAApLxfHDqOKPtAWOCWnI1A&u=%7CSjDzQLoKHiu%2FHvtcMH2GIp%2BUpmMJy17Qx3YskfURbe4%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv8woe_caJE_VUAicvkuo4T4WuabUPEUl3LeKzAq_pgTek-KblTtvdwbtUm5EnXa_EpKX7NBZFrgFRvbSDW4ZgPknzANXSqeQhVssTmp8HPODGB1YTUM_VRwYXAIRWcjPZOTJFCJALJpKAHkBLr0hJzP-B30IwWo5-uNkZIvIHSaSptMNoUlkrRgcLTwYixLsmHLvbQxaFohAZ9WbsD3ThQhk-R0I1TYADCvCl2Emijc6nzVZpR9zseC1MNkKBFCnrFZu6w2WLMssbU8yy1bjtK01D1BMNmZ-Gjvd-7S6T3kNU_kbOLEJ-kdFZ5tTbBqvKXiFDa5DJyZpo-PVwS7B2UtBpLiQwF6vm3UeV1EjZgEeGiecYADMA8ZleWdXtAPhnbakoTywcrtpzCeiKBKk1nLUoxfk3n7gejjSaHw9MmxuwszorHbqyoajrZeD_rpmeOxLKttZyS5Q1uaOuxC2wnGCwiOMdyYgPz21o3LqitUOQvKn1jfgVT4ZOEHVmXqRlAEq4TiIGM9IM_q774lwakA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRBCtray9ZJWPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0BTlMUhuBlZKl-3E-7xxCFSS3ePazj0-EdIxKbBm8DEMcJjoXroi8Wts3wSpE1XTNqlviiuDGx2SvmOfKCOuHOm17zhTptml28Ee_H5Voy4u4m1bKvUKkBtkZiAGysySEEzOi52z7tKzrpwIU349b1rJx2ZLREfgKtv8c_gnSnzmT76IbxuG_QrykK_fNVA_jrnxHRWbTB7wmOMeZmntIOT1w-3jyUJpYS8VNs85R0cYARVgiUkVA9B_Zg1ZgtgoWZy4ug94OTs6LxpBfOiEye4p66prgGH7WGa7xIthICvcFxEGxSD_cz-mhH0uQFPYVk2K_nY2p8l9vwHlL7CFwGk1402N3u38W22N0kEr39k-N2Bz6nb8fJI0hnLHRKoNjdTwmWirEgAM_Yt5rSUP5om8rPD2gje53BHzFctIgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3uvvs6CwprmmrFVVTiB1hl4mqEuA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 17 Jul 2024 22:41:53 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame BDEF
308 B
636 B
Image
General
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5UFKNxNAApLxfHDqOKPtAWOCWnI1A&u=%7CSjDzQLoKHiu%2FHvtcMH2GIp%2BUpmMJy17Qx3YskfURbe4%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv8woe_caJE_VUAicvkuo4T4WuabUPEUl3LeKzAq_pgTek-KblTtvdwbtUm5EnXa_EpKX7NBZFrgFRvbSDW4ZgPknzANXSqeQhVssTmp8HPODGB1YTUM_VRwYXAIRWcjPZOTJFCJALJpKAHkBLr0hJzP-B30IwWo5-uNkZIvIHSaSptMNoUlkrRgcLTwYixLsmHLvbQxaFohAZ9WbsD3ThQhk-R0I1TYADCvCl2Emijc6nzVZpR9zseC1MNkKBFCnrFZu6w2WLMssbU8yy1bjtK01D1BMNmZ-Gjvd-7S6T3kNU_kbOLEJ-kdFZ5tTbBqvKXiFDa5DJyZpo-PVwS7B2UtBpLiQwF6vm3UeV1EjZgEeGiecYADMA8ZleWdXtAPhnbakoTywcrtpzCeiKBKk1nLUoxfk3n7gejjSaHw9MmxuwszorHbqyoajrZeD_rpmeOxLKttZyS5Q1uaOuxC2wnGCwiOMdyYgPz21o3LqitUOQvKn1jfgVT4ZOEHVmXqRlAEq4TiIGM9IM_q774lwakA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRBCtray9ZJWPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0BTlMUhuBlZKl-3E-7xxCFSS3ePazj0-EdIxKbBm8DEMcJjoXroi8Wts3wSpE1XTNqlviiuDGx2SvmOfKCOuHOm17zhTptml28Ee_H5Voy4u4m1bKvUKkBtkZiAGysySEEzOi52z7tKzrpwIU349b1rJx2ZLREfgKtv8c_gnSnzmT76IbxuG_QrykK_fNVA_jrnxHRWbTB7wmOMeZmntIOT1w-3jyUJpYS8VNs85R0cYARVgiUkVA9B_Zg1ZgtgoWZy4ug94OTs6LxpBfOiEye4p66prgGH7WGa7xIthICvcFxEGxSD_cz-mhH0uQFPYVk2K_nY2p8l9vwHlL7CFwGk1402N3u38W22N0kEr39k-N2Bz6nb8fJI0hnLHRKoNjdTwmWirEgAM_Yt5rSUP5om8rPD2gje53BHzFctIgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3uvvs6CwprmmrFVVTiB1hl4mqEuA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:53 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Wed, 17 Jul 2024 22:41:53 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame BDEF
293 B
621 B
Image
General
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5UFKNxNAApLxfHDqOKPtAWOCWnI1A&u=%7CSjDzQLoKHiu%2FHvtcMH2GIp%2BUpmMJy17Qx3YskfURbe4%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv8woe_caJE_VUAicvkuo4T4WuabUPEUl3LeKzAq_pgTek-KblTtvdwbtUm5EnXa_EpKX7NBZFrgFRvbSDW4ZgPknzANXSqeQhVssTmp8HPODGB1YTUM_VRwYXAIRWcjPZOTJFCJALJpKAHkBLr0hJzP-B30IwWo5-uNkZIvIHSaSptMNoUlkrRgcLTwYixLsmHLvbQxaFohAZ9WbsD3ThQhk-R0I1TYADCvCl2Emijc6nzVZpR9zseC1MNkKBFCnrFZu6w2WLMssbU8yy1bjtK01D1BMNmZ-Gjvd-7S6T3kNU_kbOLEJ-kdFZ5tTbBqvKXiFDa5DJyZpo-PVwS7B2UtBpLiQwF6vm3UeV1EjZgEeGiecYADMA8ZleWdXtAPhnbakoTywcrtpzCeiKBKk1nLUoxfk3n7gejjSaHw9MmxuwszorHbqyoajrZeD_rpmeOxLKttZyS5Q1uaOuxC2wnGCwiOMdyYgPz21o3LqitUOQvKn1jfgVT4ZOEHVmXqRlAEq4TiIGM9IM_q774lwakA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRBCtray9ZJWPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0BTlMUhuBlZKl-3E-7xxCFSS3ePazj0-EdIxKbBm8DEMcJjoXroi8Wts3wSpE1XTNqlviiuDGx2SvmOfKCOuHOm17zhTptml28Ee_H5Voy4u4m1bKvUKkBtkZiAGysySEEzOi52z7tKzrpwIU349b1rJx2ZLREfgKtv8c_gnSnzmT76IbxuG_QrykK_fNVA_jrnxHRWbTB7wmOMeZmntIOT1w-3jyUJpYS8VNs85R0cYARVgiUkVA9B_Zg1ZgtgoWZy4ug94OTs6LxpBfOiEye4p66prgGH7WGa7xIthICvcFxEGxSD_cz-mhH0uQFPYVk2K_nY2p8l9vwHlL7CFwGk1402N3u38W22N0kEr39k-N2Bz6nb8fJI0hnLHRKoNjdTwmWirEgAM_Yt5rSUP5om8rPD2gje53BHzFctIgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3uvvs6CwprmmrFVVTiB1hl4mqEuA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:53 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Wed, 17 Jul 2024 22:41:53 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame BDEF
2 KB
1 KB
Script
General
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=13846930&cmp=29214310&plc=358196926&sid=1340728&dvregion=0&unit=200x600
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5UFKNxNAApLxfHDqOKPtAWOCWnI1A&u=%7CSjDzQLoKHiu%2FHvtcMH2GIp%2BUpmMJy17Qx3YskfURbe4%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv8woe_caJE_VUAicvkuo4T4WuabUPEUl3LeKzAq_pgTek-KblTtvdwbtUm5EnXa_EpKX7NBZFrgFRvbSDW4ZgPknzANXSqeQhVssTmp8HPODGB1YTUM_VRwYXAIRWcjPZOTJFCJALJpKAHkBLr0hJzP-B30IwWo5-uNkZIvIHSaSptMNoUlkrRgcLTwYixLsmHLvbQxaFohAZ9WbsD3ThQhk-R0I1TYADCvCl2Emijc6nzVZpR9zseC1MNkKBFCnrFZu6w2WLMssbU8yy1bjtK01D1BMNmZ-Gjvd-7S6T3kNU_kbOLEJ-kdFZ5tTbBqvKXiFDa5DJyZpo-PVwS7B2UtBpLiQwF6vm3UeV1EjZgEeGiecYADMA8ZleWdXtAPhnbakoTywcrtpzCeiKBKk1nLUoxfk3n7gejjSaHw9MmxuwszorHbqyoajrZeD_rpmeOxLKttZyS5Q1uaOuxC2wnGCwiOMdyYgPz21o3LqitUOQvKn1jfgVT4ZOEHVmXqRlAEq4TiIGM9IM_q774lwakA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRBCtray9ZJWPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0BTlMUhuBlZKl-3E-7xxCFSS3ePazj0-EdIxKbBm8DEMcJjoXroi8Wts3wSpE1XTNqlviiuDGx2SvmOfKCOuHOm17zhTptml28Ee_H5Voy4u4m1bKvUKkBtkZiAGysySEEzOi52z7tKzrpwIU349b1rJx2ZLREfgKtv8c_gnSnzmT76IbxuG_QrykK_fNVA_jrnxHRWbTB7wmOMeZmntIOT1w-3jyUJpYS8VNs85R0cYARVgiUkVA9B_Zg1ZgtgoWZy4ug94OTs6LxpBfOiEye4p66prgGH7WGa7xIthICvcFxEGxSD_cz-mhH0uQFPYVk2K_nY2p8l9vwHlL7CFwGk1402N3u38W22N0kEr39k-N2Bz6nb8fJI0hnLHRKoNjdTwmWirEgAM_Yt5rSUP5om8rPD2gje53BHzFctIgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3uvvs6CwprmmrFVVTiB1hl4mqEuA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000::1725:7bd1 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
db556c877765791cfa9dc4febd9a83ab0dfdd29245b4c0ca786911f4ada39bbf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date
Sun, 23 Jul 2023 22:41:53 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Jul 2023 08:57:29 GMT
Server
UploadServer
ETag
"0a227e506cc4cb4f9940be0b4f6d5c1e"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
max-age=86400,no-transform
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
925
Expires
Wed, 12 Jul 2023 08:57:55 GMT
dvtp_src.js
cdn.doubleverify.com/ Frame BDEF
8 KB
4 KB
Script
General
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=13846930&cmp=29214310&plc=358196926&sid=1340728&adsrv=169&btreg=banner_content&btadsrv=banner_content&tagtype=&dvtagver=6.1.src
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5UFKNxNAApLxfHDqOKPtAWOCWnI1A&u=%7CSjDzQLoKHiu%2FHvtcMH2GIp%2BUpmMJy17Qx3YskfURbe4%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv8woe_caJE_VUAicvkuo4T4WuabUPEUl3LeKzAq_pgTek-KblTtvdwbtUm5EnXa_EpKX7NBZFrgFRvbSDW4ZgPknzANXSqeQhVssTmp8HPODGB1YTUM_VRwYXAIRWcjPZOTJFCJALJpKAHkBLr0hJzP-B30IwWo5-uNkZIvIHSaSptMNoUlkrRgcLTwYixLsmHLvbQxaFohAZ9WbsD3ThQhk-R0I1TYADCvCl2Emijc6nzVZpR9zseC1MNkKBFCnrFZu6w2WLMssbU8yy1bjtK01D1BMNmZ-Gjvd-7S6T3kNU_kbOLEJ-kdFZ5tTbBqvKXiFDa5DJyZpo-PVwS7B2UtBpLiQwF6vm3UeV1EjZgEeGiecYADMA8ZleWdXtAPhnbakoTywcrtpzCeiKBKk1nLUoxfk3n7gejjSaHw9MmxuwszorHbqyoajrZeD_rpmeOxLKttZyS5Q1uaOuxC2wnGCwiOMdyYgPz21o3LqitUOQvKn1jfgVT4ZOEHVmXqRlAEq4TiIGM9IM_q774lwakA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRBCtray9ZJWPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0BTlMUhuBlZKl-3E-7xxCFSS3ePazj0-EdIxKbBm8DEMcJjoXroi8Wts3wSpE1XTNqlviiuDGx2SvmOfKCOuHOm17zhTptml28Ee_H5Voy4u4m1bKvUKkBtkZiAGysySEEzOi52z7tKzrpwIU349b1rJx2ZLREfgKtv8c_gnSnzmT76IbxuG_QrykK_fNVA_jrnxHRWbTB7wmOMeZmntIOT1w-3jyUJpYS8VNs85R0cYARVgiUkVA9B_Zg1ZgtgoWZy4ug94OTs6LxpBfOiEye4p66prgGH7WGa7xIthICvcFxEGxSD_cz-mhH0uQFPYVk2K_nY2p8l9vwHlL7CFwGk1402N3u38W22N0kEr39k-N2Bz6nb8fJI0hnLHRKoNjdTwmWirEgAM_Yt5rSUP5om8rPD2gje53BHzFctIgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3uvvs6CwprmmrFVVTiB1hl4mqEuA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000::1725:7bd1 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
005b888fe4472e6243d74f7a7ffc92dc1ad096e9c804f77b061a1ea1fc57403a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date
Sun, 23 Jul 2023 22:41:53 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 Jul 2023 10:45:50 GMT
Server
UploadServer
ETag
"408da7fec113d9180ca8c3f8cc59bbea"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
max-age=900,no-transform
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3389
Expires
Thu, 20 Jul 2023 11:01:12 GMT
lg.php
cat.va.us.criteo.com/delivery/ Frame BDEF
43 B
347 B
Image
General
Full URL
https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=Eouxx8al2szQIPBKfCmByVFNlJoF8lxG0MJncS3g0K37bgJJLx-AdhYVsWxZTw8Pkh_B-JpWqDdXl4VBSrrpMw8Dfg06d8fEO7dSISyB_QMm8Bedd08Cw5hMVU2Z8ySSpif_BQG2gv_a-Ln8zapk8R-P7tE_ZSIhRW5IBR_u3xB7kucYITFZBfAdOORdC5KfTc2ZtBQT-Z_2-QEg2FgoQEGjNHnu6i9B9MtvCLeXLvx-Wv_0qibbN8Ds4XSMJNeJdmmZgriASZbHihM_m480pFDnFbCsAchdAmzZs3wp_GDGtSijTe2SS-7RJLyiRebPydL6cQeXoopBx89oreM0CKzxzvZ_i3A15F-qhevmPv4HkJwOoCvQvLwCm-5DBgL5QDPne0fBX4rS-sm8kwMuMyWRU2XCvNxHE9C99nH-M6yezmZAXLjahkeYFK2RRgiA5F-4-w
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5UFKNxNAApLxfHDqOKPtAWOCWnI1A&u=%7CSjDzQLoKHiu%2FHvtcMH2GIp%2BUpmMJy17Qx3YskfURbe4%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv8woe_caJE_VUAicvkuo4T4WuabUPEUl3LeKzAq_pgTek-KblTtvdwbtUm5EnXa_EpKX7NBZFrgFRvbSDW4ZgPknzANXSqeQhVssTmp8HPODGB1YTUM_VRwYXAIRWcjPZOTJFCJALJpKAHkBLr0hJzP-B30IwWo5-uNkZIvIHSaSptMNoUlkrRgcLTwYixLsmHLvbQxaFohAZ9WbsD3ThQhk-R0I1TYADCvCl2Emijc6nzVZpR9zseC1MNkKBFCnrFZu6w2WLMssbU8yy1bjtK01D1BMNmZ-Gjvd-7S6T3kNU_kbOLEJ-kdFZ5tTbBqvKXiFDa5DJyZpo-PVwS7B2UtBpLiQwF6vm3UeV1EjZgEeGiecYADMA8ZleWdXtAPhnbakoTywcrtpzCeiKBKk1nLUoxfk3n7gejjSaHw9MmxuwszorHbqyoajrZeD_rpmeOxLKttZyS5Q1uaOuxC2wnGCwiOMdyYgPz21o3LqitUOQvKn1jfgVT4ZOEHVmXqRlAEq4TiIGM9IM_q774lwakA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRBCtray9ZJWPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0BTlMUhuBlZKl-3E-7xxCFSS3ePazj0-EdIxKbBm8DEMcJjoXroi8Wts3wSpE1XTNqlviiuDGx2SvmOfKCOuHOm17zhTptml28Ee_H5Voy4u4m1bKvUKkBtkZiAGysySEEzOi52z7tKzrpwIU349b1rJx2ZLREfgKtv8c_gnSnzmT76IbxuG_QrykK_fNVA_jrnxHRWbTB7wmOMeZmntIOT1w-3jyUJpYS8VNs85R0cYARVgiUkVA9B_Zg1ZgtgoWZy4ug94OTs6LxpBfOiEye4p66prgGH7WGa7xIthICvcFxEGxSD_cz-mhH0uQFPYVk2K_nY2p8l9vwHlL7CFwGk1402N3u38W22N0kEr39k-N2Bz6nb8fJI0hnLHRKoNjdTwmWirEgAM_Yt5rSUP5om8rPD2gje53BHzFctIgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3uvvs6CwprmmrFVVTiB1hl4mqEuA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Jul 2023 22:41:53 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2733674
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
d.agkn.com/pixel/8538/ Frame BDEF
43 B
562 B
Image
General
Full URL
https://d.agkn.com/pixel/8538/?che=64bdacb0b57359311642e59c2f8c83af&col=308271,0,0,0,11120203,64bdacb0b57359311642e59c2f8c83af
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5UFKNxNAApLxfHDqOKPtAWOCWnI1A&u=%7CSjDzQLoKHiu%2FHvtcMH2GIp%2BUpmMJy17Qx3YskfURbe4%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv8woe_caJE_VUAicvkuo4T4WuabUPEUl3LeKzAq_pgTek-KblTtvdwbtUm5EnXa_EpKX7NBZFrgFRvbSDW4ZgPknzANXSqeQhVssTmp8HPODGB1YTUM_VRwYXAIRWcjPZOTJFCJALJpKAHkBLr0hJzP-B30IwWo5-uNkZIvIHSaSptMNoUlkrRgcLTwYixLsmHLvbQxaFohAZ9WbsD3ThQhk-R0I1TYADCvCl2Emijc6nzVZpR9zseC1MNkKBFCnrFZu6w2WLMssbU8yy1bjtK01D1BMNmZ-Gjvd-7S6T3kNU_kbOLEJ-kdFZ5tTbBqvKXiFDa5DJyZpo-PVwS7B2UtBpLiQwF6vm3UeV1EjZgEeGiecYADMA8ZleWdXtAPhnbakoTywcrtpzCeiKBKk1nLUoxfk3n7gejjSaHw9MmxuwszorHbqyoajrZeD_rpmeOxLKttZyS5Q1uaOuxC2wnGCwiOMdyYgPz21o3LqitUOQvKn1jfgVT4ZOEHVmXqRlAEq4TiIGM9IM_q774lwakA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRBCtray9ZJWPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0BTlMUhuBlZKl-3E-7xxCFSS3ePazj0-EdIxKbBm8DEMcJjoXroi8Wts3wSpE1XTNqlviiuDGx2SvmOfKCOuHOm17zhTptml28Ee_H5Voy4u4m1bKvUKkBtkZiAGysySEEzOi52z7tKzrpwIU349b1rJx2ZLREfgKtv8c_gnSnzmT76IbxuG_QrykK_fNVA_jrnxHRWbTB7wmOMeZmntIOT1w-3jyUJpYS8VNs85R0cYARVgiUkVA9B_Zg1ZgtgoWZy4ug94OTs6LxpBfOiEye4p66prgGH7WGa7xIthICvcFxEGxSD_cz-mhH0uQFPYVk2K_nY2p8l9vwHlL7CFwGk1402N3u38W22N0kEr39k-N2Bz6nb8fJI0hnLHRKoNjdTwmWirEgAM_Yt5rSUP5om8rPD2gje53BHzFctIgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3uvvs6CwprmmrFVVTiB1hl4mqEuA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:1400:19:fc2c:a140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Jul 2023 22:41:53 GMT
via
1.1 3425db2c749d144a96b60e99c2493db0.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
image/gif
cache-control
no-cache, must-revalidate
content-length
43
x-amz-cf-id
HejCT-_XwtcABjMhDxggF6WpjzJ_wKSTq4b4qBsS1BgzmuTn4glmGA==
expires
Sat, 01 Jan 2000 00:00:00 GMT
B29214310.358196926;dc_pre=CN-v6qLzpYADFXoXiAkdorYMAg;dc_trk_aid=549043976;dc_trk_cid=186144873;dcopt=anid;ord=64bdacb0b57359311642e59c2f8c83af;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tf...
ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/ Frame BDEF
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B29214310.358196926;dc_trk_aid=549043976;dc_trk_cid=186144873;dcopt=anid;ord=64bdacb0b57359311642e59c2f8c83af;dc_lat=;dc_rdid=;tag_for_ch...
  • https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B29214310.358196926;dc_pre=CN-v6qLzpYADFXoXiAkdorYMAg;dc_trk_aid=549043976;dc_trk_cid=186144873;dcopt=anid;ord=64bdacb0b57359311642e59c2f...
42 B
235 B
Image
General
Full URL
https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B29214310.358196926;dc_pre=CN-v6qLzpYADFXoXiAkdorYMAg;dc_trk_aid=549043976;dc_trk_cid=186144873;dcopt=anid;ord=64bdacb0b57359311642e59c2f8c83af;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;;ltd=?
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5UFKNxNAApLxfHDqOKPtAWOCWnI1A&u=%7CSjDzQLoKHiu%2FHvtcMH2GIp%2BUpmMJy17Qx3YskfURbe4%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv8woe_caJE_VUAicvkuo4T4WuabUPEUl3LeKzAq_pgTek-KblTtvdwbtUm5EnXa_EpKX7NBZFrgFRvbSDW4ZgPknzANXSqeQhVssTmp8HPODGB1YTUM_VRwYXAIRWcjPZOTJFCJALJpKAHkBLr0hJzP-B30IwWo5-uNkZIvIHSaSptMNoUlkrRgcLTwYixLsmHLvbQxaFohAZ9WbsD3ThQhk-R0I1TYADCvCl2Emijc6nzVZpR9zseC1MNkKBFCnrFZu6w2WLMssbU8yy1bjtK01D1BMNmZ-Gjvd-7S6T3kNU_kbOLEJ-kdFZ5tTbBqvKXiFDa5DJyZpo-PVwS7B2UtBpLiQwF6vm3UeV1EjZgEeGiecYADMA8ZleWdXtAPhnbakoTywcrtpzCeiKBKk1nLUoxfk3n7gejjSaHw9MmxuwszorHbqyoajrZeD_rpmeOxLKttZyS5Q1uaOuxC2wnGCwiOMdyYgPz21o3LqitUOQvKn1jfgVT4ZOEHVmXqRlAEq4TiIGM9IM_q774lwakA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRBCtray9ZJWPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0BTlMUhuBlZKl-3E-7xxCFSS3ePazj0-EdIxKbBm8DEMcJjoXroi8Wts3wSpE1XTNqlviiuDGx2SvmOfKCOuHOm17zhTptml28Ee_H5Voy4u4m1bKvUKkBtkZiAGysySEEzOi52z7tKzrpwIU349b1rJx2ZLREfgKtv8c_gnSnzmT76IbxuG_QrykK_fNVA_jrnxHRWbTB7wmOMeZmntIOT1w-3jyUJpYS8VNs85R0cYARVgiUkVA9B_Zg1ZgtgoWZy4ug94OTs6LxpBfOiEye4p66prgGH7WGa7xIthICvcFxEGxSD_cz-mhH0uQFPYVk2K_nY2p8l9vwHlL7CFwGk1402N3u38W22N0kEr39k-N2Bz6nb8fJI0hnLHRKoNjdTwmWirEgAM_Yt5rSUP5om8rPD2gje53BHzFctIgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3uvvs6CwprmmrFVVTiB1hl4mqEuA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Server
142.251.40.134 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Jul 2023 22:41:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 23 Jul 2023 22:41:53 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B29214310.358196926;dc_pre=CN-v6qLzpYADFXoXiAkdorYMAg;dc_trk_aid=549043976;dc_trk_cid=186144873;dcopt=anid;ord=64bdacb0b57359311642e59c2f8c83af;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;;ltd=?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
tracker.samplicio.us/tracker/135ae744-093c-4f69-8b53-a36ce6361ac1/ Frame BDEF
35 B
390 B
Image
General
Full URL
https://tracker.samplicio.us/tracker/135ae744-093c-4f69-8b53-a36ce6361ac1/pixel.gif?c1=11120203&pid=141491&sid=8873202347851648892&crid=308271&device_id=&cachebuster=64bdacb0b57359311642e59c2f8c83af&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5UFKNxNAApLxfHDqOKPtAWOCWnI1A&u=%7CSjDzQLoKHiu%2FHvtcMH2GIp%2BUpmMJy17Qx3YskfURbe4%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv8woe_caJE_VUAicvkuo4T4WuabUPEUl3LeKzAq_pgTek-KblTtvdwbtUm5EnXa_EpKX7NBZFrgFRvbSDW4ZgPknzANXSqeQhVssTmp8HPODGB1YTUM_VRwYXAIRWcjPZOTJFCJALJpKAHkBLr0hJzP-B30IwWo5-uNkZIvIHSaSptMNoUlkrRgcLTwYixLsmHLvbQxaFohAZ9WbsD3ThQhk-R0I1TYADCvCl2Emijc6nzVZpR9zseC1MNkKBFCnrFZu6w2WLMssbU8yy1bjtK01D1BMNmZ-Gjvd-7S6T3kNU_kbOLEJ-kdFZ5tTbBqvKXiFDa5DJyZpo-PVwS7B2UtBpLiQwF6vm3UeV1EjZgEeGiecYADMA8ZleWdXtAPhnbakoTywcrtpzCeiKBKk1nLUoxfk3n7gejjSaHw9MmxuwszorHbqyoajrZeD_rpmeOxLKttZyS5Q1uaOuxC2wnGCwiOMdyYgPz21o3LqitUOQvKn1jfgVT4ZOEHVmXqRlAEq4TiIGM9IM_q774lwakA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRBCtray9ZJWPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0BTlMUhuBlZKl-3E-7xxCFSS3ePazj0-EdIxKbBm8DEMcJjoXroi8Wts3wSpE1XTNqlviiuDGx2SvmOfKCOuHOm17zhTptml28Ee_H5Voy4u4m1bKvUKkBtkZiAGysySEEzOi52z7tKzrpwIU349b1rJx2ZLREfgKtv8c_gnSnzmT76IbxuG_QrykK_fNVA_jrnxHRWbTB7wmOMeZmntIOT1w-3jyUJpYS8VNs85R0cYARVgiUkVA9B_Zg1ZgtgoWZy4ug94OTs6LxpBfOiEye4p66prgGH7WGa7xIthICvcFxEGxSD_cz-mhH0uQFPYVk2K_nY2p8l9vwHlL7CFwGk1402N3u38W22N0kEr39k-N2Bz6nb8fJI0hnLHRKoNjdTwmWirEgAM_Yt5rSUP5om8rPD2gje53BHzFctIgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3uvvs6CwprmmrFVVTiB1hl4mqEuA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.152.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-152-182.compute-1.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date
Sun, 23 Jul 2023 22:41:53 GMT
Strict-Transport-Security
max-age=604800
Server
nginx/1.20.0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
pixel
cm.g.doubleclick.net/ Frame D8C0
Redirect Chain
  • https://px.owneriq.net/ecmg?google_gid=CAESENnBL5YoBEPnHVbWLVB99Fs&google_cver=1&google_push=AaAOQGFwy9j7xrH5McFuNKcffadGMgQYLGh39ddOgBkCHlTHGRdabb4kzNPfJkmpn3M5AYLB5JauZlrLfk0k95QWnJ_fPx8Fk4NBnuc
  • https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AaAOQGFwy9j7xrH5McFuNKcffadGMgQYLGh39ddOgBkCHlTHGRdabb4kzNPfJkmpn3M5AYLB5JauZlrLfk0k95QWnJ_fPx8Fk4NBnuc&google_cver=1&go...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AaAOQGFwy9j7xrH5McFuNKcffadGMgQYLGh39ddOgBkCHlTHGRdabb4kzNPfJkmpn3M5AYLB5JauZlrLfk0k95QWnJ_fPx8Fk4NBnuc&google_cver=1&google_gid=CAESENnBL5YoBEPnHVbWLVB99Fs&google_hm=UTc0MzQzODUxMzEyMjU5NDU3NjVQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Jul 2023 22:41:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 23 Jul 2023 22:41:53 GMT
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AaAOQGFwy9j7xrH5McFuNKcffadGMgQYLGh39ddOgBkCHlTHGRdabb4kzNPfJkmpn3M5AYLB5JauZlrLfk0k95QWnJ_fPx8Fk4NBnuc&google_cver=1&google_gid=CAESENnBL5YoBEPnHVbWLVB99Fs&google_hm=UTc0MzQzODUxMzEyMjU5NDU3NjVQ
Content-Type
text/html
Cache-Control
max-age=29616
Connection
keep-alive
Content-Length
154
pixel
cm.g.doubleclick.net/ Frame D8C0
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEEL-ilPYYEPll6MiHuJXurE&google_cver=1&google_push=AaAOQGFKa82a2ngg8Pf1Z2Iow-nPglWv0gJjWTSxzt5wjN-Sy86iB2qoB6Cj0iaWnjsGABY2nlFrQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AaAOQGFKa82a2ngg8Pf1Z2Iow-nPglWv0gJjWTSxzt5wjN-Sy86iB2qoB6Cj0iaWnjsGABY2nlFrQ67-zB8OQdDMSAN8aCCrPsjkTY4
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AaAOQGFKa82a2ngg8Pf1Z2Iow-nPglWv0gJjWTSxzt5wjN-Sy86iB2qoB6Cj0iaWnjsGABY2nlFrQ67-zB8OQdDMSAN8aCCrPsjkTY4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Jul 2023 22:41:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 23 Jul 2023 22:41:53 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 306B8BBC28CC4CCDBC8961DF9AA1832F Ref B: EWR311000102037 Ref C: 2023-07-23T22:41:53Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AaAOQGFKa82a2ngg8Pf1Z2Iow-nPglWv0gJjWTSxzt5wjN-Sy86iB2qoB6Cj0iaWnjsGABY2nlFrQ67-zB8OQdDMSAN8aCCrPsjkTY4
x-li-proto
http/2
content-length
0
x-li-uuid
AAYBLzRY1V5kUzgB90uTjA==
pixel
cm.g.doubleclick.net/ Frame D8C0
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEOMEbAOUjO0a8farYEG7vLo&google_cver=...
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=Zjc4N2IzODEtYTBkNy00YmExLWE3NDItNTczYzU0YTA1ZmI2&google_gid=CAESEOMEbAOUjO0a8farYEG7vLo&google_cver=1&google_push=AaAOQGHv...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=Zjc4N2IzODEtYTBkNy00YmExLWE3NDItNTczYzU0YTA1ZmI2&google_gid=CAESEOMEbAOUjO0a8farYEG7vLo&google_cver=1&google_push=AaAOQGHv_4CYUOioe83mu-RwvRIrcDskjBZ5jWkjFR0v80wOK3jEAouJluKxb67OHAB4taK16PVT1KOF40szrOPf9E7l2Tao5VcxxVQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Jul 2023 22:41:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=Zjc4N2IzODEtYTBkNy00YmExLWE3NDItNTczYzU0YTA1ZmI2&google_gid=CAESEOMEbAOUjO0a8farYEG7vLo&google_cver=1&google_push=AaAOQGHv_4CYUOioe83mu-RwvRIrcDskjBZ5jWkjFR0v80wOK3jEAouJluKxb67OHAB4taK16PVT1KOF40szrOPf9E7l2Tao5VcxxVQ
date
Sun, 23 Jul 2023 22:41:53 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
asr
aid.send.microad.jp/g/ Frame D8C0
43 B
641 B
Image
General
Full URL
https://aid.send.microad.jp/g/asr?google_gid=CAESEFYOTeDGq9yXZvZnfRbA-Ls&google_cver=1&google_push=AaAOQGE35QDJ6gubNNxI1o1owcZjI5KahAF1Rls7Ej-3azD9XHkjMMWrh8MxdnNRhwG6MY1GWTgirS6IbJ6gKSz6e3mWpquDRqz4sA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
202.233.84.1 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date
Sun, 23 Jul 2023 22:41:53 GMT
Strict-Transport-Security
max-age=3600
Server
Apache
P3P
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Connection
close
Access-Control-Allow-Headers
origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length
43
pixel
cm.g.doubleclick.net/ Frame D8C0
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHm9KJVjBFwwd1cDqMilngI&google_cver=1&google_push=AaAOQGEegt4wRflgR4RcEcCJ4DdXiKR-f-lo4fVBByK5pTHzqfr5vbg5mWy5EUIZDVhzpEV6ai4VaGDC...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHm9KJVjBFwwd1cDqMilngI&google_cver=1&google_push=AaAOQGEegt4wRflgR4RcEcCJ4DdXiKR-f-lo4fVBByK5pTHzqfr5vbg5mWy5EUIZDVhzpEV6ai4...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njg0NzcwNTQ2NzU3OTQ1NTA0Mw&google_push=AaAOQGEegt4wRflgR4RcEcCJ4DdXiKR-f-lo4fVBByK5pTHzqfr5vbg5mWy5EUIZDVhzpEV6ai4VaG...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njg0NzcwNTQ2NzU3OTQ1NTA0Mw&google_push=AaAOQGEegt4wRflgR4RcEcCJ4DdXiKR-f-lo4fVBByK5pTHzqfr5vbg5mWy5EUIZDVhzpEV6ai4VaGDCQbdcDJkH_cTapvK6d8gy_J4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Jul 2023 22:41:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 23 Jul 2023 22:41:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njg0NzcwNTQ2NzU3OTQ1NTA0Mw&google_push=AaAOQGEegt4wRflgR4RcEcCJ4DdXiKR-f-lo4fVBByK5pTHzqfr5vbg5mWy5EUIZDVhzpEV6ai4VaGDCQbdcDJkH_cTapvK6d8gy_J4
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame D8C0
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESEMmCFcFgWtVzsT-xscRuHq0&google_cver=1&google_push=AaAOQGGEuPjsG2vXCRp7b5855e4Lr355RIpAY87uXl1sfuDd4V_T75kwlXm1VD_7mrL_Z0YlKjIPJpoKnYFb1yj...
  • https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=h3r3HcumL0-cy2u62u4oGQ&google_push=AaAOQGGEuPjsG2vXCRp7b5855e4Lr355RIpAY87uXl1sfuDd4V_T75kwlXm1VD_7mrL_Z0YlKjIPJpoKnYFb1yjUz48HT0JoH...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=h3r3HcumL0-cy2u62u4oGQ&google_push=AaAOQGGEuPjsG2vXCRp7b5855e4Lr355RIpAY87uXl1sfuDd4V_T75kwlXm1VD_7mrL_Z0YlKjIPJpoKnYFb1yjUz48HT0JoHyr1K7wf
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Jul 2023 22:41:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=h3r3HcumL0-cy2u62u4oGQ&google_push=AaAOQGGEuPjsG2vXCRp7b5855e4Lr355RIpAY87uXl1sfuDd4V_T75kwlXm1VD_7mrL_Z0YlKjIPJpoKnYFb1yjUz48HT0JoHyr1K7wf
Date
Sun, 23 Jul 2023 22:41:53 GMT
Server
Kestrel
Connection
keep-alive
Content-Length
0
spacer.gif
an.yandex.ru/resource/ Frame D8C0
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEAZ4L9UawxFOju4NZcxYa84?ext-param=AaAOQGEe-utf3PiT-_dtWYjR-UwDKpLKWdatlB2CNICfNwM7FXqj6npXEoMbTeNZm3_dzO1STnLjKEIN_2_uw-7mU2hXOlUXWe8Zj_aq&partner-tag=yandex_...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEAZ4L9UawxFOju4NZcxYa84&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
144 B
Image
General
Full URL
https://an.yandex.ru/resource/spacer.gif
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
content-type
image/gif
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 07 Jul 2024 22:41:53 GMT

Redirect headers

pragma
no-cache
date
Sun, 23 Jul 2023 22:41:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://an.yandex.ru/resource/spacer.gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame D8C0
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LSJNAW1iiRd_JPfrqiEhqtAZfDu9Io8OwzGR7ygc-_darBWiW4m7-j5RRnauMFehYtSh77PhM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:53 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
e2c08cd2728154352bf5.js
yastatic.net/partner-code-bundles/811264/
9 KB
4 KB
Script
General
Full URL
https://yastatic.net/partner-code-bundles/811264/e2c08cd2728154352bf5.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
0d460489737c3312aa807a8d4b33a94be0cb741636f03c4f412ee51cdbb36710
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Origin
https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:53 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
3556
last-modified
Fri, 21 Jul 2023 12:54:35 GMT
server
nginx/1.17.9
etag
"2dc0dfc284af1b6b8160d07387c705aa"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Wed, 23 Jul 2053 05:13:48 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 81BD
0
19 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C-UzQray9ZJOPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvQJP0FAxIDHQjn_OBE-waXHWgdm9cDx1gpdhaORFdoeTQvT7VAqzHi2bUZyRKhcZ2Q3hgiPyobMaLo-4rnHj4fqkOkfr78_GeVtYaqdrbdtI2FbgkAqz6iIrxQQzX8Uc_pHuOKZ0apei0yhNrh7uy0CumKKXeio7ZBeijXTn3RxjqHtQiIUC1Wmjlej6l3u_tL0UWLLuuivIA6Z_9TBVmnnS753vbelclmM3zsd-gAqCvhkEfc2A0Nd3TIb0IwK0KwpmQkcWFtglRKzyubSXl80UyB6iYHNhvNfZniCuaOrxW1BXpakphD8Dp59z1kSELQNCVjz4QzUr5dqY4fkTKxIVpyd9jdSEX5UDokOD1K0DjrDUkCDqD209eJX_9W5HoVPzVdF2Qk0NXRpYGJwA3RQeMPeBX7r0Xa8j_4lut4AGycf9-t347pIXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0xNjE4NTkyMjA1MDgzNzgwGAA&sigh=JOyb6traGYE&uach_m=[UACH]&cid=CAQSKQBpAlJWMthJeT9JtQ5pU0QMu1TEkrru-a8Z3Moq8nTyiAFPHOo9zzU1GAE&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 23 Jul 2023 22:41:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
notify
rtb.va.us.criteo.com/google/auction/ Frame 81BD
0
125 B
Image
General
Full URL
https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=kOSJF836RO0HfOIinRcCAAAA7heiWihsFucQray9ZFMleoOoPjB1bb4AABIAAAoKQVFVQkNnRUJDZw&wp=ZL2srQAMh5MFKNxNAApLxecTK0pZheyfuCsMLA&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:53 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
238109
server
Kestrel
content-length
0
dvbs_src_internal119.js
cdn.doubleverify.com/ Frame 593D
57 KB
19 KB
Script
General
Full URL
https://cdn.doubleverify.com/dvbs_src_internal119.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=13846930&cmp=29214310&plc=358196926&sid=1340728&dvregion=0&unit=200x600
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000::1725:7bd1 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
97570defe15fe0a83b49642f0ecf2dcc9c7400d21272372d3b140beb372bd08e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date
Sun, 23 Jul 2023 22:41:53 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Jul 2023 08:57:31 GMT
Server
UploadServer
ETag
"4455786dc20506b8e54048c7119b5c5f"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
max-age=946080000,no-transform
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18798
Expires
Thu, 11 Jul 2024 06:00:11 GMT
dvbs_src_internal119.js
cdn.doubleverify.com/ Frame BDEF
57 KB
19 KB
Script
General
Full URL
https://cdn.doubleverify.com/dvbs_src_internal119.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=13846930&cmp=29214310&plc=358196926&sid=1340728&dvregion=0&unit=200x600
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000::1725:7bd1 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
97570defe15fe0a83b49642f0ecf2dcc9c7400d21272372d3b140beb372bd08e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date
Sun, 23 Jul 2023 22:41:53 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Jul 2023 08:57:31 GMT
Server
UploadServer
ETag
"4455786dc20506b8e54048c7119b5c5f"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
max-age=946080000,no-transform
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18798
Expires
Thu, 11 Jul 2024 06:00:11 GMT
verify.js
rtb0.doubleverify.com/ Frame 593D
8 KB
4 KB
Script
General
Full URL
https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_293066219937&jsTagObjCallback=__tagObject_callback_293066219937&num=6&ctx=13846930&cmp=29214310&plc=358196926&sid=1340728&advid=&adsrv=&unit=200x600&isdvvid=&uid=293066219937&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.30&dvpx_strhd=0.30&brid=3&brver=115&bridua=3&dup=null&srcurlD=1&ssl=1&refD=2&tagpb=1&htmlmsging=1&tstype=128&aUrlD=1&m1=13&noc=4&fcifrms=7&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=166&eparams=DC4FC%3Dl9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DA2J%5DD36C%5DA2J%5DB35%3CK%3D8%3FC%3A5fAh9%5D%3D%3BF5%3A%5C%3A%5C%3F6%3D%3BF5%3A%5C%60%5D3%40%40%3C%3EAb%5DCFTar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau25D%5DFD%5D4C%3AE6%40%5D4%40%3EU2%26C%3Dl9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETau&dvp_exetime=7.90&callbackName=__verify_callback_293066219937
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal119.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e69153479efcb5c4e0e558ea23d131762e0782384204a98f6c2dcb2bd085606b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 23 Jul 2023 22:41:53 GMT
Content-Encoding
br
X-DV-Response
1
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
07/22/2023 22:41:53
verify.js
rtb0.doubleverify.com/ Frame BDEF
8 KB
4 KB
Script
General
Full URL
https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_649613569838&jsTagObjCallback=__tagObject_callback_649613569838&num=6&ctx=13846930&cmp=29214310&plc=358196926&sid=1340728&advid=&adsrv=&unit=200x600&isdvvid=&uid=649613569838&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.20&dvpx_strhd=0.20&brid=3&brver=115&bridua=3&dup=null&srcurlD=1&ssl=1&refD=2&tagpb=1&htmlmsging=1&tstype=128&aUrlD=1&m1=13&noc=4&fcifrms=7&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=166&eparams=DC4FC%3Dl9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DA2J%5DD36C%5DA2J%5DB35%3CK%3D8%3FC%3A5fAh9%5D%3D%3BF5%3A%5C%3A%5C%3F6%3D%3BF5%3A%5C%60%5D3%40%40%3C%3EAb%5DCFTar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau25D%5DFD%5D4C%3AE6%40%5D4%40%3EU2%26C%3Dl9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETau&dvp_exetime=3.60&callbackName=__verify_callback_649613569838
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal119.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
10bafb96087874e079e842e18c8e6d53a31e08254386f6c9f69cc2b9946e075f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 23 Jul 2023 22:41:53 GMT
Content-Encoding
br
X-DV-Response
1
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
07/22/2023 22:41:53
bsevent.gif
rtbc-ue1.doubleverify.com/ Frame BDEF
0
234 B
Ping
General
Full URL
https://rtbc-ue1.doubleverify.com/bsevent.gif?flvr=0&impid=da0488bd3a5544f7949a05999869c5c8&vfdur=209&cbust=1690152113988839
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal119.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Sun, 23 Jul 2023 22:41:54 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
07/22/2023 22:41:54
bsevent.gif
rtbc-ue1.doubleverify.com/ Frame BDEF
0
234 B
Ping
General
Full URL
https://rtbc-ue1.doubleverify.com/bsevent.gif?flvr=0&impid=da0488bd3a5544f7949a05999869c5c8&dvp_ac_version=0810&dvp_acibv=&bsigr=19860153565696&cbust=1690152113997844
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal119.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Sun, 23 Jul 2023 22:41:54 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
07/22/2023 22:41:54
bsevent.gif
rtbc-ue1.doubleverify.com/ Frame 593D
0
234 B
Ping
General
Full URL
https://rtbc-ue1.doubleverify.com/bsevent.gif?flvr=0&impid=bb36a87f70b94d7baba3b0619bf803fe&vfdur=213&cbust=1690152114000796
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal119.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Sun, 23 Jul 2023 22:41:54 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
07/22/2023 22:41:54
bsevent.gif
rtbc-ue1.doubleverify.com/ Frame 593D
0
234 B
Ping
General
Full URL
https://rtbc-ue1.doubleverify.com/bsevent.gif?flvr=0&impid=bb36a87f70b94d7baba3b0619bf803fe&dvp_ac_version=0810&dvp_acibv=&bsigr=19860153565696&cbust=1690152114005538
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal119.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Sun, 23 Jul 2023 22:41:54 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
07/22/2023 22:41:54
dv-measurements4309.js
cdn.doubleverify.com/ Frame FD3E
408 KB
96 KB
Script
General
Full URL
https://cdn.doubleverify.com/dv-measurements4309.js
Requested by
Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000::1725:7bd1 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
25d1cde624df137918b7861bc972b4358f954b5b4eb8674e6b2f946cc8e05085

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date
Sun, 23 Jul 2023 22:41:54 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 Jul 2023 07:20:43 GMT
Server
UploadServer
ETag
"b189cf48f6797685f85ca25711b373f6"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
max-age=946080900,no-transform
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
97578
Expires
Fri, 19 Jul 2024 07:21:52 GMT
dv-measurements4309.js
cdn.doubleverify.com/ Frame DE2D
408 KB
96 KB
Script
General
Full URL
https://cdn.doubleverify.com/dv-measurements4309.js
Requested by
Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000::1725:7bd1 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
25d1cde624df137918b7861bc972b4358f954b5b4eb8674e6b2f946cc8e05085

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date
Sun, 23 Jul 2023 22:41:54 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 Jul 2023 07:20:43 GMT
Server
UploadServer
ETag
"b189cf48f6797685f85ca25711b373f6"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
max-age=946080900,no-transform
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
97578
Expires
Fri, 19 Jul 2024 07:21:52 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame BDEF
12 KB
5 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5UFKNxNAApLxfHDqOKPtAWOCWnI1A&u=%7CSjDzQLoKHiu%2FHvtcMH2GIp%2BUpmMJy17Qx3YskfURbe4%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv8woe_caJE_VUAicvkuo4T4WuabUPEUl3LeKzAq_pgTek-KblTtvdwbtUm5EnXa_EpKX7NBZFrgFRvbSDW4ZgPknzANXSqeQhVssTmp8HPODGB1YTUM_VRwYXAIRWcjPZOTJFCJALJpKAHkBLr0hJzP-B30IwWo5-uNkZIvIHSaSptMNoUlkrRgcLTwYixLsmHLvbQxaFohAZ9WbsD3ThQhk-R0I1TYADCvCl2Emijc6nzVZpR9zseC1MNkKBFCnrFZu6w2WLMssbU8yy1bjtK01D1BMNmZ-Gjvd-7S6T3kNU_kbOLEJ-kdFZ5tTbBqvKXiFDa5DJyZpo-PVwS7B2UtBpLiQwF6vm3UeV1EjZgEeGiecYADMA8ZleWdXtAPhnbakoTywcrtpzCeiKBKk1nLUoxfk3n7gejjSaHw9MmxuwszorHbqyoajrZeD_rpmeOxLKttZyS5Q1uaOuxC2wnGCwiOMdyYgPz21o3LqitUOQvKn1jfgVT4ZOEHVmXqRlAEq4TiIGM9IM_q774lwakA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRBCtray9ZJWPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0BTlMUhuBlZKl-3E-7xxCFSS3ePazj0-EdIxKbBm8DEMcJjoXroi8Wts3wSpE1XTNqlviiuDGx2SvmOfKCOuHOm17zhTptml28Ee_H5Voy4u4m1bKvUKkBtkZiAGysySEEzOi52z7tKzrpwIU349b1rJx2ZLREfgKtv8c_gnSnzmT76IbxuG_QrykK_fNVA_jrnxHRWbTB7wmOMeZmntIOT1w-3jyUJpYS8VNs85R0cYARVgiUkVA9B_Zg1ZgtgoWZy4ug94OTs6LxpBfOiEye4p66prgGH7WGa7xIthICvcFxEGxSD_cz-mhH0uQFPYVk2K_nY2p8l9vwHlL7CFwGk1402N3u38W22N0kEr39k-N2Bz6nb8fJI0hnLHRKoNjdTwmWirEgAM_Yt5rSUP5om8rPD2gje53BHzFctIgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3uvvs6CwprmmrFVVTiB1hl4mqEuA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1404656
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CzCwYcM%2B8GbfUNfv0E9%2Fp0KovNB6cjsIoAisWDsJ5XLPzn%2F%2BpJVWbPS1w6RSJkZ%2B0Wb5542gq5lRHfgOS7lWs6INPC0vuXNpk%2BoVeS3HfNzKIvWOF38tJSCgRtQDlpEx0xm0iwRm9UMviRn8N0TolveJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7eb76ef9beb04bbd-BUF
expires
Fri, 12 Jul 2024 22:41:54 GMT
animejs.js
static.criteo.net/animejs/ Frame BDEF
12 KB
6 KB
Script
General
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5UFKNxNAApLxfHDqOKPtAWOCWnI1A&u=%7CSjDzQLoKHiu%2FHvtcMH2GIp%2BUpmMJy17Qx3YskfURbe4%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv8woe_caJE_VUAicvkuo4T4WuabUPEUl3LeKzAq_pgTek-KblTtvdwbtUm5EnXa_EpKX7NBZFrgFRvbSDW4ZgPknzANXSqeQhVssTmp8HPODGB1YTUM_VRwYXAIRWcjPZOTJFCJALJpKAHkBLr0hJzP-B30IwWo5-uNkZIvIHSaSptMNoUlkrRgcLTwYixLsmHLvbQxaFohAZ9WbsD3ThQhk-R0I1TYADCvCl2Emijc6nzVZpR9zseC1MNkKBFCnrFZu6w2WLMssbU8yy1bjtK01D1BMNmZ-Gjvd-7S6T3kNU_kbOLEJ-kdFZ5tTbBqvKXiFDa5DJyZpo-PVwS7B2UtBpLiQwF6vm3UeV1EjZgEeGiecYADMA8ZleWdXtAPhnbakoTywcrtpzCeiKBKk1nLUoxfk3n7gejjSaHw9MmxuwszorHbqyoajrZeD_rpmeOxLKttZyS5Q1uaOuxC2wnGCwiOMdyYgPz21o3LqitUOQvKn1jfgVT4ZOEHVmXqRlAEq4TiIGM9IM_q774lwakA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRBCtray9ZJWPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0BTlMUhuBlZKl-3E-7xxCFSS3ePazj0-EdIxKbBm8DEMcJjoXroi8Wts3wSpE1XTNqlviiuDGx2SvmOfKCOuHOm17zhTptml28Ee_H5Voy4u4m1bKvUKkBtkZiAGysySEEzOi52z7tKzrpwIU349b1rJx2ZLREfgKtv8c_gnSnzmT76IbxuG_QrykK_fNVA_jrnxHRWbTB7wmOMeZmntIOT1w-3jyUJpYS8VNs85R0cYARVgiUkVA9B_Zg1ZgtgoWZy4ug94OTs6LxpBfOiEye4p66prgGH7WGa7xIthICvcFxEGxSD_cz-mhH0uQFPYVk2K_nY2p8l9vwHlL7CFwGk1402N3u38W22N0kEr39k-N2Bz6nb8fJI0hnLHRKoNjdTwmWirEgAM_Yt5rSUP5om8rPD2gje53BHzFctIgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3uvvs6CwprmmrFVVTiB1hl4mqEuA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 17 Jul 2024 22:41:54 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 593D
12 KB
5 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5QFKNxNAApLxcfAYaMUBXzK6NraFA&u=%7CSjDzQLoKHiuKzFT8OZYMKpD6EKoZ1VzCRIJX3j2d7Wc%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv2s2u2dplnKJtVkuzLzx_KV4fN7d1ufgtaTz-Ku7eGDRd5R4EKT3I_GMMLHiGjs_TodfHlURqc7LuTzRQ3slKmZ8DQsjiL3h8nvC3T8_zTZRKLvKkEdkqcXGwMnqvz2sVffV3WjPpV1OBSwIZsXQH_mMosLJ_qqzNf7Y2Nu5kXXCAvvVSBIlPk29qGnS03mwSFnVv5ZvqXWsJdm3P618DjbVnDITmANU-LplsDG30tWNuJtdi5wqmAKJIGSWluPZQ7MQQf-pKq4ymOx5DU1AtOlNXDmvT4i0gU2TZMCuMqRZE5LNMyWdyy0VCnvrcyMG_Msvv1rQu00Ei66O_JGo0N89btVJEU3zQSQ-QnD1rXVND9y6CDelEXPBU8Kgs2xgddtTqq_lmYouufidv_dF0CPFbwOVChR-g2OuNsWgFIuVGoz5qkEx2CwfYQXxwNolP-DadjGuIbRFtFIApZbcrhsU-ncXpTHeu6WPz4YuB5gt5E04owbleLtAF66UB4jJeT0VhlEFT_Xf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHBghray9ZJSPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0AiGg0LW9IZGpNTTCpmHAISEqvNmnc8TM3xu6WmZHgq1Qqquh2H71cg6mgmwOlYpzeOhssMf61DChKa3xtFTsrAbuZmdYtVi9k_PYYfoWCL0fSdogIjSGWcApsse1SkuyeF5erG5RsfHukps-Hs1tQH_QHNt8WvAzSd_-fBZ7nePAhoAx6Le1dGG2Bt4lPlQdnziGsNK8r69l3CVkWmMpXrKRw8BetKjCNxJp6BWrkYgk_aNdXeWaECyHRhz9E5wR71DMAhiMZn7m457UtQBrIsPtELAd34ioQQw57aF_pfN4ByU6rXhk0wUoNP3uRIGkWYD-h29WqzP5kR5o_JsUHQSi7Ne7geHvyXiNTJBQxSY_VMttLjBIgICrT4OlISyCwNYnvbMZUzVQ5m1ThvcC5G8eF48UIrepPu1lz4mgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3K-I8gnC4nlhQ0RUUUFC8dxv_unw%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1404656
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LU1VgP5v8dRfjPHscKD%2Fd%2FMx%2BPlJ8zpkM6uv3qQpTasIQTIuGjET7F1sA0mq%2Fg0q8ya0Jv1Rcy%2FzFMYoz%2BVqN8pqRnc9lrzNf7sV1oZGI524eIOBteFh971MHSi1h9Abzso2CuHJQqriINPZ%2FRDLB83K"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7eb76ef9beb14bbd-BUF
expires
Fri, 12 Jul 2024 22:41:54 GMT
animejs.js
static.criteo.net/animejs/ Frame 593D
12 KB
6 KB
Script
General
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5QFKNxNAApLxcfAYaMUBXzK6NraFA&u=%7CSjDzQLoKHiuKzFT8OZYMKpD6EKoZ1VzCRIJX3j2d7Wc%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv2s2u2dplnKJtVkuzLzx_KV4fN7d1ufgtaTz-Ku7eGDRd5R4EKT3I_GMMLHiGjs_TodfHlURqc7LuTzRQ3slKmZ8DQsjiL3h8nvC3T8_zTZRKLvKkEdkqcXGwMnqvz2sVffV3WjPpV1OBSwIZsXQH_mMosLJ_qqzNf7Y2Nu5kXXCAvvVSBIlPk29qGnS03mwSFnVv5ZvqXWsJdm3P618DjbVnDITmANU-LplsDG30tWNuJtdi5wqmAKJIGSWluPZQ7MQQf-pKq4ymOx5DU1AtOlNXDmvT4i0gU2TZMCuMqRZE5LNMyWdyy0VCnvrcyMG_Msvv1rQu00Ei66O_JGo0N89btVJEU3zQSQ-QnD1rXVND9y6CDelEXPBU8Kgs2xgddtTqq_lmYouufidv_dF0CPFbwOVChR-g2OuNsWgFIuVGoz5qkEx2CwfYQXxwNolP-DadjGuIbRFtFIApZbcrhsU-ncXpTHeu6WPz4YuB5gt5E04owbleLtAF66UB4jJeT0VhlEFT_Xf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHBghray9ZJSPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0AiGg0LW9IZGpNTTCpmHAISEqvNmnc8TM3xu6WmZHgq1Qqquh2H71cg6mgmwOlYpzeOhssMf61DChKa3xtFTsrAbuZmdYtVi9k_PYYfoWCL0fSdogIjSGWcApsse1SkuyeF5erG5RsfHukps-Hs1tQH_QHNt8WvAzSd_-fBZ7nePAhoAx6Le1dGG2Bt4lPlQdnziGsNK8r69l3CVkWmMpXrKRw8BetKjCNxJp6BWrkYgk_aNdXeWaECyHRhz9E5wR71DMAhiMZn7m457UtQBrIsPtELAd34ioQQw57aF_pfN4ByU6rXhk0wUoNP3uRIGkWYD-h29WqzP5kR5o_JsUHQSi7Ne7geHvyXiNTJBQxSY_VMttLjBIgICrT4OlISyCwNYnvbMZUzVQ5m1ThvcC5G8eF48UIrepPu1lz4mgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3K-I8gnC4nlhQ0RUUUFC8dxv_unw%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 17 Jul 2024 22:41:54 GMT
all
csm.us.criteo.net/ Frame BDEF
0
127 B
Ping
General
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=AGQ5Ik5XRp0-3kmAmD1hOfkZarC76cmtbcIu6bIuJR8BRGoBjKBsUph6a5IVcyZesgQrtm-XVwrbTq_EVEa8n8F0dYQu4I4lTZe70M0Nsu6bwBjVh3JI6w2RePkJ9cpMjHSXaNQwslP9wD7n941OpW1jERnuFY30gOFBsUQ1L2P5IM0qSCyLBWTfYdLTPmT_2wjSMrv6DRRmsRABvCWW44do7FEGLTZ5yyoxBTUOtR5efycvkr86jXTxMcZ5c9N1o9MgAw&sds=2&rev=87574&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5UFKNxNAApLxfHDqOKPtAWOCWnI1A&u=%7CSjDzQLoKHiu%2FHvtcMH2GIp%2BUpmMJy17Qx3YskfURbe4%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv8woe_caJE_VUAicvkuo4T4WuabUPEUl3LeKzAq_pgTek-KblTtvdwbtUm5EnXa_EpKX7NBZFrgFRvbSDW4ZgPknzANXSqeQhVssTmp8HPODGB1YTUM_VRwYXAIRWcjPZOTJFCJALJpKAHkBLr0hJzP-B30IwWo5-uNkZIvIHSaSptMNoUlkrRgcLTwYixLsmHLvbQxaFohAZ9WbsD3ThQhk-R0I1TYADCvCl2Emijc6nzVZpR9zseC1MNkKBFCnrFZu6w2WLMssbU8yy1bjtK01D1BMNmZ-Gjvd-7S6T3kNU_kbOLEJ-kdFZ5tTbBqvKXiFDa5DJyZpo-PVwS7B2UtBpLiQwF6vm3UeV1EjZgEeGiecYADMA8ZleWdXtAPhnbakoTywcrtpzCeiKBKk1nLUoxfk3n7gejjSaHw9MmxuwszorHbqyoajrZeD_rpmeOxLKttZyS5Q1uaOuxC2wnGCwiOMdyYgPz21o3LqitUOQvKn1jfgVT4ZOEHVmXqRlAEq4TiIGM9IM_q774lwakA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRBCtray9ZJWPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0BTlMUhuBlZKl-3E-7xxCFSS3ePazj0-EdIxKbBm8DEMcJjoXroi8Wts3wSpE1XTNqlviiuDGx2SvmOfKCOuHOm17zhTptml28Ee_H5Voy4u4m1bKvUKkBtkZiAGysySEEzOi52z7tKzrpwIU349b1rJx2ZLREfgKtv8c_gnSnzmT76IbxuG_QrykK_fNVA_jrnxHRWbTB7wmOMeZmntIOT1w-3jyUJpYS8VNs85R0cYARVgiUkVA9B_Zg1ZgtgoWZy4ug94OTs6LxpBfOiEye4p66prgGH7WGa7xIthICvcFxEGxSD_cz-mhH0uQFPYVk2K_nY2p8l9vwHlL7CFwGk1402N3u38W22N0kEr39k-N2Bz6nb8fJI0hnLHRKoNjdTwmWirEgAM_Yt5rSUP5om8rPD2gje53BHzFctIgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3uvvs6CwprmmrFVVTiB1hl4mqEuA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 23 Jul 2023 22:41:54 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame BDEF
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5UFKNxNAApLxfHDqOKPtAWOCWnI1A&u=%7CSjDzQLoKHiu%2FHvtcMH2GIp%2BUpmMJy17Qx3YskfURbe4%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv8woe_caJE_VUAicvkuo4T4WuabUPEUl3LeKzAq_pgTek-KblTtvdwbtUm5EnXa_EpKX7NBZFrgFRvbSDW4ZgPknzANXSqeQhVssTmp8HPODGB1YTUM_VRwYXAIRWcjPZOTJFCJALJpKAHkBLr0hJzP-B30IwWo5-uNkZIvIHSaSptMNoUlkrRgcLTwYixLsmHLvbQxaFohAZ9WbsD3ThQhk-R0I1TYADCvCl2Emijc6nzVZpR9zseC1MNkKBFCnrFZu6w2WLMssbU8yy1bjtK01D1BMNmZ-Gjvd-7S6T3kNU_kbOLEJ-kdFZ5tTbBqvKXiFDa5DJyZpo-PVwS7B2UtBpLiQwF6vm3UeV1EjZgEeGiecYADMA8ZleWdXtAPhnbakoTywcrtpzCeiKBKk1nLUoxfk3n7gejjSaHw9MmxuwszorHbqyoajrZeD_rpmeOxLKttZyS5Q1uaOuxC2wnGCwiOMdyYgPz21o3LqitUOQvKn1jfgVT4ZOEHVmXqRlAEq4TiIGM9IM_q774lwakA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRBCtray9ZJWPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0BTlMUhuBlZKl-3E-7xxCFSS3ePazj0-EdIxKbBm8DEMcJjoXroi8Wts3wSpE1XTNqlviiuDGx2SvmOfKCOuHOm17zhTptml28Ee_H5Voy4u4m1bKvUKkBtkZiAGysySEEzOi52z7tKzrpwIU349b1rJx2ZLREfgKtv8c_gnSnzmT76IbxuG_QrykK_fNVA_jrnxHRWbTB7wmOMeZmntIOT1w-3jyUJpYS8VNs85R0cYARVgiUkVA9B_Zg1ZgtgoWZy4ug94OTs6LxpBfOiEye4p66prgGH7WGa7xIthICvcFxEGxSD_cz-mhH0uQFPYVk2K_nY2p8l9vwHlL7CFwGk1402N3u38W22N0kEr39k-N2Bz6nb8fJI0hnLHRKoNjdTwmWirEgAM_Yt5rSUP5om8rPD2gje53BHzFctIgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3uvvs6CwprmmrFVVTiB1hl4mqEuA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 17 Jul 2024 22:41:54 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame BDEF
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5UFKNxNAApLxfHDqOKPtAWOCWnI1A&u=%7CSjDzQLoKHiu%2FHvtcMH2GIp%2BUpmMJy17Qx3YskfURbe4%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv8woe_caJE_VUAicvkuo4T4WuabUPEUl3LeKzAq_pgTek-KblTtvdwbtUm5EnXa_EpKX7NBZFrgFRvbSDW4ZgPknzANXSqeQhVssTmp8HPODGB1YTUM_VRwYXAIRWcjPZOTJFCJALJpKAHkBLr0hJzP-B30IwWo5-uNkZIvIHSaSptMNoUlkrRgcLTwYixLsmHLvbQxaFohAZ9WbsD3ThQhk-R0I1TYADCvCl2Emijc6nzVZpR9zseC1MNkKBFCnrFZu6w2WLMssbU8yy1bjtK01D1BMNmZ-Gjvd-7S6T3kNU_kbOLEJ-kdFZ5tTbBqvKXiFDa5DJyZpo-PVwS7B2UtBpLiQwF6vm3UeV1EjZgEeGiecYADMA8ZleWdXtAPhnbakoTywcrtpzCeiKBKk1nLUoxfk3n7gejjSaHw9MmxuwszorHbqyoajrZeD_rpmeOxLKttZyS5Q1uaOuxC2wnGCwiOMdyYgPz21o3LqitUOQvKn1jfgVT4ZOEHVmXqRlAEq4TiIGM9IM_q774lwakA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRBCtray9ZJWPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0BTlMUhuBlZKl-3E-7xxCFSS3ePazj0-EdIxKbBm8DEMcJjoXroi8Wts3wSpE1XTNqlviiuDGx2SvmOfKCOuHOm17zhTptml28Ee_H5Voy4u4m1bKvUKkBtkZiAGysySEEzOi52z7tKzrpwIU349b1rJx2ZLREfgKtv8c_gnSnzmT76IbxuG_QrykK_fNVA_jrnxHRWbTB7wmOMeZmntIOT1w-3jyUJpYS8VNs85R0cYARVgiUkVA9B_Zg1ZgtgoWZy4ug94OTs6LxpBfOiEye4p66prgGH7WGa7xIthICvcFxEGxSD_cz-mhH0uQFPYVk2K_nY2p8l9vwHlL7CFwGk1402N3u38W22N0kEr39k-N2Bz6nb8fJI0hnLHRKoNjdTwmWirEgAM_Yt5rSUP5om8rPD2gje53BHzFctIgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3uvvs6CwprmmrFVVTiB1hl4mqEuA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 17 Jul 2024 22:41:54 GMT
visit.js
tps.doubleverify.com/ Frame FD3E
8 KB
4 KB
Script
General
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=189&ttfrms=31&brid=3&brver=115.0.5790.102&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DA2J%5DD36C%5DA2J%5DB35%3CK%3D8%3FC%3A5fAh9%5D%3D%3BF5%3A%5C%3A%5C%3F6%3D%3BF5%3A%5C%60%5D3%40%40%3C%3EAb%5DCFTar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau25D%5DFD%5D4C%3AE6%40%5D4%40%3E&srcurlD=1&aUrlD=0&ssl=https:&dfs=287&ddur=243&uid=1690152114232925&jsCallback=dvCallback_1690152114232307&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.102%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=0&winw=0&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=4309&tgjsver=4309&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fads.us.criteo.com%2Fdelivery%2Fr%2Fafr.php%3Fz%3DZL2srQAMh5UFKNxNAApLxfHDqOKPtAWOCWnI1A%26u%3D%257CSjDzQLoKHiu%252FHvtcMH2GIp%252BUpmMJy17Qx3YskfURbe4%253D%257C%26c1%3Dm7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv8woe_caJE_VUAicvkuo4T4WuabUPEUl3LeKzAq_pgTek-KblTtvdwbtUm5EnXa_EpKX7NBZFrgFRvbSDW4ZgPknzANXSqeQhVssTmp8HPODGB1YTUM_VRwYXAIRWcjPZOTJFCJALJpKAHkBLr0hJzP-B30IwWo5-uNkZIvIHSaSptMNoUlkrRgcLTwYixLsmHLvbQxaFohAZ9WbsD3ThQhk-R0I1TYADCvCl2Emijc6nzVZpR9zseC1MNkKBFCnrFZu6w2WLMssbU8yy1bjtK01D1BMNmZ-Gjvd-7S6T3kNU_kbOLEJ-kdFZ5tTbBqvKXiFDa5DJyZpo-PVwS7B2UtBpLiQwF6vm3UeV1EjZgEeGiecYADMA8ZleWdXtAPhnbakoTywcrtpzCeiKBKk1nLUoxfk3n7gejjSaHw9MmxuwszorHbqyoajrZeD_rpmeOxLKttZyS5Q1uaOuxC2wnGCwiOMdyYgPz21o3LqitUOQvKn1jfgVT4ZOEHVmXqRlAEq4TiIGM9IM_q774lwakA%26ct0%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCRBCtray9ZJWPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0BTlMUhuBlZKl-3E-7xxCFSS3ePazj0-EdIxKbBm8DEMcJjoXroi8Wts3wSpE1XTNqlviiuDGx2SvmOfKCOuHOm17zhTptml28Ee_H5Voy4u4m1bKvUKkBtkZiAGysySEEzOi52z7tKzrpwIU349b1rJx2ZLREfgKtv8c_gnSnzmT76IbxuG_QrykK_fNVA_jrnxHRWbTB7wmOMeZmntIOT1w-3jyUJpYS8VNs85R0cYARVgiUkVA9B_Zg1ZgtgoWZy4ug94OTs6LxpBfOiEye4p66prgGH7WGa7xIthICvcFxEGxSD_cz-mhH0uQFPYVk2K_nY2p8l9vwHlL7CFwGk1402N3u38W22N0kEr39k-N2Bz6nb8fJI0hnLHRKoNjdTwmWirEgAM_Yt5rSUP5om8rPD2gje53BHzFctIgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3uvvs6CwprmmrFVVTiB1hl4mqEuA%2526client%253Dca-pub-1618592205083780%2526adurl%253D&fcifrms=7&brh=2&sdf=2&dvp_epl=338&noc=4&nav_pltfrm=Win32&ctx=13846930&cmp=29214310&sid=1340728&plc=358196926&btreg=banner_content&btadsrv=banner_content&adsrv=169&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=31086952815.440697&dvp_tukv=811411757143.6578&dvp_strhd=0.6999969482421875&dvpx_strhd=0.6999969482421875&dvp_tuid=1101485266467&jurtd=756585710
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4309.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
a83dc47ccbe8f2760dff8f6c479a1f2e96aae96a95b1b4bf84420b7667f7fc51

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 23 Jul 2023 22:41:54 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
07/22/2023 22:41:54
all
csm.us.criteo.net/ Frame 593D
0
127 B
Ping
General
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=KpzLkU5XRp0-3kmA9spnG-_H7VScIidpARH0Rte5zRtKdh3oeGV6KF2MoUjaAULAdSuzgPy37GxMjKCiIXCNKZJ9gf_-cpf8a8jhKsmTYAdwzD6kGIiOg9vESKWxAZkK8ygSghpyFUerU4RrZcY56f2CBYPivqvA1wQFhd50gbyIpy71j7RBa1bw3c2mmOiAHwDRFvGbIE1f862typX9JVg6k3LFJQLzAl-h7ddC9FU_1a5al5bs92z7PueqSXogS9OKUxfT6qEEuTpG&sds=2&rev=87574&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5QFKNxNAApLxcfAYaMUBXzK6NraFA&u=%7CSjDzQLoKHiuKzFT8OZYMKpD6EKoZ1VzCRIJX3j2d7Wc%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv2s2u2dplnKJtVkuzLzx_KV4fN7d1ufgtaTz-Ku7eGDRd5R4EKT3I_GMMLHiGjs_TodfHlURqc7LuTzRQ3slKmZ8DQsjiL3h8nvC3T8_zTZRKLvKkEdkqcXGwMnqvz2sVffV3WjPpV1OBSwIZsXQH_mMosLJ_qqzNf7Y2Nu5kXXCAvvVSBIlPk29qGnS03mwSFnVv5ZvqXWsJdm3P618DjbVnDITmANU-LplsDG30tWNuJtdi5wqmAKJIGSWluPZQ7MQQf-pKq4ymOx5DU1AtOlNXDmvT4i0gU2TZMCuMqRZE5LNMyWdyy0VCnvrcyMG_Msvv1rQu00Ei66O_JGo0N89btVJEU3zQSQ-QnD1rXVND9y6CDelEXPBU8Kgs2xgddtTqq_lmYouufidv_dF0CPFbwOVChR-g2OuNsWgFIuVGoz5qkEx2CwfYQXxwNolP-DadjGuIbRFtFIApZbcrhsU-ncXpTHeu6WPz4YuB5gt5E04owbleLtAF66UB4jJeT0VhlEFT_Xf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHBghray9ZJSPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0AiGg0LW9IZGpNTTCpmHAISEqvNmnc8TM3xu6WmZHgq1Qqquh2H71cg6mgmwOlYpzeOhssMf61DChKa3xtFTsrAbuZmdYtVi9k_PYYfoWCL0fSdogIjSGWcApsse1SkuyeF5erG5RsfHukps-Hs1tQH_QHNt8WvAzSd_-fBZ7nePAhoAx6Le1dGG2Bt4lPlQdnziGsNK8r69l3CVkWmMpXrKRw8BetKjCNxJp6BWrkYgk_aNdXeWaECyHRhz9E5wR71DMAhiMZn7m457UtQBrIsPtELAd34ioQQw57aF_pfN4ByU6rXhk0wUoNP3uRIGkWYD-h29WqzP5kR5o_JsUHQSi7Ne7geHvyXiNTJBQxSY_VMttLjBIgICrT4OlISyCwNYnvbMZUzVQ5m1ThvcC5G8eF48UIrepPu1lz4mgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3K-I8gnC4nlhQ0RUUUFC8dxv_unw%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 23 Jul 2023 22:41:53 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 593D
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5QFKNxNAApLxcfAYaMUBXzK6NraFA&u=%7CSjDzQLoKHiuKzFT8OZYMKpD6EKoZ1VzCRIJX3j2d7Wc%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv2s2u2dplnKJtVkuzLzx_KV4fN7d1ufgtaTz-Ku7eGDRd5R4EKT3I_GMMLHiGjs_TodfHlURqc7LuTzRQ3slKmZ8DQsjiL3h8nvC3T8_zTZRKLvKkEdkqcXGwMnqvz2sVffV3WjPpV1OBSwIZsXQH_mMosLJ_qqzNf7Y2Nu5kXXCAvvVSBIlPk29qGnS03mwSFnVv5ZvqXWsJdm3P618DjbVnDITmANU-LplsDG30tWNuJtdi5wqmAKJIGSWluPZQ7MQQf-pKq4ymOx5DU1AtOlNXDmvT4i0gU2TZMCuMqRZE5LNMyWdyy0VCnvrcyMG_Msvv1rQu00Ei66O_JGo0N89btVJEU3zQSQ-QnD1rXVND9y6CDelEXPBU8Kgs2xgddtTqq_lmYouufidv_dF0CPFbwOVChR-g2OuNsWgFIuVGoz5qkEx2CwfYQXxwNolP-DadjGuIbRFtFIApZbcrhsU-ncXpTHeu6WPz4YuB5gt5E04owbleLtAF66UB4jJeT0VhlEFT_Xf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHBghray9ZJSPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0AiGg0LW9IZGpNTTCpmHAISEqvNmnc8TM3xu6WmZHgq1Qqquh2H71cg6mgmwOlYpzeOhssMf61DChKa3xtFTsrAbuZmdYtVi9k_PYYfoWCL0fSdogIjSGWcApsse1SkuyeF5erG5RsfHukps-Hs1tQH_QHNt8WvAzSd_-fBZ7nePAhoAx6Le1dGG2Bt4lPlQdnziGsNK8r69l3CVkWmMpXrKRw8BetKjCNxJp6BWrkYgk_aNdXeWaECyHRhz9E5wR71DMAhiMZn7m457UtQBrIsPtELAd34ioQQw57aF_pfN4ByU6rXhk0wUoNP3uRIGkWYD-h29WqzP5kR5o_JsUHQSi7Ne7geHvyXiNTJBQxSY_VMttLjBIgICrT4OlISyCwNYnvbMZUzVQ5m1ThvcC5G8eF48UIrepPu1lz4mgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3K-I8gnC4nlhQ0RUUUFC8dxv_unw%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 17 Jul 2024 22:41:54 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 593D
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5QFKNxNAApLxcfAYaMUBXzK6NraFA&u=%7CSjDzQLoKHiuKzFT8OZYMKpD6EKoZ1VzCRIJX3j2d7Wc%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv2s2u2dplnKJtVkuzLzx_KV4fN7d1ufgtaTz-Ku7eGDRd5R4EKT3I_GMMLHiGjs_TodfHlURqc7LuTzRQ3slKmZ8DQsjiL3h8nvC3T8_zTZRKLvKkEdkqcXGwMnqvz2sVffV3WjPpV1OBSwIZsXQH_mMosLJ_qqzNf7Y2Nu5kXXCAvvVSBIlPk29qGnS03mwSFnVv5ZvqXWsJdm3P618DjbVnDITmANU-LplsDG30tWNuJtdi5wqmAKJIGSWluPZQ7MQQf-pKq4ymOx5DU1AtOlNXDmvT4i0gU2TZMCuMqRZE5LNMyWdyy0VCnvrcyMG_Msvv1rQu00Ei66O_JGo0N89btVJEU3zQSQ-QnD1rXVND9y6CDelEXPBU8Kgs2xgddtTqq_lmYouufidv_dF0CPFbwOVChR-g2OuNsWgFIuVGoz5qkEx2CwfYQXxwNolP-DadjGuIbRFtFIApZbcrhsU-ncXpTHeu6WPz4YuB5gt5E04owbleLtAF66UB4jJeT0VhlEFT_Xf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHBghray9ZJSPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0AiGg0LW9IZGpNTTCpmHAISEqvNmnc8TM3xu6WmZHgq1Qqquh2H71cg6mgmwOlYpzeOhssMf61DChKa3xtFTsrAbuZmdYtVi9k_PYYfoWCL0fSdogIjSGWcApsse1SkuyeF5erG5RsfHukps-Hs1tQH_QHNt8WvAzSd_-fBZ7nePAhoAx6Le1dGG2Bt4lPlQdnziGsNK8r69l3CVkWmMpXrKRw8BetKjCNxJp6BWrkYgk_aNdXeWaECyHRhz9E5wR71DMAhiMZn7m457UtQBrIsPtELAd34ioQQw57aF_pfN4ByU6rXhk0wUoNP3uRIGkWYD-h29WqzP5kR5o_JsUHQSi7Ne7geHvyXiNTJBQxSY_VMttLjBIgICrT4OlISyCwNYnvbMZUzVQ5m1ThvcC5G8eF48UIrepPu1lz4mgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3K-I8gnC4nlhQ0RUUUFC8dxv_unw%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 17 Jul 2024 22:41:54 GMT
visit.js
tps.doubleverify.com/ Frame DE2D
8 KB
4 KB
Script
General
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=381&ttfrms=7&brid=3&brver=115.0.5790.102&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DA2J%5DD36C%5DA2J%5DB35%3CK%3D8%3FC%3A5fAh9%5D%3D%3BF5%3A%5C%3A%5C%3F6%3D%3BF5%3A%5C%60%5D3%40%40%3C%3EAb%5DCFTar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau25D%5DFD%5D4C%3AE6%40%5D4%40%3E&srcurlD=1&aUrlD=0&ssl=https:&dfs=230&ddur=324&uid=1690152114450813&jsCallback=dvCallback_1690152114450680&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.102%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=0&winw=0&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=4309&tgjsver=4309&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fads.us.criteo.com%2Fdelivery%2Fr%2Fafr.php%3Fz%3DZL2srQAMh5QFKNxNAApLxcfAYaMUBXzK6NraFA%26u%3D%257CSjDzQLoKHiuKzFT8OZYMKpD6EKoZ1VzCRIJX3j2d7Wc%253D%257C%26c1%3Dm7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv2s2u2dplnKJtVkuzLzx_KV4fN7d1ufgtaTz-Ku7eGDRd5R4EKT3I_GMMLHiGjs_TodfHlURqc7LuTzRQ3slKmZ8DQsjiL3h8nvC3T8_zTZRKLvKkEdkqcXGwMnqvz2sVffV3WjPpV1OBSwIZsXQH_mMosLJ_qqzNf7Y2Nu5kXXCAvvVSBIlPk29qGnS03mwSFnVv5ZvqXWsJdm3P618DjbVnDITmANU-LplsDG30tWNuJtdi5wqmAKJIGSWluPZQ7MQQf-pKq4ymOx5DU1AtOlNXDmvT4i0gU2TZMCuMqRZE5LNMyWdyy0VCnvrcyMG_Msvv1rQu00Ei66O_JGo0N89btVJEU3zQSQ-QnD1rXVND9y6CDelEXPBU8Kgs2xgddtTqq_lmYouufidv_dF0CPFbwOVChR-g2OuNsWgFIuVGoz5qkEx2CwfYQXxwNolP-DadjGuIbRFtFIApZbcrhsU-ncXpTHeu6WPz4YuB5gt5E04owbleLtAF66UB4jJeT0VhlEFT_Xf%26ct0%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCHBghray9ZJSPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0AiGg0LW9IZGpNTTCpmHAISEqvNmnc8TM3xu6WmZHgq1Qqquh2H71cg6mgmwOlYpzeOhssMf61DChKa3xtFTsrAbuZmdYtVi9k_PYYfoWCL0fSdogIjSGWcApsse1SkuyeF5erG5RsfHukps-Hs1tQH_QHNt8WvAzSd_-fBZ7nePAhoAx6Le1dGG2Bt4lPlQdnziGsNK8r69l3CVkWmMpXrKRw8BetKjCNxJp6BWrkYgk_aNdXeWaECyHRhz9E5wR71DMAhiMZn7m457UtQBrIsPtELAd34ioQQw57aF_pfN4ByU6rXhk0wUoNP3uRIGkWYD-h29WqzP5kR5o_JsUHQSi7Ne7geHvyXiNTJBQxSY_VMttLjBIgICrT4OlISyCwNYnvbMZUzVQ5m1ThvcC5G8eF48UIrepPu1lz4mgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3K-I8gnC4nlhQ0RUUUFC8dxv_unw%2526client%253Dca-pub-1618592205083780%2526adurl%253D&fcifrms=7&brh=2&sdf=2&dvp_epl=338&noc=4&nav_pltfrm=Win32&ctx=13846930&cmp=29214310&sid=1340728&plc=358196926&btreg=banner_content&btadsrv=banner_content&adsrv=169&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=175886643736.8782&dvp_tukv=787431891631.3666&dvp_strhd=0.2999992370605469&dvpx_strhd=0.2999992370605469&dvp_tuid=365363788004&jurtd=480677147
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4309.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
18e922d5e65c37773c39bf8fe2b7241a0ee8cb9ae2c1b891cbb7363940912c9a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 23 Jul 2023 22:41:54 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
07/22/2023 22:41:54
activeview
pagead2.googlesyndication.com/pcs/ Frame 81BD
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssNYvksJmiXZoSPEVaeBOYD69NoWE8ZOYrSe6TPu9dA0oRiz8R7LPYS9JszseDVr_ZYsOO6L-O1U9WKwy838YL_-tI&sig=Cg0ArKJSzIzqXFz3DuNvEAE&id=lidar2&mcvt=1028&p=0,0,124,1005&mtos=1028,1028,1028,1028,1028&tos=1028,0,0,0,0&v=20230719&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690152110758&rpt=2581&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Jul 2023 22:41:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
roboto-400.css
static.criteo.net/design/googlefont/roboto/ Frame BDEF
2 KB
842 B
Stylesheet
General
Full URL
https://static.criteo.net/design/googlefont/roboto/roboto-400.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
f3bd93baf2d7ea7fe404497a78897e9300a56e1ef8e452cdd29c0156b2ff3aa5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:14:19 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f13b-807"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 17 Jul 2024 22:41:54 GMT
roboto-700.css
static.criteo.net/design/googlefont/roboto/ Frame BDEF
2 KB
841 B
Stylesheet
General
Full URL
https://static.criteo.net/design/googlefont/roboto/roboto-700.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
49330dbdf50dc3440d871a2408c7ec4fec185d62e419fd9960000cd8eed78950
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:14:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f13d-807"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 17 Jul 2024 22:41:54 GMT
roboto-400.css
static.criteo.net/design/googlefont/roboto/ Frame 593D
2 KB
842 B
Stylesheet
General
Full URL
https://static.criteo.net/design/googlefont/roboto/roboto-400.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
f3bd93baf2d7ea7fe404497a78897e9300a56e1ef8e452cdd29c0156b2ff3aa5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:14:19 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f13b-807"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 17 Jul 2024 22:41:54 GMT
roboto-700.css
static.criteo.net/design/googlefont/roboto/ Frame 593D
2 KB
841 B
Stylesheet
General
Full URL
https://static.criteo.net/design/googlefont/roboto/roboto-700.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
49330dbdf50dc3440d871a2408c7ec4fec185d62e419fd9960000cd8eed78950
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:14:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f13d-807"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 17 Jul 2024 22:41:54 GMT
all
csm.us.criteo.net/ Frame 9491
0
127 B
Ping
General
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=HoAmOk5XRp0-3kmAyEdEJfldQe1I7gDBQ2iost85VJsmTqsd8on-ErQUXEE9ScSWMFc1gnnuFJIElaJbPYvhskG2mLJWkapV4UTseBUQa5uvACQD0BctwwJH8B7sk6c7iHwfmH_C311kcGTpU_aj97XaEWb5mqWkHfzgVHpJ5QawM4gon-kCPQs-UTc8Z7gxZgXgGMzEpUnGNYJQh-P06Vsy3Bn_BrDWiwzDyO4g-mgBANO4jo3HqlQ3j1ofh79aSjXW2g&sds=2&rev=87574&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5MFKNxNAApLxecTK0pZheyfuCsMLA&u=%7CSjDzQLoKHiu4kmQHvxRrWwMUKlM6G4NxYLF2hNe%2BUPk%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78rklu3251mk0mb-RBzl6Q37qy_PLxz4NWIjSKjEB-Fx3Nu_gFFVO2d9LWvxlGa_DhrYjaZ_D82_b8Aa1j51kug1stgh2UZ_gWNCL5M_7hv5ju_cNRxqG79p6gpspd9qL_HVb-GRbHUwQKwvfqa52vnLW6gKDTHCpgssUK_Dsg0k9uMtB57Pqm1iSSU3G274xWToN3Sl9mPGDQV80lHr7QgiqdSHW_n8MfWenyNBRThsT4bi_gIesGNF3TS9cZbyeDc79EF5Gk03OP_w0q2zRRz9Tpt_WbySnJu_S_604-Ryj6QfuEtQgBsJOWJWaBTXkZap22GShSWQ-CyTyKZvHeBFafVMQmk-mRPrDi6-edMs72TMMJJLJFDSf9x4AmCT7fJk1Ykh6c7V9mVPbHfeK5GDD5nUtVfjLLhsEMq9GY2YwVV0BxkLf67Ypwlx9bsiyOxUgwD0wM3glJQLZqc0Edrr-wCIcCdjcR9IOZy8vq-WgyO6DQUbyXaYhOT0k_QzxPOiMnr58phNRRqsXXz62bRDWqrSjusSO90M0LK-tZ1_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7Xfxray9ZJOPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEwAJP0FAxIDHQjn_OBE-waXHWgdm9cDx1gpdhaORFdoeTQvT7VAqzHi2bUZyRKhcZ2Q3hgiPyobMaLo-4rnHj4fqkOkfr78_GeVtYaqdrbdtI2FbgkAqz6iIrxQQzX8Uc_pHuOKZ0apei0yhNrh7uy0CumKKXeio7ZBeijXTn3RxjqHtQiIUC1Wmjlej6l3u_tL0UWLLuuivIA6Z_9TBVmnnS753vbelclmM3zsd-gAqCvhkEfc2A0Nd3TIb0IwK0KwpmQkcWFtglRKzyubSXl80UyB6iYHNhvNfZniCuaOrxW1BXpakphD8Dp59z1kSELQNCVjz4QzUr5dqY4fkTKxIVpyd9jdSEX5UDokOD1K0DjrDUkCDqD209OpffZ8W1KFMw3Lz6qTeEnq1kMJUuxdCFw40IlgTqcbeKKRhudKQjFoAGycf9-t347pIXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1GC3B3Kw-TOK45YC_aPQWf5tT8bw%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 23 Jul 2023 22:41:53 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
truncated
/ Frame 0D73
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bbe351679bb1214f0a905b6917307f4b904c878fcfb3f616a45b6ea4f780e542

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0AA1
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
148306c7440d0c88235d2a36e06d26e108706c73c5180ffc5c27767c0ecff9bc

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type
image/png
roboto-400-latin.woff2
static.criteo.net/design/googlefont/roboto/ Frame 593D
15 KB
16 KB
Font
General
Full URL
https://static.criteo.net/design/googlefont/roboto/roboto-400-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/roboto/roboto-400.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
c6bdd002d23dcb0adbd87e3518bdd994de73818a0f0f502707986301b9fbc404
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/roboto/roboto-400.css
Origin
https://ads.us.criteo.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:14:19 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f13b-3d80"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 17 Jul 2024 22:41:54 GMT
roboto-700-latin.woff2
static.criteo.net/design/googlefont/roboto/ Frame 593D
15 KB
16 KB
Font
General
Full URL
https://static.criteo.net/design/googlefont/roboto/roboto-700-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/roboto/roboto-700.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
ba9f43fbd9c0782c72ff6eddd221abdcfd9642cd4625227ad693347e4d6989db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/roboto/roboto-700.css
Origin
https://ads.us.criteo.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:14:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f13d-3df4"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 17 Jul 2024 22:41:54 GMT
roboto-400-latin.woff2
static.criteo.net/design/googlefont/roboto/ Frame BDEF
15 KB
16 KB
Font
General
Full URL
https://static.criteo.net/design/googlefont/roboto/roboto-400-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/roboto/roboto-400.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
c6bdd002d23dcb0adbd87e3518bdd994de73818a0f0f502707986301b9fbc404
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/roboto/roboto-400.css
Origin
https://ads.us.criteo.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:14:19 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f13b-3d80"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 17 Jul 2024 22:41:54 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 0D73
0
19 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CG4Owray9ZJSPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvAJP0AiGg0LW9IZGpNTTCpmHAISEqvNmnc8TM3xu6WmZHgq1Qqquh2H71cg6mgmwOlYpzeOhssMf61DChKa3xtFTsrAbuZmdYtVi9k_PYYfoWCL0fSdogIjSGWcApsse1SkuyeF5erG5RsfHukps-Hs1tQH_QHNt8WvAzSd_-fBZ7nePAhoAx6Le1dGG2Bt4lPlQdnziGsNK8r69l3CVkWmMpXrKRw8BetKjCNxJp6BWrkYgk_aNdXeWaECyHRhz9E5wR71DMAhiMZn7m457UtQBrIsPtELAd34ioQQw57aF_pfN4ByU6rXhk0wUoNP3uRIGkWYD-h29WqzP5kR5o_JsUHQSi7Ne7geHvyXiNTJBQxSY_VMttLiDICKQBsyHlEc7Zo-z5H8P0nD9SretioAvcRh1xkAQSCMINft2gAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTE2MTg1OTIyMDUwODM3ODAYAA&sigh=pqv7KEeC02w&uach_m=[UACH]&cid=CAQSKQBpAlJWMthJeT9JtQ5pU0QMu1TEkrru-a8Z3Moq8nTyiAFPHOo9zzU1GAE&cbvp=2&vis=1
Requested by
Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 23 Jul 2023 22:41:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
notify
rtb.va.us.criteo.com/google/auction/ Frame 0D73
0
125 B
Image
General
Full URL
https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=kK_oEs36RMgB2ATiIp0XAgAAAO4XoloobBbnEK2svWTahHa29dnqLmiYAAASAAAKCkFRVUJDZ0VCQ2c&wp=ZL2srQAMh5QFKNxNAApLxcfAYaMUBXzK6NraFA&cbvp=2
Requested by
Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:54 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
201040
server
Kestrel
content-length
0
adview
googleads.g.doubleclick.net/pagead/ Frame 0AA1
0
19 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C5hKMray9ZJWPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvAJP0BTlMUhuBlZKl-3E-7xxCFSS3ePazj0-EdIxKbBm8DEMcJjoXroi8Wts3wSpE1XTNqlviiuDGx2SvmOfKCOuHOm17zhTptml28Ee_H5Voy4u4m1bKvUKkBtkZiAGysySEEzOi52z7tKzrpwIU349b1rJx2ZLREfgKtv8c_gnSnzmT76IbxuG_QrykK_fNVA_jrnxHRWbTB7wmOMeZmntIOT1w-3jyUJpYS8VNs85R0cYARVgiUkVA9B_Zg1ZgtgoWZy4ug94OTs6LxpBfOiEye4p66prgGH7WGa7xIthICvcFxEGxSD_cz-mhH0uQFPYVk2K_nY2p8l9vwHlL7CFwGk1402N3u38W22N0kEr39k-N2Bz6na-frKmLYBORGmE4Fgb4-FopTwk9KVhab78nAB1Eu7amp5vTREwgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTE2MTg1OTIyMDUwODM3ODAYAA&sigh=b8TXrZz6CHo&uach_m=[UACH]&cid=CAQSKQBpAlJWMthJeT9JtQ5pU0QMu1TEkrru-a8Z3Moq8nTyiAFPHOo9zzU1GAE&cbvp=2&vis=1
Requested by
Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 23 Jul 2023 22:41:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
notify
rtb.va.us.criteo.com/google/auction/ Frame 0AA1
0
125 B
Image
General
Full URL
https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=kK_oEs36RMgB2ATiIp0XAgAAAO4XoloobBbnEK2svWSM1eo18x8vB_jrAAASAAAKCkFRVUJDZ0VCQ2c&wp=ZL2srQAMh5UFKNxNAApLxfHDqOKPtAWOCWnI1A&cbvp=2
Requested by
Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:54 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
148260
server
Kestrel
content-length
0
img
imageproxy.us.criteo.net/img/ Frame 593D
14 KB
14 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?h=116&m=0&partner=5535&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F5535%2F190813%2F8c1dc954a40b4ba6bf9d28818e0b82cc_logo_lightbg_horizontal.png&v=3&w=396&s=X8_VG4rw2TlgF1In33pt0rZY
Requested by
Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
6ea37145f65756859d6a4d4f351fce85677e43074c96f84e3ccb93b5335ca7ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:54 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
content-length
13926
expires
Fri, 14 Jun 2024 10:31:40 GMT
img
imageproxy.us.criteo.net/img/ Frame 593D
7 KB
7 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F0%2Foptimized%2F22836110_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=5FNyZAG1mauptswHoMi4RdK_&b=400
Requested by
Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
2e87a65f56694808d00b76fc8d3be759f8d64845ceac88782b9e6d4acdcf19b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:53 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
content-length
6906
expires
Thu, 17 Aug 2023 12:40:31 GMT
img
imageproxy.us.criteo.net/img/ Frame 593D
10 KB
10 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F8%2Foptimized%2F21482528_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=qhvrsrHnuFGlQe38RRMRlAsa&b=400
Requested by
Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
bd044d5d04e34d2efb6be2be6e845985b11ce3303367bf3d79ed975e32272aae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:54 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
content-length
10288
expires
Sun, 20 Aug 2023 22:16:53 GMT
img
imageproxy.us.criteo.net/img/ Frame 593D
11 KB
11 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F2%2Foptimized%2F23841260_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=UrjBVunAM56WmCCCgxSqQMda&b=400
Requested by
Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
feecc2e61ad7153f4a43d4b2c461310a4ac9571727721e9899807a013ca8049d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:54 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
content-length
11224
expires
Tue, 22 Aug 2023 22:05:46 GMT
img
imageproxy.us.criteo.net/img/ Frame 593D
4 KB
4 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F5%2Foptimized%2F21740825_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=WdY35Cz7rMdMu5doyU-nwSo5&b=400
Requested by
Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4c57dd44d9c4a654356760f7b811aaa632397e6f99e4045745b1b057333a1764
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:54 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
content-length
4226
expires
Sun, 30 Jul 2023 21:30:43 GMT
roboto-700-latin.woff2
static.criteo.net/design/googlefont/roboto/ Frame BDEF
15 KB
16 KB
Font
General
Full URL
https://static.criteo.net/design/googlefont/roboto/roboto-700-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/roboto/roboto-700.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
ba9f43fbd9c0782c72ff6eddd221abdcfd9642cd4625227ad693347e4d6989db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/roboto/roboto-700.css
Origin
https://ads.us.criteo.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:14:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f13d-3df4"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 17 Jul 2024 22:41:54 GMT
img
imageproxy.us.criteo.net/img/ Frame BDEF
14 KB
14 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?h=116&m=0&partner=5535&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F5535%2F190813%2F8c1dc954a40b4ba6bf9d28818e0b82cc_logo_lightbg_horizontal.png&v=3&w=396&s=X8_VG4rw2TlgF1In33pt0rZY
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5UFKNxNAApLxfHDqOKPtAWOCWnI1A&u=%7CSjDzQLoKHiu%2FHvtcMH2GIp%2BUpmMJy17Qx3YskfURbe4%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv8woe_caJE_VUAicvkuo4T4WuabUPEUl3LeKzAq_pgTek-KblTtvdwbtUm5EnXa_EpKX7NBZFrgFRvbSDW4ZgPknzANXSqeQhVssTmp8HPODGB1YTUM_VRwYXAIRWcjPZOTJFCJALJpKAHkBLr0hJzP-B30IwWo5-uNkZIvIHSaSptMNoUlkrRgcLTwYixLsmHLvbQxaFohAZ9WbsD3ThQhk-R0I1TYADCvCl2Emijc6nzVZpR9zseC1MNkKBFCnrFZu6w2WLMssbU8yy1bjtK01D1BMNmZ-Gjvd-7S6T3kNU_kbOLEJ-kdFZ5tTbBqvKXiFDa5DJyZpo-PVwS7B2UtBpLiQwF6vm3UeV1EjZgEeGiecYADMA8ZleWdXtAPhnbakoTywcrtpzCeiKBKk1nLUoxfk3n7gejjSaHw9MmxuwszorHbqyoajrZeD_rpmeOxLKttZyS5Q1uaOuxC2wnGCwiOMdyYgPz21o3LqitUOQvKn1jfgVT4ZOEHVmXqRlAEq4TiIGM9IM_q774lwakA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRBCtray9ZJWPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0BTlMUhuBlZKl-3E-7xxCFSS3ePazj0-EdIxKbBm8DEMcJjoXroi8Wts3wSpE1XTNqlviiuDGx2SvmOfKCOuHOm17zhTptml28Ee_H5Voy4u4m1bKvUKkBtkZiAGysySEEzOi52z7tKzrpwIU349b1rJx2ZLREfgKtv8c_gnSnzmT76IbxuG_QrykK_fNVA_jrnxHRWbTB7wmOMeZmntIOT1w-3jyUJpYS8VNs85R0cYARVgiUkVA9B_Zg1ZgtgoWZy4ug94OTs6LxpBfOiEye4p66prgGH7WGa7xIthICvcFxEGxSD_cz-mhH0uQFPYVk2K_nY2p8l9vwHlL7CFwGk1402N3u38W22N0kEr39k-N2Bz6nb8fJI0hnLHRKoNjdTwmWirEgAM_Yt5rSUP5om8rPD2gje53BHzFctIgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3uvvs6CwprmmrFVVTiB1hl4mqEuA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
6ea37145f65756859d6a4d4f351fce85677e43074c96f84e3ccb93b5335ca7ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:54 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
content-length
13926
expires
Fri, 14 Jun 2024 10:31:40 GMT
img
imageproxy.us.criteo.net/img/ Frame BDEF
11 KB
11 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F2%2Foptimized%2F23841260_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=UrjBVunAM56WmCCCgxSqQMda&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5UFKNxNAApLxfHDqOKPtAWOCWnI1A&u=%7CSjDzQLoKHiu%2FHvtcMH2GIp%2BUpmMJy17Qx3YskfURbe4%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv8woe_caJE_VUAicvkuo4T4WuabUPEUl3LeKzAq_pgTek-KblTtvdwbtUm5EnXa_EpKX7NBZFrgFRvbSDW4ZgPknzANXSqeQhVssTmp8HPODGB1YTUM_VRwYXAIRWcjPZOTJFCJALJpKAHkBLr0hJzP-B30IwWo5-uNkZIvIHSaSptMNoUlkrRgcLTwYixLsmHLvbQxaFohAZ9WbsD3ThQhk-R0I1TYADCvCl2Emijc6nzVZpR9zseC1MNkKBFCnrFZu6w2WLMssbU8yy1bjtK01D1BMNmZ-Gjvd-7S6T3kNU_kbOLEJ-kdFZ5tTbBqvKXiFDa5DJyZpo-PVwS7B2UtBpLiQwF6vm3UeV1EjZgEeGiecYADMA8ZleWdXtAPhnbakoTywcrtpzCeiKBKk1nLUoxfk3n7gejjSaHw9MmxuwszorHbqyoajrZeD_rpmeOxLKttZyS5Q1uaOuxC2wnGCwiOMdyYgPz21o3LqitUOQvKn1jfgVT4ZOEHVmXqRlAEq4TiIGM9IM_q774lwakA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRBCtray9ZJWPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0BTlMUhuBlZKl-3E-7xxCFSS3ePazj0-EdIxKbBm8DEMcJjoXroi8Wts3wSpE1XTNqlviiuDGx2SvmOfKCOuHOm17zhTptml28Ee_H5Voy4u4m1bKvUKkBtkZiAGysySEEzOi52z7tKzrpwIU349b1rJx2ZLREfgKtv8c_gnSnzmT76IbxuG_QrykK_fNVA_jrnxHRWbTB7wmOMeZmntIOT1w-3jyUJpYS8VNs85R0cYARVgiUkVA9B_Zg1ZgtgoWZy4ug94OTs6LxpBfOiEye4p66prgGH7WGa7xIthICvcFxEGxSD_cz-mhH0uQFPYVk2K_nY2p8l9vwHlL7CFwGk1402N3u38W22N0kEr39k-N2Bz6nb8fJI0hnLHRKoNjdTwmWirEgAM_Yt5rSUP5om8rPD2gje53BHzFctIgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3uvvs6CwprmmrFVVTiB1hl4mqEuA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
feecc2e61ad7153f4a43d4b2c461310a4ac9571727721e9899807a013ca8049d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:54 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
content-length
11224
expires
Tue, 22 Aug 2023 22:05:46 GMT
img
imageproxy.us.criteo.net/img/ Frame BDEF
7 KB
7 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F0%2Foptimized%2F22836110_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=5FNyZAG1mauptswHoMi4RdK_&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5UFKNxNAApLxfHDqOKPtAWOCWnI1A&u=%7CSjDzQLoKHiu%2FHvtcMH2GIp%2BUpmMJy17Qx3YskfURbe4%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv8woe_caJE_VUAicvkuo4T4WuabUPEUl3LeKzAq_pgTek-KblTtvdwbtUm5EnXa_EpKX7NBZFrgFRvbSDW4ZgPknzANXSqeQhVssTmp8HPODGB1YTUM_VRwYXAIRWcjPZOTJFCJALJpKAHkBLr0hJzP-B30IwWo5-uNkZIvIHSaSptMNoUlkrRgcLTwYixLsmHLvbQxaFohAZ9WbsD3ThQhk-R0I1TYADCvCl2Emijc6nzVZpR9zseC1MNkKBFCnrFZu6w2WLMssbU8yy1bjtK01D1BMNmZ-Gjvd-7S6T3kNU_kbOLEJ-kdFZ5tTbBqvKXiFDa5DJyZpo-PVwS7B2UtBpLiQwF6vm3UeV1EjZgEeGiecYADMA8ZleWdXtAPhnbakoTywcrtpzCeiKBKk1nLUoxfk3n7gejjSaHw9MmxuwszorHbqyoajrZeD_rpmeOxLKttZyS5Q1uaOuxC2wnGCwiOMdyYgPz21o3LqitUOQvKn1jfgVT4ZOEHVmXqRlAEq4TiIGM9IM_q774lwakA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRBCtray9ZJWPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0BTlMUhuBlZKl-3E-7xxCFSS3ePazj0-EdIxKbBm8DEMcJjoXroi8Wts3wSpE1XTNqlviiuDGx2SvmOfKCOuHOm17zhTptml28Ee_H5Voy4u4m1bKvUKkBtkZiAGysySEEzOi52z7tKzrpwIU349b1rJx2ZLREfgKtv8c_gnSnzmT76IbxuG_QrykK_fNVA_jrnxHRWbTB7wmOMeZmntIOT1w-3jyUJpYS8VNs85R0cYARVgiUkVA9B_Zg1ZgtgoWZy4ug94OTs6LxpBfOiEye4p66prgGH7WGa7xIthICvcFxEGxSD_cz-mhH0uQFPYVk2K_nY2p8l9vwHlL7CFwGk1402N3u38W22N0kEr39k-N2Bz6nb8fJI0hnLHRKoNjdTwmWirEgAM_Yt5rSUP5om8rPD2gje53BHzFctIgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3uvvs6CwprmmrFVVTiB1hl4mqEuA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
2e87a65f56694808d00b76fc8d3be759f8d64845ceac88782b9e6d4acdcf19b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:54 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
content-length
6906
expires
Thu, 17 Aug 2023 12:40:31 GMT
img
imageproxy.us.criteo.net/img/ Frame BDEF
4 KB
4 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F5%2Foptimized%2F21740825_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=WdY35Cz7rMdMu5doyU-nwSo5&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5UFKNxNAApLxfHDqOKPtAWOCWnI1A&u=%7CSjDzQLoKHiu%2FHvtcMH2GIp%2BUpmMJy17Qx3YskfURbe4%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv8woe_caJE_VUAicvkuo4T4WuabUPEUl3LeKzAq_pgTek-KblTtvdwbtUm5EnXa_EpKX7NBZFrgFRvbSDW4ZgPknzANXSqeQhVssTmp8HPODGB1YTUM_VRwYXAIRWcjPZOTJFCJALJpKAHkBLr0hJzP-B30IwWo5-uNkZIvIHSaSptMNoUlkrRgcLTwYixLsmHLvbQxaFohAZ9WbsD3ThQhk-R0I1TYADCvCl2Emijc6nzVZpR9zseC1MNkKBFCnrFZu6w2WLMssbU8yy1bjtK01D1BMNmZ-Gjvd-7S6T3kNU_kbOLEJ-kdFZ5tTbBqvKXiFDa5DJyZpo-PVwS7B2UtBpLiQwF6vm3UeV1EjZgEeGiecYADMA8ZleWdXtAPhnbakoTywcrtpzCeiKBKk1nLUoxfk3n7gejjSaHw9MmxuwszorHbqyoajrZeD_rpmeOxLKttZyS5Q1uaOuxC2wnGCwiOMdyYgPz21o3LqitUOQvKn1jfgVT4ZOEHVmXqRlAEq4TiIGM9IM_q774lwakA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRBCtray9ZJWPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0BTlMUhuBlZKl-3E-7xxCFSS3ePazj0-EdIxKbBm8DEMcJjoXroi8Wts3wSpE1XTNqlviiuDGx2SvmOfKCOuHOm17zhTptml28Ee_H5Voy4u4m1bKvUKkBtkZiAGysySEEzOi52z7tKzrpwIU349b1rJx2ZLREfgKtv8c_gnSnzmT76IbxuG_QrykK_fNVA_jrnxHRWbTB7wmOMeZmntIOT1w-3jyUJpYS8VNs85R0cYARVgiUkVA9B_Zg1ZgtgoWZy4ug94OTs6LxpBfOiEye4p66prgGH7WGa7xIthICvcFxEGxSD_cz-mhH0uQFPYVk2K_nY2p8l9vwHlL7CFwGk1402N3u38W22N0kEr39k-N2Bz6nb8fJI0hnLHRKoNjdTwmWirEgAM_Yt5rSUP5om8rPD2gje53BHzFctIgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3uvvs6CwprmmrFVVTiB1hl4mqEuA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4c57dd44d9c4a654356760f7b811aaa632397e6f99e4045745b1b057333a1764
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:54 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
content-length
4226
expires
Sun, 30 Jul 2023 21:30:43 GMT
img
imageproxy.us.criteo.net/img/ Frame BDEF
7 KB
7 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F7%2Foptimized%2F23841487_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=OTgLzT0Jl-blShNP6aFjnxbG&b=400
Requested by
Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
9438ca134237017af2c8f2d0dbec0b4356f91a132012e4e84b90af46c06e40eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:54 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
content-length
7238
expires
Fri, 28 Jul 2023 15:55:38 GMT
img
imageproxy.us.criteo.net/img/ Frame BDEF
10 KB
11 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F4%2Foptimized%2F23262174_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=ZCM4sOz0yGThQL1BiNao-4SM&b=400
Requested by
Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
3febb8c27ef11a929cb1c9b415b7f2925b51df7928586ec43d7a159aab79d1ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:54 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
content-length
10624
expires
Mon, 21 Aug 2023 15:32:26 GMT
img
imageproxy.us.criteo.net/img/ Frame BDEF
7 KB
7 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F0%2Foptimized%2F21482503_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=AXcMBr8P4-6ou7P3yVa-9Q4D&b=400
Requested by
Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
77b6ad8c0fbf8c433d3c9e5cb823a80090aabd47e193a7e4418bc451c7609625
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:54 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
content-length
7154
expires
Mon, 21 Aug 2023 22:08:13 GMT
img
imageproxy.us.criteo.net/img/ Frame BDEF
11 KB
11 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F6%2Foptimized%2F21260604_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=90ZPFloAdevTwEgc0Ym9i1M2&b=400
Requested by
Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
7adec4c1dd4500fa546f0f471ee5fcbfb7f49482960c869b71bf37ec73ba2af4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:53 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
content-length
10904
expires
Sat, 05 Aug 2023 14:56:32 GMT
img
imageproxy.us.criteo.net/img/ Frame BDEF
7 KB
7 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F4%2Foptimized%2F16312711_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=FUtOhn31Lu6WLgf6vHWsu7a3&b=400
Requested by
Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
71ad818ca37820c1f65289f53d9f1828a3a642c6c5978eb369ee060e9f96dd37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:53 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
content-length
6704
expires
Sun, 06 Aug 2023 17:35:53 GMT
img
imageproxy.us.criteo.net/img/ Frame BDEF
13 KB
13 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F8%2Foptimized%2F24264088_fpx.tif&v=3&w=400&s=3KOeklVjo-Wtfnbbm7nv5Jth&b=400
Requested by
Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
3badbe5c7308e83a5f747369448a8efeed8ffd56060aabf6ab2abbd0eeb31874
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:53 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
content-length
13142
expires
Sat, 05 Aug 2023 01:05:28 GMT
img
imageproxy.us.criteo.net/img/ Frame 593D
7 KB
7 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F0%2Foptimized%2F22836110_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=5FNyZAG1mauptswHoMi4RdK_&b=400
Requested by
Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
2e87a65f56694808d00b76fc8d3be759f8d64845ceac88782b9e6d4acdcf19b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:54 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
content-length
6906
expires
Thu, 17 Aug 2023 12:40:31 GMT
img
imageproxy.us.criteo.net/img/ Frame 593D
11 KB
11 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F2%2Foptimized%2F23841260_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=UrjBVunAM56WmCCCgxSqQMda&b=400
Requested by
Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
feecc2e61ad7153f4a43d4b2c461310a4ac9571727721e9899807a013ca8049d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:54 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
content-length
11224
expires
Tue, 22 Aug 2023 22:05:46 GMT
img
imageproxy.us.criteo.net/img/ Frame 593D
10 KB
10 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F8%2Foptimized%2F21482528_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=qhvrsrHnuFGlQe38RRMRlAsa&b=400
Requested by
Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
bd044d5d04e34d2efb6be2be6e845985b11ce3303367bf3d79ed975e32272aae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:53 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
content-length
10288
expires
Sun, 20 Aug 2023 22:16:53 GMT
img
imageproxy.us.criteo.net/img/ Frame 593D
14 KB
14 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?h=116&m=0&partner=5535&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F5535%2F190813%2F8c1dc954a40b4ba6bf9d28818e0b82cc_logo_lightbg_horizontal.png&v=3&w=396&s=X8_VG4rw2TlgF1In33pt0rZY
Requested by
Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
6ea37145f65756859d6a4d4f351fce85677e43074c96f84e3ccb93b5335ca7ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:54 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
content-length
13926
expires
Fri, 14 Jun 2024 10:31:40 GMT
img
imageproxy.us.criteo.net/img/ Frame 593D
4 KB
4 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F5%2Foptimized%2F21740825_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=WdY35Cz7rMdMu5doyU-nwSo5&b=400
Requested by
Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4c57dd44d9c4a654356760f7b811aaa632397e6f99e4045745b1b057333a1764
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:54 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
content-length
4226
expires
Sun, 30 Jul 2023 21:30:43 GMT
img
imageproxy.us.criteo.net/img/ Frame BDEF
14 KB
14 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?h=116&m=0&partner=5535&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F5535%2F190813%2F8c1dc954a40b4ba6bf9d28818e0b82cc_logo_lightbg_horizontal.png&v=3&w=396&s=X8_VG4rw2TlgF1In33pt0rZY
Requested by
Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
6ea37145f65756859d6a4d4f351fce85677e43074c96f84e3ccb93b5335ca7ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:54 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
content-length
13926
expires
Fri, 14 Jun 2024 10:31:40 GMT
img
imageproxy.us.criteo.net/img/ Frame BDEF
7 KB
7 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F0%2Foptimized%2F22836110_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=5FNyZAG1mauptswHoMi4RdK_&b=400
Requested by
Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
2e87a65f56694808d00b76fc8d3be759f8d64845ceac88782b9e6d4acdcf19b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:54 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
content-length
6906
expires
Thu, 17 Aug 2023 12:40:31 GMT
img
imageproxy.us.criteo.net/img/ Frame BDEF
4 KB
4 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F5%2Foptimized%2F21740825_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=WdY35Cz7rMdMu5doyU-nwSo5&b=400
Requested by
Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4c57dd44d9c4a654356760f7b811aaa632397e6f99e4045745b1b057333a1764
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:54 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
content-length
4226
expires
Sun, 30 Jul 2023 21:30:43 GMT
img
imageproxy.us.criteo.net/img/ Frame BDEF
11 KB
11 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F2%2Foptimized%2F23841260_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=UrjBVunAM56WmCCCgxSqQMda&b=400
Requested by
Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
feecc2e61ad7153f4a43d4b2c461310a4ac9571727721e9899807a013ca8049d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:54 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
content-length
11224
expires
Tue, 22 Aug 2023 22:05:46 GMT
img
imageproxy.us.criteo.net/img/ Frame BDEF
7 KB
7 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F7%2Foptimized%2F23841487_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=OTgLzT0Jl-blShNP6aFjnxbG&b=400
Requested by
Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
9438ca134237017af2c8f2d0dbec0b4356f91a132012e4e84b90af46c06e40eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:54 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
content-length
7238
expires
Fri, 28 Jul 2023 15:55:38 GMT
img
imageproxy.us.criteo.net/img/ Frame BDEF
7 KB
7 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F0%2Foptimized%2F21482503_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=AXcMBr8P4-6ou7P3yVa-9Q4D&b=400
Requested by
Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
77b6ad8c0fbf8c433d3c9e5cb823a80090aabd47e193a7e4418bc451c7609625
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:54 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
content-length
7154
expires
Mon, 21 Aug 2023 22:08:13 GMT
img
imageproxy.us.criteo.net/img/ Frame BDEF
10 KB
11 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F4%2Foptimized%2F23262174_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=ZCM4sOz0yGThQL1BiNao-4SM&b=400
Requested by
Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
3febb8c27ef11a929cb1c9b415b7f2925b51df7928586ec43d7a159aab79d1ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:54 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
content-length
10624
expires
Mon, 21 Aug 2023 15:32:26 GMT
img
imageproxy.us.criteo.net/img/ Frame BDEF
11 KB
11 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F6%2Foptimized%2F21260604_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=90ZPFloAdevTwEgc0Ym9i1M2&b=400
Requested by
Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
7adec4c1dd4500fa546f0f471ee5fcbfb7f49482960c869b71bf37ec73ba2af4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:54 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
content-length
10904
expires
Sat, 05 Aug 2023 14:56:32 GMT
img
imageproxy.us.criteo.net/img/ Frame BDEF
7 KB
7 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F4%2Foptimized%2F16312711_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=FUtOhn31Lu6WLgf6vHWsu7a3&b=400
Requested by
Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
71ad818ca37820c1f65289f53d9f1828a3a642c6c5978eb369ee060e9f96dd37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:54 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
content-length
6704
expires
Sun, 06 Aug 2023 17:35:53 GMT
img
imageproxy.us.criteo.net/img/ Frame BDEF
13 KB
13 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F8%2Foptimized%2F24264088_fpx.tif&v=3&w=400&s=3KOeklVjo-Wtfnbbm7nv5Jth&b=400
Requested by
Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
3badbe5c7308e83a5f747369448a8efeed8ffd56060aabf6ab2abbd0eeb31874
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:41:54 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
content-length
13142
expires
Sat, 05 Aug 2023 01:05:28 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0AA1
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssa_wn1ltmUnj-jL0xYRQJfB682ixUXMEwafIsrXrANUld5LHF8aX-8UB9ZtNcQUhdDAo9mZ2vLm6s0LPHv7TwMnGU&sig=Cg0ArKJSzIJjo269ajqZEAE&id=lidar2&mcvt=1002&p=0,0,600,200&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230719&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690152110788&rpt=2762&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Jul 2023 22:41:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0D73
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu5LAuBgA9uhkdMeCdkQ8oLdebhTKg8kowHgoOvWO4h8q994K9Q8NoqLT4_L17UOx_2DxDIGQ--qJ_yEavBdp3Vr1Q&sig=Cg0ArKJSzB4IjnWSAWU5EAE&id=lidar2&mcvt=1005&p=0,0,600,200&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20230719&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690152110781&rpt=2628&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Jul 2023 22:41:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.us.criteo.net/ Frame 593D
0
127 B
Ping
General
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=KpzLkU5XRp0-3kmA9spnG-_H7VScIidpARH0Rte5zRtKdh3oeGV6KF2MoUjaAULAdSuzgPy37GxMjKCiIXCNKZJ9gf_-cpf8a8jhKsmTYAdwzD6kGIiOg9vESKWxAZkK8ygSghpyFUerU4RrZcY56f2CBYPivqvA1wQFhd50gbyIpy71j7RBa1bw3c2mmOiAHwDRFvGbIE1f862typX9JVg6k3LFJQLzAl-h7ddC9FU_1a5al5bs92z7PueqSXogS9OKUxfT6qEEuTpG&sds=2&rev=87574&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5QFKNxNAApLxcfAYaMUBXzK6NraFA&u=%7CSjDzQLoKHiuKzFT8OZYMKpD6EKoZ1VzCRIJX3j2d7Wc%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv2s2u2dplnKJtVkuzLzx_KV4fN7d1ufgtaTz-Ku7eGDRd5R4EKT3I_GMMLHiGjs_TodfHlURqc7LuTzRQ3slKmZ8DQsjiL3h8nvC3T8_zTZRKLvKkEdkqcXGwMnqvz2sVffV3WjPpV1OBSwIZsXQH_mMosLJ_qqzNf7Y2Nu5kXXCAvvVSBIlPk29qGnS03mwSFnVv5ZvqXWsJdm3P618DjbVnDITmANU-LplsDG30tWNuJtdi5wqmAKJIGSWluPZQ7MQQf-pKq4ymOx5DU1AtOlNXDmvT4i0gU2TZMCuMqRZE5LNMyWdyy0VCnvrcyMG_Msvv1rQu00Ei66O_JGo0N89btVJEU3zQSQ-QnD1rXVND9y6CDelEXPBU8Kgs2xgddtTqq_lmYouufidv_dF0CPFbwOVChR-g2OuNsWgFIuVGoz5qkEx2CwfYQXxwNolP-DadjGuIbRFtFIApZbcrhsU-ncXpTHeu6WPz4YuB5gt5E04owbleLtAF66UB4jJeT0VhlEFT_Xf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHBghray9ZJSPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0AiGg0LW9IZGpNTTCpmHAISEqvNmnc8TM3xu6WmZHgq1Qqquh2H71cg6mgmwOlYpzeOhssMf61DChKa3xtFTsrAbuZmdYtVi9k_PYYfoWCL0fSdogIjSGWcApsse1SkuyeF5erG5RsfHukps-Hs1tQH_QHNt8WvAzSd_-fBZ7nePAhoAx6Le1dGG2Bt4lPlQdnziGsNK8r69l3CVkWmMpXrKRw8BetKjCNxJp6BWrkYgk_aNdXeWaECyHRhz9E5wR71DMAhiMZn7m457UtQBrIsPtELAd34ioQQw57aF_pfN4ByU6rXhk0wUoNP3uRIGkWYD-h29WqzP5kR5o_JsUHQSi7Ne7geHvyXiNTJBQxSY_VMttLjBIgICrT4OlISyCwNYnvbMZUzVQ5m1ThvcC5G8eF48UIrepPu1lz4mgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3K-I8gnC4nlhQ0RUUUFC8dxv_unw%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 23 Jul 2023 22:41:55 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
all
csm.us.criteo.net/ Frame BDEF
0
127 B
Ping
General
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=AGQ5Ik5XRp0-3kmAmD1hOfkZarC76cmtbcIu6bIuJR8BRGoBjKBsUph6a5IVcyZesgQrtm-XVwrbTq_EVEa8n8F0dYQu4I4lTZe70M0Nsu6bwBjVh3JI6w2RePkJ9cpMjHSXaNQwslP9wD7n941OpW1jERnuFY30gOFBsUQ1L2P5IM0qSCyLBWTfYdLTPmT_2wjSMrv6DRRmsRABvCWW44do7FEGLTZ5yyoxBTUOtR5efycvkr86jXTxMcZ5c9N1o9MgAw&sds=2&rev=87574&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5UFKNxNAApLxfHDqOKPtAWOCWnI1A&u=%7CSjDzQLoKHiu%2FHvtcMH2GIp%2BUpmMJy17Qx3YskfURbe4%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv8woe_caJE_VUAicvkuo4T4WuabUPEUl3LeKzAq_pgTek-KblTtvdwbtUm5EnXa_EpKX7NBZFrgFRvbSDW4ZgPknzANXSqeQhVssTmp8HPODGB1YTUM_VRwYXAIRWcjPZOTJFCJALJpKAHkBLr0hJzP-B30IwWo5-uNkZIvIHSaSptMNoUlkrRgcLTwYixLsmHLvbQxaFohAZ9WbsD3ThQhk-R0I1TYADCvCl2Emijc6nzVZpR9zseC1MNkKBFCnrFZu6w2WLMssbU8yy1bjtK01D1BMNmZ-Gjvd-7S6T3kNU_kbOLEJ-kdFZ5tTbBqvKXiFDa5DJyZpo-PVwS7B2UtBpLiQwF6vm3UeV1EjZgEeGiecYADMA8ZleWdXtAPhnbakoTywcrtpzCeiKBKk1nLUoxfk3n7gejjSaHw9MmxuwszorHbqyoajrZeD_rpmeOxLKttZyS5Q1uaOuxC2wnGCwiOMdyYgPz21o3LqitUOQvKn1jfgVT4ZOEHVmXqRlAEq4TiIGM9IM_q774lwakA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRBCtray9ZJWPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0BTlMUhuBlZKl-3E-7xxCFSS3ePazj0-EdIxKbBm8DEMcJjoXroi8Wts3wSpE1XTNqlviiuDGx2SvmOfKCOuHOm17zhTptml28Ee_H5Voy4u4m1bKvUKkBtkZiAGysySEEzOi52z7tKzrpwIU349b1rJx2ZLREfgKtv8c_gnSnzmT76IbxuG_QrykK_fNVA_jrnxHRWbTB7wmOMeZmntIOT1w-3jyUJpYS8VNs85R0cYARVgiUkVA9B_Zg1ZgtgoWZy4ug94OTs6LxpBfOiEye4p66prgGH7WGa7xIthICvcFxEGxSD_cz-mhH0uQFPYVk2K_nY2p8l9vwHlL7CFwGk1402N3u38W22N0kEr39k-N2Bz6nb8fJI0hnLHRKoNjdTwmWirEgAM_Yt5rSUP5om8rPD2gje53BHzFctIgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3uvvs6CwprmmrFVVTiB1hl4mqEuA%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 23 Jul 2023 22:41:55 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
event.png
tpsc-ue1.doubleverify.com/ Frame FD3E
0
234 B
Ping
General
Full URL
https://tpsc-ue1.doubleverify.com/event.png?impid=6cba8030bba246789e4aa1d9b76c8d78&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&ee_dp_lngtks=1&vdur=192&eoid=16&te_exec=0&msrjs=4309&dvp_ac_version=0810&dvp_acibv=&bsigr=19860147274240&tagsrv=1&sdf=67108870&vit=2&isvelg=1&rmi=16&tltms=243&tetms=22&msltms=61&vltms=192&sei=289&vetms=210&tuviims=221&tuviems=624&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=262408&msrcannum=3&ee_dp_tmads=2536&ismms=1051&isumms=1050&nvr=6&elmtp=3&isbxdms=2455&b0=100&b11=1428&adhgt=600&adwdth=200&vsos=6&dvp_vsosnmr=16&lftb=1528&sftb=1528&msrdp=2&naral=262144&vct=512&vphgt=1200&vpwdth=1600&chgt=600&cwdth=200&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=2050&isuiabvms=2050&ispmxpms=2050&engalms=1049&dvp_dpr=1&vstsz=4440&ee_dp_cvcmeeid=1&metp=1&meeid=1&ttfurm=3431&cbust=1690152117636247
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4309.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Sun, 23 Jul 2023 22:41:57 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
07/22/2023 22:41:57
event.png
tpsc-ue1.doubleverify.com/ Frame DE2D
0
234 B
Ping
General
Full URL
https://tpsc-ue1.doubleverify.com/event.png?impid=4ee2f4277b0440d79b61e85af618dd75&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&ee_dp_lngtks=1&ee_dp_adlst=2&vdur=61&eoid=16&te_exec=0&msrjs=4309&dvp_ac_version=0810&dvp_acibv=&bsigr=19860147274240&tagsrv=1&sdf=67108870&vit=2&isvelg=1&rmi=16&tltms=324&tetms=23&msltms=64&vltms=61&sei=289&vetms=140&tuviims=388&tuviems=589&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=328&msrcannum=3&ee_dp_tmads=2319&ismms=1027&isumms=1026&nvr=6&elmtp=3&isbxdms=2230&b0=100&b11=1210&adhgt=600&adwdth=200&vsos=6&dvp_vsosnmr=16&lftb=1310&sftb=1310&msrdp=1&naral=64&vct=512&vphgt=1200&vpwdth=1600&chgt=600&cwdth=200&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=2032&isuiabvms=2032&ispmxpms=2032&engalms=1025&dvp_dpr=1&vstsz=4440&ee_dp_cvcmeeid=1&metp=1&meeid=1&ttfurm=3206&cbust=1690152117650926
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4309.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Sun, 23 Jul 2023 22:41:57 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
07/22/2023 22:41:57
all
csm.us.criteo.net/ Frame 9491
0
127 B
Ping
General
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=HoAmOk5XRp0-3kmAyEdEJfldQe1I7gDBQ2iost85VJsmTqsd8on-ErQUXEE9ScSWMFc1gnnuFJIElaJbPYvhskG2mLJWkapV4UTseBUQa5uvACQD0BctwwJH8B7sk6c7iHwfmH_C311kcGTpU_aj97XaEWb5mqWkHfzgVHpJ5QawM4gon-kCPQs-UTc8Z7gxZgXgGMzEpUnGNYJQh-P06Vsy3Bn_BrDWiwzDyO4g-mgBANO4jo3HqlQ3j1ofh79aSjXW2g&sds=2&rev=87574&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5MFKNxNAApLxecTK0pZheyfuCsMLA&u=%7CSjDzQLoKHiu4kmQHvxRrWwMUKlM6G4NxYLF2hNe%2BUPk%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78rklu3251mk0mb-RBzl6Q37qy_PLxz4NWIjSKjEB-Fx3Nu_gFFVO2d9LWvxlGa_DhrYjaZ_D82_b8Aa1j51kug1stgh2UZ_gWNCL5M_7hv5ju_cNRxqG79p6gpspd9qL_HVb-GRbHUwQKwvfqa52vnLW6gKDTHCpgssUK_Dsg0k9uMtB57Pqm1iSSU3G274xWToN3Sl9mPGDQV80lHr7QgiqdSHW_n8MfWenyNBRThsT4bi_gIesGNF3TS9cZbyeDc79EF5Gk03OP_w0q2zRRz9Tpt_WbySnJu_S_604-Ryj6QfuEtQgBsJOWJWaBTXkZap22GShSWQ-CyTyKZvHeBFafVMQmk-mRPrDi6-edMs72TMMJJLJFDSf9x4AmCT7fJk1Ykh6c7V9mVPbHfeK5GDD5nUtVfjLLhsEMq9GY2YwVV0BxkLf67Ypwlx9bsiyOxUgwD0wM3glJQLZqc0Edrr-wCIcCdjcR9IOZy8vq-WgyO6DQUbyXaYhOT0k_QzxPOiMnr58phNRRqsXXz62bRDWqrSjusSO90M0LK-tZ1_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7Xfxray9ZJOPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEwAJP0FAxIDHQjn_OBE-waXHWgdm9cDx1gpdhaORFdoeTQvT7VAqzHi2bUZyRKhcZ2Q3hgiPyobMaLo-4rnHj4fqkOkfr78_GeVtYaqdrbdtI2FbgkAqz6iIrxQQzX8Uc_pHuOKZ0apei0yhNrh7uy0CumKKXeio7ZBeijXTn3RxjqHtQiIUC1Wmjlej6l3u_tL0UWLLuuivIA6Z_9TBVmnnS753vbelclmM3zsd-gAqCvhkEfc2A0Nd3TIb0IwK0KwpmQkcWFtglRKzyubSXl80UyB6iYHNhvNfZniCuaOrxW1BXpakphD8Dp59z1kSELQNCVjz4QzUr5dqY4fkTKxIVpyd9jdSEX5UDokOD1K0DjrDUkCDqD209OpffZ8W1KFMw3Lz6qTeEnq1kMJUuxdCFw40IlgTqcbeKKRhudKQjFoAGycf9-t347pIXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1GC3B3Kw-TOK45YC_aPQWf5tT8bw%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 23 Jul 2023 22:41:59 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
all
csm.us.criteo.net/ Frame 593D
0
127 B
Ping
General
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=KpzLkU5XRp0-3kmA9spnG-_H7VScIidpARH0Rte5zRtKdh3oeGV6KF2MoUjaAULAdSuzgPy37GxMjKCiIXCNKZJ9gf_-cpf8a8jhKsmTYAdwzD6kGIiOg9vESKWxAZkK8ygSghpyFUerU4RrZcY56f2CBYPivqvA1wQFhd50gbyIpy71j7RBa1bw3c2mmOiAHwDRFvGbIE1f862typX9JVg6k3LFJQLzAl-h7ddC9FU_1a5al5bs92z7PueqSXogS9OKUxfT6qEEuTpG&sds=2&rev=87574&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5QFKNxNAApLxcfAYaMUBXzK6NraFA&u=%7CSjDzQLoKHiuKzFT8OZYMKpD6EKoZ1VzCRIJX3j2d7Wc%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv2s2u2dplnKJtVkuzLzx_KV4fN7d1ufgtaTz-Ku7eGDRd5R4EKT3I_GMMLHiGjs_TodfHlURqc7LuTzRQ3slKmZ8DQsjiL3h8nvC3T8_zTZRKLvKkEdkqcXGwMnqvz2sVffV3WjPpV1OBSwIZsXQH_mMosLJ_qqzNf7Y2Nu5kXXCAvvVSBIlPk29qGnS03mwSFnVv5ZvqXWsJdm3P618DjbVnDITmANU-LplsDG30tWNuJtdi5wqmAKJIGSWluPZQ7MQQf-pKq4ymOx5DU1AtOlNXDmvT4i0gU2TZMCuMqRZE5LNMyWdyy0VCnvrcyMG_Msvv1rQu00Ei66O_JGo0N89btVJEU3zQSQ-QnD1rXVND9y6CDelEXPBU8Kgs2xgddtTqq_lmYouufidv_dF0CPFbwOVChR-g2OuNsWgFIuVGoz5qkEx2CwfYQXxwNolP-DadjGuIbRFtFIApZbcrhsU-ncXpTHeu6WPz4YuB5gt5E04owbleLtAF66UB4jJeT0VhlEFT_Xf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHBghray9ZJSPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0AiGg0LW9IZGpNTTCpmHAISEqvNmnc8TM3xu6WmZHgq1Qqquh2H71cg6mgmwOlYpzeOhssMf61DChKa3xtFTsrAbuZmdYtVi9k_PYYfoWCL0fSdogIjSGWcApsse1SkuyeF5erG5RsfHukps-Hs1tQH_QHNt8WvAzSd_-fBZ7nePAhoAx6Le1dGG2Bt4lPlQdnziGsNK8r69l3CVkWmMpXrKRw8BetKjCNxJp6BWrkYgk_aNdXeWaECyHRhz9E5wR71DMAhiMZn7m457UtQBrIsPtELAd34ioQQw57aF_pfN4ByU6rXhk0wUoNP3uRIGkWYD-h29WqzP5kR5o_JsUHQSi7Ne7geHvyXiNTJBQxSY_VMttLjBIgICrT4OlISyCwNYnvbMZUzVQ5m1ThvcC5G8eF48UIrepPu1lz4mgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3K-I8gnC4nlhQ0RUUUFC8dxv_unw%26client%3Dca-pub-1618592205083780%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 23 Jul 2023 22:42:01 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
mc.yandex.ru
URL
https://mc.yandex.ru/metrika/watch.js
Domain
ads.betweendigital.com
URL
https://ads.betweendigital.com/adjson?t=adfox
Domain
ad.mail.ru
URL
https://ad.mail.ru/hbid_yandex/

Verdicts & Comments Add Verdict or Comment

188 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| c_cache function| RunAjaxJS function| IPMenu function| ajax_save_for_edit function| ajax_prep_for_edit function| ajax_comm_edit function| ajax_cancel_comm_edit function| ajax_save_comm_edit function| DeleteComments function| MarkSpam function| doFavorites function| doFavoritesMobile function| CheckLogin function| doCalendar function| doRate function| doAddComments function| CommentsPage function| dle_copy_quote function| dle_ins function| ShowOrHide function| ckeck_uncheck_all function| confirmDelete function| setNewField function| dle_news_delete function| MenuNewsBuild function| sendNotice function| AddComplaint function| DLEalert function| DLEconfirm function| DLEprompt string| dle_user_profile string| dle_user_profile_link function| ShowPopupProfile function| ShowProfile function| FastSearch function| dle_do_search function| ShowLoading function| HideLoading function| ShowAllVotes function| fast_vote function| AddIgnorePM function| DelIgnorePM function| media_upload function| dropdownmenu function| hidemenu function| delayhidemenu function| clearhidemenu undefined| uppod_players function| Uppod function| Tween function| ReColor function| HTR function| HTG function| HTB function| cutHex function| ShowHide function| Show function| Hide function| ToggleView function| is_array function| getRandomInt string| uppodstyle function| onYouTubeIframeAPIReady string| uppodvideo object| swfobject object| sof function| $ function| jQuery object| adfoxBiddersMap object| adUnits number| userTimeout object| YaHeaderBiddingSettings function| cnc object| pcode_811264_default_EL6em8hcDT object| __activeTestIds object| __vasActiveTestIds object| __pcodeAllActiveTestIds object| Ya number| pr function| AdFox_getCodeScript object| adfoxAsyncParams object| adfoxAsyncParamsScroll object| adfoxAsyncParamsAdaptive object| yaSafeFrameCallbacksStorage boolean| isLoadingSafeframeStarted object| ya object| yaads object| interstitialSlot object| googletag object| adsbygoogle function| hideAdUnit function| showAdUnit function| toggleAdUnit function| onScroll object| Cd string| Cr string| Cp object| yandex_metrika_callbacks object| WebFont function| htmlEncode function| htmlDecode object| dzsap_list boolean| dzsap_ytapiloaded number| dzsap_globalidind object| dzsap_list_for_sync_players boolean| dzsap_list_for_sync_sw_built number| dzsap_list_for_sync_inter_build function| is_mobile function| is_ios function| is_android function| is_android_good function| is_ie function| is_firefox function| is_opera function| is_chrome function| is_safari function| version_ie function| version_firefox function| version_opera function| is_ie8 function| is_ie9 function| can_play_mp3 function| can_canvas function| MD5 function| formatTime function| clean_string function| get_query_arg function| add_query_arg function| can_history_api object| dzsap_player_interrupted_by_dzsvg object| dzsap_audio_ctx object| dzsap_self_options boolean| dzsap_generating_pcm number| dzsap_player_index function| dzsap_list_for_sync_build function| dzsap_init function| dzsag_init function| requestAnimFrame function| dzs_open_social_link string| GoogleAnalyticsObject function| ga object| ggeac object| google_tag_data object| google_js_reporting_queue boolean| yandex_context_perf_logging object| jQuery110208859209544582116 number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map string| google_user_agent_client_hint number| google_rum_task_id_counter object| $sf object| yaSafeFrameAsyncCallbacks object| gaplugins object| gaGlobal object| gaData function| google_sa_impl boolean| _gfp_p_ function| processGoogleToken object| googleToken object| googleIMState number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_image_requests object| dataLayer object| google_tag_manager object| google_llp object| pcode_811262_default_ULBpSihUm7

52 Cookies

Domain/Path Name / Value
.bookmp3.ru/ Name: __ddg1_
Value: lJYepGlQSdnlFp82KsjW
www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Name: _csrf-frontend
Value: 19d96b63ba68c3cb5c56c1a76fa582a71a0a1aa1e443c2c515f1945d2564bcfba%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22%E6%29J%5Bc%C3Q%8D6%12%0E%8Bw%FA%C2%84%F3L%ABY%D9q%BE%C0%C6%8F%23%E2%EA4oC%22%3B%7D
www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Name: b
Value: b
.bookmp3.ru/ Name: _ga
Value: GA1.2.1167766464.1690152109
.bookmp3.ru/ Name: _gid
Value: GA1.2.1500015306.1690152109
.bookmp3.ru/ Name: _gat
Value: 1
.yandex.ru/ Name: i
Value: 2lfXXzd8vR8WHWLnl/St2mv77R9dhVkJe6LReBeHI3/0u+LzjeXIKewBm0bO4KAmlDe+IVFGgN8Su6dq/h8kwF1m6rM=
.bookmp3.ru/ Name: __gads
Value: ID=bf995776953dbbed-2247deb3ede2005d:T=1690152109:RT=1690152109:S=ALNI_Mamkask7iOKR-mp1tCLxNlhn1Idkw
.bookmp3.ru/ Name: __gpi
Value: UID=00000d0f0dddcc97:T=1690152109:RT=1690152109:S=ALNI_Mb9X7nEFTSuoFkMPxDOCa3y3-7kow
.yadro.ru/ Name: FTID
Value: 1alQoj185Q8b1alQoj001PHI
.hit.ua/ Name: uid
Value: 3247185425.1690152109.3489003347
.yadro.ru/ Name: VID
Value: 1p00J62K6wub1alQok001PIN
.quantserve.com/ Name: d
Value: EHUBCQHEKYEA
.quantserve.com/ Name: mc
Value: 64bdacae-2c6c3-bd25d-2b733
.mxptint.net/ Name: mxpim
Value: R33646_106490427_B9A6372E.1.64BDACAE
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZL2srgADF-0k2QBY
.bookmp3.ru/ Name: _ga_XR25G8TDFM
Value: GS1.2.1690152110.1.0.1690152110.0.0.0
.doubleclick.net/ Name: IDE
Value: AHWqTUl0bmvEP_B-NUn74S0_DjyXdctJ-P77AH59wp1nZGkK-v2A8KmLOJfP3DqSz5M
.acuityplatform.com/ Name: auid
Value: 803754168391
.mfadsrvr.com/ Name: tuuid
Value: 98427f43-143a-4103-9198-3bd0b1abc148
.mfadsrvr.com/ Name: c
Value: 1690152110
.mfadsrvr.com/ Name: tuuid_lu
Value: 1690152110
.tribalfusion.com/ Name: ANON_ID
Value: a6ntuJMZaAC7pqGpS6LsbX7E8mv1VjJx3wqlMjLyHU41cJVYgs7PqtCesMrwcqpXx1UDGSvDOR4PqvHKFrU5RZcE61
.yandex.ru/ Name: yandexuid
Value: 4992419721690152110
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANPqNdXNlck1hdGNoaW5nSWTIkWxhc3REcm9wVGltZU1pbGxpcyUBRGEdKSKmmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAURhHSkipo90aGlyZFBhcnR5VXNlcklkWkNBRVNFQmJXaGtfNEN2dkFDNEdiZVVYdDVyVfv7hnZlcnNpb27C+w=="
.mfadsrvr.com/ Name: ssh
Value: !google,1690152113
.yahoo.com/ Name: A3
Value: d=AQABBLGsvWQCEJGEmOXcp4r9XW_zyZywpwkFEgEBAQH-vmTHZAAAAAAA_eMAAA&S=AQAAAgfh3QDdCEbIlT5umud9KHU
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 1df77a87-a6cb-4f2f-9ccb-6bbadaee2819
.linkedin.com/ Name: bcookie
Value: "v=2&048920e0-6edf-4849-8a38-0da620f5a921"
.linkedin.com/ Name: lidc
Value: "b=OGST01:s=O:r=O:a=O:p=O:g=3001:u=1:x=1:i=1690152113:t=1690238513:v=2:sig=AQGMKSmC0t5dsstFY3aZh0c08ifThHxT"
.inmobi.com/ Name: idsp_c
Value: f787b381-a0d7-4ba1-a742-573c54a05fb6
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22B946F33D-4620-45DF-ABBE-35F52C404784%22%7D
.adkernel.com/ Name: ADK_EX_11
Value: 1
.adkernel.com/ Name: ADKUID
Value: A2662175685181484796
.owneriq.net/ Name: si
Value: Q7434385131225945765P
.owneriq.net/ Name: p2
Value: gguuid
.owneriq.net/ Name: gguuid
Value: 1
.blismedia.com/ Name: b
Value: 64BDACB1C2F4F0614C957350BLIS
.adsrvr.org/ Name: TDID
Value: ece93706-ec7a-44c3-9a3f-3f53f1835265
fksnk.com/ Name: AWSALBCORS
Value: dA8KMmQ/0uwydpgwNqf2wU7LbJy21gx3rUfyMth3CynVwmMYYyrpe7J9OjUU1dHyGL8PkKLWSDWYCPtqLpYBd7O2t9jXuaFd3d5H/uR2tujLeewdB5yUpBWtoOqF
.fksnk.com/ Name: f_001
Value: 62F77025F289E451
.fksnk.com/ Name: g_001
Value: 1
beacon.lynx.cognitivlabs.com/ Name: ss
Value: GlOS%2FllGx791XogsYgXFLgknXd8kxuJGapmZnQnAmlqr0vKdDO2dRjXZ5i%2BGKnpj48Buk%2FhUbsAmRPtWZ9EMHg%3D%3D
.yandex.ru/ Name: yuidss
Value: 4992419721690152110
.adform.net/ Name: C
Value: 1
.samplicio.us/ Name: _ftv
Value: 9f67bd9a-4014-47da-bdea-3632b215af31
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGZ29vZ2xlEgsI1NbNuIH2hTwQBRgFIAEoAjILCOCOr-OX9oU8EAU4AQ..
.agkn.com/ Name: u
Value: C|0AAAsUGkxLFBpMQAAAAAA
.agkn.com/ Name: ab
Value: 0001%3AjJUz6A%2FcjmyEQQXdg0evcQBCrbetcvFv
.adform.net/ Name: uid
Value: 6847705467579455043
.doubleclick.net/ Name: APC
Value: Aa3gxNq_dUg2cZpnPAM6BtEQhZKc_-ITk_0IXxFsuNY-7bYhgFR77w
.send.microad.jp/ Name: TR
Value: 7d822be2d6263b093dc99c4a9602706eefd69b55b331035c

13 Console Messages

Source Level URL
Text
network error URL: https://xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/4/6/6/0/audiobook-iskopaemoe.jpg
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/4/6/6/3/audiobook-ballada-o-bete-2-1.jpg
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/4/6/6/1/audiobook-paromshhik.jpg
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/4/6/6/5/audiobook-kryzhovnik-4.jpg
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/4/6/6/4/audiobook-morskie-piraty-1.jpg
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/4/6/6/2/audiobook-rasskazy-192.jpg
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/4/6/5/8/audiobook-chelovek-v-vozdukhe-2.jpg
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/4/6/5/4/audiobook-poslednjaja-dver.jpg
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/4/6/5/6/audiobook-dvojjnjashki.jpg
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/4/6/5/9/audiobook-lermontov-odin-mezh-nebom-i-zemlejj.jpg
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/4/6/5/7/audiobook-chelovek-na-zemle.jpg
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/4/6/5/5/audiobook-zelenoglazaja.jpg
Message:
Failed to load resource: the server responded with a status of 502 ()
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1618592205083780&output=html&h=178&slotname=2609168587&adk=1374432671&adf=4036610663&pi=t.ma~as.2609168587&w=710&fwrn=4&lmt=1690152109&rafmt=11&format=710x178&url=https%3A%2F%2Fwww.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690152109199&bpp=10&bdt=2334&idt=277&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&correlator=4611190033106&frm=20&pv=2&ga_vid=1167766464.1690152109&ga_sid=1690152109&ga_hid=1961258191&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=295&ady=1617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31076087%2C42531706%2C44788441%2C44797784&oid=2&pvsid=4066533587057257&tmod=1604677241&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=5ut2MxHbOz&p=https%3A//www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru&dtd=391
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
acea364e80cf1beb2ac1d7f54c24f519.safeframe.googlesyndication.com
ad.doubleclick.net
ad.mail.ru
ads.betweendigital.com
ads.travelaudience.com
ads.us.criteo.com
adservice.google.com
aep.mxptint.net
aid.send.microad.jp
an.yandex.ru
beacon.lynx.cognitivlabs.com
c.hit.ua
c1.adform.net
cat.va.us.criteo.com
cdn.doubleverify.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
counter.yadro.ru
csm.us.criteo.net
d.agkn.com
dis.criteo.com
dsp.adkernel.com
fksnk.com
googleads.g.doubleclick.net
imageproxy.us.criteo.net
match.adsrvr.org
matchid.adfox.yandex.ru
mc.yandex.ru
mweb.ck.inmobi.com
pagead2.googlesyndication.com
partner.googleadservices.com
pr-bh.ybp.yahoo.com
px.ads.linkedin.com
px.owneriq.net
rtb.mfadsrvr.com
rtb.va.us.criteo.com
rtb0.doubleverify.com
rtbc-ue1.doubleverify.com
s.tribalfusion.com
securepubads.g.doubleclick.net
static.criteo.net
sync-tm.everesttech.net
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-ue1.doubleverify.com
tr.blismedia.com
tracker.samplicio.us
ums.acuityplatform.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru
xp4stm90bvzr.frontroute.org
yandex.ru
yastatic.net
ad.mail.ru
ads.betweendigital.com
mc.yandex.ru
104.66.251.81
142.250.176.194
142.251.40.134
15.197.193.217
151.101.2.49
174.137.133.49
18.214.189.251
185.167.164.39
20.85.134.6
202.233.84.1
2600:141b:9000::1725:7bd1
2600:1f18:4e9:5a02:4cf:f74a:5da0:3484
2600:9000:21da:1400:19:fc2c:a140:93a1
2606:4700:3038::6815:e9e0
2606:4700::6811:190e
2606:4700::6812:18ad
2607:f8b0:4006:809::2002
2607:f8b0:4006:80b::2001
2607:f8b0:4006:80e::2002
2607:f8b0:4006:80f::2002
2607:f8b0:4006:817::200e
2607:f8b0:4006:81c::2008
2607:f8b0:4006:81d::2004
2607:f8b0:4006:81e::2001
2607:f8b0:4006:821::2002
2607:f8b0:4006:823::2002
2607:f8b0:4006:824::2002
2620:100:a001::16
2620:100:a001::24
2620:100:a001::3
2620:100:a001::4
2620:100:a001::9
2620:116:800b:21:f059:4f7e:28a9:1588
2620:1ec:21::14
2a02:6b8:20::215
2a02:6b8::16b
2a02:6b8::90
2a02:6b8:a::a
34.117.228.201
34.193.152.182
34.96.105.8
35.190.0.66
35.207.24.140
38.98.69.175
45.147.197.153
52.1.202.173
69.90.254.78
74.119.119.147
74.119.119.150
88.212.201.198
89.184.81.35
005b888fe4472e6243d74f7a7ffc92dc1ad096e9c804f77b061a1ea1fc57403a
01bbd04b53f2ec0af5db711376da442d3e2429f314d69d5322c41aef639ab4f2
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d460489737c3312aa807a8d4b33a94be0cb741636f03c4f412ee51cdbb36710
0ebe5f6953ec39f33065045f3c3657cbe0850288f1a4421b5fe0a12605cb9cc0
10bafb96087874e079e842e18c8e6d53a31e08254386f6c9f69cc2b9946e075f
1108265cb00e11491bfbec9fca7a6e0a4b1009230a6f234c2aa8a0939b94d8e5
12d8aae0cf51d039bfbef1c8f7ec828851423f05c8f9e5d290b2c2e15cd9a8a6
14183a716359538cd1a83370852fde94873368c0a9f25ab7c3d49998a9a4e45e
148306c7440d0c88235d2a36e06d26e108706c73c5180ffc5c27767c0ecff9bc
14facf711b8ccec81c7aac3fbaffb254f4a151188821e380ba881fae86f15a87
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
18e922d5e65c37773c39bf8fe2b7241a0ee8cb9ae2c1b891cbb7363940912c9a
1e2ac6f9a72032fd1d20e9edb74a8e7362119620364823014ac430dcd0f18825
1f0f1071ab7fcf6a87e947376a3d52b3cdbffe66c5a0acfc72a6e17fbd4a4eab
200e85dab4757803a718dcf0212602887d28fe0dfb611053c9f405be297a2305
25d1cde624df137918b7861bc972b4358f954b5b4eb8674e6b2f946cc8e05085
26a07b147c245d38b2dc84b78a2fbd46f303e703099e871ba8ae9a84ba6cb865
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c30928825264af3ce25cd2cfa08e921439b52efcc30a328e94b4e84064bd6fc
2e87a65f56694808d00b76fc8d3be759f8d64845ceac88782b9e6d4acdcf19b4
305c4903bc22a439c99750026f138ca1ed69dbde08deb64a57b39675b1f943c9
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
360d4bb90ef57dc44ffeb05fe364a73b2728671c2fe122685f6f558a83e39d3a
362eca2bf586d629b5654ef69c17502743d189c7c843a88e88e8aaf86cee9dd6
38e28838e82e723c0937fd7a7a445231d26da9a3471f935b70a1590ebf334b4b
3badbe5c7308e83a5f747369448a8efeed8ffd56060aabf6ab2abbd0eeb31874
3be3f024c46ff93eb55bb00f599911ef69c7957b19c8c3df9aca743259f35ae3
3f98d2733f3cacaf5152fd4d55f778410f391312016cadb5162545357302cdee
3febb8c27ef11a929cb1c9b415b7f2925b51df7928586ec43d7a159aab79d1ce
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47a37cabd33f930dd28119e3ba60cca269770f1b2a774a52bad0a75d8076cd8a
49330dbdf50dc3440d871a2408c7ec4fec185d62e419fd9960000cd8eed78950
4c57dd44d9c4a654356760f7b811aaa632397e6f99e4045745b1b057333a1764
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50e4c20b2a1596f5618dbccb3ad11d4f42f18066d9f89bfe7cb6b6b633a1afcb
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5778015c5eae392238e71afe2e2f9671279706b000e79702f3e7ccf061825a84
60a02319effc380c190f1fe251c649cad498678f82213c4a2485dc9fc019612a
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ea37145f65756859d6a4d4f351fce85677e43074c96f84e3ccb93b5335ca7ea
6eb6d3fd684b604f10aee97339afa67a92d421e49c11d9041892bc6c5829c54f
705ac0c572d53dd9bc0678c171794e9463e8100858f936681dec07c838881993
71ad818ca37820c1f65289f53d9f1828a3a642c6c5978eb369ee060e9f96dd37
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7601820eaeeeb9533f50dec8af4fb8925130830b6aade82a713ce07435502925
77b6ad8c0fbf8c433d3c9e5cb823a80090aabd47e193a7e4418bc451c7609625
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e
7adec4c1dd4500fa546f0f471ee5fcbfb7f49482960c869b71bf37ec73ba2af4
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8187bc16f60a08222ac7465b0a3cbcbb7968d5913f5a24e76b643bf39211441b
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9438ca134237017af2c8f2d0dbec0b4356f91a132012e4e84b90af46c06e40eb
973e69880577fa077648ed919cbaa1bf4a9bf6f79c2c316f81f8ada445d2ccef
97570defe15fe0a83b49642f0ecf2dcc9c7400d21272372d3b140beb372bd08e
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a61735542ef93f832ab8321f9670a83ff11f58b5e122b2fb014199e32de05312
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a83dc47ccbe8f2760dff8f6c479a1f2e96aae96a95b1b4bf84420b7667f7fc51
a94755ecd90a113ceb5ffbb9a9834639bbf215711895074c4181eb309929ca25
a957363cc35d3bea7ad224679b1ef7ebc099b5036b49ecb37b1cd3f5369c7875
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b38bb9174e4b7d8a2dcf5eb8cc14bf1a817b1cf9b4fe89be4cdca41d81a9fe4a
b9db30db84c353b393ebed43c0803e40d62453ec010584b9449a28f0348cd01b
ba59d70cd5715a82ce131dd651b62a84831867180a256af80e37ab7be800f7c8
ba9f43fbd9c0782c72ff6eddd221abdcfd9642cd4625227ad693347e4d6989db
bb9b602388460394170e0c1a372d28a241c1eb711ed6c20c3fa2caa6140d8eed
bbe351679bb1214f0a905b6917307f4b904c878fcfb3f616a45b6ea4f780e542
bc4540a14193a6537e0c03127bbf19848e6226bd437f2550d18f1f385c55eccb
bd044d5d04e34d2efb6be2be6e845985b11ce3303367bf3d79ed975e32272aae
bd0e1926d63d557f4d3b980aa76ee662825145c450b5b12951a5124a255f1282
c0452617e9015b85a178244fb2a35ace28b1db77bd4a2a58dbe25acc66e01522
c2498e5a286c71ac73c23682741374ca2a7d5d144722dfd7612d027f1b8abb51
c6bdd002d23dcb0adbd87e3518bdd994de73818a0f0f502707986301b9fbc404
ca2d72fd740518dea6a019bb57ec196bb9bd32f17c35666875beaa01b9e0b4fb
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
db0d17ee9c24794dc313d2588c0c19bccccb2f7439a0dcb6be8cc985df84baf3
db556c877765791cfa9dc4febd9a83ab0dfdd29245b4c0ca786911f4ada39bbf
dc25fc67607a742cbb41927e3bfae89fc997eec43403def4504eff6196be9247
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e39a0733fc0ca48ac56314b49afc2cceb7d10b0c1102974a588bc6a307d3f134
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5de6df9647a24fced4405f1069a8088d9518a96d1cf6c1396c959987c0a6568
e69153479efcb5c4e0e558ea23d131762e0782384204a98f6c2dcb2bd085606b
ecd441a44422e3c539ad09527fd242a032432dcd4ee226952e2b1d547b05fabb
ee5038150826ee3d0d1698fe83e35680353b6620296108f41722b6c2e9adb5e7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3bd93baf2d7ea7fe404497a78897e9300a56e1ef8e452cdd29c0156b2ff3aa5
f919c02713441d1502a5297ec6201783ecf8070a47d5df866a78ca2fb83bc865
feecc2e61ad7153f4a43d4b2c461310a4ac9571727721e9899807a013ca8049d