www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru Open in urlscan Pro
45.147.197.153  Public Scan

11 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

• https://yastatic.net/pcode/adfox/header-bidding.js HTTP 302
• https://yandex.ru/ads/system/header-bidding.js

Request Chain 5

• https://yastatic.net/pcode/adfox/loader.js HTTP 302
• https://yandex.ru/ads/system/context.js

Request Chain 34

• https://counter.yadro.ru/hit?t11.6;r;s1600*1200*24;uhttps%3A//www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/;0.9873473415885374 HTTP 302
• https://counter.yadro.ru/hit?q;t11.6;r;s1600*1200*24;uhttps%3A//www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/;0.9873473415885374

Request Chain 59

• https://a.tribalfusion.com/i.match?p=b6&u=CAESEDp7ZjmpSSv19F5blXCu2UY&google_cver=1&google_push=AaAOQGENFt9ymBLrzhq2YpBEvIEdW_wxkZx7Dv5OFOWYboI6PGcpd8ZmomJoyhRnC5yIb2PwkC0gBqvHTfZxhObR38qg0zsPhXzDDQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGENFt9ymBLrzhq2YpBEvIEdW_wxkZx7Dv5OFOWYboI6PGcpd8ZmomJoyhRnC5yIb2PwkC0gBqvHTfZxhObR38qg0zsPhXzDDQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
• https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDp7ZjmpSSv19F5blXCu2UY&google_cver=1&google_push=AaAOQGENFt9ymBLrzhq2YpBEvIEdW_wxkZx7Dv5OFOWYboI6PGcpd8ZmomJoyhRnC5yIb2PwkC0gBqvHTfZxhObR38qg0zsPhXzDDQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGENFt9ymBLrzhq2YpBEvIEdW_wxkZx7Dv5OFOWYboI6PGcpd8ZmomJoyhRnC5yIb2PwkC0gBqvHTfZxhObR38qg0zsPhXzDDQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 60

• https://aep.mxptint.net/sn.ashx?google_gid=CAESEEneW3wRnQ48ngkCq3S-uHM&google_cver=1&google_push=AaAOQGHpH5KKIw3YezFRxStb-IvLkI6I7yr9pbPrhveoabIpkZKGk3YQsDqQRjwgKY-gb7Kkoo5rwHG-5v4HpDW18VkHf30OTODd3Q HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AaAOQGHpH5KKIw3YezFRxStb-IvLkI6I7yr9pbPrhveoabIpkZKGk3YQsDqQRjwgKY-gb7Kkoo5rwHG-5v4HpDW18VkHf30OTODd3Q&google_hm=UjMzNjQ2XzEwNjQ5MDQyN19COUE2MzcyRQ%3D%3D

Request Chain 61

• https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEN65EBbZ-18SQF6OVg1ngGU&google_cver=1&google_push=AaAOQGH-Jf3z5c-TTO_pssQNrAQUO9PPFZVl_CwHdh2npbRFdyy4sdqOmLrWT2Wsz5AYxfBsf_CYV2YXkxElwtKWs5w3WRjMzlRrDg HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEN65EBbZ-18SQF6OVg1ngGU&google_push=AaAOQGH-Jf3z5c-TTO_pssQNrAQUO9PPFZVl_CwHdh2npbRFdyy4sdqOmLrWT2Wsz5AYxfBsf_CYV2YXkxElwtKWs5w3WRjMzlRrDg

Request Chain 62

• https://ums.acuityplatform.com/tum?umid=4&uid=CAESENw7_fRklOb0-qngjYUi0hI&google_cver=1&google_push=AaAOQGE4mTmxJ9nExJKQpoNcHRuntl7kLznkWZuBQseWZiE1lBnxyhub6XpkjhTORhP4v3eQGhuOBsENeTd_7gIkgnBPCiaWLVkZ9A HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=803754168391

Request Chain 64

• https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESEBVzX-dG_DDwJ0NMmNty4eM&google_cver=1&google_push=AaAOQGHlRyAqyU4S8XgA30uGUw2fqCJi2WZQN9V_cyVSb3vamwQ91uzYrepxIny_oQNwZEFgULU5TrVsgE0666dhMqIcGLd8JiBtfQ HTTP 302
• https://rtb.mfadsrvr.com/ul_cb/sync?ssp=google&ssp_init=step1&google_gid=CAESEBVzX-dG_DDwJ0NMmNty4eM&google_cver=1&google_push=AaAOQGHlRyAqyU4S8XgA30uGUw2fqCJi2WZQN9V_cyVSb3vamwQ91uzYrepxIny_oQNwZEFgULU5TrVsgE0666dhMqIcGLd8JiBtfQ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=mEJ_QxQ6QQORmDvQsavBSA==&no_redirect=1&google_push=AaAOQGHlRyAqyU4S8XgA30uGUw2fqCJi2WZQN9V_cyVSb3vamwQ91uzYrepxIny_oQNwZEFgULU5TrVsgE0666dhMqIcGLd8JiBtfQ

Request Chain 113

• https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEEL-ilPYYEPll6MiHuJXurE&google_cver=1&google_push=AaAOQGFGrHi1E9YO99_DvKTXljn24IPcsuIeWhgSC48WYhOn6XvsHEclUREHVA-EtULlMKQl40x9FXw4FU4r4gPRyzzd0CXArCiN3w HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AaAOQGFGrHi1E9YO99_DvKTXljn24IPcsuIeWhgSC48WYhOn6XvsHEclUREHVA-EtULlMKQl40x9FXw4FU4r4gPRyzzd0CXArCiN3w

Request Chain 114

• https://ads.travelaudience.com/google_pixel?google_gid=CAESECtep4f_dmBPcTywV19_faQ&google_cver=1&google_push=AaAOQGGVKKS4KKvHhOs2vvvkfo5ZiZRzKZVuVozyGj3eRBpeYr7gsTLgCIFby6gxCHGsq-XincKr4MfaHzC-c0fbg9QQ8lxyUkO_tTg HTTP 307
• https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=uUbzPUYgRd-rvjX1LEBHhA2&google_push=AaAOQGGVKKS4KKvHhOs2vvvkfo5ZiZRzKZVuVozyGj3eRBpeYr7gsTLgCIFby6gxCHGsq-XincKr4MfaHzC-c0fbg9QQ8lxyUkO_tTg

Request Chain 115

• https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEOMEbAOUjO0a8farYEG7vLo&google_cver=1&google_push=AaAOQGH4jjv9Ao-J_M1cemJul7k9bcTEI5OfBWDhJoE3JyVw7TMdW7jT-r2fPT04FbLqmHJEN8g5Z9X8LVqqZ3dxdjbCvSgp9o2mNQ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=Zjc4N2IzODEtYTBkNy00YmExLWE3NDItNTczYzU0YTA1ZmI2&google_gid=CAESEOMEbAOUjO0a8farYEG7vLo&google_cver=1&google_push=AaAOQGH4jjv9Ao-J_M1cemJul7k9bcTEI5OfBWDhJoE3JyVw7TMdW7jT-r2fPT04FbLqmHJEN8g5Z9X8LVqqZ3dxdjbCvSgp9o2mNQ

Request Chain 116

• https://ums.acuityplatform.com/tum?umid=4&uid=CAESEBbWhk_4CvvAC4GbeUXt5rU&google_cver=1&google_push=AaAOQGGS0Br68XvLyUGHc8RuXUU_7l84IfhkxYRQO8H0qI9fK-0SdwhqhQorx9GrCkbVWr5FFh_AKm2WRwkCpYA9uwk9rhUOPau4pg HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=803754168391

Request Chain 117

• https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEARadEqESJPL5GZ6Y5_J5CA&google_cver=1&google_push=AaAOQGEgY3ggBPKVy8W92if5hO7ZE80r4uMeDQRkP-6UPS0cofKMfXl4nTsrKs7JF9Z3mCkQYsVVqJM8e7dnDzkQDD7fnLpKHVZdNoA HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGEgY3ggBPKVy8W92if5hO7ZE80r4uMeDQRkP-6UPS0cofKMfXl4nTsrKs7JF9Z3mCkQYsVVqJM8e7dnDzkQDD7fnLpKHVZdNoA&google_hm=eS0wQ0FHdEUxRTJwR0JDR29nTk9qMmJtdThMQlc5Y1Y1eH5B

Request Chain 118

• https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESEKD-Y2iQBhUghgqMERA2Dvo&google_cver=1&google_push=AaAOQGHg2Mswjc_jqGk1Z1LkjF2r8KQtLbvGyvS3tHpRj65mUyiE2UealSUzuF6w5EE1QTu9wt0Auio4AeopedDYV1jFLjvVHlmZuwv5 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=mEJ_QxQ6QQORmDvQsavBSA==&no_redirect=1&google_push=AaAOQGHg2Mswjc_jqGk1Z1LkjF2r8KQtLbvGyvS3tHpRj65mUyiE2UealSUzuF6w5EE1QTu9wt0Auio4AeopedDYV1jFLjvVHlmZuwv5

Request Chain 119

• https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESEMmCFcFgWtVzsT-xscRuHq0&google_cver=1&google_push=AaAOQGFdPTt8HmCgsXKad3IyLXI5oF6LRoOzd99pcfdkeNl_4oaw7c7K0ZjlLrfkRTDFG_x_w9HcC1w6DdF1c-GoLpKDGTd6D1JHYr6M HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=h3r3HcumL0-cy2u62u4oGQ&google_push=AaAOQGFdPTt8HmCgsXKad3IyLXI5oF6LRoOzd99pcfdkeNl_4oaw7c7K0ZjlLrfkRTDFG_x_w9HcC1w6DdF1c-GoLpKDGTd6D1JHYr6M

Request Chain 128

• https://px.owneriq.net/ecmg?google_gid=CAESENnBL5YoBEPnHVbWLVB99Fs&google_cver=1&google_push=AaAOQGHkTyrJ6tX4JdrX3_7gI2SWeYClIf0zskgMZlz1sXnkK8OZlpJnzc9GdFZ--rtwHzsJjd3GGD-NRwSCvI_H9tZ2W6rqlSrNoTM HTTP 302
• https://px.owneriq.net/ecc?redir=https%3a%2f%2fcm.g.doubleclick.net%2fpixel%3fgoogle_nid%3downeriq1%26google_sc%26google_push%3dAaAOQGHkTyrJ6tX4JdrX3_7gI2SWeYClIf0zskgMZlz1sXnkK8OZlpJnzc9GdFZ--rtwHzsJjd3GGD-NRwSCvI_H9tZ2W6rqlSrNoTM%26google_cver%3d1%26google_gid%3dCAESENnBL5YoBEPnHVbWLVB99Fs%26google_hm%3dUTc0MzQzODUxMzEyMjU5NDU3NjU%3d&uid=Q7434385131225945765&ref=%2Fecmg HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AaAOQGHkTyrJ6tX4JdrX3_7gI2SWeYClIf0zskgMZlz1sXnkK8OZlpJnzc9GdFZ--rtwHzsJjd3GGD-NRwSCvI_H9tZ2W6rqlSrNoTM&google_cver=1&google_gid=CAESENnBL5YoBEPnHVbWLVB99Fs&google_hm=UTc0MzQzODUxMzEyMjU5NDU3NjU=

Request Chain 129

• https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEFfdBfTyh48TFp6Ww3WvC6o&google_cver=1&google_push=AaAOQGFBq7uZrhaAV_cAVnKpVmR2PBSWyfLIpUv1MjlliM7hq5IaGDosAYCy-pZIAHVNJsYV_oXXAT4BK068KKPpHy7qaNs4ihqG9KE HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=Wkwyc3JnQURGLTBrMlFCWQ==&google_gid=CAESEFfdBfTyh48TFp6Ww3WvC6o&google_cver=1&google_push=AaAOQGFBq7uZrhaAV_cAVnKpVmR2PBSWyfLIpUv1MjlliM7hq5IaGDosAYCy-pZIAHVNJsYV_oXXAT4BK068KKPpHy7qaNs4ihqG9KE

Request Chain 130

• https://match.adsrvr.org/track/cmf/google?google_gid=CAESENMrFMGzvYgWuLvrYcxfSSQ&google_cver=1&google_push=AaAOQGGq6dvuUVGtzKVzv8NtokY7IBQR-FpPprcZnfPlQQiTzBbluVCzm7oCCFoQKkK9GKqQ8JySjN4wYSf1SDIXKLgPdeqxx2Y-CbY HTTP 302
• https://match.adsrvr.org/track/cmb/google?google_gid=CAESENMrFMGzvYgWuLvrYcxfSSQ&google_cver=1&google_push=AaAOQGGq6dvuUVGtzKVzv8NtokY7IBQR-FpPprcZnfPlQQiTzBbluVCzm7oCCFoQKkK9GKqQ8JySjN4wYSf1SDIXKLgPdeqxx2Y-CbY HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZWNlOTM3MDYtZWM3YS00NGMzLTlhM2YtM2Y1M2YxODM1MjY1&google_push&gdpr=0&gdpr_consent=&ttd_tdid=ece93706-ec7a-44c3-9a3f-3f53f1835265

Request Chain 132

• https://fksnk.com/cs/google?google_gid=CAESEAGG2YdViTPEOvL-aTMRN3Q&google_cver=1&google_push=AaAOQGGQ7lxbfwv7gEkmm9ANnwFqmlCF4Wux0Vp8fXQc4DH6lFcvzTM3Wqpjyp-oFIr0PoRxk9KAnaiXgFoKK3IEtmAGDALJJGLCVz0 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NjJGNzcwMjVGMjg5RTQ1MQ==

Request Chain 134

• https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEFu_1kV4HM1-0LHymZ8EPFQ&google_cver=1&google_push=AaAOQGF5Cm4EXOVE7rszmDml2tZqNZc6sAe9FRtaVrwXwXLpDACY6XYbHLyrkFg-3iIwA2F_RJ-bT3I-f0A0agaUKdOXOCpZLNsV9Tk HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTI2NjIxNzU2ODUxODE0ODQ3OTY&google_push=AaAOQGF5Cm4EXOVE7rszmDml2tZqNZc6sAe9FRtaVrwXwXLpDACY6XYbHLyrkFg-3iIwA2F_RJ-bT3I-f0A0agaUKdOXOCpZLNsV9Tk

Request Chain 144

• https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B29214310.358196926;dc_trk_aid=549043976;dc_trk_cid=186144873;dcopt=anid;ord=64bdacb02222ee95bfc9a6d04938f15b;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;;ltd= HTTP 302
• https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B29214310.358196926;dc_pre=COip6qLzpYADFXkWiAkdwN4EmA;dc_trk_aid=549043976;dc_trk_cid=186144873;dcopt=anid;ord=64bdacb02222ee95bfc9a6d04938f15b;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;;ltd=

Request Chain 156

• https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B29214310.358196926;dc_trk_aid=549043976;dc_trk_cid=186144873;dcopt=anid;ord=64bdacb0b57359311642e59c2f8c83af;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;;ltd= HTTP 302
• https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B29214310.358196926;dc_pre=CN-v6qLzpYADFXoXiAkdorYMAg;dc_trk_aid=549043976;dc_trk_cid=186144873;dcopt=anid;ord=64bdacb0b57359311642e59c2f8c83af;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;;ltd=

Request Chain 158

• https://px.owneriq.net/ecmg?google_gid=CAESENnBL5YoBEPnHVbWLVB99Fs&google_cver=1&google_push=AaAOQGFwy9j7xrH5McFuNKcffadGMgQYLGh39ddOgBkCHlTHGRdabb4kzNPfJkmpn3M5AYLB5JauZlrLfk0k95QWnJ_fPx8Fk4NBnuc HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AaAOQGFwy9j7xrH5McFuNKcffadGMgQYLGh39ddOgBkCHlTHGRdabb4kzNPfJkmpn3M5AYLB5JauZlrLfk0k95QWnJ_fPx8Fk4NBnuc&google_cver=1&google_gid=CAESENnBL5YoBEPnHVbWLVB99Fs&google_hm=UTc0MzQzODUxMzEyMjU5NDU3NjVQ

Request Chain 159

• https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEEL-ilPYYEPll6MiHuJXurE&google_cver=1&google_push=AaAOQGFKa82a2ngg8Pf1Z2Iow-nPglWv0gJjWTSxzt5wjN-Sy86iB2qoB6Cj0iaWnjsGABY2nlFrQ67-zB8OQdDMSAN8aCCrPsjkTY4 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AaAOQGFKa82a2ngg8Pf1Z2Iow-nPglWv0gJjWTSxzt5wjN-Sy86iB2qoB6Cj0iaWnjsGABY2nlFrQ67-zB8OQdDMSAN8aCCrPsjkTY4

Request Chain 160

• https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEOMEbAOUjO0a8farYEG7vLo&google_cver=1&google_push=AaAOQGHv_4CYUOioe83mu-RwvRIrcDskjBZ5jWkjFR0v80wOK3jEAouJluKxb67OHAB4taK16PVT1KOF40szrOPf9E7l2Tao5VcxxVQ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=Zjc4N2IzODEtYTBkNy00YmExLWE3NDItNTczYzU0YTA1ZmI2&google_gid=CAESEOMEbAOUjO0a8farYEG7vLo&google_cver=1&google_push=AaAOQGHv_4CYUOioe83mu-RwvRIrcDskjBZ5jWkjFR0v80wOK3jEAouJluKxb67OHAB4taK16PVT1KOF40szrOPf9E7l2Tao5VcxxVQ

Request Chain 162

• https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHm9KJVjBFwwd1cDqMilngI&google_cver=1&google_push=AaAOQGEegt4wRflgR4RcEcCJ4DdXiKR-f-lo4fVBByK5pTHzqfr5vbg5mWy5EUIZDVhzpEV6ai4VaGDCQbdcDJkH_cTapvK6d8gy_J4 HTTP 302
• https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHm9KJVjBFwwd1cDqMilngI&google_cver=1&google_push=AaAOQGEegt4wRflgR4RcEcCJ4DdXiKR-f-lo4fVBByK5pTHzqfr5vbg5mWy5EUIZDVhzpEV6ai4VaGDCQbdcDJkH_cTapvK6d8gy_J4 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njg0NzcwNTQ2NzU3OTQ1NTA0Mw&google_push=AaAOQGEegt4wRflgR4RcEcCJ4DdXiKR-f-lo4fVBByK5pTHzqfr5vbg5mWy5EUIZDVhzpEV6ai4VaGDCQbdcDJkH_cTapvK6d8gy_J4

Request Chain 163

• https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESEMmCFcFgWtVzsT-xscRuHq0&google_cver=1&google_push=AaAOQGGEuPjsG2vXCRp7b5855e4Lr355RIpAY87uXl1sfuDd4V_T75kwlXm1VD_7mrL_Z0YlKjIPJpoKnYFb1yjUz48HT0JoHyr1K7wf HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=h3r3HcumL0-cy2u62u4oGQ&google_push=AaAOQGGEuPjsG2vXCRp7b5855e4Lr355RIpAY87uXl1sfuDd4V_T75kwlXm1VD_7mrL_Z0YlKjIPJpoKnYFb1yjUz48HT0JoHyr1K7wf

Request Chain 164

• https://an.yandex.ru/mapuid/google/CAESEAZ4L9UawxFOju4NZcxYa84?ext-param=AaAOQGEe-utf3PiT-_dtWYjR-UwDKpLKWdatlB2CNICfNwM7FXqj6npXEoMbTeNZm3_dzO1STnLjKEIN_2_uw-7mU2hXOlUXWe8Zj_aq&partner-tag=yandex_ag&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEAZ4L9UawxFOju4NZcxYa84&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
• https://an.yandex.ru/resource/spacer.gif

242 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/	69 KB 14 KB	1500ms 1043ms	Document text/html	45.147.197.153 Netherlands
General Check archive.org Show headers Download Go to Full URL https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.147.197.153 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL), Reverse DNS vm1670795.nvme.had.yt Software ddos-guard / PHP/7.1.33 Resource Hash 38e28838e82e723c0937fd7a7a445231d26da9a3471f935b70a1590ebf334b4b Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 accept-language en-US,en;q=0.9 Response headers access-control-allow-headers Content-Type access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin * cache-control max-age=1, private, must-revalidate content-encoding gzip content-type text/html; charset=UTF-8 date Sun, 23 Jul 2023 22:41:46 GMT expires Sun, 23 Jul 2023 22:41:47 GMT server ddos-guard strict-transport-security max-age=31536000; vary Accept-Encoding x-powered-by PHP/7.1.33
GET H2	200	jquery.js Show response www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/js/	334 KB 94 KB	496ms 493ms	Script application/javascript	45.147.197.153 Netherlands
General Check archive.org Show headers Download Go to Full URL https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/js/jquery.js Requested by Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.147.197.153 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL), Reverse DNS vm1670795.nvme.had.yt Software ddos-guard / Resource Hash b9db30db84c353b393ebed43c0803e40d62453ec010584b9449a28f0348cd01b Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language en-US,en;q=0.9 Referer https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:47 GMT content-encoding br strict-transport-security max-age=31536000; last-modified Tue, 10 Oct 2017 08:53:06 GMT server ddos-guard age 1 etag W/"536b8-55b2d6f820080-gzip" vary Accept-Encoding content-type application/javascript ddg-cache-status MISS cache-control max-age=2592000, private accept-ranges bytes expires Sun, 23 Jul 2023 22:41:48 GMT
GET H2	200	main.js Show response www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/js/	860 B 537 B	416ms 414ms	Script application/javascript	45.147.197.153 Netherlands
General Check archive.org Show headers Download Go to Full URL https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/js/main.js Requested by Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.147.197.153 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL), Reverse DNS vm1670795.nvme.had.yt Software ddos-guard / Resource Hash a94755ecd90a113ceb5ffbb9a9834639bbf215711895074c4181eb309929ca25 Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language en-US,en;q=0.9 Referer https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:47 GMT content-encoding br strict-transport-security max-age=31536000; last-modified Wed, 25 Oct 2017 18:13:28 GMT server ddos-guard age 1 etag W/"35c-55c630327a200-gzip" vary Accept-Encoding content-type application/javascript ddg-cache-status MISS cache-control max-age=2592000, private accept-ranges bytes expires Sun, 23 Jul 2023 22:41:48 GMT
GET H2	200	style.css www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/css/	94 KB 15 KB	537ms 535ms	Stylesheet text/css	45.147.197.153 Netherlands
General Check archive.org Show headers Download Go to Full URL https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/css/style.css?v=2.6 Requested by Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.147.197.153 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL), Reverse DNS vm1670795.nvme.had.yt Software ddos-guard / Resource Hash 47a37cabd33f930dd28119e3ba60cca269770f1b2a774a52bad0a75d8076cd8a Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language en-US,en;q=0.9 Referer https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:47 GMT content-encoding br strict-transport-security max-age=31536000; last-modified Wed, 30 Jun 2021 13:22:17 GMT server ddos-guard age 1 etag W/"17698-5c5fb9c888be4-gzip" vary Accept-Encoding content-type text/css ddg-cache-status MISS cache-control max-age=2592000, public accept-ranges bytes expires Tue, 22 Aug 2023 22:41:47 GMT
GET H2	200	font-awesome.min.css www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/css/	30 KB 7 KB	366ms 364ms	Stylesheet text/css	45.147.197.153 Netherlands
General Check archive.org Show headers Download Go to Full URL https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/css/font-awesome.min.css Requested by Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.147.197.153 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL), Reverse DNS vm1670795.nvme.had.yt Software ddos-guard / Resource Hash 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language en-US,en;q=0.9 Referer https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:47 GMT content-encoding br strict-transport-security max-age=31536000; last-modified Tue, 10 Oct 2017 15:14:28 GMT server ddos-guard age 1 etag W/"7918-55b32c3619d00-gzip" vary Accept-Encoding content-type text/css ddg-cache-status MISS cache-control max-age=2592000, public accept-ranges bytes expires Tue, 22 Aug 2023 22:41:47 GMT
GET H2	200	header-bidding.js Show response yandex.ru/ads/system/ Redirect Chain https://yastatic.net/pcode/adfox/header-bidding.js https://yandex.ru/ads/system/header-bidding.js	110 KB 32 KB	1239ms 153ms	Script text/javascript	2a02:6b8:a::a GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yandex.ru/ads/system/header-bidding.js Requested by Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Protocol H2 Server 2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash b38bb9174e4b7d8a2dcf5eb8cc14bf1a817b1cf9b4fe89be4cdca41d81a9fe4a Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers content-encoding br x-content-type-options nosniff nel {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1} accept-ch Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT x-yandex-req-id 1690152109784890-2578126979290290759-balancer-l7leveler-kubr-yp-vla-89-BAL-660 report-to { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control private, max-age=3600 timing-allow-origin * x-robots-tag noindex, noarchive, nofollow expires Sun, 23 Jul 2023 23:41:49 GMT Redirect headers date Sun, 23 Jul 2023 22:41:48 GMT strict-transport-security max-age=43200000; includeSubDomains; nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} server nginx/1.17.9 vary Accept-Encoding report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} location https://yandex.ru/ads/system/header-bidding.js access-control-allow-origin * timing-allow-origin * content-length 0
GET H2	200	context.js Show response yandex.ru/ads/system/ Redirect Chain https://yastatic.net/pcode/adfox/loader.js https://yandex.ru/ads/system/context.js	299 KB 86 KB	734ms 332ms	Script text/javascript	2a02:6b8:a::a GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yandex.ru/ads/system/context.js Requested by Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Protocol H2 Server 2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 14183a716359538cd1a83370852fde94873368c0a9f25ab7c3d49998a9a4e45e Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers content-encoding br x-content-type-options nosniff nel {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1} accept-ch Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT x-yandex-req-id 1690152107843789-11712827879497655329-balancer-l7leveler-kubr-yp-vla-39-BAL-633 report-to { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control private, max-age=3600 timing-allow-origin * x-robots-tag noindex, noarchive, nofollow expires Sun, 23 Jul 2023 23:41:47 GMT Redirect headers date Sun, 23 Jul 2023 22:41:47 GMT strict-transport-security max-age=43200000; includeSubDomains; nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} server nginx/1.17.9 vary Accept-Encoding report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} location https://yandex.ru/ads/system/context.js access-control-allow-origin * timing-allow-origin * content-length 0
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	80 KB 27 KB	127ms 53ms	Script text/javascript	2607:f8b0:4006:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80e::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 5778015c5eae392238e71afe2e2f9671279706b000e79702f3e7ccf061825a84 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:48 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 27593 x-xss-protection 0 server cafe etag 536 / 19561 / m202307180101 / config-hash: 3532551707473895787 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Sun, 23 Jul 2023 22:41:48 GMT
GET H2	502	audiobook-kryzhovnik-4.jpg xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/4/6/6/5/	0 0	450ms 359ms	Image text/html	2606:4700:3038::6815:e9e0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/4/6/6/5/audiobook-kryzhovnik-4.jpg Requested by Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::6815:e9e0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers
GET H2	502	audiobook-morskie-piraty-1.jpg xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/4/6/6/4/	0 0	451ms 360ms	Image text/html	2606:4700:3038::6815:e9e0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/4/6/6/4/audiobook-morskie-piraty-1.jpg Requested by Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::6815:e9e0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers
GET H2	502	audiobook-ballada-o-bete-2-1.jpg xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/4/6/6/3/	0 0	448ms 357ms	Image text/html	2606:4700:3038::6815:e9e0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/4/6/6/3/audiobook-ballada-o-bete-2-1.jpg Requested by Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::6815:e9e0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers
GET H2	502	audiobook-rasskazy-192.jpg xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/4/6/6/2/	0 0	453ms 363ms	Image text/html	2606:4700:3038::6815:e9e0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/4/6/6/2/audiobook-rasskazy-192.jpg Requested by Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::6815:e9e0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers
GET H2	502	audiobook-paromshhik.jpg xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/4/6/6/1/	0 0	448ms 358ms	Image text/html	2606:4700:3038::6815:e9e0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/4/6/6/1/audiobook-paromshhik.jpg Requested by Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::6815:e9e0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers
GET H2	502	audiobook-iskopaemoe.jpg xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/4/6/6/0/	0 0	446ms 356ms	Image text/html	2606:4700:3038::6815:e9e0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/4/6/6/0/audiobook-iskopaemoe.jpg Requested by Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::6815:e9e0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers
GET H2	502	audiobook-lermontov-odin-mezh-nebom-i-zemlejj.jpg xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/4/6/5/9/	0 0	358ms 354ms	Image text/html	2606:4700:3038::6815:e9e0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/4/6/5/9/audiobook-lermontov-odin-mezh-nebom-i-zemlejj.jpg Requested by Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::6815:e9e0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers
GET H2	502	audiobook-chelovek-v-vozdukhe-2.jpg xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/4/6/5/8/	0 0	350ms 346ms	Image text/html	2606:4700:3038::6815:e9e0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/4/6/5/8/audiobook-chelovek-v-vozdukhe-2.jpg Requested by Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::6815:e9e0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers
GET H2	502	audiobook-chelovek-na-zemle.jpg xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/4/6/5/7/	0 0	359ms 355ms	Image text/html	2606:4700:3038::6815:e9e0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/4/6/5/7/audiobook-chelovek-na-zemle.jpg Requested by Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::6815:e9e0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers
GET H2	502	audiobook-dvojjnjashki.jpg xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/4/6/5/6/	0 0	356ms 352ms	Image text/html	2606:4700:3038::6815:e9e0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/4/6/5/6/audiobook-dvojjnjashki.jpg Requested by Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::6815:e9e0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers
GET H2	502	audiobook-zelenoglazaja.jpg xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/4/6/5/5/	0 0	360ms 356ms	Image text/html	2606:4700:3038::6815:e9e0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/4/6/5/5/audiobook-zelenoglazaja.jpg Requested by Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::6815:e9e0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers
GET H2	502	audiobook-poslednjaja-dver.jpg xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/4/6/5/4/	0 0	354ms 350ms	Image text/html	2606:4700:3038::6815:e9e0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xp4stm90bvzr.frontroute.org/s02/images/audiobooks/6/4/6/5/4/audiobook-poslednjaja-dver.jpg Requested by Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::6815:e9e0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	143 KB 50 KB	258ms 162ms	Script text/javascript	2607:f8b0:4006:823::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:823::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash dc25fc67607a742cbb41927e3bfae89fc997eec43403def4504eff6196be9247 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:48 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 50552 x-xss-protection 0 server cafe etag 4821215974486258649 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600 timing-allow-origin * expires Sun, 23 Jul 2023 22:41:48 GMT
GET H2	200	webfont.js Show response www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/js/	13 KB 5 KB	136ms 127ms	Script application/javascript	45.147.197.153 Netherlands
General Check archive.org Show headers Download Go to Full URL https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/js/webfont.js Requested by Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.147.197.153 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL), Reverse DNS vm1670795.nvme.had.yt Software ddos-guard / Resource Hash 81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language en-US,en;q=0.9 Referer https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:47 GMT content-encoding br strict-transport-security max-age=31536000; last-modified Tue, 10 Oct 2017 08:53:02 GMT server ddos-guard age 0 etag W/"3384-55b2d6f44f780-gzip" vary Accept-Encoding content-type application/javascript ddg-cache-status MISS cache-control max-age=2592000, private accept-ranges bytes expires Sun, 23 Jul 2023 22:41:48 GMT
GET H2	200	audioplayer.js Show response www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/js/	386 KB 58 KB	532ms 445ms	Script application/javascript	45.147.197.153 Netherlands
General Check archive.org Show headers Download Go to Full URL https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/js/audioplayer.js Requested by Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.147.197.153 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL), Reverse DNS vm1670795.nvme.had.yt Software ddos-guard / Resource Hash f919c02713441d1502a5297ec6201783ecf8070a47d5df866a78ca2fb83bc865 Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language en-US,en;q=0.9 Referer https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:48 GMT content-encoding br strict-transport-security max-age=31536000; last-modified Tue, 10 Oct 2017 14:24:22 GMT server ddos-guard age 1 etag W/"607be-55b321035b180-gzip" vary Accept-Encoding content-type application/javascript ddg-cache-status MISS cache-control max-age=2592000, private accept-ranges bytes expires Sun, 23 Jul 2023 22:41:49 GMT
GET H2	200	75b0c05746e0ec17b275.js Show response yastatic.net/partner-code-bundles/811264/	14 KB 5 KB	218ms 188ms	Script text/javascript	2a02:6b8:20::215 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/partner-code-bundles/811264/75b0c05746e0ec17b275.js Requested by Host: yastatic.net URL: https://yastatic.net/pcode/adfox/loader.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software nginx/1.17.9 / Resource Hash 01bbd04b53f2ec0af5db711376da442d3e2429f314d69d5322c41aef639ab4f2 Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Referer https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Origin https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:48 GMT content-encoding br strict-transport-security max-age=43200000; includeSubDomains; nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} content-length 4773 last-modified Fri, 21 Jul 2023 12:54:34 GMT server nginx/1.17.9 etag "8efb03ed386b64d610dfc40892984c47" vary Accept-Encoding report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=946708560 accept-ranges bytes timing-allow-origin * x-robots-tag noindex, noarchive, nofollow expires Wed, 23 Jul 2053 05:13:45 GMT
GET H2	200	4cac75b844ecfdb16518.js Show response yastatic.net/partner-code-bundles/811264/	24 KB 8 KB	238ms 208ms	Script text/javascript	2a02:6b8:20::215 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/partner-code-bundles/811264/4cac75b844ecfdb16518.js Requested by Host: yastatic.net URL: https://yastatic.net/pcode/adfox/loader.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software nginx/1.17.9 / Resource Hash 973e69880577fa077648ed919cbaa1bf4a9bf6f79c2c316f81f8ada445d2ccef Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Referer https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Origin https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:48 GMT content-encoding br strict-transport-security max-age=43200000; includeSubDomains; nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} content-length 7954 last-modified Fri, 21 Jul 2023 12:54:34 GMT server nginx/1.17.9 etag "9c4e8779668d7e8232e4487094226f1b" vary Accept-Encoding report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=946708560 accept-ranges bytes timing-allow-origin * x-robots-tag noindex, noarchive, nofollow expires Wed, 23 Jul 2053 05:13:45 GMT
GET H2	200	3657ae4844a1b50d2af1.js Show response yastatic.net/partner-code-bundles/811264/	126 KB 26 KB	279ms 253ms	Script text/javascript	2a02:6b8:20::215 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/partner-code-bundles/811264/3657ae4844a1b50d2af1.js Requested by Host: yastatic.net URL: https://yastatic.net/pcode/adfox/loader.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software nginx/1.17.9 / Resource Hash 1108265cb00e11491bfbec9fca7a6e0a4b1009230a6f234c2aa8a0939b94d8e5 Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Referer https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Origin https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:48 GMT content-encoding br strict-transport-security max-age=43200000; includeSubDomains; nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} content-length 26350 last-modified Fri, 21 Jul 2023 12:54:34 GMT server nginx/1.17.9 etag "4afe10371848c0467a1fbf12db107d69" vary Accept-Encoding report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=946708560 accept-ranges bytes timing-allow-origin * x-robots-tag noindex, noarchive, nofollow expires Wed, 23 Jul 2053 05:13:45 GMT
GET H2	200	host.js Show response yastatic.net/safeframe-bundles/0.83/	33 KB 9 KB	312ms 287ms	Script text/javascript	2a02:6b8:20::215 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/safeframe-bundles/0.83/host.js Requested by Host: yastatic.net URL: https://yastatic.net/pcode/adfox/loader.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software nginx/1.17.9 / Resource Hash 34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55 Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Referer https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Origin https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:48 GMT content-encoding br strict-transport-security max-age=43200000; includeSubDomains; nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} content-length 8878 last-modified Wed, 03 Nov 2021 13:42:58 GMT server nginx/1.17.9 etag "f80882bf67cf261aa08d636da095149a" vary Accept-Encoding report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=946708560 accept-ranges bytes timing-allow-origin * x-robots-tag noindex, noarchive, nofollow expires Wed, 23 Jul 2053 05:15:18 GMT
GET H2	200	text-variable-full.woff2 yastatic.net/s3/home/fonts/ys/3/	25 KB 26 KB	137ms 136ms	Font font/woff2	2a02:6b8:20::215 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2 Requested by Host: yastatic.net URL: https://yastatic.net/pcode/adfox/loader.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software nginx/1.17.9 / Resource Hash 033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9 Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Referer https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Origin https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:48 GMT strict-transport-security max-age=43200000; includeSubDomains; nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} content-length 26004 x-amz-meta-owner {"role":"admin","login":"4eb0da"} last-modified Mon, 25 Apr 2022 14:02:39 GMT server nginx/1.17.9 etag "7f0cdaf91230f9789ca4162aedff612e" vary Accept-Encoding report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31556952 x-nginx-request-id 2090d1a1e8f5548d accept-ranges bytes timing-allow-origin * expires Tue, 23 Jul 2024 04:28:30 GMT
GET H2	200	8c2c23f3dd1516c65c21.js Show response yastatic.net/partner-code-bundles/811264/	7 KB 3 KB	321ms 295ms	Script text/javascript	2a02:6b8:20::215 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/partner-code-bundles/811264/8c2c23f3dd1516c65c21.js Requested by Host: yastatic.net URL: https://yastatic.net/pcode/adfox/loader.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software nginx/1.17.9 / Resource Hash 7601820eaeeeb9533f50dec8af4fb8925130830b6aade82a713ce07435502925 Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Referer https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Origin https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:48 GMT content-encoding br strict-transport-security max-age=43200000; includeSubDomains; nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} content-length 2086 last-modified Fri, 21 Jul 2023 12:54:34 GMT server nginx/1.17.9 etag "6d449c77cac5ea1ba8d08d79bd6b43ec" vary Accept-Encoding report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=946708560 accept-ranges bytes timing-allow-origin * x-robots-tag noindex, noarchive, nofollow expires Wed, 23 Jul 2053 05:13:45 GMT
GET H2	200	f190aa208013171cae70.js Show response yastatic.net/partner-code-bundles/811264/	621 KB 117 KB	337ms 311ms	Script text/javascript	2a02:6b8:20::215 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/partner-code-bundles/811264/f190aa208013171cae70.js Requested by Host: yastatic.net URL: https://yastatic.net/pcode/adfox/loader.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software nginx/1.17.9 / Resource Hash 26a07b147c245d38b2dc84b78a2fbd46f303e703099e871ba8ae9a84ba6cb865 Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Referer https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Origin https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:48 GMT content-encoding br strict-transport-security max-age=43200000; includeSubDomains; nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} content-length 119482 last-modified Fri, 21 Jul 2023 12:54:35 GMT server nginx/1.17.9 etag "fe0efcee5a4ef656aae2604358722dcf" vary Accept-Encoding report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=946708560 accept-ranges bytes timing-allow-origin * x-robots-tag noindex, noarchive, nofollow expires Wed, 23 Jul 2053 05:13:45 GMT
GET H2	200	fontawesome-webfont.woff2 www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/fonts/	75 KB 76 KB	134ms 124ms	Font application/octet-stream	45.147.197.153 Netherlands
General Check archive.org Show headers Download Go to Full URL https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/fonts/fontawesome-webfont.woff2?v=4.7.0 Requested by Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/css/font-awesome.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.147.197.153 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL), Reverse DNS vm1670795.nvme.had.yt Software ddos-guard / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers Referer https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/css/font-awesome.min.css Origin https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:48 GMT strict-transport-security max-age=31536000; last-modified Tue, 10 Oct 2017 15:17:21 GMT server ddos-guard age 0 etag "12d68-55b32cdb16240" ddg-cache-status MISS cache-control max-age=1 accept-ranges bytes content-length 77160 expires Sun, 23 Jul 2023 22:41:49 GMT
GET H2	200	bookmp3-logo.png www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/images/	27 KB 27 KB	511ms 509ms	Image image/png	45.147.197.153 Netherlands
General Check archive.org Show headers Download Go to Show image Full URL https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/images/bookmp3-logo.png?v1 Requested by Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/css/style.css?v=2.6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.147.197.153 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL), Reverse DNS vm1670795.nvme.had.yt Software ddos-guard / Resource Hash 12d8aae0cf51d039bfbef1c8f7ec828851423f05c8f9e5d290b2c2e15cd9a8a6 Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language en-US,en;q=0.9 Referer https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/css/style.css?v=2.6 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:49 GMT strict-transport-security max-age=31536000; last-modified Sat, 21 Oct 2017 10:38:23 GMT server ddos-guard age 1 etag "6d15-55c0c3048e5c0" content-type image/png ddg-cache-status MISS cache-control max-age=2592000, public accept-ranges bytes content-length 27925 expires Tue, 22 Aug 2023 22:41:49 GMT
GET H2	200	icon-menu-dd.png www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/images/	190 B 267 B	145ms 144ms	Image image/png	45.147.197.153 Netherlands
General Check archive.org Show headers Download Go to Show image Full URL https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/images/icon-menu-dd.png?v1 Requested by Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/css/style.css?v=2.6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.147.197.153 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL), Reverse DNS vm1670795.nvme.had.yt Software ddos-guard / Resource Hash db0d17ee9c24794dc313d2588c0c19bccccb2f7439a0dcb6be8cc985df84baf3 Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language en-US,en;q=0.9 Referer https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/css/style.css?v=2.6 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:48 GMT strict-transport-security max-age=31536000; last-modified Thu, 12 Oct 2017 17:43:11 GMT server ddos-guard age 0 etag "be-55b5d12ea89c0" content-type image/png ddg-cache-status MISS cache-control max-age=2592000, public accept-ranges bytes content-length 190 expires Tue, 22 Aug 2023 22:41:48 GMT
GET H2	200	icon-search.png www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/images/	380 B 490 B	121ms 120ms	Image image/png	45.147.197.153 Netherlands
General Check archive.org Show headers Download Go to Show image Full URL https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/images/icon-search.png?v1 Requested by Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/css/style.css?v=2.6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.147.197.153 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL), Reverse DNS vm1670795.nvme.had.yt Software ddos-guard / Resource Hash 3be3f024c46ff93eb55bb00f599911ef69c7957b19c8c3df9aca743259f35ae3 Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language en-US,en;q=0.9 Referer https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/css/style.css?v=2.6 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:48 GMT strict-transport-security max-age=31536000; last-modified Thu, 12 Oct 2017 17:41:41 GMT server ddos-guard age 0 etag "17c-55b5d0d8d3f40" content-type image/png ddg-cache-status MISS cache-control max-age=2592000, public accept-ranges bytes content-length 380 expires Tue, 22 Aug 2023 22:41:48 GMT
GET H2	200	v2 Show response an.yandex.ru/adfox/264109/getBulk/	211 B 822 B	1697ms 303ms	XHR application/json	2a02:6b8::90 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://an.yandex.ru/adfox/264109/getBulk/v2?pr=2876910802&pr1=1191866169&dl=https%3A%2F%2Fwww.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru%2F&prr=&extid_loader=&extid_tag_loader=www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru&date=2023-07-23T22%3A41%3A48.849%2B00%3A00&pd=23&pw=0&pv=22&pdw=1600&pdh=1200&ylv=0.811264&ybv=0.811264&ytt=140737488617477&is-turbo=0&skip-token=&ad-session-id=9492481690152108864&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22supportHDRBrightness%22%3Afalse%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1600%2C%22h%22%3A0%2C%22width%22%3A0%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A810%2C%22top%22%3A-12%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=811264&p1=cmaqk&p2=gxwa&slotNumber=3&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=801254%2C0%2C2%3B810503%2C0%2C92%3B810464%2C0%2C51%3B806543%2C0%2C64%3B806797%2C0%2C69%3B802999%2C0%2C55%3B808036%2C0%2C14%3B810140%2C0%2C84%3B801975%2C0%2C85%3B798890%2C0%2C42%3B803894%2C0%2C7%3B802013%2C0%2C96%3B803550%2C0%2C91%3B805234%2C0%2C98%3B800948%2C0%2C93%3B811264%2C0%2C75%3B681846%2C0%2C60&pcode-flags-map=eJy1WNl22zYQ%2FRc9Ryn3xW8gAVKouKgAKEfJ8cFRbdVR6yXHdtLEOf73DgBaFmUFcpb6QeY2l4NZ7lzw62iOuOST9lgiLCuUkUoWLZO0kRlqGsJGR%2B%2B%2Bjj4tLz6uRkcjwToyejW6W93e0TM4jyLfD%2BLRw8mrJ5gZa3GXCy7bRs5Qx4kVIXbTwDcIpEFZRSTJ2%2FoJpKJcKGfmFJNWHcDdrJWI1QPY1ecPO6ihH2pUTLmGzduuEZIRTBnJFSSazeyeeU4QeJu1wUJk3VWCsraqAK0R6oAweYxEPiFYCloT2RYFJ8KO63tOvBMzQQW4iBossxYvVCZmiKGaCMDHpEDw3gFmgSo%2BBA3iIHoCZUSwhUpAQ8Rxy6aSMNbaUxmHURCnG4Q%2BGTxH8FvRKRx2bE4WgHgMLnFaNna4yIn9%2BBncz2BUbVPKokKlillXYQkZrBaST%2BnMBH%2BOqu5AtcVRnEQbRMhbPoWiX7SdkLxq4Ye%2BJZCDrsGIUcIPgCVu4A7dI29mxkUo4JxwTuEa3BTyTV3ZwRLfDeKXg8lsAUHFki%2BgHX49NMJY1tRcz6uWQ31nDOXTQyH5oVXkLSayY9WLsVW2VcpmjOhufOpLQxP9%2FQGc68DfAC%2F109g5gJd1RQE9SOqZWEAb1HQX9LsR5zNE8a%2F3sOjg%2BEdRG0XVv9jTb2D%2BVH72Y%2F5%2FEfjR7KvaLxnKZEWaUkwGRjBVkm2zxEmcOHgaB0IT5ZwwTtshPcJzaRgObF3Hj31tu4DhQd5I1knc1og2tukYOrHnR3vNJIxLwWhmNfdcJwp6c2VpTCSqjtGCWy1h1KeGMWe66WGMctIIu03oOc5glPcjPOfMapi6cWLc1Bk1ckZ2DS0o0BltYLgWKCd2jMTrZ7WaWYwUjPAJ8FpJc5td5CZ%2BHyJYYkFZrZiOAWGrQgV5BbWWUWyFgCh77mDdIEEYKiFe%2FeBSFc9zRkgjOZ%2FZ%2FUndoPcHQWG3Te8LKpTEoIUSG7AshIndqThJIyMSlB4qYEY2GGawsYfy2RVVdvtsqgcu1yEZKjw7Sho48QalIqCXAMGqCKMoCSITzq2wlQwYDpTIVLR2v5MocP3t%2BGlBJY8nALKF14CE0AkvO6ZGZqcUZ07o3B7W2HWC2MhVxqSpNNGxpk9PXlHItpiwtisn9hnpApKJb4XeLnRGpW61bbOvo79Wd6fv6%2BXN%2BfpqdOSGzqvR5fWf64sVP11erK%2FOR0fewwA1hDbQqLxGTMg%2FOtIRPdizCikFBQyw%2FYJ3o8vl%2BuL1zUfw7cvy6mz1GY5%2FW18uz1e3g0vny0t95ex%2BdWUeX35a312bw8vXWydnV%2Bv%2BqkLeIMCFm%2BX9xfX9%2B%2F72%2FY35%2F%2FFm%2Bfpq9e%2Ftswf%2BXl5frrXpyf4lNkhAvmRNWKl%2BMUVSoNLKayDpvb64dFsQyD0jKBdA4QcMQ98xewzYNjxKfRD%2F8OqmqzNiZbg4dP1%2B4uiNlt7UgCXMsozkpiPnlFPgjgMwsWOqD2gEpF%2BtCK7UlENxgfakl%2BDCQ7EXjV1SeOMgyNE4y3A2xjny%2FCQhJArxML5JGKb9cBzu5La6R7RdPjE9pCSnWgeMQ6Z66Hcg%2FAM9BC0Kk1W9QY1eTzECUCwGXFRbmztO4sCN9vmm92aw16oyVeUz%2BIErQvlFGyr2bKqeIQdB6A6Rt9arKZCWEnFIPtdUaEVLXSiXAzFUmLlAei%2B52dD3u1V7Ke5B38KtaDkRwEGkfqmPwGSPuz6oKq34wQ8QNtZxH6fA1N4egL4tXwSRhj2EURmCcEExfzYkPy1v74ZSLPbCR2EDlSdobno5q1rIP4yK4wkVZE8%2FsDEde0HqgrgbuwC5fe7tnPs754E%2BR2MvBKEae2B%2FMvApjdynHeujXhUtNIVpDqhGEBgqupOuAVGA6HA7OBCpoBhDx9%2FAISGUuOXfg5eav2%2BgIszxdL7DW3A%2FiIIdi6AXSDu1XKu6a1thp77EiUBMbn82UlNz06EH9MSH5ek%2Ft%2B%2Bv766vLr7soMZp%2FzHqRV%2BhVOMCYU3ocMCOTu8uhrieithgtaJEktWzgYjTn8%2B2WMbUnZFq9mgkjh8dxNc6wmwv1FMvROzju4VjPt0Mg9y%2F7oWYmvmY4iijlmSNmkX%2FwVEVo%2Fqgc2DJruMGzpMGVB%2FRiDLehrV746a95nrmjVE5glbWrMZpkvQzTWeua%2BoO2GE3LPbC8JM02Dih6VUDPFL3gapyelGqGVa%2FEzJkiBJGuH35fhg6vaIVMHY5KoiR8bpMuP3Noef324kJakrD0P0GSzFKhcSBhnDSflhrin5OGK63Sxj6ysPJw3%2FY8qCB&use-server-side-rendering=1&pcode-icookie=Nl4X0sWzxEvbTZ34QF36nY9ABWXk%2BoRqzLQLlcUNpMaFF2y3ZZ5E2Y2HROEx2Gc7HB%2FXzuSSFJ0PBPVOOuIEq10%2BPB0%3D&top-ancestor=https%3A%2F%2Fwww.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru&top-ancestor-undetermined=0&grab-orig-len=3052&grab=eyJncmFiX3ZlcnNpb24iOjIsIm9sZF9ncmFiX3NpemUiOjE2MH0KEqW0kOQ27kEEqIuHaTt4VwqFv4zwtvH-fZNvA_-d13LTvdt437gJEXJt08DfpqOlMVEeiolCMT5Y-yuc03Ubr7-BvgjANagqzOtgbcPJ_OHXvy2ziLCKigooKioqYNyAr0QNs8maqElbeABYTdYrSZNUogqzyStxxe9XDJukyRt6C3vDadEV0Fa_El9d1PO8m5KETK-lodWQInY0gB187ErQon7ZXC0Q2xtQVdWiQ4kvNIxt-LbYTd6vdJnRwRaN5govXT3uxh0xTQN_JVFvaNMTs4D_zpKqfDfi92wYy-uo4VTlNpJXmAtxjldikLc_kK9M2TDOu0oy8pt4C7SSx3qDxUqeZpQWa2yMDakFdGTW6ip9rPo0zrou06cI3JSpmkpj1MbGROfuVIkuTnUxAndTvI-k4l_gqNudB-aY8UNJlmv8xW-aRcLSZJudlRGkvF8D74WJGnq_qvRySWh7gzbZxHq_SxdfCdyUcF6LUOLPtvNTtKzw_G8CVNNTtkx8GHmF_cJltG4XPzfIUhDgJhpKtQBP5Milg57DQQUqZSubm4m3XldhDlNCCYLFSmmE16kMmVqNwG2iC0rtJjq4mkzr5lWKE60p0_BpxZnJkPLpahK4fPpUqcFwbVKDr28wquPrG4wWayagSWcw6sjcFgBBbBDOc7TucDqtruz1rDSUpQD_g5x2V1UlQKoEKJPsX3KufaY7rAypoM2X-1_9fyJFRMU7iBoWUiVB9hkRVYqL1MCdsa4xwiff5Km1mc7SIFWCv2SfLKqwabe4H1lZCXOra-RzJWF6ud6KDSCONzebyRMDZapxs1Ux6nSp5hpppqEwgshOpj4z6njU9mpcbYqW2fwPCnRCzWACP3FbUOmzT9OQpc4lQVz88gU0JbGAgKj5Q5WtT3WkApINRg6SzcY41W8xhUV9uasVsEMDDvWvhT0FT-2lFz9NB42d2FNhbvFR6q1owDSgGy5YgQn5ZBGUhtugcIM3f6FINHoujqrPvFTk-4VVQIkp1IlmqDhyNF9NPqGR3IGquGcZMrHrHxGRd_Efexy8TbSJOlbzn6PwkF_uCnSgKQ0lBbOZKoE3NDaQmbGRay4pYkvbBWWcqseJ3s3f0hTrOr_c0pKH7OLOfSVCuniTLzfbEkbJ7J98f_Eo80yM-FIOHYY45auHMoszpBOencKoeVChSgykep1Hkq-rY41RB3_oWLh0bN118I8ohFsJ2yMi3xX39O8-YJ83Yg0HZBX2kx567GcHJbfZkCfjBQAxjgW2x4I00YZk_YGN8WhnU9WIQcAsf8L9tVTjr6kWLw7QCv1PlFQSj-fsp_97Jel4LeFxyqrVxdmsj8ux54Hl7UDUuRMUxoFYeiDFmVcynuvgYo-bVaxD1iI6O7P8B8jfSVzx9ki9QX2aJYcLl9Tx_E1AkVJQGHUdCBlF6rG_055TI8ydCBm_YumvIF50kolL8obBJCFqg-DEvkc79H4nZ43va1YnBnNHH-JBKvm5b477JrILPvFj8Vyeu9lsuZ0Rplj5J6AuuuodxBUGUzhQvUFcw-WQ_L8o5MX2eXvWcgXmEtsQBpuB1eTe4hVN7qTO7Qw3ipUHgzIxS3RvSv7Auq5lxCTnAvDEwscrCBumNrVVOdzH9uRKQV0rxliHphHus_HMPOXe2tmocxsjXLHyTsAMkbi3KlgS7Lw3oEe0cG0BUQNX0J0XiV88KM0Yc5PFZaMzyUmgjecR-beD9KcRTvySgLk3D3nwXLJ1EPrjTDS38NLRAWpuQ5TbaBgHYelBwI8JarE0x7Us6v9hRT8P5ksnZJIQc_8d-v5IUVWHxwz8LG9YTo4me2jrAT0ghIsM6M1sb88X9ZVxIQD0hQZRSRiAmOREL0Vo9cQd3q8XgenF5rltq2IJX0jvBGO6gKlX7UCU09gZL2Lpi6BOXEK_p668UFIfQYm5HgXwCXFDQZcyog3xIPWEL-WI_Le5CGcUjbE0ZrbVkSf09-McnYhyB8PKycoHATthKBpCDmvwDhgXS8kcyJkBignouyUgQQI84AADWJAA7cV65HTmdkZkYp25czans2rcqKTc_Sf2EHH4TBKOxmokLhajYigMwdwQDwhDmpJ5-5YjdyLMbWDtOXELn1HCoxM-m0_DZEioyFBcs2sz-EZdFica_ulyoLXrv7IFDxbjAUDU1beDZ-Rt59Gn4dG38ehT8-iDyr3H5htuc_NccE0XpyDGnReCLhjMai0N2q5Oyx5PVma3wjE4fZ95XiXq49HN6izqx1hiz8RQXiZj2MIbh2XZJe8VVgmOi54Dcm8AKYOvcJBwBoOBM7Rb3ORAPE7YX3_5nors1BjOBrKVX4Z2axZf2Aqn4BAqQSXsK_hrDoecWJJ-DfWPUIIrqjWLbnHBHm2s1ehjyQ5mU5ePdhEJyipNPkb7nckSC3dkm2XMpen0m2aRv68teRfNkpL4_JkcBqGZJ38lk2WZRjwmR_xS7fkKfYoV7-rx_mVV9EGrlu_S_fzZ5C0HI2FmtlrOC2Naq0trsZLbLaB_PWR1vfG-XHHls_7ussrQV3APRnStaHMrnwm1qAfLIMmqwRp00zWh4S20EC-7MIG16QmRvvcOmM72m64pTxwQDzPLL1mQCd6Yd7FT8TYJJY14O41bwincFJVt1HiEhLSLuRbs5HNdVJ5wYY6NFjZ8A2UPyBX85cGwxFuRDIagvGDXRJvsXdqU4dy6KBd0QcNY9_rdnuTVH9ep_A_2tCIRpOArqCyYxgwjFzJ961pMqqhsn7ZYv8zBiJVZqbgUpix9B8rnIrhiul-mhjP9Ivo-idzt-JSyaHPSPlv3NbwXQ2bIxSyc3v0_9rmjdoacPaClskLrBfE2D-I-ze4lK_sRDE5TGs5C05esigasgtCHNmyubBJf0edo4VHQ56DzpcZnnbHucbPOCLORNiyZmhUajj_mn-A9GCTMYolC40g56Tf1866SIWFU3-8LDkrC8aGwA674Lv3b4g3SZZSfAu4wAoA%3D&tga-with-creatives=1 Requested by Host: yastatic.net URL: https://yastatic.net/pcode/adfox/loader.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 14facf711b8ccec81c7aac3fbaffb254f4a151188821e380ba881fae86f15a87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers pragma no-cache date Sun, 23 Jul 2023 22:41:50 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Sun, 23 Jul 2023 22:41:50 GMT x-yandex-req-id 1690152110433672-672265383983212751400210-production-app-host-sas-pcode-177 p3p CP="NOI DEVa TAIa OUR BUS UNI STA" access-control-allow-origin https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru content-type application/json cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin * x-xss-protection 1; mode=block expires Sun, 23 Jul 2023 22:41:50 GMT
GET H/1.1	200 OK	hit counter.yadro.ru/ Redirect Chain https://counter.yadro.ru/hit?t11.6;r;s1600*1200*24;uhttps%3A//www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/;0.9873473415885374 https://counter.yadro.ru/hit?q;t11.6;r;s1600*1200*24;uhttps%3A//www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/;0.9873473415885374	753 B 1 KB	154ms 153ms	Image image/gif	88.212.201.198 UNITEDNET
General Check archive.org Show headers Download Go to Show image Full URL https://counter.yadro.ru/hit?q;t11.6;r;s1600*1200*24;uhttps%3A//www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/;0.9873473415885374 Requested by Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Protocol HTTP/1.1 Server 88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU), Reverse DNS host198.rax.ru Software nginx/1.17.9 / Resource Hash a61735542ef93f832ab8321f9670a83ff11f58b5e122b2fb014199e32de05312 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language en-US,en;q=0.9 Referer https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers Pragma no-cache Date Sun, 23 Jul 2023 22:41:50 GMT Strict-Transport-Security max-age=86400 Server nginx/1.17.9 Content-Type image/gif P3P policyref="/w3c/p3p.xml", CP="UNI" Access-Control-Allow-Origin * Cache-control no-cache Connection keep-alive Content-Length 753 Expires Sat, 23 Jul 2022 21:00:00 GMT Redirect headers Pragma no-cache Date Sun, 23 Jul 2023 22:41:49 GMT Strict-Transport-Security max-age=86400 Server nginx/1.17.9 Content-Type text/html Location https://counter.yadro.ru/hit?q;t11.6;r;s1600*1200*24;uhttps%3A//www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/;0.9873473415885374 P3P policyref="/w3c/p3p.xml", CP="UNI" Cache-control no-cache Connection keep-alive Content-Length 32 Expires Sat, 23 Jul 2022 21:00:00 GMT
GET H2	200	hit c.hit.ua/	471 B 739 B	907ms 158ms	Image image/png	89.184.81.35 MIROHOST Web hosting
General Check archive.org Show headers Download Go to Show image Full URL https://c.hit.ua/hit?i=84925&g=0&x=1&s=1&c=1&t=0&w=1600&h=1200&d=24&0.8316217694922123&r=&u=https%3A//www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Requested by Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 89.184.81.35 Kyiv, Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, US), Reverse DNS c.hit.ua Software nginx/1.17.9 / Resource Hash 705ac0c572d53dd9bc0678c171794e9463e8100858f936681dec07c838881993 Request headers accept-language en-US,en;q=0.9 Referer https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers p3p policyref="/w3c/p3p.xml", CP="UNI" pragma no-cache date Sun, 23 Jul 2023 22:41:49 GMT cache-control no-cache, no-store, must-revalidate content-type image/png server nginx/1.17.9 expires 0
GET		watch.js mc.yandex.ru/metrika/	0 0
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	101ms 29ms	Script text/javascript	2607:f8b0:4006:817::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:817::200e Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Sun, 23 Jul 2023 22:11:08 GMT last-modified Mon, 12 Jun 2023 18:23:07 GMT server Golfe2 age 1841 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Mon, 24 Jul 2023 00:11:08 GMT
GET H2	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/	385 KB 122 KB	30ms 29ms	Script text/javascript	2607:f8b0:4006:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80e::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3f98d2733f3cacaf5152fd4d55f778410f391312016cadb5162545357302cdee Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 18:13:25 GMT content-encoding br x-content-type-options nosniff age 16104 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 125179 x-xss-protection 0 server cafe etag 2430563369519042680 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Mon, 22 Jul 2024 18:13:25 GMT
GET H3	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	83 B 99 B	128ms 67ms	XHR application/json	2607:f8b0:4006:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80e::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash bb9b602388460394170e0c1a372d28a241c1eb711ed6c20c3fa2caa6140d8eed Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:49 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 74 x-xss-protection 0 expires Sun, 23 Jul 2023 22:41:49 GMT
GET H2	200	show_ads_impl_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307180101/	360 KB 123 KB	88ms 86ms	Script text/javascript	2607:f8b0:4006:823::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307180101/show_ads_impl_fy2021.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:823::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c2498e5a286c71ac73c23682741374ca2a7d5d144722dfd7612d027f1b8abb51 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:49 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 126189 x-xss-protection 0 server cafe etag 10275990977203466 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Sun, 23 Jul 2023 22:41:49 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20230719/r20190131/ Frame 283F	10 KB 5 KB	387ms 61ms	Document text/html	2607:f8b0:4006:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20230719/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80f::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 accept-language en-US,en;q=0.9 Response headers age 49561 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4544 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 23 Jul 2023 08:55:48 GMT etag 12368291122986407432 expires Sun, 06 Aug 2023 08:55:48 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
POST H2	200	collect Show response www.google-analytics.com/j/	15 B 256 B	41ms 39ms	XHR text/plain	2607:f8b0:4006:817::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1961258191&t=pageview&_s=1&dl=https%3A%2F%2Fwww.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru%2F&ul=en-us&de=UTF-8&dt=%D0%90%D1%83%D0%B4%D0%B8%D0%BE%D0%BA%D0%BD%D0%B8%D0%B3%D0%B8%20%D1%81%D0%BB%D1%83%D1%88%D0%B0%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%3A%3A%20bookmp3.ru&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1060233520&gjid=1557946413&cid=1167766464.1690152109&tid=UA-109514583-1&_gid=1500015306.1690152109&_r=1&_slc=1&z=444379814 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:817::200e Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash bc4540a14193a6537e0c03127bbf19848e6226bd437f2550d18f1f385c55eccb Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 23 Jul 2023 22:41:49 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	1 KB 529 B	78ms 78ms	XHR text/plain	2607:f8b0:4006:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4066533587057257&correlator=4485492980103824&eid=31072019%2C31076312%2C44797784&output=ldjh&gdfp_req=1&vrg=202307180101&ptt=17&impl=fif&iu_parts=21635236099%2Cbookmp3.ru%2CM_Interstitial&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=3&adks=218515113&sfv=1-0-40&ists=1&fas=8&sc=1&cookie_enabled=1&abxe=1&dt=1690152109419&lmt=1690152109&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1167766464.1690152109&ga_sid=1690152109&ga_hid=1961258191&ga_fc=true&dlt=1690152106865&idt=2499 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80e::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ba59d70cd5715a82ce131dd651b62a84831867180a256af80e37ab7be800f7c8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:49 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 499 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response acea364e80cf1beb2ac1d7f54c24f519.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C913	6 KB 3 KB	318ms 26ms	Document text/html	2607:f8b0:4006:81e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://acea364e80cf1beb2ac1d7f54c24f519.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81e::2001 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Sun, 23 Jul 2023 22:41:49 GMT expires Mon, 22 Jul 2024 22:41:49 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	pubads_impl_page_level_ads.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/	37 KB 13 KB	30ms 29ms	Script text/javascript	2607:f8b0:4006:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl_page_level_ads.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80e::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1f0f1071ab7fcf6a87e947376a3d52b3cdbffe66c5a0acfc72a6e17fbd4a4eab Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 13:11:01 GMT content-encoding br x-content-type-options nosniff age 34248 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13169 x-xss-protection 0 server cafe etag 3859843786994776570 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Mon, 22 Jul 2024 13:11:01 GMT
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	387 B 601 B	242ms 54ms	Script text/javascript	2607:f8b0:4006:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru&callback=_gfp_s_&client=ca-pub-1618592205083780 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307180101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:821::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 200e85dab4757803a718dcf0212602887d28fe0dfb611053c9f405be297a2305 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:49 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 249 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 456 B	135ms 58ms	Script application/javascript	2607:f8b0:4006:824::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307180101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:824::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:49 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 3A3C	37 KB 16 KB	204ms 202ms	Document text/html	2607:f8b0:4006:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1618592205083780&output=html&h=178&slotname=2609168587&adk=1374432671&adf=4036610663&pi=t.ma~as.2609168587&w=710&fwrn=4&lmt=1690152109&rafmt=11&format=710x178&url=https%3A%2F%2Fwww.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690152109199&bpp=10&bdt=2334&idt=277&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&correlator=4611190033106&frm=20&pv=2&ga_vid=1167766464.1690152109&ga_sid=1690152109&ga_hid=1961258191&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=295&ady=1617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31076087%2C42531706%2C44788441%2C44797784&oid=2&pvsid=4066533587057257&tmod=1604677241&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=5ut2MxHbOz&p=https%3A//www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru&dtd=391 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307180101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80f::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 362eca2bf586d629b5654ef69c17502743d189c7c843a88e88e8aaf86cee9dd6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 15911 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 23 Jul 2023 22:41:49 GMT expires Sun, 23 Jul 2023 22:41:49 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	80ms 70ms	Image image/gif	2607:f8b0:4006:823::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=b-topbar&ign=false&pw=1600&ph=1200&x=800&y=0 Requested by Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:823::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers pragma no-cache date Sun, 23 Jul 2023 22:41:49 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 9522	172 KB 26 KB	525ms 467ms	Document text/html	2607:f8b0:4006:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1618592205083780&output=html&adk=1812271804&adf=3025194257&lmt=1690152109&plat=2%3A16777216%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fwww.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690152109227&bpp=3&bdt=2363&idt=397&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&prev_fmts=710x178&nras=1&correlator=4611190033106&frm=20&pv=1&ga_vid=1167766464.1690152109&ga_sid=1690152109&ga_hid=1961258191&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31076087%2C42531706%2C44788441%2C44797784&oid=2&pvsid=4066533587057257&tmod=1604677241&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=483 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307180101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80f::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 305c4903bc22a439c99750026f138ca1ed69dbde08deb64a57b39675b1f943c9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 26679 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 23 Jul 2023 22:41:50 GMT expires Sun, 23 Jul 2023 22:41:50 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	js Show response www.googletagmanager.com/gtag/	213 KB 77 KB	192ms 60ms	Script application/javascript	2607:f8b0:4006:81c::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-XR25G8TDFM&cx=c&_slc=1 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81c::2008 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash c0452617e9015b85a178244fb2a35ace28b1db77bd4a2a58dbe25acc66e01522 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:49 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 77990 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sun, 23 Jul 2023 22:41:49 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 3A3C	3 KB 1 KB	133ms 38ms	Script text/javascript	2607:f8b0:4006:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1618592205083780&output=html&h=178&slotname=2609168587&adk=1374432671&adf=4036610663&pi=t.ma~as.2609168587&w=710&fwrn=4&lmt=1690152109&rafmt=11&format=710x178&url=https%3A%2F%2Fwww.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690152109199&bpp=10&bdt=2334&idt=277&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&correlator=4611190033106&frm=20&pv=2&ga_vid=1167766464.1690152109&ga_sid=1690152109&ga_hid=1961258191&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=295&ady=1617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31076087%2C42531706%2C44788441%2C44797784&oid=2&pvsid=4066533587057257&tmod=1604677241&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=5ut2MxHbOz&p=https%3A//www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru&dtd=391 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80b::2001 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 17:22:38 GMT content-encoding br x-content-type-options nosniff age 19151 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 06 Aug 2023 17:22:38 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 3A3C	20 KB 9 KB	125ms 31ms	Script text/javascript	2607:f8b0:4006:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1618592205083780&output=html&h=178&slotname=2609168587&adk=1374432671&adf=4036610663&pi=t.ma~as.2609168587&w=710&fwrn=4&lmt=1690152109&rafmt=11&format=710x178&url=https%3A%2F%2Fwww.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690152109199&bpp=10&bdt=2334&idt=277&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&correlator=4611190033106&frm=20&pv=2&ga_vid=1167766464.1690152109&ga_sid=1690152109&ga_hid=1961258191&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=295&ady=1617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31076087%2C42531706%2C44788441%2C44797784&oid=2&pvsid=4066533587057257&tmod=1604677241&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=5ut2MxHbOz&p=https%3A//www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru&dtd=391 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80b::2001 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 17:22:38 GMT content-encoding br x-content-type-options nosniff age 19151 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8309 x-xss-protection 0 server cafe etag 1379281626718990200 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 06 Aug 2023 17:22:38 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame 3A3C	0 0	144ms 66ms	Image text/html	2607:f8b0:4006:81d::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaRipI2mq2cxGLVsdomC0z_F_kYWGyZrrTIhf0HXIpV3z9gELtmu8kDzWahSTeDge0nDpHCThkD1LnZDQIVIq7ScRfGSiw Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1618592205083780&output=html&h=178&slotname=2609168587&adk=1374432671&adf=4036610663&pi=t.ma~as.2609168587&w=710&fwrn=4&lmt=1690152109&rafmt=11&format=710x178&url=https%3A%2F%2Fwww.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690152109199&bpp=10&bdt=2334&idt=277&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&correlator=4611190033106&frm=20&pv=2&ga_vid=1167766464.1690152109&ga_sid=1690152109&ga_hid=1961258191&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=295&ady=1617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31076087%2C42531706%2C44788441%2C44797784&oid=2&pvsid=4066533587057257&tmod=1604677241&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=5ut2MxHbOz&p=https%3A//www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru&dtd=391 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81d::2004 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 3A3C	179 KB 57 KB	265ms 83ms	Script text/javascript	2607:f8b0:4006:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1618592205083780&output=html&h=178&slotname=2609168587&adk=1374432671&adf=4036610663&pi=t.ma~as.2609168587&w=710&fwrn=4&lmt=1690152109&rafmt=11&format=710x178&url=https%3A%2F%2Fwww.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690152109199&bpp=10&bdt=2334&idt=277&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&correlator=4611190033106&frm=20&pv=2&ga_vid=1167766464.1690152109&ga_sid=1690152109&ga_hid=1961258191&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=295&ady=1617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31076087%2C42531706%2C44788441%2C44797784&oid=2&pvsid=4066533587057257&tmod=1604677241&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=5ut2MxHbOz&p=https%3A//www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru&dtd=391 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:809::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:50 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 57333 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1689766554590483" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sun, 23 Jul 2023 22:41:50 GMT
GET H2	200	afr.php Show response ads.us.criteo.com/delivery/r/ Frame 0F12	105 KB 39 KB	198ms 61ms	Document text/html	2620:100:a001::24 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAJ78UFKNMXAANAL1ZjmMz9_9MSmeQpdg&u=%7CSjDzQLoKHiuuCPxM7LPYvqN8FUsLBhtYQkKBsl3HK%2F0%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78rklu3251mk0mb-RBzl6Q31aohG_DEjutoXymwHZ91Z5SU1mntZfa4vRc8nT5cTmKM7rUKSqosjXyKCO6jz5XzCxIlxCJefYRUBo36Loj-fUW_M0PUrQ8aLmuPBxSlf9kTqYj198CQ0QXv5xkn2PGMHP7Jlfkz4Bo___s7ReVMEc5icU6Zgj9uV0fMoFNdgFJp7KFnLj9yo5l8jpaGXtJ_h5bDH9yJxd9WOXsr17HBQUhWUJ2QfY3sJyM9QOj7BZgNfgGHciAYlbGo1Zr1Rwxr9y3gRd1-SpYj9QrPLCRiGeXcssGkE1ycjVHNF_G1thgitRAlntEyrerFwrWRFm42NrIvoNlj_apermKpE41PIdYyG7iGZiEDCP_ZJ_8Dsn4c2L2BNJSHEQfqclMERWLgICjY3BxgFoi5HCeBiWzM2Xkh8zEOg0EDkcTaq3YoA62yde8yzkCYLBUJry5FCkDVWcKHOFu16kzLzM0jq9XwvPMNuamfTROycTSA19jHAoZaIyFpxOyU3Nh7hIOB7MkA6R7bdvxGu2-E9ruvI66_sQ-FaSF1Owbdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPn4dray9ZMXfJ5emo9kPr4CNgAqcge-wXNKWqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoExQJP0GUzpYeEATZ465b5enwUkn9CZqrD9D3-kj7evH0GOnKaaytMEg-HfUZinFZ6kPN6jJxPJMx88c0sRPYiTkERNV1Xoe2gB00xPTa4y6a5SQTwAsMjpUMoIpfkyiasC4ibOaMIU5YDBm1v1gz8OG4LFb-JSKnF9bu_B3rwbHLCXQmDzB6atOKDfa08adj6wHnq_WkcZR7fjwMJmB3M0Ow9naY2W2xxoJEK_csXkeuViT_C0_zUhE0UzTVD4HxDTWby0N7CRc601z_6so5Px6vWH3PZTMRhoIwStl4PfnVmLsy6zZLijpG_u4LCCJsq6CnvXnmKStvlI9LrnobQzZBYX_L4d12LZzpbcwTUl3ak_x1VmsTXGGzFVwQOy7d7102Z8U9C8rvmgJAXA8xyurwoNWAmKENmMCLDRVqOxwQsd1cXlyLLgAbJx_363fjukhegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1ft_UO8uoXHKdC3d-9FDjyE1m4WA%26client%3Dca-pub-1618592205083780%26adurl%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1618592205083780&output=html&h=178&slotname=2609168587&adk=1374432671&adf=4036610663&pi=t.ma~as.2609168587&w=710&fwrn=4&lmt=1690152109&rafmt=11&format=710x178&url=https%3A%2F%2Fwww.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690152109199&bpp=10&bdt=2334&idt=277&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&correlator=4611190033106&frm=20&pv=2&ga_vid=1167766464.1690152109&ga_sid=1690152109&ga_hid=1961258191&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=295&ady=1617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31076087%2C42531706%2C44788441%2C44797784&oid=2&pvsid=4066533587057257&tmod=1604677241&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=5ut2MxHbOz&p=https%3A//www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru&dtd=391 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash e5de6df9647a24fced4405f1069a8088d9518a96d1cf6c1396c959987c0a6568 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 accept-language en-US,en;q=0.9 Response headers access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * access-control-max-age 1000 cache-control private, max-age=0, no-cache content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin date Sun, 23 Jul 2023 22:41:49 GMT expires Mon, 26 Jul 1997 05:00:00 GMT link <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin p3p CP='CUR ADM OUR NOR STA NID' pragma no-cache report-to {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=mYGSzk5XRp0-3kmALDl6o2kKcwQWJqUbZ-HM7YqkKskYgnLxKHIJlqQiOyNRzcqONNB4Sbt5dDxPgn-RTV9F3DRtCk-c1orqrGZwe6qe8q3MTQxi4ckHjILwV523uokCEAg0hweGYtYsAATYUHMtWcqEeuTJf5DdEMC9kA6GedwTOT0vosQxRvf3oArmaP4hMiiKqTzJ_Jt0wTV7psmhPh1OnbeoKEkEEEmU4pbnffanuUDrtmHaMX66qMzLcIdyTIP0OA"}], "max_age": 86400} server Kestrel server-processing-duration-in-ticks 16114821 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 7A74	1 KB 643 B	32ms 28ms	Document text/html	2607:f8b0:4006:823::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1618592205083780&output=html&h=178&slotname=2609168587&adk=1374432671&adf=4036610663&pi=t.ma~as.2609168587&w=710&fwrn=4&lmt=1690152109&rafmt=11&format=710x178&url=https%3A%2F%2Fwww.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690152109199&bpp=10&bdt=2334&idt=277&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&correlator=4611190033106&frm=20&pv=2&ga_vid=1167766464.1690152109&ga_sid=1690152109&ga_hid=1961258191&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=295&ady=1617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31076087%2C42531706%2C44788441%2C44797784&oid=2&pvsid=4066533587057257&tmod=1604677241&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=5ut2MxHbOz&p=https%3A//www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru&dtd=391 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:823::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 accept-language en-US,en;q=0.9 Response headers age 45709 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 23 Jul 2023 10:00:00 GMT etag 48472445140208031 expires Mon, 24 Jul 2023 10:00:00 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	dpixel cms.quantserve.com/ Frame 7A74	35 B 463 B	150ms 39ms	Image image/gif	2620:116:800b:21:f059:4f7e:28a9:1588 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKMSrF1PzBmQ8MkVMjnuzNs&google_cver=1&google_push=AaAOQGFZIeTpkZW7ZLDuG1dg8ll-cRmZJHtmZ32C3naRn_B-5o5PSUYVh3eTjfd_u_aMvDIhKrL_hVaW3CAkPwFWEff2me7njRtLSA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1618592205083780&output=html&h=178&slotname=2609168587&adk=1374432671&adf=4036610663&pi=t.ma~as.2609168587&w=710&fwrn=4&lmt=1690152109&rafmt=11&format=710x178&url=https%3A%2F%2Fwww.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690152109199&bpp=10&bdt=2334&idt=277&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&correlator=4611190033106&frm=20&pv=2&ga_vid=1167766464.1690152109&ga_sid=1690152109&ga_hid=1961258191&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=295&ady=1617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31076087%2C42531706%2C44788441%2C44797784&oid=2&pvsid=4066533587057257&tmod=1604677241&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=5ut2MxHbOz&p=https%3A//www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru&dtd=391 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800b:21:f059:4f7e:28a9:1588 , United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers pragma no-cache date Sun, 23 Jul 2023 22:41:50 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" content-type image/gif cache-control private, no-cache, no-store, proxy-revalidate content-length 35 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H2	200	i.match s.tribalfusion.com/z/ Frame 7A74 Redirect Chain https://a.tribalfusion.com/i.match?p=b6&u=CAESEDp7ZjmpSSv19F5blXCu2UY&google_cver=1&google_push=AaAOQGENFt9ymBLrzhq2YpBEvIEdW_wxkZx7Dv5OFOWYboI6PGcpd8ZmomJoyhRnC5yIb2PwkC0gBqvHTfZxhObR38qg0zsPhXzDD... https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDp7ZjmpSSv19F5blXCu2UY&google_cver=1&google_push=AaAOQGENFt9ymBLrzhq2YpBEvIEdW_wxkZx7Dv5OFOWYboI6PGcpd8ZmomJoyhRnC5yIb2PwkC0gBqvHTfZxhObR38qg0zsPhXz...	43 B 420 B	120ms 110ms	Image image/gif	2606:4700::6812:18ad CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDp7ZjmpSSv19F5blXCu2UY&google_cver=1&google_push=AaAOQGENFt9ymBLrzhq2YpBEvIEdW_wxkZx7Dv5OFOWYboI6PGcpd8ZmomJoyhRnC5yIb2PwkC0gBqvHTfZxhObR38qg0zsPhXzDDQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGENFt9ymBLrzhq2YpBEvIEdW_wxkZx7Dv5OFOWYboI6PGcpd8ZmomJoyhRnC5yIb2PwkC0gBqvHTfZxhObR38qg0zsPhXzDDQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1618592205083780&output=html&h=178&slotname=2609168587&adk=1374432671&adf=4036610663&pi=t.ma~as.2609168587&w=710&fwrn=4&lmt=1690152109&rafmt=11&format=710x178&url=https%3A%2F%2Fwww.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690152109199&bpp=10&bdt=2334&idt=277&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&correlator=4611190033106&frm=20&pv=2&ga_vid=1167766464.1690152109&ga_sid=1690152109&ga_hid=1961258191&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=295&ady=1617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31076087%2C42531706%2C44788441%2C44797784&oid=2&pvsid=4066533587057257&tmod=1604677241&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=5ut2MxHbOz&p=https%3A//www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru&dtd=391 Protocol H2 Server 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers pragma no-cache date Sun, 23 Jul 2023 22:41:50 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare content-type image/gif; charset=utf-8 p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private cf-ray 7eb76ee1a8334bc0-BUF alt-svc h3=":443"; ma=86400 content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers pragma no-cache date Sun, 23 Jul 2023 22:41:50 GMT cf-cache-status DYNAMIC x-function 206 server cloudflare x-reuse-index 5571 content-type text/html location https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDp7ZjmpSSv19F5blXCu2UY&google_cver=1&google_push=AaAOQGENFt9ymBLrzhq2YpBEvIEdW_wxkZx7Dv5OFOWYboI6PGcpd8ZmomJoyhRnC5yIb2PwkC0gBqvHTfZxhObR38qg0zsPhXzDDQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGENFt9ymBLrzhq2YpBEvIEdW_wxkZx7Dv5OFOWYboI6PGcpd8ZmomJoyhRnC5yIb2PwkC0gBqvHTfZxhObR38qg0zsPhXzDDQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private cf-ray 7eb76ee098244bc0-BUF alt-svc h3=":443"; ma=86400 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame 7A74 Redirect Chain https://aep.mxptint.net/sn.ashx?google_gid=CAESEEneW3wRnQ48ngkCq3S-uHM&google_cver=1&google_push=AaAOQGHpH5KKIw3YezFRxStb-IvLkI6I7yr9pbPrhveoabIpkZKGk3YQsDqQRjwgKY-gb7Kkoo5rwHG-5v4HpDW18VkHf30OTODd3Q https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AaAOQGHpH5KKIw3YezFRxStb-IvLkI6I7yr9pbPrhveoabIpkZKGk3YQsDqQRjwgKY-gb7Kkoo5rwHG-5v4HpDW18VkHf30OTODd3Q&google_hm=UjMzNjQ2XzEwNj...	170 B 329 B	51ms 50ms	Image image/png	142.250.176.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AaAOQGHpH5KKIw3YezFRxStb-IvLkI6I7yr9pbPrhveoabIpkZKGk3YQsDqQRjwgKY-gb7Kkoo5rwHG-5v4HpDW18VkHf30OTODd3Q&google_hm=UjMzNjQ2XzEwNjQ5MDQyN19COUE2MzcyRQ%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1618592205083780&output=html&h=178&slotname=2609168587&adk=1374432671&adf=4036610663&pi=t.ma~as.2609168587&w=710&fwrn=4&lmt=1690152109&rafmt=11&format=710x178&url=https%3A%2F%2Fwww.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690152109199&bpp=10&bdt=2334&idt=277&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&correlator=4611190033106&frm=20&pv=2&ga_vid=1167766464.1690152109&ga_sid=1690152109&ga_hid=1961258191&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=295&ady=1617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31076087%2C42531706%2C44788441%2C44797784&oid=2&pvsid=4066533587057257&tmod=1604677241&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=5ut2MxHbOz&p=https%3A//www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru&dtd=391 Protocol H2 Server 142.250.176.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s37-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers pragma no-cache date Sun, 23 Jul 2023 22:41:50 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AaAOQGHpH5KKIw3YezFRxStb-IvLkI6I7yr9pbPrhveoabIpkZKGk3YQsDqQRjwgKY-gb7Kkoo5rwHG-5v4HpDW18VkHf30OTODd3Q&google_hm=UjMzNjQ2XzEwNjQ5MDQyN19COUE2MzcyRQ%3D%3D Date Sun, 23 Jul 2023 22:41:49 GMT Cache-Control private Strict-Transport-Security max-age=-373156890; includeSubDomains P3P CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE", CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE" Content-Length 348 Content-Type text/html; charset=utf-8
GET H2	200	pixel cm.g.doubleclick.net/ Frame 7A74 Redirect Chain https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE... https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEN65EBbZ-18SQF6OVg1ngGU&google_push=AaAOQGH-Jf3z5c-TTO_pssQNrAQUO9PPFZVl_CwHdh2npbRFdyy4sdqOmL...	170 B 232 B	51ms 50ms	Image image/png	142.250.176.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEN65EBbZ-18SQF6OVg1ngGU&google_push=AaAOQGH-Jf3z5c-TTO_pssQNrAQUO9PPFZVl_CwHdh2npbRFdyy4sdqOmLrWT2Wsz5AYxfBsf_CYV2YXkxElwtKWs5w3WRjMzlRrDg Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1618592205083780&output=html&h=178&slotname=2609168587&adk=1374432671&adf=4036610663&pi=t.ma~as.2609168587&w=710&fwrn=4&lmt=1690152109&rafmt=11&format=710x178&url=https%3A%2F%2Fwww.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690152109199&bpp=10&bdt=2334&idt=277&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&correlator=4611190033106&frm=20&pv=2&ga_vid=1167766464.1690152109&ga_sid=1690152109&ga_hid=1961258191&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=295&ady=1617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31076087%2C42531706%2C44788441%2C44797784&oid=2&pvsid=4066533587057257&tmod=1604677241&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=5ut2MxHbOz&p=https%3A//www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru&dtd=391 Protocol H2 Server 142.250.176.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s37-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers pragma no-cache date Sun, 23 Jul 2023 22:41:50 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers x-served-by cache-yyz4545-YYZ pragma no-cache date Sun, 23 Jul 2023 22:41:50 GMT via 1.1 varnish server Jetty(9.4.35.v20201120) x-timer S1690152110.197488,VS0,VE21 x-cache MISS p3p CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM" access-control-allow-origin * location https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEN65EBbZ-18SQF6OVg1ngGU&google_push=AaAOQGH-Jf3z5c-TTO_pssQNrAQUO9PPFZVl_CwHdh2npbRFdyy4sdqOmLrWT2Wsz5AYxfBsf_CYV2YXkxElwtKWs5w3WRjMzlRrDg cache-control no-cache accept-ranges bytes content-length 0 x-cache-hits 0
GET H2	200	pixel cm.g.doubleclick.net/ Frame 7A74 Redirect Chain https://ums.acuityplatform.com/tum?umid=4&uid=CAESENw7_fRklOb0-qngjYUi0hI&google_cver=1&google_push=AaAOQGE4mTmxJ9nExJKQpoNcHRuntl7kLznkWZuBQseWZiE1lBnxyhub6XpkjhTORhP4v3eQGhuOBsENeTd_7gIkgnBPCiaWL... https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=803754168391	170 B 232 B	47ms 45ms	Image image/png	142.250.176.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=803754168391 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1618592205083780&output=html&h=178&slotname=2609168587&adk=1374432671&adf=4036610663&pi=t.ma~as.2609168587&w=710&fwrn=4&lmt=1690152109&rafmt=11&format=710x178&url=https%3A%2F%2Fwww.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690152109199&bpp=10&bdt=2334&idt=277&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&correlator=4611190033106&frm=20&pv=2&ga_vid=1167766464.1690152109&ga_sid=1690152109&ga_hid=1961258191&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=295&ady=1617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31076087%2C42531706%2C44788441%2C44797784&oid=2&pvsid=4066533587057257&tmod=1604677241&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=5ut2MxHbOz&p=https%3A//www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru&dtd=391 Protocol H2 Server 142.250.176.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s37-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers pragma no-cache date Sun, 23 Jul 2023 22:41:50 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Access-Control-Allow-Origin * Location https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=803754168391 Content-Length 0
GET H2	200	usersync.aspx dis.criteo.com/dis/ Frame 7A74	43 B 363 B	204ms 51ms	Image image/gif	74.119.119.150 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3D%25%25GOOGLE_PUSH%25%25&google_gid=CAESECxs0wIpXEKpefbkCeLOm7w&google_cver=1&google_push=AaAOQGGncP0glK_Fud34gY3uEWv2md2gMrCzXEaoVl4qpbePjyHLNAjGlX6Jv-82BW7xwUGtge6r8RisaV7eXolwcRgmO2aYgReY Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1618592205083780&output=html&h=178&slotname=2609168587&adk=1374432671&adf=4036610663&pi=t.ma~as.2609168587&w=710&fwrn=4&lmt=1690152109&rafmt=11&format=710x178&url=https%3A%2F%2Fwww.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690152109199&bpp=10&bdt=2334&idt=277&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&correlator=4611190033106&frm=20&pv=2&ga_vid=1167766464.1690152109&ga_sid=1690152109&ga_hid=1961258191&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=295&ady=1617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31076087%2C42531706%2C44788441%2C44797784&oid=2&pvsid=4066533587057257&tmod=1604677241&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=5ut2MxHbOz&p=https%3A//www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru&dtd=391 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.119.119.150 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers pragma no-cache date Sun, 23 Jul 2023 22:41:49 GMT x-errorlevel 0 strict-transport-security max-age=31536000; preload; server Kestrel p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" content-type image/gif cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 380619 expires Sun, 23 Jul 2023 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 7A74 Redirect Chain https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESEBVzX-dG_DDwJ0NMmNty4eM&google_cver=1&google_push=AaAOQGHlRyAqyU4S8XgA30uGUw2fqCJi2WZQN9V_cyVSb3vamwQ91uzYrepxIny_oQNwZEFgULU5... https://rtb.mfadsrvr.com/ul_cb/sync?ssp=google&ssp_init=step1&google_gid=CAESEBVzX-dG_DDwJ0NMmNty4eM&google_cver=1&google_push=AaAOQGHlRyAqyU4S8XgA30uGUw2fqCJi2WZQN9V_cyVSb3vamwQ91uzYrepxIny_oQNwZE... https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=mEJ_QxQ6QQORmDvQsavBSA==&no_redirect=1&google_push=AaAOQGHlRyAqyU4S8XgA30uGUw2fqCJi2WZQN9V_cyVSb3vamwQ91u...	170 B 188 B	43ms 42ms	Image image/png	142.250.176.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=mEJ_QxQ6QQORmDvQsavBSA==&no_redirect=1&google_push=AaAOQGHlRyAqyU4S8XgA30uGUw2fqCJi2WZQN9V_cyVSb3vamwQ91uzYrepxIny_oQNwZEFgULU5TrVsgE0666dhMqIcGLd8JiBtfQ Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1618592205083780&output=html&h=178&slotname=2609168587&adk=1374432671&adf=4036610663&pi=t.ma~as.2609168587&w=710&fwrn=4&lmt=1690152109&rafmt=11&format=710x178&url=https%3A%2F%2Fwww.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690152109199&bpp=10&bdt=2334&idt=277&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&correlator=4611190033106&frm=20&pv=2&ga_vid=1167766464.1690152109&ga_sid=1690152109&ga_hid=1961258191&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=295&ady=1617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31076087%2C42531706%2C44788441%2C44797784&oid=2&pvsid=4066533587057257&tmod=1604677241&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=5ut2MxHbOz&p=https%3A//www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru&dtd=391 Protocol H3 Server 142.250.176.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s37-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers pragma no-cache date Sun, 23 Jul 2023 22:41:50 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location //cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=mEJ_QxQ6QQORmDvQsavBSA==&no_redirect=1&google_push=AaAOQGHlRyAqyU4S8XgA30uGUw2fqCJi2WZQN9V_cyVSb3vamwQ91uzYrepxIny_oQNwZEFgULU5TrVsgE0666dhMqIcGLd8JiBtfQ date Sun, 23 Jul 2023 22:41:50 GMT cache-control no-cache, no-store, must-revalidate via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	204	attr cm.g.doubleclick.net/pixel/ Frame 7A74	0 130 B	188ms 41ms	Image text/html	142.250.176.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KA_GuajAgxAycS4JJkTbwvf3DzTKhNfKbFe6MYRTbQIrZyaRnGTFMmjHxGpKFDflrXB1A7Fg Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1618592205083780&output=html&h=178&slotname=2609168587&adk=1374432671&adf=4036610663&pi=t.ma~as.2609168587&w=710&fwrn=4&lmt=1690152109&rafmt=11&format=710x178&url=https%3A%2F%2Fwww.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690152109199&bpp=10&bdt=2334&idt=277&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&correlator=4611190033106&frm=20&pv=2&ga_vid=1167766464.1690152109&ga_sid=1690152109&ga_hid=1961258191&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=295&ady=1617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31076087%2C42531706%2C44788441%2C44797784&oid=2&pvsid=4066533587057257&tmod=1604677241&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=5ut2MxHbOz&p=https%3A//www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru&dtd=391 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.176.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s37-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:50 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
POST H3	204	collect www.google-analytics.com/g/	0 17 B	41ms 40ms	Ping text/plain	2607:f8b0:4006:817::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-XR25G8TDFM&gtm=45je37j0&_p=1961258191&ul=en-us&sr=1600x1200&cid=1167766464.1690152109&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru%2F&dt=%D0%90%D1%83%D0%B4%D0%B8%D0%BE%D0%BA%D0%BD%D0%B8%D0%B3%D0%B8%20%D1%81%D0%BB%D1%83%D1%88%D0%B0%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%3A%3A%20bookmp3.ru&sid=1690152110&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-XR25G8TDFM&cx=c&_slc=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:817::200e Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers pragma no-cache date Sun, 23 Jul 2023 22:41:50 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	privacy_small.svg static.criteo.net/flash/icon/ Frame 0F12	2 KB 1 KB	117ms 35ms	Image image/svg+xml	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/privacy_small.svg Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAJ78UFKNMXAANAL1ZjmMz9_9MSmeQpdg&u=%7CSjDzQLoKHiuuCPxM7LPYvqN8FUsLBhtYQkKBsl3HK%2F0%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78rklu3251mk0mb-RBzl6Q31aohG_DEjutoXymwHZ91Z5SU1mntZfa4vRc8nT5cTmKM7rUKSqosjXyKCO6jz5XzCxIlxCJefYRUBo36Loj-fUW_M0PUrQ8aLmuPBxSlf9kTqYj198CQ0QXv5xkn2PGMHP7Jlfkz4Bo___s7ReVMEc5icU6Zgj9uV0fMoFNdgFJp7KFnLj9yo5l8jpaGXtJ_h5bDH9yJxd9WOXsr17HBQUhWUJ2QfY3sJyM9QOj7BZgNfgGHciAYlbGo1Zr1Rwxr9y3gRd1-SpYj9QrPLCRiGeXcssGkE1ycjVHNF_G1thgitRAlntEyrerFwrWRFm42NrIvoNlj_apermKpE41PIdYyG7iGZiEDCP_ZJ_8Dsn4c2L2BNJSHEQfqclMERWLgICjY3BxgFoi5HCeBiWzM2Xkh8zEOg0EDkcTaq3YoA62yde8yzkCYLBUJry5FCkDVWcKHOFu16kzLzM0jq9XwvPMNuamfTROycTSA19jHAoZaIyFpxOyU3Nh7hIOB7MkA6R7bdvxGu2-E9ruvI66_sQ-FaSF1Owbdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPn4dray9ZMXfJ5emo9kPr4CNgAqcge-wXNKWqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoExQJP0GUzpYeEATZ465b5enwUkn9CZqrD9D3-kj7evH0GOnKaaytMEg-HfUZinFZ6kPN6jJxPJMx88c0sRPYiTkERNV1Xoe2gB00xPTa4y6a5SQTwAsMjpUMoIpfkyiasC4ibOaMIU5YDBm1v1gz8OG4LFb-JSKnF9bu_B3rwbHLCXQmDzB6atOKDfa08adj6wHnq_WkcZR7fjwMJmB3M0Ow9naY2W2xxoJEK_csXkeuViT_C0_zUhE0UzTVD4HxDTWby0N7CRc601z_6so5Px6vWH3PZTMRhoIwStl4PfnVmLsy6zZLijpG_u4LCCJsq6CnvXnmKStvlI9LrnobQzZBYX_L4d12LZzpbcwTUl3ak_x1VmsTXGGzFVwQOy7d7102Z8U9C8rvmgJAXA8xyurwoNWAmKENmMCLDRVqOxwQsd1cXlyLLgAbJx_363fjukhegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1ft_UO8uoXHKdC3d-9FDjyE1m4WA%26client%3Dca-pub-1618592205083780%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:50 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Tue, 11 Feb 2020 14:30:28 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5e42ba84-6aa" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Wed, 17 Jul 2024 22:41:50 GMT
GET H2	200	adchoices_en.svg static.criteo.net/flash/icon/ Frame 0F12	2 KB 1 KB	115ms 33ms	Image image/svg+xml	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/adchoices_en.svg Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAJ78UFKNMXAANAL1ZjmMz9_9MSmeQpdg&u=%7CSjDzQLoKHiuuCPxM7LPYvqN8FUsLBhtYQkKBsl3HK%2F0%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78rklu3251mk0mb-RBzl6Q31aohG_DEjutoXymwHZ91Z5SU1mntZfa4vRc8nT5cTmKM7rUKSqosjXyKCO6jz5XzCxIlxCJefYRUBo36Loj-fUW_M0PUrQ8aLmuPBxSlf9kTqYj198CQ0QXv5xkn2PGMHP7Jlfkz4Bo___s7ReVMEc5icU6Zgj9uV0fMoFNdgFJp7KFnLj9yo5l8jpaGXtJ_h5bDH9yJxd9WOXsr17HBQUhWUJ2QfY3sJyM9QOj7BZgNfgGHciAYlbGo1Zr1Rwxr9y3gRd1-SpYj9QrPLCRiGeXcssGkE1ycjVHNF_G1thgitRAlntEyrerFwrWRFm42NrIvoNlj_apermKpE41PIdYyG7iGZiEDCP_ZJ_8Dsn4c2L2BNJSHEQfqclMERWLgICjY3BxgFoi5HCeBiWzM2Xkh8zEOg0EDkcTaq3YoA62yde8yzkCYLBUJry5FCkDVWcKHOFu16kzLzM0jq9XwvPMNuamfTROycTSA19jHAoZaIyFpxOyU3Nh7hIOB7MkA6R7bdvxGu2-E9ruvI66_sQ-FaSF1Owbdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPn4dray9ZMXfJ5emo9kPr4CNgAqcge-wXNKWqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoExQJP0GUzpYeEATZ465b5enwUkn9CZqrD9D3-kj7evH0GOnKaaytMEg-HfUZinFZ6kPN6jJxPJMx88c0sRPYiTkERNV1Xoe2gB00xPTa4y6a5SQTwAsMjpUMoIpfkyiasC4ibOaMIU5YDBm1v1gz8OG4LFb-JSKnF9bu_B3rwbHLCXQmDzB6atOKDfa08adj6wHnq_WkcZR7fjwMJmB3M0Ow9naY2W2xxoJEK_csXkeuViT_C0_zUhE0UzTVD4HxDTWby0N7CRc601z_6so5Px6vWH3PZTMRhoIwStl4PfnVmLsy6zZLijpG_u4LCCJsq6CnvXnmKStvlI9LrnobQzZBYX_L4d12LZzpbcwTUl3ak_x1VmsTXGGzFVwQOy7d7102Z8U9C8rvmgJAXA8xyurwoNWAmKENmMCLDRVqOxwQsd1cXlyLLgAbJx_363fjukhegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1ft_UO8uoXHKdC3d-9FDjyE1m4WA%26client%3Dca-pub-1618592205083780%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash 60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:50 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Tue, 11 Feb 2020 14:27:58 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5e42b9ee-759" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Wed, 17 Jul 2024 22:41:50 GMT
GET H2	200	close_button.svg static.criteo.net/flash/icon/ Frame 0F12	308 B 637 B	73ms 32ms	Image image/svg+xml	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/close_button.svg Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAJ78UFKNMXAANAL1ZjmMz9_9MSmeQpdg&u=%7CSjDzQLoKHiuuCPxM7LPYvqN8FUsLBhtYQkKBsl3HK%2F0%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78rklu3251mk0mb-RBzl6Q31aohG_DEjutoXymwHZ91Z5SU1mntZfa4vRc8nT5cTmKM7rUKSqosjXyKCO6jz5XzCxIlxCJefYRUBo36Loj-fUW_M0PUrQ8aLmuPBxSlf9kTqYj198CQ0QXv5xkn2PGMHP7Jlfkz4Bo___s7ReVMEc5icU6Zgj9uV0fMoFNdgFJp7KFnLj9yo5l8jpaGXtJ_h5bDH9yJxd9WOXsr17HBQUhWUJ2QfY3sJyM9QOj7BZgNfgGHciAYlbGo1Zr1Rwxr9y3gRd1-SpYj9QrPLCRiGeXcssGkE1ycjVHNF_G1thgitRAlntEyrerFwrWRFm42NrIvoNlj_apermKpE41PIdYyG7iGZiEDCP_ZJ_8Dsn4c2L2BNJSHEQfqclMERWLgICjY3BxgFoi5HCeBiWzM2Xkh8zEOg0EDkcTaq3YoA62yde8yzkCYLBUJry5FCkDVWcKHOFu16kzLzM0jq9XwvPMNuamfTROycTSA19jHAoZaIyFpxOyU3Nh7hIOB7MkA6R7bdvxGu2-E9ruvI66_sQ-FaSF1Owbdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPn4dray9ZMXfJ5emo9kPr4CNgAqcge-wXNKWqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoExQJP0GUzpYeEATZ465b5enwUkn9CZqrD9D3-kj7evH0GOnKaaytMEg-HfUZinFZ6kPN6jJxPJMx88c0sRPYiTkERNV1Xoe2gB00xPTa4y6a5SQTwAsMjpUMoIpfkyiasC4ibOaMIU5YDBm1v1gz8OG4LFb-JSKnF9bu_B3rwbHLCXQmDzB6atOKDfa08adj6wHnq_WkcZR7fjwMJmB3M0Ow9naY2W2xxoJEK_csXkeuViT_C0_zUhE0UzTVD4HxDTWby0N7CRc601z_6so5Px6vWH3PZTMRhoIwStl4PfnVmLsy6zZLijpG_u4LCCJsq6CnvXnmKStvlI9LrnobQzZBYX_L4d12LZzpbcwTUl3ak_x1VmsTXGGzFVwQOy7d7102Z8U9C8rvmgJAXA8xyurwoNWAmKENmMCLDRVqOxwQsd1cXlyLLgAbJx_363fjukhegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1ft_UO8uoXHKdC3d-9FDjyE1m4WA%26client%3Dca-pub-1618592205083780%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash 8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:50 GMT strict-transport-security max-age=31536000; preload; last-modified Fri, 14 Feb 2020 13:51:32 GMT server nginx cross-origin-embedder-policy require-corp etag "5e46a5e4-134" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 308 expires Wed, 17 Jul 2024 22:41:50 GMT
GET H2	200	back_button2.svg static.criteo.net/flash/icon/ Frame 0F12	293 B 621 B	75ms 34ms	Image image/svg+xml	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/back_button2.svg Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAJ78UFKNMXAANAL1ZjmMz9_9MSmeQpdg&u=%7CSjDzQLoKHiuuCPxM7LPYvqN8FUsLBhtYQkKBsl3HK%2F0%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78rklu3251mk0mb-RBzl6Q31aohG_DEjutoXymwHZ91Z5SU1mntZfa4vRc8nT5cTmKM7rUKSqosjXyKCO6jz5XzCxIlxCJefYRUBo36Loj-fUW_M0PUrQ8aLmuPBxSlf9kTqYj198CQ0QXv5xkn2PGMHP7Jlfkz4Bo___s7ReVMEc5icU6Zgj9uV0fMoFNdgFJp7KFnLj9yo5l8jpaGXtJ_h5bDH9yJxd9WOXsr17HBQUhWUJ2QfY3sJyM9QOj7BZgNfgGHciAYlbGo1Zr1Rwxr9y3gRd1-SpYj9QrPLCRiGeXcssGkE1ycjVHNF_G1thgitRAlntEyrerFwrWRFm42NrIvoNlj_apermKpE41PIdYyG7iGZiEDCP_ZJ_8Dsn4c2L2BNJSHEQfqclMERWLgICjY3BxgFoi5HCeBiWzM2Xkh8zEOg0EDkcTaq3YoA62yde8yzkCYLBUJry5FCkDVWcKHOFu16kzLzM0jq9XwvPMNuamfTROycTSA19jHAoZaIyFpxOyU3Nh7hIOB7MkA6R7bdvxGu2-E9ruvI66_sQ-FaSF1Owbdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPn4dray9ZMXfJ5emo9kPr4CNgAqcge-wXNKWqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoExQJP0GUzpYeEATZ465b5enwUkn9CZqrD9D3-kj7evH0GOnKaaytMEg-HfUZinFZ6kPN6jJxPJMx88c0sRPYiTkERNV1Xoe2gB00xPTa4y6a5SQTwAsMjpUMoIpfkyiasC4ibOaMIU5YDBm1v1gz8OG4LFb-JSKnF9bu_B3rwbHLCXQmDzB6atOKDfa08adj6wHnq_WkcZR7fjwMJmB3M0Ow9naY2W2xxoJEK_csXkeuViT_C0_zUhE0UzTVD4HxDTWby0N7CRc601z_6so5Px6vWH3PZTMRhoIwStl4PfnVmLsy6zZLijpG_u4LCCJsq6CnvXnmKStvlI9LrnobQzZBYX_L4d12LZzpbcwTUl3ak_x1VmsTXGGzFVwQOy7d7102Z8U9C8rvmgJAXA8xyurwoNWAmKENmMCLDRVqOxwQsd1cXlyLLgAbJx_363fjukhegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1ft_UO8uoXHKdC3d-9FDjyE1m4WA%26client%3Dca-pub-1618592205083780%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash 725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:50 GMT strict-transport-security max-age=31536000; preload; last-modified Thu, 28 Apr 2022 09:09:48 GMT server nginx cross-origin-embedder-policy require-corp etag "626a59dc-125" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 293 expires Wed, 17 Jul 2024 22:41:50 GMT
GET H2	200	lg.php cat.va.us.criteo.com/delivery/ Frame 0F12	43 B 348 B	115ms 35ms	Image image/gif	74.119.119.147 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=8mv_raGCShzmOLQz9Dw8IboXfVQzwX87-TAJjGGARC-uOURt_lK2kWNjI_phkclzh-HMY6JxLuxleJW-1TCFXGpQ4IOVbPQwRcmS0ARJWuWx7nBwJ1Rupn2a1a3ly5dPviq38oJh-sDg7-7w40Lqn7HXgsdz6QKBM89asbxsvE8tjxEzb0XpBIK6EiCs7zhKkW1KgFe5G0ChzcZqSeI8TlGrW65snexHrrn7rKBXeMpXc3CT0jPLT1wghZvjfNzgUEdykUZYLfNucGZxQAlOdIfuJgwWRFS-VIRygXf9RVdrxgUuGtgcDijI5LGXrim8lLWnQjz7GH1rbAipxGPzuB12Gm6VN0vZmisgHoCiKL6bDYZN7TfYTXJOWGAq_Qwps_6r-V8MzqJ0wp0BlXI_vtj47BPpVsf2ZV2_AvlN9nxvQ9On Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAJ78UFKNMXAANAL1ZjmMz9_9MSmeQpdg&u=%7CSjDzQLoKHiuuCPxM7LPYvqN8FUsLBhtYQkKBsl3HK%2F0%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78rklu3251mk0mb-RBzl6Q31aohG_DEjutoXymwHZ91Z5SU1mntZfa4vRc8nT5cTmKM7rUKSqosjXyKCO6jz5XzCxIlxCJefYRUBo36Loj-fUW_M0PUrQ8aLmuPBxSlf9kTqYj198CQ0QXv5xkn2PGMHP7Jlfkz4Bo___s7ReVMEc5icU6Zgj9uV0fMoFNdgFJp7KFnLj9yo5l8jpaGXtJ_h5bDH9yJxd9WOXsr17HBQUhWUJ2QfY3sJyM9QOj7BZgNfgGHciAYlbGo1Zr1Rwxr9y3gRd1-SpYj9QrPLCRiGeXcssGkE1ycjVHNF_G1thgitRAlntEyrerFwrWRFm42NrIvoNlj_apermKpE41PIdYyG7iGZiEDCP_ZJ_8Dsn4c2L2BNJSHEQfqclMERWLgICjY3BxgFoi5HCeBiWzM2Xkh8zEOg0EDkcTaq3YoA62yde8yzkCYLBUJry5FCkDVWcKHOFu16kzLzM0jq9XwvPMNuamfTROycTSA19jHAoZaIyFpxOyU3Nh7hIOB7MkA6R7bdvxGu2-E9ruvI66_sQ-FaSF1Owbdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPn4dray9ZMXfJ5emo9kPr4CNgAqcge-wXNKWqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoExQJP0GUzpYeEATZ465b5enwUkn9CZqrD9D3-kj7evH0GOnKaaytMEg-HfUZinFZ6kPN6jJxPJMx88c0sRPYiTkERNV1Xoe2gB00xPTa4y6a5SQTwAsMjpUMoIpfkyiasC4ibOaMIU5YDBm1v1gz8OG4LFb-JSKnF9bu_B3rwbHLCXQmDzB6atOKDfa08adj6wHnq_WkcZR7fjwMJmB3M0Ow9naY2W2xxoJEK_csXkeuViT_C0_zUhE0UzTVD4HxDTWby0N7CRc601z_6so5Px6vWH3PZTMRhoIwStl4PfnVmLsy6zZLijpG_u4LCCJsq6CnvXnmKStvlI9LrnobQzZBYX_L4d12LZzpbcwTUl3ak_x1VmsTXGGzFVwQOy7d7102Z8U9C8rvmgJAXA8xyurwoNWAmKENmMCLDRVqOxwQsd1cXlyLLgAbJx_363fjukhegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1ft_UO8uoXHKdC3d-9FDjyE1m4WA%26client%3Dca-pub-1618592205083780%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.119.119.147 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers pragma no-cache date Sun, 23 Jul 2023 22:41:50 GMT strict-transport-security max-age=31536000; preload; server Kestrel p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" content-type image/gif cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 1810570 expires Mon, 26 Jul 1997 05:00:00 GMT
GET DATA	200 OK	truncated / Frame 3A3C	213 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e39a0733fc0ca48ac56314b49afc2cceb7d10b0c1102974a588bc6a307d3f134 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers Content-Type image/png
GET H2	200	animejs.js Show response static.criteo.net/animejs/ Frame 0F12	12 KB 6 KB	39ms 38ms	Script text/javascript	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/animejs/animejs.js Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAJ78UFKNMXAANAL1ZjmMz9_9MSmeQpdg&u=%7CSjDzQLoKHiuuCPxM7LPYvqN8FUsLBhtYQkKBsl3HK%2F0%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78rklu3251mk0mb-RBzl6Q31aohG_DEjutoXymwHZ91Z5SU1mntZfa4vRc8nT5cTmKM7rUKSqosjXyKCO6jz5XzCxIlxCJefYRUBo36Loj-fUW_M0PUrQ8aLmuPBxSlf9kTqYj198CQ0QXv5xkn2PGMHP7Jlfkz4Bo___s7ReVMEc5icU6Zgj9uV0fMoFNdgFJp7KFnLj9yo5l8jpaGXtJ_h5bDH9yJxd9WOXsr17HBQUhWUJ2QfY3sJyM9QOj7BZgNfgGHciAYlbGo1Zr1Rwxr9y3gRd1-SpYj9QrPLCRiGeXcssGkE1ycjVHNF_G1thgitRAlntEyrerFwrWRFm42NrIvoNlj_apermKpE41PIdYyG7iGZiEDCP_ZJ_8Dsn4c2L2BNJSHEQfqclMERWLgICjY3BxgFoi5HCeBiWzM2Xkh8zEOg0EDkcTaq3YoA62yde8yzkCYLBUJry5FCkDVWcKHOFu16kzLzM0jq9XwvPMNuamfTROycTSA19jHAoZaIyFpxOyU3Nh7hIOB7MkA6R7bdvxGu2-E9ruvI66_sQ-FaSF1Owbdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPn4dray9ZMXfJ5emo9kPr4CNgAqcge-wXNKWqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoExQJP0GUzpYeEATZ465b5enwUkn9CZqrD9D3-kj7evH0GOnKaaytMEg-HfUZinFZ6kPN6jJxPJMx88c0sRPYiTkERNV1Xoe2gB00xPTa4y6a5SQTwAsMjpUMoIpfkyiasC4ibOaMIU5YDBm1v1gz8OG4LFb-JSKnF9bu_B3rwbHLCXQmDzB6atOKDfa08adj6wHnq_WkcZR7fjwMJmB3M0Ow9naY2W2xxoJEK_csXkeuViT_C0_zUhE0UzTVD4HxDTWby0N7CRc601z_6so5Px6vWH3PZTMRhoIwStl4PfnVmLsy6zZLijpG_u4LCCJsq6CnvXnmKStvlI9LrnobQzZBYX_L4d12LZzpbcwTUl3ak_x1VmsTXGGzFVwQOy7d7102Z8U9C8rvmgJAXA8xyurwoNWAmKENmMCLDRVqOxwQsd1cXlyLLgAbJx_363fjukhegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1ft_UO8uoXHKdC3d-9FDjyE1m4WA%26client%3Dca-pub-1618592205083780%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:50 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Tue, 26 Mar 2019 17:44:11 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5c9a64eb-3181" content-type text/javascript access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Wed, 17 Jul 2024 22:41:50 GMT
GET H3	200	reactive_library_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307180101/	154 KB 52 KB	58ms 56ms	Script text/javascript	2607:f8b0:4006:823::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307180101/reactive_library_fy2021.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307180101/show_ads_impl_fy2021.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:823::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 360d4bb90ef57dc44ffeb05fe364a73b2728671c2fe122685f6f558a83e39d3a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:50 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 53531 x-xss-protection 0 server cafe etag 7369311847679854289 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Sun, 23 Jul 2023 22:41:50 GMT
GET H2	200	img imageproxy.us.criteo.net/img/ Frame 0F12	27 KB 28 KB	2490ms 2138ms	Image image/png	2620:100:a001::9 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.us.criteo.net/img/img?h=352&m=0&partner=52383&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F52383%2F4774029%2Fd776ec11ea57494ba0020202cc6e56d5_black_logo_600.png&v=3&w=284&s=HBfvElW0S6jGqeYZrlSX19Qx Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAJ78UFKNMXAANAL1ZjmMz9_9MSmeQpdg&u=%7CSjDzQLoKHiuuCPxM7LPYvqN8FUsLBhtYQkKBsl3HK%2F0%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78rklu3251mk0mb-RBzl6Q31aohG_DEjutoXymwHZ91Z5SU1mntZfa4vRc8nT5cTmKM7rUKSqosjXyKCO6jz5XzCxIlxCJefYRUBo36Loj-fUW_M0PUrQ8aLmuPBxSlf9kTqYj198CQ0QXv5xkn2PGMHP7Jlfkz4Bo___s7ReVMEc5icU6Zgj9uV0fMoFNdgFJp7KFnLj9yo5l8jpaGXtJ_h5bDH9yJxd9WOXsr17HBQUhWUJ2QfY3sJyM9QOj7BZgNfgGHciAYlbGo1Zr1Rwxr9y3gRd1-SpYj9QrPLCRiGeXcssGkE1ycjVHNF_G1thgitRAlntEyrerFwrWRFm42NrIvoNlj_apermKpE41PIdYyG7iGZiEDCP_ZJ_8Dsn4c2L2BNJSHEQfqclMERWLgICjY3BxgFoi5HCeBiWzM2Xkh8zEOg0EDkcTaq3YoA62yde8yzkCYLBUJry5FCkDVWcKHOFu16kzLzM0jq9XwvPMNuamfTROycTSA19jHAoZaIyFpxOyU3Nh7hIOB7MkA6R7bdvxGu2-E9ruvI66_sQ-FaSF1Owbdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPn4dray9ZMXfJ5emo9kPr4CNgAqcge-wXNKWqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoExQJP0GUzpYeEATZ465b5enwUkn9CZqrD9D3-kj7evH0GOnKaaytMEg-HfUZinFZ6kPN6jJxPJMx88c0sRPYiTkERNV1Xoe2gB00xPTa4y6a5SQTwAsMjpUMoIpfkyiasC4ibOaMIU5YDBm1v1gz8OG4LFb-JSKnF9bu_B3rwbHLCXQmDzB6atOKDfa08adj6wHnq_WkcZR7fjwMJmB3M0Ow9naY2W2xxoJEK_csXkeuViT_C0_zUhE0UzTVD4HxDTWby0N7CRc601z_6so5Px6vWH3PZTMRhoIwStl4PfnVmLsy6zZLijpG_u4LCCJsq6CnvXnmKStvlI9LrnobQzZBYX_L4d12LZzpbcwTUl3ak_x1VmsTXGGzFVwQOy7d7102Z8U9C8rvmgJAXA8xyurwoNWAmKENmMCLDRVqOxwQsd1cXlyLLgAbJx_363fjukhegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1ft_UO8uoXHKdC3d-9FDjyE1m4WA%26client%3Dca-pub-1618592205083780%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash 50e4c20b2a1596f5618dbccb3ad11d4f42f18066d9f89bfe7cb6b6b633a1afcb Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:52 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/png cache-control public, max-age=31104000 content-length 28037 expires Sat, 01 Jun 2024 17:02:46 GMT
POST H2	200	all csm.us.criteo.net/ Frame 0F12	0 128 B	2452ms 2113ms	Ping text/plain	2620:100:a001::16 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://csm.us.criteo.net/all?cppv=3&cpp=mYGSzk5XRp0-3kmALDl6o2kKcwQWJqUbZ-HM7YqkKskYgnLxKHIJlqQiOyNRzcqONNB4Sbt5dDxPgn-RTV9F3DRtCk-c1orqrGZwe6qe8q3MTQxi4ckHjILwV523uokCEAg0hweGYtYsAATYUHMtWcqEeuTJf5DdEMC9kA6GedwTOT0vosQxRvf3oArmaP4hMiiKqTzJ_Jt0wTV7psmhPh1OnbeoKEkEEEmU4pbnffanuUDrtmHaMX66qMzLcIdyTIP0OA&sds=2&rev=87574&sendBeacon=true Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAJ78UFKNMXAANAL1ZjmMz9_9MSmeQpdg&u=%7CSjDzQLoKHiuuCPxM7LPYvqN8FUsLBhtYQkKBsl3HK%2F0%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78rklu3251mk0mb-RBzl6Q31aohG_DEjutoXymwHZ91Z5SU1mntZfa4vRc8nT5cTmKM7rUKSqosjXyKCO6jz5XzCxIlxCJefYRUBo36Loj-fUW_M0PUrQ8aLmuPBxSlf9kTqYj198CQ0QXv5xkn2PGMHP7Jlfkz4Bo___s7ReVMEc5icU6Zgj9uV0fMoFNdgFJp7KFnLj9yo5l8jpaGXtJ_h5bDH9yJxd9WOXsr17HBQUhWUJ2QfY3sJyM9QOj7BZgNfgGHciAYlbGo1Zr1Rwxr9y3gRd1-SpYj9QrPLCRiGeXcssGkE1ycjVHNF_G1thgitRAlntEyrerFwrWRFm42NrIvoNlj_apermKpE41PIdYyG7iGZiEDCP_ZJ_8Dsn4c2L2BNJSHEQfqclMERWLgICjY3BxgFoi5HCeBiWzM2Xkh8zEOg0EDkcTaq3YoA62yde8yzkCYLBUJry5FCkDVWcKHOFu16kzLzM0jq9XwvPMNuamfTROycTSA19jHAoZaIyFpxOyU3Nh7hIOB7MkA6R7bdvxGu2-E9ruvI66_sQ-FaSF1Owbdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPn4dray9ZMXfJ5emo9kPr4CNgAqcge-wXNKWqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoExQJP0GUzpYeEATZ465b5enwUkn9CZqrD9D3-kj7evH0GOnKaaytMEg-HfUZinFZ6kPN6jJxPJMx88c0sRPYiTkERNV1Xoe2gB00xPTa4y6a5SQTwAsMjpUMoIpfkyiasC4ibOaMIU5YDBm1v1gz8OG4LFb-JSKnF9bu_B3rwbHLCXQmDzB6atOKDfa08adj6wHnq_WkcZR7fjwMJmB3M0Ow9naY2W2xxoJEK_csXkeuViT_C0_zUhE0UzTVD4HxDTWby0N7CRc601z_6so5Px6vWH3PZTMRhoIwStl4PfnVmLsy6zZLijpG_u4LCCJsq6CnvXnmKStvlI9LrnobQzZBYX_L4d12LZzpbcwTUl3ak_x1VmsTXGGzFVwQOy7d7102Z8U9C8rvmgJAXA8xyurwoNWAmKENmMCLDRVqOxwQsd1cXlyLLgAbJx_363fjukhegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1ft_UO8uoXHKdC3d-9FDjyE1m4WA%26client%3Dca-pub-1618592205083780%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://ads.us.criteo.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * date Sun, 23 Jul 2023 22:41:52 GMT strict-transport-security max-age=31536000; preload; cross-origin-resource-policy cross-origin server Finatra content-length 0
GET H2	200	criteo_logo_2021.svg static.criteo.net/flash/icon/ Frame 0F12	2 KB 1 KB	35ms 34ms	Image image/svg+xml	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/criteo_logo_2021.svg Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAJ78UFKNMXAANAL1ZjmMz9_9MSmeQpdg&u=%7CSjDzQLoKHiuuCPxM7LPYvqN8FUsLBhtYQkKBsl3HK%2F0%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78rklu3251mk0mb-RBzl6Q31aohG_DEjutoXymwHZ91Z5SU1mntZfa4vRc8nT5cTmKM7rUKSqosjXyKCO6jz5XzCxIlxCJefYRUBo36Loj-fUW_M0PUrQ8aLmuPBxSlf9kTqYj198CQ0QXv5xkn2PGMHP7Jlfkz4Bo___s7ReVMEc5icU6Zgj9uV0fMoFNdgFJp7KFnLj9yo5l8jpaGXtJ_h5bDH9yJxd9WOXsr17HBQUhWUJ2QfY3sJyM9QOj7BZgNfgGHciAYlbGo1Zr1Rwxr9y3gRd1-SpYj9QrPLCRiGeXcssGkE1ycjVHNF_G1thgitRAlntEyrerFwrWRFm42NrIvoNlj_apermKpE41PIdYyG7iGZiEDCP_ZJ_8Dsn4c2L2BNJSHEQfqclMERWLgICjY3BxgFoi5HCeBiWzM2Xkh8zEOg0EDkcTaq3YoA62yde8yzkCYLBUJry5FCkDVWcKHOFu16kzLzM0jq9XwvPMNuamfTROycTSA19jHAoZaIyFpxOyU3Nh7hIOB7MkA6R7bdvxGu2-E9ruvI66_sQ-FaSF1Owbdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPn4dray9ZMXfJ5emo9kPr4CNgAqcge-wXNKWqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoExQJP0GUzpYeEATZ465b5enwUkn9CZqrD9D3-kj7evH0GOnKaaytMEg-HfUZinFZ6kPN6jJxPJMx88c0sRPYiTkERNV1Xoe2gB00xPTa4y6a5SQTwAsMjpUMoIpfkyiasC4ibOaMIU5YDBm1v1gz8OG4LFb-JSKnF9bu_B3rwbHLCXQmDzB6atOKDfa08adj6wHnq_WkcZR7fjwMJmB3M0Ow9naY2W2xxoJEK_csXkeuViT_C0_zUhE0UzTVD4HxDTWby0N7CRc601z_6so5Px6vWH3PZTMRhoIwStl4PfnVmLsy6zZLijpG_u4LCCJsq6CnvXnmKStvlI9LrnobQzZBYX_L4d12LZzpbcwTUl3ak_x1VmsTXGGzFVwQOy7d7102Z8U9C8rvmgJAXA8xyurwoNWAmKENmMCLDRVqOxwQsd1cXlyLLgAbJx_363fjukhegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1ft_UO8uoXHKdC3d-9FDjyE1m4WA%26client%3Dca-pub-1618592205083780%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:50 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Thu, 27 May 2021 13:21:59 GMT server nginx cross-origin-embedder-policy require-corp etag W/"60af9cf7-891" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Wed, 17 Jul 2024 22:41:50 GMT
GET H2	200	privacy.svg static.criteo.net/flash/icon/ Frame 0F12	2 KB 1 KB	39ms 38ms	Image image/svg+xml	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/privacy.svg Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAJ78UFKNMXAANAL1ZjmMz9_9MSmeQpdg&u=%7CSjDzQLoKHiuuCPxM7LPYvqN8FUsLBhtYQkKBsl3HK%2F0%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78rklu3251mk0mb-RBzl6Q31aohG_DEjutoXymwHZ91Z5SU1mntZfa4vRc8nT5cTmKM7rUKSqosjXyKCO6jz5XzCxIlxCJefYRUBo36Loj-fUW_M0PUrQ8aLmuPBxSlf9kTqYj198CQ0QXv5xkn2PGMHP7Jlfkz4Bo___s7ReVMEc5icU6Zgj9uV0fMoFNdgFJp7KFnLj9yo5l8jpaGXtJ_h5bDH9yJxd9WOXsr17HBQUhWUJ2QfY3sJyM9QOj7BZgNfgGHciAYlbGo1Zr1Rwxr9y3gRd1-SpYj9QrPLCRiGeXcssGkE1ycjVHNF_G1thgitRAlntEyrerFwrWRFm42NrIvoNlj_apermKpE41PIdYyG7iGZiEDCP_ZJ_8Dsn4c2L2BNJSHEQfqclMERWLgICjY3BxgFoi5HCeBiWzM2Xkh8zEOg0EDkcTaq3YoA62yde8yzkCYLBUJry5FCkDVWcKHOFu16kzLzM0jq9XwvPMNuamfTROycTSA19jHAoZaIyFpxOyU3Nh7hIOB7MkA6R7bdvxGu2-E9ruvI66_sQ-FaSF1Owbdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPn4dray9ZMXfJ5emo9kPr4CNgAqcge-wXNKWqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoExQJP0GUzpYeEATZ465b5enwUkn9CZqrD9D3-kj7evH0GOnKaaytMEg-HfUZinFZ6kPN6jJxPJMx88c0sRPYiTkERNV1Xoe2gB00xPTa4y6a5SQTwAsMjpUMoIpfkyiasC4ibOaMIU5YDBm1v1gz8OG4LFb-JSKnF9bu_B3rwbHLCXQmDzB6atOKDfa08adj6wHnq_WkcZR7fjwMJmB3M0Ow9naY2W2xxoJEK_csXkeuViT_C0_zUhE0UzTVD4HxDTWby0N7CRc601z_6so5Px6vWH3PZTMRhoIwStl4PfnVmLsy6zZLijpG_u4LCCJsq6CnvXnmKStvlI9LrnobQzZBYX_L4d12LZzpbcwTUl3ak_x1VmsTXGGzFVwQOy7d7102Z8U9C8rvmgJAXA8xyurwoNWAmKENmMCLDRVqOxwQsd1cXlyLLgAbJx_363fjukhegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1ft_UO8uoXHKdC3d-9FDjyE1m4WA%26client%3Dca-pub-1618592205083780%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash 095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:50 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Wed, 19 Feb 2020 10:57:21 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5e4d1491-646" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Wed, 17 Jul 2024 22:41:50 GMT
GET H2	200	getcookie Show response matchid.adfox.yandex.ru/	88 B 310 B	4024ms 294ms	XHR application/json	2a02:6b8::16b GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://matchid.adfox.yandex.ru/getcookie Requested by Host: yastatic.net URL: https://yastatic.net/pcode/adfox/header-bidding.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a02:6b8::16b Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 60a02319effc380c190f1fe251c649cad498678f82213c4a2485dc9fc019612a Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers access-control-allow-origin https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru date Sun, 23 Jul 2023 22:41:54 GMT access-control-allow-credentials true x-content-type-options nosniff timing-allow-origin * content-length 88 content-type application/json
GET H2	200	906c3b67d31bb71b1927.js Show response yastatic.net/partner-code-bundles/811262/	9 KB 4 KB	2398ms 2397ms	Script text/javascript	2a02:6b8:20::215 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/partner-code-bundles/811262/906c3b67d31bb71b1927.js Requested by Host: yastatic.net URL: https://yastatic.net/pcode/adfox/header-bidding.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software nginx/1.17.9 / Resource Hash 1e2ac6f9a72032fd1d20e9edb74a8e7362119620364823014ac430dcd0f18825 Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Referer https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Origin https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:50 GMT content-encoding br strict-transport-security max-age=43200000; includeSubDomains; nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} content-length 3557 last-modified Fri, 21 Jul 2023 12:47:14 GMT server nginx/1.17.9 etag "c1e6b8b79ac59bf5520aaab779170b9f" vary Accept-Encoding report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=946708560 accept-ranges bytes timing-allow-origin * x-robots-tag noindex, noarchive, nofollow expires Wed, 23 Jul 2053 05:13:48 GMT
GET H2	200	e76fe8226b615546d098.js Show response yastatic.net/partner-code-bundles/811262/	30 KB 9 KB	2399ms 2399ms	Script text/javascript	2a02:6b8:20::215 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/partner-code-bundles/811262/e76fe8226b615546d098.js Requested by Host: yastatic.net URL: https://yastatic.net/pcode/adfox/header-bidding.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software nginx/1.17.9 / Resource Hash 2c30928825264af3ce25cd2cfa08e921439b52efcc30a328e94b4e84064bd6fc Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Referer https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Origin https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:50 GMT content-encoding br strict-transport-security max-age=43200000; includeSubDomains; nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} content-length 8616 last-modified Fri, 21 Jul 2023 12:47:15 GMT server nginx/1.17.9 etag "b87d61b180274a86374839d6a37215bc" vary Accept-Encoding report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=946708560 accept-ranges bytes timing-allow-origin * x-robots-tag noindex, noarchive, nofollow expires Wed, 23 Jul 2053 05:14:28 GMT
POST		adjson ads.betweendigital.com/	0 0
POST		/ ad.mail.ru/hbid_yandex/	0 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 165 B	2376ms 2373ms	Script application/javascript	2607:f8b0:4006:824::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307180101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:824::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:53 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H3	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/ Frame 81BD	10 KB 4 KB	2135ms 2104ms	Document text/html	2607:f8b0:4006:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307180101/show_ads_impl_fy2021.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80f::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 accept-language en-US,en;q=0.9 Response headers age 14913 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4544 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 23 Jul 2023 18:33:20 GMT etag 12368291122986407432 expires Sun, 06 Aug 2023 18:33:20 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/ Frame 0D73	10 KB 4 KB	2121ms 2105ms	Document text/html	2607:f8b0:4006:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307180101/show_ads_impl_fy2021.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80f::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 accept-language en-US,en;q=0.9 Response headers age 14913 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4544 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 23 Jul 2023 18:33:20 GMT etag 12368291122986407432 expires Sun, 06 Aug 2023 18:33:20 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/ Frame 0AA1	10 KB 4 KB	2120ms 2106ms	Document text/html	2607:f8b0:4006:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307180101/show_ads_impl_fy2021.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80f::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 accept-language en-US,en;q=0.9 Response headers age 14913 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4544 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 23 Jul 2023 18:33:20 GMT etag 12368291122986407432 expires Sun, 06 Aug 2023 18:33:20 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	v2 Show response an.yandex.ru/adfox/264109/getBulk/	211 B 411 B	2359ms 2357ms	XHR application/json	2a02:6b8::90 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://an.yandex.ru/adfox/264109/getBulk/v2?pr=2876910802&pr1=4235483678&dl=https%3A%2F%2Fwww.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru%2F&prr=&extid_loader=&extid_tag_loader=www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru&date=2023-07-23T22%3A41%3A51.163%2B00%3A00&pd=23&pw=0&pv=22&pdw=1600&pdh=1200&ylv=0.811264&ybv=0.811264&ytt=140737488617477&is-turbo=0&skip-token=&ad-session-id=9492481690152108864&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22supportHDRBrightness%22%3Afalse%2C%22isInIframe%22%3Afalse%2C%22w%22%3A300%2C%22h%22%3A0%2C%22width%22%3A300%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A1015%2C%22top%22%3A107%2C%22req_no%22%3A1%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=811264&p1=cmaok&p2=gxvo&slotNumber=2&bids=W3siYmlkZGVyTmFtZSI6ImJldHdlZW5kaWdpdGFsIiwiY2FtcGFpZ25faWQiOjgxMjk1NywicmVzcG9uc2VfdGltZSI6NTA0LCJlcnJvciI6eyJjb2RlIjozfSwicGxhY2VtZW50X2lkIjoiMzk0NTIxOCJ9LHsiYmlkZGVyTmFtZSI6Im15dGFyZ2V0IiwiY2FtcGFpZ25faWQiOjEwMzI3OTUsInJlc3BvbnNlX3RpbWUiOjUwNSwiZXJyb3IiOnsiY29kZSI6M30sInBsYWNlbWVudF9pZCI6IjgxNjAxNiJ9XQ%3D%3D&utf8=%E2%9C%93&pcode-test-ids=801254%2C0%2C2%3B810503%2C0%2C92%3B810464%2C0%2C51%3B806543%2C0%2C64%3B806797%2C0%2C69%3B802999%2C0%2C55%3B808036%2C0%2C14%3B810140%2C0%2C84%3B801975%2C0%2C85%3B798890%2C0%2C42%3B803894%2C0%2C7%3B802013%2C0%2C96%3B803550%2C0%2C91%3B805234%2C0%2C98%3B800948%2C0%2C93%3B811264%2C0%2C75%3B681846%2C0%2C60&pcode-flags-map=eJy1WNl22zYQ%2FRc9Ryn3xW8gAVKouKgAKEfJ8cFRbdVR6yXHdtLEOf73DgBaFmUFcpb6QeY2l4NZ7lzw62iOuOST9lgiLCuUkUoWLZO0kRlqGsJGR%2B%2B%2Bjj4tLz6uRkcjwToyejW6W93e0TM4jyLfD%2BLRw8mrJ5gZa3GXCy7bRs5Qx4kVIXbTwDcIpEFZRSTJ2%2FoJpKJcKGfmFJNWHcDdrJWI1QPY1ecPO6ihH2pUTLmGzduuEZIRTBnJFSSazeyeeU4QeJu1wUJk3VWCsraqAK0R6oAweYxEPiFYCloT2RYFJ8KO63tOvBMzQQW4iBossxYvVCZmiKGaCMDHpEDw3gFmgSo%2BBA3iIHoCZUSwhUpAQ8Rxy6aSMNbaUxmHURCnG4Q%2BGTxH8FvRKRx2bE4WgHgMLnFaNna4yIn9%2BBncz2BUbVPKokKlillXYQkZrBaST%2BnMBH%2BOqu5AtcVRnEQbRMhbPoWiX7SdkLxq4Ye%2BJZCDrsGIUcIPgCVu4A7dI29mxkUo4JxwTuEa3BTyTV3ZwRLfDeKXg8lsAUHFki%2BgHX49NMJY1tRcz6uWQ31nDOXTQyH5oVXkLSayY9WLsVW2VcpmjOhufOpLQxP9%2FQGc68DfAC%2F109g5gJd1RQE9SOqZWEAb1HQX9LsR5zNE8a%2F3sOjg%2BEdRG0XVv9jTb2D%2BVH72Y%2F5%2FEfjR7KvaLxnKZEWaUkwGRjBVkm2zxEmcOHgaB0IT5ZwwTtshPcJzaRgObF3Hj31tu4DhQd5I1knc1og2tukYOrHnR3vNJIxLwWhmNfdcJwp6c2VpTCSqjtGCWy1h1KeGMWe66WGMctIIu03oOc5glPcjPOfMapi6cWLc1Bk1ckZ2DS0o0BltYLgWKCd2jMTrZ7WaWYwUjPAJ8FpJc5td5CZ%2BHyJYYkFZrZiOAWGrQgV5BbWWUWyFgCh77mDdIEEYKiFe%2FeBSFc9zRkgjOZ%2FZ%2FUndoPcHQWG3Te8LKpTEoIUSG7AshIndqThJIyMSlB4qYEY2GGawsYfy2RVVdvtsqgcu1yEZKjw7Sho48QalIqCXAMGqCKMoCSITzq2wlQwYDpTIVLR2v5MocP3t%2BGlBJY8nALKF14CE0AkvO6ZGZqcUZ07o3B7W2HWC2MhVxqSpNNGxpk9PXlHItpiwtisn9hnpApKJb4XeLnRGpW61bbOvo79Wd6fv6%2BXN%2BfpqdOSGzqvR5fWf64sVP11erK%2FOR0fewwA1hDbQqLxGTMg%2FOtIRPdizCikFBQyw%2FYJ3o8vl%2BuL1zUfw7cvy6mz1GY5%2FW18uz1e3g0vny0t95ex%2BdWUeX35a312bw8vXWydnV%2Bv%2BqkLeIMCFm%2BX9xfX9%2B%2F72%2FY35%2F%2FFm%2Bfpq9e%2Ftswf%2BXl5frrXpyf4lNkhAvmRNWKl%2BMUVSoNLKayDpvb64dFsQyD0jKBdA4QcMQ98xewzYNjxKfRD%2F8OqmqzNiZbg4dP1%2B4uiNlt7UgCXMsozkpiPnlFPgjgMwsWOqD2gEpF%2BtCK7UlENxgfakl%2BDCQ7EXjV1SeOMgyNE4y3A2xjny%2FCQhJArxML5JGKb9cBzu5La6R7RdPjE9pCSnWgeMQ6Z66Hcg%2FAM9BC0Kk1W9QY1eTzECUCwGXFRbmztO4sCN9vmm92aw16oyVeUz%2BIErQvlFGyr2bKqeIQdB6A6Rt9arKZCWEnFIPtdUaEVLXSiXAzFUmLlAei%2B52dD3u1V7Ke5B38KtaDkRwEGkfqmPwGSPuz6oKq34wQ8QNtZxH6fA1N4egL4tXwSRhj2EURmCcEExfzYkPy1v74ZSLPbCR2EDlSdobno5q1rIP4yK4wkVZE8%2FsDEde0HqgrgbuwC5fe7tnPs754E%2BR2MvBKEae2B%2FMvApjdynHeujXhUtNIVpDqhGEBgqupOuAVGA6HA7OBCpoBhDx9%2FAISGUuOXfg5eav2%2BgIszxdL7DW3A%2FiIIdi6AXSDu1XKu6a1thp77EiUBMbn82UlNz06EH9MSH5ek%2Ft%2B%2Bv766vLr7soMZp%2FzHqRV%2BhVOMCYU3ocMCOTu8uhrieithgtaJEktWzgYjTn8%2B2WMbUnZFq9mgkjh8dxNc6wmwv1FMvROzju4VjPt0Mg9y%2F7oWYmvmY4iijlmSNmkX%2FwVEVo%2Fqgc2DJruMGzpMGVB%2FRiDLehrV746a95nrmjVE5glbWrMZpkvQzTWeua%2BoO2GE3LPbC8JM02Dih6VUDPFL3gapyelGqGVa%2FEzJkiBJGuH35fhg6vaIVMHY5KoiR8bpMuP3Noef324kJakrD0P0GSzFKhcSBhnDSflhrin5OGK63Sxj6ysPJw3%2FY8qCB&use-server-side-rendering=1&pcode-icookie=Nl4X0sWzxEvbTZ34QF36nY9ABWXk%2BoRqzLQLlcUNpMaFF2y3ZZ5E2Y2HROEx2Gc7HB%2FXzuSSFJ0PBPVOOuIEq10%2BPB0%3D&top-ancestor=https%3A%2F%2Fwww.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru&top-ancestor-undetermined=0&grab-orig-len=3052&grab=eyJncmFiX3ZlcnNpb24iOjIsIm9sZF9ncmFiX3NpemUiOjE2MH0KEqW0kOQ27kEEqIuHaTt4VwqFv4zwtvH-fZNvA_-d13LTvdt437gJEXJt08DfpqOlMVEeiolCMT5Y-yuc03Ubr7-BvgjANagqzOtgbcPJ_OHXvy2ziLCKigooKioqYNyAr0QNs8maqElbeABYTdYrSZNUogqzyStxxe9XDJukyRt6C3vDadEV0Fa_El9d1PO8m5KETK-lodWQInY0gB187ErQon7ZXC0Q2xtQVdWiQ4kvNIxt-LbYTd6vdJnRwRaN5govXT3uxh0xTQN_JVFvaNMTs4D_zpKqfDfi92wYy-uo4VTlNpJXmAtxjldikLc_kK9M2TDOu0oy8pt4C7SSx3qDxUqeZpQWa2yMDakFdGTW6ip9rPo0zrou06cI3JSpmkpj1MbGROfuVIkuTnUxAndTvI-k4l_gqNudB-aY8UNJlmv8xW-aRcLSZJudlRGkvF8D74WJGnq_qvRySWh7gzbZxHq_SxdfCdyUcF6LUOLPtvNTtKzw_G8CVNNTtkx8GHmF_cJltG4XPzfIUhDgJhpKtQBP5Milg57DQQUqZSubm4m3XldhDlNCCYLFSmmE16kMmVqNwG2iC0rtJjq4mkzr5lWKE60p0_BpxZnJkPLpahK4fPpUqcFwbVKDr28wquPrG4wWayagSWcw6sjcFgBBbBDOc7TucDqtruz1rDSUpQD_g5x2V1UlQKoEKJPsX3KufaY7rAypoM2X-1_9fyJFRMU7iBoWUiVB9hkRVYqL1MCdsa4xwiff5Km1mc7SIFWCv2SfLKqwabe4H1lZCXOra-RzJWF6ud6KDSCONzebyRMDZapxs1Ux6nSp5hpppqEwgshOpj4z6njU9mpcbYqW2fwPCnRCzWACP3FbUOmzT9OQpc4lQVz88gU0JbGAgKj5Q5WtT3WkApINRg6SzcY41W8xhUV9uasVsEMDDvWvhT0FT-2lFz9NB42d2FNhbvFR6q1owDSgGy5YgQn5ZBGUhtugcIM3f6FINHoujqrPvFTk-4VVQIkp1IlmqDhyNF9NPqGR3IGquGcZMrHrHxGRd_Efexy8TbSJOlbzn6PwkF_uCnSgKQ0lBbOZKoE3NDaQmbGRay4pYkvbBWWcqseJ3s3f0hTrOr_c0pKH7OLOfSVCuniTLzfbEkbJ7J98f_Eo80yM-FIOHYY45auHMoszpBOencKoeVChSgykep1Hkq-rY41RB3_oWLh0bN118I8ohFsJ2yMi3xX39O8-YJ83Yg0HZBX2kx567GcHJbfZkCfjBQAxjgW2x4I00YZk_YGN8WhnU9WIQcAsf8L9tVTjr6kWLw7QCv1PlFQSj-fsp_97Jel4LeFxyqrVxdmsj8ux54Hl7UDUuRMUxoFYeiDFmVcynuvgYo-bVaxD1iI6O7P8B8jfSVzx9ki9QX2aJYcLl9Tx_E1AkVJQGHUdCBlF6rG_055TI8ydCBm_YumvIF50kolL8obBJCFqg-DEvkc79H4nZ43va1YnBnNHH-JBKvm5b477JrILPvFj8Vyeu9lsuZ0Rplj5J6AuuuodxBUGUzhQvUFcw-WQ_L8o5MX2eXvWcgXmEtsQBpuB1eTe4hVN7qTO7Qw3ipUHgzIxS3RvSv7Auq5lxCTnAvDEwscrCBumNrVVOdzH9uRKQV0rxliHphHus_HMPOXe2tmocxsjXLHyTsAMkbi3KlgS7Lw3oEe0cG0BUQNX0J0XiV88KM0Yc5PFZaMzyUmgjecR-beD9KcRTvySgLk3D3nwXLJ1EPrjTDS38NLRAWpuQ5TbaBgHYelBwI8JarE0x7Us6v9hRT8P5ksnZJIQc_8d-v5IUVWHxwz8LG9YTo4me2jrAT0ghIsM6M1sb88X9ZVxIQD0hQZRSRiAmOREL0Vo9cQd3q8XgenF5rltq2IJX0jvBGO6gKlX7UCU09gZL2Lpi6BOXEK_p668UFIfQYm5HgXwCXFDQZcyog3xIPWEL-WI_Le5CGcUjbE0ZrbVkSf09-McnYhyB8PKycoHATthKBpCDmvwDhgXS8kcyJkBignouyUgQQI84AADWJAA7cV65HTmdkZkYp25czans2rcqKTc_Sf2EHH4TBKOxmokLhajYigMwdwQDwhDmpJ5-5YjdyLMbWDtOXELn1HCoxM-m0_DZEioyFBcs2sz-EZdFica_ulyoLXrv7IFDxbjAUDU1beDZ-Rt59Gn4dG38ehT8-iDyr3H5htuc_NccE0XpyDGnReCLhjMai0N2q5Oyx5PVma3wjE4fZ95XiXq49HN6izqx1hiz8RQXiZj2MIbh2XZJe8VVgmOi54Dcm8AKYOvcJBwBoOBM7Rb3ORAPE7YX3_5nors1BjOBrKVX4Z2axZf2Aqn4BAqQSXsK_hrDoecWJJ-DfWPUIIrqjWLbnHBHm2s1ehjyQ5mU5ePdhEJyipNPkb7nckSC3dkm2XMpen0m2aRv68teRfNkpL4_JkcBqGZJ38lk2WZRjwmR_xS7fkKfYoV7-rx_mVV9EGrlu_S_fzZ5C0HI2FmtlrOC2Naq0trsZLbLaB_PWR1vfG-XHHls_7ussrQV3APRnStaHMrnwm1qAfLIMmqwRp00zWh4S20EC-7MIG16QmRvvcOmM72m64pTxwQDzPLL1mQCd6Yd7FT8TYJJY14O41bwincFJVt1HiEhLSLuRbs5HNdVJ5wYY6NFjZ8A2UPyBX85cGwxFuRDIagvGDXRJvsXdqU4dy6KBd0QcNY9_rdnuTVH9ep_A_2tCIRpOArqCyYxgwjFzJ961pMqqhsn7ZYv8zBiJVZqbgUpix9B8rnIrhiul-mhjP9Ivo-idzt-JSyaHPSPlv3NbwXQ2bIxSyc3v0_9rmjdoacPaClskLrBfE2D-I-ze4lK_sRDE5TGs5C05esigasgtCHNmyubBJf0edo4VHQ56DzpcZnnbHucbPOCLORNiyZmhUajj_mn-A9GCTMYolC40g56Tf1866SIWFU3-8LDkrC8aGwA674Lv3b4g3SZZSfAu4wAoA%3D&tga-with-creatives=1 Requested by Host: yastatic.net URL: https://yastatic.net/pcode/adfox/loader.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash ecd441a44422e3c539ad09527fd242a032432dcd4ee226952e2b1d547b05fabb Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers pragma no-cache date Sun, 23 Jul 2023 22:41:53 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Sun, 23 Jul 2023 22:41:53 GMT x-yandex-req-id 1690152113414057-679961023490111415900241-production-app-host-vla-pcode-151 p3p CP="NOI DEVa TAIa OUR BUS UNI STA" access-control-allow-origin https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru content-type application/json cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin * x-xss-protection 1; mode=block expires Sun, 23 Jul 2023 22:41:53 GMT
GET H2	200	v2 Show response an.yandex.ru/adfox/264109/getBulk/	211 B 254 B	2493ms 2492ms	XHR application/json	2a02:6b8::90 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://an.yandex.ru/adfox/264109/getBulk/v2?pr=2876910802&pr1=1978093031&dl=https%3A%2F%2Fwww.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru%2F&prr=&extid_loader=&extid_tag_loader=www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru&date=2023-07-23T22%3A41%3A51.171%2B00%3A00&pd=23&pw=0&pv=22&pdw=1600&pdh=1200&ylv=0.811264&ybv=0.811264&ytt=140737488748549&is-turbo=0&skip-token=&ad-session-id=9492481690152108864&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22supportHDRBrightness%22%3Afalse%2C%22isInIframe%22%3Afalse%2C%22w%22%3A300%2C%22h%22%3A0%2C%22width%22%3A300%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A1015%2C%22top%22%3A107%2C%22req_no%22%3A2%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=811264&p1=cmaon&p2=gxvp&slotNumber=5&bids=W3siYmlkZGVyTmFtZSI6ImJldHdlZW5kaWdpdGFsIiwiY2FtcGFpZ25faWQiOjgxMjk1NywicmVzcG9uc2VfdGltZSI6NTA0LCJlcnJvciI6eyJjb2RlIjozfSwicGxhY2VtZW50X2lkIjoiMzk0NTIxOSJ9LHsiYmlkZGVyTmFtZSI6Im15dGFyZ2V0IiwiY2FtcGFpZ25faWQiOjEwMzI3OTUsInJlc3BvbnNlX3RpbWUiOjUwNSwiZXJyb3IiOnsiY29kZSI6M30sInBsYWNlbWVudF9pZCI6IjgxNjAxOCJ9XQ%3D%3D&utf8=%E2%9C%93&pcode-test-ids=801254%2C0%2C2%3B810503%2C0%2C92%3B810464%2C0%2C51%3B806543%2C0%2C64%3B806797%2C0%2C69%3B802999%2C0%2C55%3B808036%2C0%2C14%3B810140%2C0%2C84%3B801975%2C0%2C85%3B798890%2C0%2C42%3B803894%2C0%2C7%3B802013%2C0%2C96%3B803550%2C0%2C91%3B805234%2C0%2C98%3B800948%2C0%2C93%3B811264%2C0%2C75%3B681846%2C0%2C60&pcode-flags-map=eJy1WNl22zYQ%2FRc9Ryn3xW8gAVKouKgAKEfJ8cFRbdVR6yXHdtLEOf73DgBaFmUFcpb6QeY2l4NZ7lzw62iOuOST9lgiLCuUkUoWLZO0kRlqGsJGR%2B%2B%2Bjj4tLz6uRkcjwToyejW6W93e0TM4jyLfD%2BLRw8mrJ5gZa3GXCy7bRs5Qx4kVIXbTwDcIpEFZRSTJ2%2FoJpKJcKGfmFJNWHcDdrJWI1QPY1ecPO6ihH2pUTLmGzduuEZIRTBnJFSSazeyeeU4QeJu1wUJk3VWCsraqAK0R6oAweYxEPiFYCloT2RYFJ8KO63tOvBMzQQW4iBossxYvVCZmiKGaCMDHpEDw3gFmgSo%2BBA3iIHoCZUSwhUpAQ8Rxy6aSMNbaUxmHURCnG4Q%2BGTxH8FvRKRx2bE4WgHgMLnFaNna4yIn9%2BBncz2BUbVPKokKlillXYQkZrBaST%2BnMBH%2BOqu5AtcVRnEQbRMhbPoWiX7SdkLxq4Ye%2BJZCDrsGIUcIPgCVu4A7dI29mxkUo4JxwTuEa3BTyTV3ZwRLfDeKXg8lsAUHFki%2BgHX49NMJY1tRcz6uWQ31nDOXTQyH5oVXkLSayY9WLsVW2VcpmjOhufOpLQxP9%2FQGc68DfAC%2F109g5gJd1RQE9SOqZWEAb1HQX9LsR5zNE8a%2F3sOjg%2BEdRG0XVv9jTb2D%2BVH72Y%2F5%2FEfjR7KvaLxnKZEWaUkwGRjBVkm2zxEmcOHgaB0IT5ZwwTtshPcJzaRgObF3Hj31tu4DhQd5I1knc1og2tukYOrHnR3vNJIxLwWhmNfdcJwp6c2VpTCSqjtGCWy1h1KeGMWe66WGMctIIu03oOc5glPcjPOfMapi6cWLc1Bk1ckZ2DS0o0BltYLgWKCd2jMTrZ7WaWYwUjPAJ8FpJc5td5CZ%2BHyJYYkFZrZiOAWGrQgV5BbWWUWyFgCh77mDdIEEYKiFe%2FeBSFc9zRkgjOZ%2FZ%2FUndoPcHQWG3Te8LKpTEoIUSG7AshIndqThJIyMSlB4qYEY2GGawsYfy2RVVdvtsqgcu1yEZKjw7Sho48QalIqCXAMGqCKMoCSITzq2wlQwYDpTIVLR2v5MocP3t%2BGlBJY8nALKF14CE0AkvO6ZGZqcUZ07o3B7W2HWC2MhVxqSpNNGxpk9PXlHItpiwtisn9hnpApKJb4XeLnRGpW61bbOvo79Wd6fv6%2BXN%2BfpqdOSGzqvR5fWf64sVP11erK%2FOR0fewwA1hDbQqLxGTMg%2FOtIRPdizCikFBQyw%2FYJ3o8vl%2BuL1zUfw7cvy6mz1GY5%2FW18uz1e3g0vny0t95ex%2BdWUeX35a312bw8vXWydnV%2Bv%2BqkLeIMCFm%2BX9xfX9%2B%2F72%2FY35%2F%2FFm%2Bfpq9e%2Ftswf%2BXl5frrXpyf4lNkhAvmRNWKl%2BMUVSoNLKayDpvb64dFsQyD0jKBdA4QcMQ98xewzYNjxKfRD%2F8OqmqzNiZbg4dP1%2B4uiNlt7UgCXMsozkpiPnlFPgjgMwsWOqD2gEpF%2BtCK7UlENxgfakl%2BDCQ7EXjV1SeOMgyNE4y3A2xjny%2FCQhJArxML5JGKb9cBzu5La6R7RdPjE9pCSnWgeMQ6Z66Hcg%2FAM9BC0Kk1W9QY1eTzECUCwGXFRbmztO4sCN9vmm92aw16oyVeUz%2BIErQvlFGyr2bKqeIQdB6A6Rt9arKZCWEnFIPtdUaEVLXSiXAzFUmLlAei%2B52dD3u1V7Ke5B38KtaDkRwEGkfqmPwGSPuz6oKq34wQ8QNtZxH6fA1N4egL4tXwSRhj2EURmCcEExfzYkPy1v74ZSLPbCR2EDlSdobno5q1rIP4yK4wkVZE8%2FsDEde0HqgrgbuwC5fe7tnPs754E%2BR2MvBKEae2B%2FMvApjdynHeujXhUtNIVpDqhGEBgqupOuAVGA6HA7OBCpoBhDx9%2FAISGUuOXfg5eav2%2BgIszxdL7DW3A%2FiIIdi6AXSDu1XKu6a1thp77EiUBMbn82UlNz06EH9MSH5ek%2Ft%2B%2Bv766vLr7soMZp%2FzHqRV%2BhVOMCYU3ocMCOTu8uhrieithgtaJEktWzgYjTn8%2B2WMbUnZFq9mgkjh8dxNc6wmwv1FMvROzju4VjPt0Mg9y%2F7oWYmvmY4iijlmSNmkX%2FwVEVo%2Fqgc2DJruMGzpMGVB%2FRiDLehrV746a95nrmjVE5glbWrMZpkvQzTWeua%2BoO2GE3LPbC8JM02Dih6VUDPFL3gapyelGqGVa%2FEzJkiBJGuH35fhg6vaIVMHY5KoiR8bpMuP3Noef324kJakrD0P0GSzFKhcSBhnDSflhrin5OGK63Sxj6ysPJw3%2FY8qCB&use-server-side-rendering=1&pcode-icookie=Nl4X0sWzxEvbTZ34QF36nY9ABWXk%2BoRqzLQLlcUNpMaFF2y3ZZ5E2Y2HROEx2Gc7HB%2FXzuSSFJ0PBPVOOuIEq10%2BPB0%3D&top-ancestor=https%3A%2F%2Fwww.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru&top-ancestor-undetermined=0&grab-orig-len=3052&grab=eyJncmFiX3ZlcnNpb24iOjIsIm9sZF9ncmFiX3NpemUiOjE2MH0KEqW0kOQ27kEEqIuHaTt4VwqFv4zwtvH-fZNvA_-d13LTvdt437gJEXJt08DfpqOlMVEeiolCMT5Y-yuc03Ubr7-BvgjANagqzOtgbcPJ_OHXvy2ziLCKigooKioqYNyAr0QNs8maqElbeABYTdYrSZNUogqzyStxxe9XDJukyRt6C3vDadEV0Fa_El9d1PO8m5KETK-lodWQInY0gB187ErQon7ZXC0Q2xtQVdWiQ4kvNIxt-LbYTd6vdJnRwRaN5govXT3uxh0xTQN_JVFvaNMTs4D_zpKqfDfi92wYy-uo4VTlNpJXmAtxjldikLc_kK9M2TDOu0oy8pt4C7SSx3qDxUqeZpQWa2yMDakFdGTW6ip9rPo0zrou06cI3JSpmkpj1MbGROfuVIkuTnUxAndTvI-k4l_gqNudB-aY8UNJlmv8xW-aRcLSZJudlRGkvF8D74WJGnq_qvRySWh7gzbZxHq_SxdfCdyUcF6LUOLPtvNTtKzw_G8CVNNTtkx8GHmF_cJltG4XPzfIUhDgJhpKtQBP5Milg57DQQUqZSubm4m3XldhDlNCCYLFSmmE16kMmVqNwG2iC0rtJjq4mkzr5lWKE60p0_BpxZnJkPLpahK4fPpUqcFwbVKDr28wquPrG4wWayagSWcw6sjcFgBBbBDOc7TucDqtruz1rDSUpQD_g5x2V1UlQKoEKJPsX3KufaY7rAypoM2X-1_9fyJFRMU7iBoWUiVB9hkRVYqL1MCdsa4xwiff5Km1mc7SIFWCv2SfLKqwabe4H1lZCXOra-RzJWF6ud6KDSCONzebyRMDZapxs1Ux6nSp5hpppqEwgshOpj4z6njU9mpcbYqW2fwPCnRCzWACP3FbUOmzT9OQpc4lQVz88gU0JbGAgKj5Q5WtT3WkApINRg6SzcY41W8xhUV9uasVsEMDDvWvhT0FT-2lFz9NB42d2FNhbvFR6q1owDSgGy5YgQn5ZBGUhtugcIM3f6FINHoujqrPvFTk-4VVQIkp1IlmqDhyNF9NPqGR3IGquGcZMrHrHxGRd_Efexy8TbSJOlbzn6PwkF_uCnSgKQ0lBbOZKoE3NDaQmbGRay4pYkvbBWWcqseJ3s3f0hTrOr_c0pKH7OLOfSVCuniTLzfbEkbJ7J98f_Eo80yM-FIOHYY45auHMoszpBOencKoeVChSgykep1Hkq-rY41RB3_oWLh0bN118I8ohFsJ2yMi3xX39O8-YJ83Yg0HZBX2kx567GcHJbfZkCfjBQAxjgW2x4I00YZk_YGN8WhnU9WIQcAsf8L9tVTjr6kWLw7QCv1PlFQSj-fsp_97Jel4LeFxyqrVxdmsj8ux54Hl7UDUuRMUxoFYeiDFmVcynuvgYo-bVaxD1iI6O7P8B8jfSVzx9ki9QX2aJYcLl9Tx_E1AkVJQGHUdCBlF6rG_055TI8ydCBm_YumvIF50kolL8obBJCFqg-DEvkc79H4nZ43va1YnBnNHH-JBKvm5b477JrILPvFj8Vyeu9lsuZ0Rplj5J6AuuuodxBUGUzhQvUFcw-WQ_L8o5MX2eXvWcgXmEtsQBpuB1eTe4hVN7qTO7Qw3ipUHgzIxS3RvSv7Auq5lxCTnAvDEwscrCBumNrVVOdzH9uRKQV0rxliHphHus_HMPOXe2tmocxsjXLHyTsAMkbi3KlgS7Lw3oEe0cG0BUQNX0J0XiV88KM0Yc5PFZaMzyUmgjecR-beD9KcRTvySgLk3D3nwXLJ1EPrjTDS38NLRAWpuQ5TbaBgHYelBwI8JarE0x7Us6v9hRT8P5ksnZJIQc_8d-v5IUVWHxwz8LG9YTo4me2jrAT0ghIsM6M1sb88X9ZVxIQD0hQZRSRiAmOREL0Vo9cQd3q8XgenF5rltq2IJX0jvBGO6gKlX7UCU09gZL2Lpi6BOXEK_p668UFIfQYm5HgXwCXFDQZcyog3xIPWEL-WI_Le5CGcUjbE0ZrbVkSf09-McnYhyB8PKycoHATthKBpCDmvwDhgXS8kcyJkBignouyUgQQI84AADWJAA7cV65HTmdkZkYp25czans2rcqKTc_Sf2EHH4TBKOxmokLhajYigMwdwQDwhDmpJ5-5YjdyLMbWDtOXELn1HCoxM-m0_DZEioyFBcs2sz-EZdFica_ulyoLXrv7IFDxbjAUDU1beDZ-Rt59Gn4dG38ehT8-iDyr3H5htuc_NccE0XpyDGnReCLhjMai0N2q5Oyx5PVma3wjE4fZ95XiXq49HN6izqx1hiz8RQXiZj2MIbh2XZJe8VVgmOi54Dcm8AKYOvcJBwBoOBM7Rb3ORAPE7YX3_5nors1BjOBrKVX4Z2axZf2Aqn4BAqQSXsK_hrDoecWJJ-DfWPUIIrqjWLbnHBHm2s1ehjyQ5mU5ePdhEJyipNPkb7nckSC3dkm2XMpen0m2aRv68teRfNkpL4_JkcBqGZJ38lk2WZRjwmR_xS7fkKfYoV7-rx_mVV9EGrlu_S_fzZ5C0HI2FmtlrOC2Naq0trsZLbLaB_PWR1vfG-XHHls_7ussrQV3APRnStaHMrnwm1qAfLIMmqwRp00zWh4S20EC-7MIG16QmRvvcOmM72m64pTxwQDzPLL1mQCd6Yd7FT8TYJJY14O41bwincFJVt1HiEhLSLuRbs5HNdVJ5wYY6NFjZ8A2UPyBX85cGwxFuRDIagvGDXRJvsXdqU4dy6KBd0QcNY9_rdnuTVH9ep_A_2tCIRpOArqCyYxgwjFzJ961pMqqhsn7ZYv8zBiJVZqbgUpix9B8rnIrhiul-mhjP9Ivo-idzt-JSyaHPSPlv3NbwXQ2bIxSyc3v0_9rmjdoacPaClskLrBfE2D-I-ze4lK_sRDE5TGs5C05esigasgtCHNmyubBJf0edo4VHQ56DzpcZnnbHucbPOCLORNiyZmhUajj_mn-A9GCTMYolC40g56Tf1866SIWFU3-8LDkrC8aGwA674Lv3b4g3SZZSfAu4wAoA%3D&tga-with-creatives=1 Requested by Host: yastatic.net URL: https://yastatic.net/pcode/adfox/loader.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash bd0e1926d63d557f4d3b980aa76ee662825145c450b5b12951a5124a255f1282 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers pragma no-cache date Sun, 23 Jul 2023 22:41:53 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Sun, 23 Jul 2023 22:41:53 GMT x-yandex-req-id 1690152113563575-944933343808143400253-production-app-host-vla-pcode-116 p3p CP="NOI DEVa TAIa OUR BUS UNI STA" access-control-allow-origin https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru content-type application/json cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin * x-xss-protection 1; mode=block expires Sun, 23 Jul 2023 22:41:53 GMT
GET H2	200	afr.php Show response ads.us.criteo.com/delivery/r/ Frame 9491	121 KB 43 KB	73ms 65ms	Document text/html	2620:100:a001::24 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5MFKNxNAApLxecTK0pZheyfuCsMLA&u=%7CSjDzQLoKHiu4kmQHvxRrWwMUKlM6G4NxYLF2hNe%2BUPk%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78rklu3251mk0mb-RBzl6Q37qy_PLxz4NWIjSKjEB-Fx3Nu_gFFVO2d9LWvxlGa_DhrYjaZ_D82_b8Aa1j51kug1stgh2UZ_gWNCL5M_7hv5ju_cNRxqG79p6gpspd9qL_HVb-GRbHUwQKwvfqa52vnLW6gKDTHCpgssUK_Dsg0k9uMtB57Pqm1iSSU3G274xWToN3Sl9mPGDQV80lHr7QgiqdSHW_n8MfWenyNBRThsT4bi_gIesGNF3TS9cZbyeDc79EF5Gk03OP_w0q2zRRz9Tpt_WbySnJu_S_604-Ryj6QfuEtQgBsJOWJWaBTXkZap22GShSWQ-CyTyKZvHeBFafVMQmk-mRPrDi6-edMs72TMMJJLJFDSf9x4AmCT7fJk1Ykh6c7V9mVPbHfeK5GDD5nUtVfjLLhsEMq9GY2YwVV0BxkLf67Ypwlx9bsiyOxUgwD0wM3glJQLZqc0Edrr-wCIcCdjcR9IOZy8vq-WgyO6DQUbyXaYhOT0k_QzxPOiMnr58phNRRqsXXz62bRDWqrSjusSO90M0LK-tZ1_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7Xfxray9ZJOPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEwAJP0FAxIDHQjn_OBE-waXHWgdm9cDx1gpdhaORFdoeTQvT7VAqzHi2bUZyRKhcZ2Q3hgiPyobMaLo-4rnHj4fqkOkfr78_GeVtYaqdrbdtI2FbgkAqz6iIrxQQzX8Uc_pHuOKZ0apei0yhNrh7uy0CumKKXeio7ZBeijXTn3RxjqHtQiIUC1Wmjlej6l3u_tL0UWLLuuivIA6Z_9TBVmnnS753vbelclmM3zsd-gAqCvhkEfc2A0Nd3TIb0IwK0KwpmQkcWFtglRKzyubSXl80UyB6iYHNhvNfZniCuaOrxW1BXpakphD8Dp59z1kSELQNCVjz4QzUr5dqY4fkTKxIVpyd9jdSEX5UDokOD1K0DjrDUkCDqD209OpffZ8W1KFMw3Lz6qTeEnq1kMJUuxdCFw40IlgTqcbeKKRhudKQjFoAGycf9-t347pIXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1GC3B3Kw-TOK45YC_aPQWf5tT8bw%26client%3Dca-pub-1618592205083780%26adurl%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash 6eb6d3fd684b604f10aee97339afa67a92d421e49c11d9041892bc6c5829c54f Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 accept-language en-US,en;q=0.9 Response headers access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * access-control-max-age 1000 cache-control private, max-age=0, no-cache content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin date Sun, 23 Jul 2023 22:41:52 GMT expires Mon, 26 Jul 1997 05:00:00 GMT link <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin p3p CP='CUR ADM OUR NOR STA NID' pragma no-cache report-to {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=HoAmOk5XRp0-3kmAyEdEJfldQe1I7gDBQ2iost85VJsmTqsd8on-ErQUXEE9ScSWMFc1gnnuFJIElaJbPYvhskG2mLJWkapV4UTseBUQa5uvACQD0BctwwJH8B7sk6c7iHwfmH_C311kcGTpU_aj97XaEWb5mqWkHfzgVHpJ5QawM4gon-kCPQs-UTc8Z7gxZgXgGMzEpUnGNYJQh-P06Vsy3Bn_BrDWiwzDyO4g-mgBANO4jo3HqlQ3j1ofh79aSjXW2g"}], "max_age": 86400} server Kestrel server-processing-duration-in-ticks 18109607 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 81BD	3 KB 1 KB	30ms 23ms	Script text/javascript	2607:f8b0:4006:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80b::2001 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 17:22:38 GMT content-encoding br x-content-type-options nosniff age 19155 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 06 Aug 2023 17:22:38 GMT
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame F188	1 KB 643 B	31ms 25ms	Document text/html	2607:f8b0:4006:823::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:823::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 accept-language en-US,en;q=0.9 Response headers age 45713 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 23 Jul 2023 10:00:00 GMT etag 48472445140208031 expires Mon, 24 Jul 2023 10:00:00 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 81BD	20 KB 8 KB	30ms 23ms	Script text/javascript	2607:f8b0:4006:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80b::2001 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 17:22:38 GMT content-encoding br x-content-type-options nosniff age 19155 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8309 x-xss-protection 0 server cafe etag 1379281626718990200 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 06 Aug 2023 17:22:38 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 81BD	179 KB 56 KB	64ms 60ms	Script text/javascript	2607:f8b0:4006:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:809::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:53 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 57333 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1689766554590483" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sun, 23 Jul 2023 22:41:53 GMT
GET H2	200	afr.php Show response ads.us.criteo.com/delivery/r/ Frame 593D	139 KB 47 KB	103ms 99ms	Document text/html	2620:100:a001::24 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5QFKNxNAApLxcfAYaMUBXzK6NraFA&u=%7CSjDzQLoKHiuKzFT8OZYMKpD6EKoZ1VzCRIJX3j2d7Wc%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv2s2u2dplnKJtVkuzLzx_KV4fN7d1ufgtaTz-Ku7eGDRd5R4EKT3I_GMMLHiGjs_TodfHlURqc7LuTzRQ3slKmZ8DQsjiL3h8nvC3T8_zTZRKLvKkEdkqcXGwMnqvz2sVffV3WjPpV1OBSwIZsXQH_mMosLJ_qqzNf7Y2Nu5kXXCAvvVSBIlPk29qGnS03mwSFnVv5ZvqXWsJdm3P618DjbVnDITmANU-LplsDG30tWNuJtdi5wqmAKJIGSWluPZQ7MQQf-pKq4ymOx5DU1AtOlNXDmvT4i0gU2TZMCuMqRZE5LNMyWdyy0VCnvrcyMG_Msvv1rQu00Ei66O_JGo0N89btVJEU3zQSQ-QnD1rXVND9y6CDelEXPBU8Kgs2xgddtTqq_lmYouufidv_dF0CPFbwOVChR-g2OuNsWgFIuVGoz5qkEx2CwfYQXxwNolP-DadjGuIbRFtFIApZbcrhsU-ncXpTHeu6WPz4YuB5gt5E04owbleLtAF66UB4jJeT0VhlEFT_Xf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHBghray9ZJSPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0AiGg0LW9IZGpNTTCpmHAISEqvNmnc8TM3xu6WmZHgq1Qqquh2H71cg6mgmwOlYpzeOhssMf61DChKa3xtFTsrAbuZmdYtVi9k_PYYfoWCL0fSdogIjSGWcApsse1SkuyeF5erG5RsfHukps-Hs1tQH_QHNt8WvAzSd_-fBZ7nePAhoAx6Le1dGG2Bt4lPlQdnziGsNK8r69l3CVkWmMpXrKRw8BetKjCNxJp6BWrkYgk_aNdXeWaECyHRhz9E5wR71DMAhiMZn7m457UtQBrIsPtELAd34ioQQw57aF_pfN4ByU6rXhk0wUoNP3uRIGkWYD-h29WqzP5kR5o_JsUHQSi7Ne7geHvyXiNTJBQxSY_VMttLjBIgICrT4OlISyCwNYnvbMZUzVQ5m1ThvcC5G8eF48UIrepPu1lz4mgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3K-I8gnC4nlhQ0RUUUFC8dxv_unw%26client%3Dca-pub-1618592205083780%26adurl%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash ca2d72fd740518dea6a019bb57ec196bb9bd32f17c35666875beaa01b9e0b4fb Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 accept-language en-US,en;q=0.9 Response headers access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * access-control-max-age 1000 cache-control private, max-age=0, no-cache content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin date Sun, 23 Jul 2023 22:41:52 GMT expires Mon, 26 Jul 1997 05:00:00 GMT link <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin p3p CP='CUR ADM OUR NOR STA NID' pragma no-cache report-to {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=KpzLkU5XRp0-3kmA9spnG-_H7VScIidpARH0Rte5zRtKdh3oeGV6KF2MoUjaAULAdSuzgPy37GxMjKCiIXCNKZJ9gf_-cpf8a8jhKsmTYAdwzD6kGIiOg9vESKWxAZkK8ygSghpyFUerU4RrZcY56f2CBYPivqvA1wQFhd50gbyIpy71j7RBa1bw3c2mmOiAHwDRFvGbIE1f862typX9JVg6k3LFJQLzAl-h7ddC9FU_1a5al5bs92z7PueqSXogS9OKUxfT6qEEuTpG"}], "max_age": 86400} server Kestrel server-processing-duration-in-ticks 67932260 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 0D73	3 KB 1 KB	26ms 26ms	Script text/javascript	2607:f8b0:4006:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80b::2001 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 17:22:38 GMT content-encoding br x-content-type-options nosniff age 19155 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 06 Aug 2023 17:22:38 GMT
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame F31E	1 KB 643 B	53ms 47ms	Document text/html	2607:f8b0:4006:823::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:823::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 accept-language en-US,en;q=0.9 Response headers age 45713 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 23 Jul 2023 10:00:00 GMT etag 48472445140208031 expires Mon, 24 Jul 2023 10:00:00 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 0D73	20 KB 8 KB	33ms 28ms	Script text/javascript	2607:f8b0:4006:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80b::2001 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 17:22:38 GMT content-encoding br x-content-type-options nosniff age 19155 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8309 x-xss-protection 0 server cafe etag 1379281626718990200 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 06 Aug 2023 17:22:38 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame 0D73	0 0	50ms 45ms	Image text/html	2607:f8b0:4006:81d::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaSJJh6ast00pe_BHjRjaibq3DQE1eMiRhuLT1Z2z1GABNs0tvsOOBTgAr56STYJNSLFCAMjtV392bfpDEFXkPqZQMnXzw Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81d::2004 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 0D73	179 KB 56 KB	80ms 76ms	Script text/javascript	2607:f8b0:4006:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:809::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:53 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 57333 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1689766554590483" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sun, 23 Jul 2023 22:41:53 GMT
GET H2	200	afr.php Show response ads.us.criteo.com/delivery/r/ Frame BDEF	170 KB 53 KB	101ms 101ms	Document text/html	2620:100:a001::24 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5UFKNxNAApLxfHDqOKPtAWOCWnI1A&u=%7CSjDzQLoKHiu%2FHvtcMH2GIp%2BUpmMJy17Qx3YskfURbe4%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv8woe_caJE_VUAicvkuo4T4WuabUPEUl3LeKzAq_pgTek-KblTtvdwbtUm5EnXa_EpKX7NBZFrgFRvbSDW4ZgPknzANXSqeQhVssTmp8HPODGB1YTUM_VRwYXAIRWcjPZOTJFCJALJpKAHkBLr0hJzP-B30IwWo5-uNkZIvIHSaSptMNoUlkrRgcLTwYixLsmHLvbQxaFohAZ9WbsD3ThQhk-R0I1TYADCvCl2Emijc6nzVZpR9zseC1MNkKBFCnrFZu6w2WLMssbU8yy1bjtK01D1BMNmZ-Gjvd-7S6T3kNU_kbOLEJ-kdFZ5tTbBqvKXiFDa5DJyZpo-PVwS7B2UtBpLiQwF6vm3UeV1EjZgEeGiecYADMA8ZleWdXtAPhnbakoTywcrtpzCeiKBKk1nLUoxfk3n7gejjSaHw9MmxuwszorHbqyoajrZeD_rpmeOxLKttZyS5Q1uaOuxC2wnGCwiOMdyYgPz21o3LqitUOQvKn1jfgVT4ZOEHVmXqRlAEq4TiIGM9IM_q774lwakA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRBCtray9ZJWPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0BTlMUhuBlZKl-3E-7xxCFSS3ePazj0-EdIxKbBm8DEMcJjoXroi8Wts3wSpE1XTNqlviiuDGx2SvmOfKCOuHOm17zhTptml28Ee_H5Voy4u4m1bKvUKkBtkZiAGysySEEzOi52z7tKzrpwIU349b1rJx2ZLREfgKtv8c_gnSnzmT76IbxuG_QrykK_fNVA_jrnxHRWbTB7wmOMeZmntIOT1w-3jyUJpYS8VNs85R0cYARVgiUkVA9B_Zg1ZgtgoWZy4ug94OTs6LxpBfOiEye4p66prgGH7WGa7xIthICvcFxEGxSD_cz-mhH0uQFPYVk2K_nY2p8l9vwHlL7CFwGk1402N3u38W22N0kEr39k-N2Bz6nb8fJI0hnLHRKoNjdTwmWirEgAM_Yt5rSUP5om8rPD2gje53BHzFctIgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3uvvs6CwprmmrFVVTiB1hl4mqEuA%26client%3Dca-pub-1618592205083780%26adurl%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash 8187bc16f60a08222ac7465b0a3cbcbb7968d5913f5a24e76b643bf39211441b Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 accept-language en-US,en;q=0.9 Response headers access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * access-control-max-age 1000 cache-control private, max-age=0, no-cache content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin date Sun, 23 Jul 2023 22:41:53 GMT expires Mon, 26 Jul 1997 05:00:00 GMT link <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin p3p CP='CUR ADM OUR NOR STA NID' pragma no-cache report-to {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=AGQ5Ik5XRp0-3kmAmD1hOfkZarC76cmtbcIu6bIuJR8BRGoBjKBsUph6a5IVcyZesgQrtm-XVwrbTq_EVEa8n8F0dYQu4I4lTZe70M0Nsu6bwBjVh3JI6w2RePkJ9cpMjHSXaNQwslP9wD7n941OpW1jERnuFY30gOFBsUQ1L2P5IM0qSCyLBWTfYdLTPmT_2wjSMrv6DRRmsRABvCWW44do7FEGLTZ5yyoxBTUOtR5efycvkr86jXTxMcZ5c9N1o9MgAw"}], "max_age": 86400} server Kestrel server-processing-duration-in-ticks 67582821 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 0AA1	3 KB 1 KB	29ms 28ms	Script text/javascript	2607:f8b0:4006:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80b::2001 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 17:22:38 GMT content-encoding br x-content-type-options nosniff age 19155 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 06 Aug 2023 17:22:38 GMT
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame D8C0	1 KB 643 B	59ms 29ms	Document text/html	2607:f8b0:4006:823::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:823::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 accept-language en-US,en;q=0.9 Response headers age 45713 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 23 Jul 2023 10:00:00 GMT etag 48472445140208031 expires Mon, 24 Jul 2023 10:00:00 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 0AA1	20 KB 8 KB	60ms 29ms	Script text/javascript	2607:f8b0:4006:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80b::2001 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 17:22:38 GMT content-encoding br x-content-type-options nosniff age 19155 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8309 x-xss-protection 0 server cafe etag 1379281626718990200 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 06 Aug 2023 17:22:38 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame 0AA1	0 0	81ms 37ms	Image text/html	2607:f8b0:4006:81d::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaT7gqkgbFEGOVCKXBStOaNFwtaF85RdK68kq3xOgNOWeSbOJ0-fbEDCDR3giyTCVkZopv_1IBuyXzJ_G7PsVKnx0dEfRg Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81d::2004 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 0AA1	179 KB 56 KB	119ms 90ms	Script text/javascript	2607:f8b0:4006:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:809::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:53 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 57333 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1689766554590483" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sun, 23 Jul 2023 22:41:53 GMT
GET H2	200	img imageproxy.us.criteo.net/img/ Frame 0F12	27 KB 28 KB	61ms 32ms	Image image/png	2620:100:a001::9 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.us.criteo.net/img/img?h=352&m=0&partner=52383&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F52383%2F4774029%2Fd776ec11ea57494ba0020202cc6e56d5_black_logo_600.png&v=3&w=284&s=HBfvElW0S6jGqeYZrlSX19Qx Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAJ78UFKNMXAANAL1ZjmMz9_9MSmeQpdg&u=%7CSjDzQLoKHiuuCPxM7LPYvqN8FUsLBhtYQkKBsl3HK%2F0%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78rklu3251mk0mb-RBzl6Q31aohG_DEjutoXymwHZ91Z5SU1mntZfa4vRc8nT5cTmKM7rUKSqosjXyKCO6jz5XzCxIlxCJefYRUBo36Loj-fUW_M0PUrQ8aLmuPBxSlf9kTqYj198CQ0QXv5xkn2PGMHP7Jlfkz4Bo___s7ReVMEc5icU6Zgj9uV0fMoFNdgFJp7KFnLj9yo5l8jpaGXtJ_h5bDH9yJxd9WOXsr17HBQUhWUJ2QfY3sJyM9QOj7BZgNfgGHciAYlbGo1Zr1Rwxr9y3gRd1-SpYj9QrPLCRiGeXcssGkE1ycjVHNF_G1thgitRAlntEyrerFwrWRFm42NrIvoNlj_apermKpE41PIdYyG7iGZiEDCP_ZJ_8Dsn4c2L2BNJSHEQfqclMERWLgICjY3BxgFoi5HCeBiWzM2Xkh8zEOg0EDkcTaq3YoA62yde8yzkCYLBUJry5FCkDVWcKHOFu16kzLzM0jq9XwvPMNuamfTROycTSA19jHAoZaIyFpxOyU3Nh7hIOB7MkA6R7bdvxGu2-E9ruvI66_sQ-FaSF1Owbdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPn4dray9ZMXfJ5emo9kPr4CNgAqcge-wXNKWqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoExQJP0GUzpYeEATZ465b5enwUkn9CZqrD9D3-kj7evH0GOnKaaytMEg-HfUZinFZ6kPN6jJxPJMx88c0sRPYiTkERNV1Xoe2gB00xPTa4y6a5SQTwAsMjpUMoIpfkyiasC4ibOaMIU5YDBm1v1gz8OG4LFb-JSKnF9bu_B3rwbHLCXQmDzB6atOKDfa08adj6wHnq_WkcZR7fjwMJmB3M0Ow9naY2W2xxoJEK_csXkeuViT_C0_zUhE0UzTVD4HxDTWby0N7CRc601z_6so5Px6vWH3PZTMRhoIwStl4PfnVmLsy6zZLijpG_u4LCCJsq6CnvXnmKStvlI9LrnobQzZBYX_L4d12LZzpbcwTUl3ak_x1VmsTXGGzFVwQOy7d7102Z8U9C8rvmgJAXA8xyurwoNWAmKENmMCLDRVqOxwQsd1cXlyLLgAbJx_363fjukhegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1ft_UO8uoXHKdC3d-9FDjyE1m4WA%26client%3Dca-pub-1618592205083780%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash 50e4c20b2a1596f5618dbccb3ad11d4f42f18066d9f89bfe7cb6b6b633a1afcb Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:52 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/png cache-control public, max-age=31104000 content-length 28037 expires Sat, 01 Jun 2024 17:02:46 GMT
GET H2	200	privacy_small.svg static.criteo.net/flash/icon/ Frame 9491	2 KB 1 KB	50ms 31ms	Image image/svg+xml	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/privacy_small.svg Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5MFKNxNAApLxecTK0pZheyfuCsMLA&u=%7CSjDzQLoKHiu4kmQHvxRrWwMUKlM6G4NxYLF2hNe%2BUPk%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78rklu3251mk0mb-RBzl6Q37qy_PLxz4NWIjSKjEB-Fx3Nu_gFFVO2d9LWvxlGa_DhrYjaZ_D82_b8Aa1j51kug1stgh2UZ_gWNCL5M_7hv5ju_cNRxqG79p6gpspd9qL_HVb-GRbHUwQKwvfqa52vnLW6gKDTHCpgssUK_Dsg0k9uMtB57Pqm1iSSU3G274xWToN3Sl9mPGDQV80lHr7QgiqdSHW_n8MfWenyNBRThsT4bi_gIesGNF3TS9cZbyeDc79EF5Gk03OP_w0q2zRRz9Tpt_WbySnJu_S_604-Ryj6QfuEtQgBsJOWJWaBTXkZap22GShSWQ-CyTyKZvHeBFafVMQmk-mRPrDi6-edMs72TMMJJLJFDSf9x4AmCT7fJk1Ykh6c7V9mVPbHfeK5GDD5nUtVfjLLhsEMq9GY2YwVV0BxkLf67Ypwlx9bsiyOxUgwD0wM3glJQLZqc0Edrr-wCIcCdjcR9IOZy8vq-WgyO6DQUbyXaYhOT0k_QzxPOiMnr58phNRRqsXXz62bRDWqrSjusSO90M0LK-tZ1_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7Xfxray9ZJOPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEwAJP0FAxIDHQjn_OBE-waXHWgdm9cDx1gpdhaORFdoeTQvT7VAqzHi2bUZyRKhcZ2Q3hgiPyobMaLo-4rnHj4fqkOkfr78_GeVtYaqdrbdtI2FbgkAqz6iIrxQQzX8Uc_pHuOKZ0apei0yhNrh7uy0CumKKXeio7ZBeijXTn3RxjqHtQiIUC1Wmjlej6l3u_tL0UWLLuuivIA6Z_9TBVmnnS753vbelclmM3zsd-gAqCvhkEfc2A0Nd3TIb0IwK0KwpmQkcWFtglRKzyubSXl80UyB6iYHNhvNfZniCuaOrxW1BXpakphD8Dp59z1kSELQNCVjz4QzUr5dqY4fkTKxIVpyd9jdSEX5UDokOD1K0DjrDUkCDqD209OpffZ8W1KFMw3Lz6qTeEnq1kMJUuxdCFw40IlgTqcbeKKRhudKQjFoAGycf9-t347pIXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1GC3B3Kw-TOK45YC_aPQWf5tT8bw%26client%3Dca-pub-1618592205083780%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:53 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Tue, 11 Feb 2020 14:30:28 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5e42ba84-6aa" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Wed, 17 Jul 2024 22:41:53 GMT
GET H2	200	adchoices_en.svg static.criteo.net/flash/icon/ Frame 9491	2 KB 1 KB	54ms 36ms	Image image/svg+xml	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/adchoices_en.svg Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5MFKNxNAApLxecTK0pZheyfuCsMLA&u=%7CSjDzQLoKHiu4kmQHvxRrWwMUKlM6G4NxYLF2hNe%2BUPk%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78rklu3251mk0mb-RBzl6Q37qy_PLxz4NWIjSKjEB-Fx3Nu_gFFVO2d9LWvxlGa_DhrYjaZ_D82_b8Aa1j51kug1stgh2UZ_gWNCL5M_7hv5ju_cNRxqG79p6gpspd9qL_HVb-GRbHUwQKwvfqa52vnLW6gKDTHCpgssUK_Dsg0k9uMtB57Pqm1iSSU3G274xWToN3Sl9mPGDQV80lHr7QgiqdSHW_n8MfWenyNBRThsT4bi_gIesGNF3TS9cZbyeDc79EF5Gk03OP_w0q2zRRz9Tpt_WbySnJu_S_604-Ryj6QfuEtQgBsJOWJWaBTXkZap22GShSWQ-CyTyKZvHeBFafVMQmk-mRPrDi6-edMs72TMMJJLJFDSf9x4AmCT7fJk1Ykh6c7V9mVPbHfeK5GDD5nUtVfjLLhsEMq9GY2YwVV0BxkLf67Ypwlx9bsiyOxUgwD0wM3glJQLZqc0Edrr-wCIcCdjcR9IOZy8vq-WgyO6DQUbyXaYhOT0k_QzxPOiMnr58phNRRqsXXz62bRDWqrSjusSO90M0LK-tZ1_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7Xfxray9ZJOPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEwAJP0FAxIDHQjn_OBE-waXHWgdm9cDx1gpdhaORFdoeTQvT7VAqzHi2bUZyRKhcZ2Q3hgiPyobMaLo-4rnHj4fqkOkfr78_GeVtYaqdrbdtI2FbgkAqz6iIrxQQzX8Uc_pHuOKZ0apei0yhNrh7uy0CumKKXeio7ZBeijXTn3RxjqHtQiIUC1Wmjlej6l3u_tL0UWLLuuivIA6Z_9TBVmnnS753vbelclmM3zsd-gAqCvhkEfc2A0Nd3TIb0IwK0KwpmQkcWFtglRKzyubSXl80UyB6iYHNhvNfZniCuaOrxW1BXpakphD8Dp59z1kSELQNCVjz4QzUr5dqY4fkTKxIVpyd9jdSEX5UDokOD1K0DjrDUkCDqD209OpffZ8W1KFMw3Lz6qTeEnq1kMJUuxdCFw40IlgTqcbeKKRhudKQjFoAGycf9-t347pIXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1GC3B3Kw-TOK45YC_aPQWf5tT8bw%26client%3Dca-pub-1618592205083780%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash 60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:53 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Tue, 11 Feb 2020 14:27:58 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5e42b9ee-759" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Wed, 17 Jul 2024 22:41:53 GMT
GET H2	200	close_button.svg static.criteo.net/flash/icon/ Frame 9491	308 B 636 B	34ms 32ms	Image image/svg+xml	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/close_button.svg Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5MFKNxNAApLxecTK0pZheyfuCsMLA&u=%7CSjDzQLoKHiu4kmQHvxRrWwMUKlM6G4NxYLF2hNe%2BUPk%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78rklu3251mk0mb-RBzl6Q37qy_PLxz4NWIjSKjEB-Fx3Nu_gFFVO2d9LWvxlGa_DhrYjaZ_D82_b8Aa1j51kug1stgh2UZ_gWNCL5M_7hv5ju_cNRxqG79p6gpspd9qL_HVb-GRbHUwQKwvfqa52vnLW6gKDTHCpgssUK_Dsg0k9uMtB57Pqm1iSSU3G274xWToN3Sl9mPGDQV80lHr7QgiqdSHW_n8MfWenyNBRThsT4bi_gIesGNF3TS9cZbyeDc79EF5Gk03OP_w0q2zRRz9Tpt_WbySnJu_S_604-Ryj6QfuEtQgBsJOWJWaBTXkZap22GShSWQ-CyTyKZvHeBFafVMQmk-mRPrDi6-edMs72TMMJJLJFDSf9x4AmCT7fJk1Ykh6c7V9mVPbHfeK5GDD5nUtVfjLLhsEMq9GY2YwVV0BxkLf67Ypwlx9bsiyOxUgwD0wM3glJQLZqc0Edrr-wCIcCdjcR9IOZy8vq-WgyO6DQUbyXaYhOT0k_QzxPOiMnr58phNRRqsXXz62bRDWqrSjusSO90M0LK-tZ1_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7Xfxray9ZJOPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEwAJP0FAxIDHQjn_OBE-waXHWgdm9cDx1gpdhaORFdoeTQvT7VAqzHi2bUZyRKhcZ2Q3hgiPyobMaLo-4rnHj4fqkOkfr78_GeVtYaqdrbdtI2FbgkAqz6iIrxQQzX8Uc_pHuOKZ0apei0yhNrh7uy0CumKKXeio7ZBeijXTn3RxjqHtQiIUC1Wmjlej6l3u_tL0UWLLuuivIA6Z_9TBVmnnS753vbelclmM3zsd-gAqCvhkEfc2A0Nd3TIb0IwK0KwpmQkcWFtglRKzyubSXl80UyB6iYHNhvNfZniCuaOrxW1BXpakphD8Dp59z1kSELQNCVjz4QzUr5dqY4fkTKxIVpyd9jdSEX5UDokOD1K0DjrDUkCDqD209OpffZ8W1KFMw3Lz6qTeEnq1kMJUuxdCFw40IlgTqcbeKKRhudKQjFoAGycf9-t347pIXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1GC3B3Kw-TOK45YC_aPQWf5tT8bw%26client%3Dca-pub-1618592205083780%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash 8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:53 GMT strict-transport-security max-age=31536000; preload; last-modified Fri, 14 Feb 2020 13:51:32 GMT server nginx cross-origin-embedder-policy require-corp etag "5e46a5e4-134" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 308 expires Wed, 17 Jul 2024 22:41:53 GMT
GET H2	200	back_button2.svg static.criteo.net/flash/icon/ Frame 9491	293 B 621 B	35ms 34ms	Image image/svg+xml	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/back_button2.svg Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5MFKNxNAApLxecTK0pZheyfuCsMLA&u=%7CSjDzQLoKHiu4kmQHvxRrWwMUKlM6G4NxYLF2hNe%2BUPk%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78rklu3251mk0mb-RBzl6Q37qy_PLxz4NWIjSKjEB-Fx3Nu_gFFVO2d9LWvxlGa_DhrYjaZ_D82_b8Aa1j51kug1stgh2UZ_gWNCL5M_7hv5ju_cNRxqG79p6gpspd9qL_HVb-GRbHUwQKwvfqa52vnLW6gKDTHCpgssUK_Dsg0k9uMtB57Pqm1iSSU3G274xWToN3Sl9mPGDQV80lHr7QgiqdSHW_n8MfWenyNBRThsT4bi_gIesGNF3TS9cZbyeDc79EF5Gk03OP_w0q2zRRz9Tpt_WbySnJu_S_604-Ryj6QfuEtQgBsJOWJWaBTXkZap22GShSWQ-CyTyKZvHeBFafVMQmk-mRPrDi6-edMs72TMMJJLJFDSf9x4AmCT7fJk1Ykh6c7V9mVPbHfeK5GDD5nUtVfjLLhsEMq9GY2YwVV0BxkLf67Ypwlx9bsiyOxUgwD0wM3glJQLZqc0Edrr-wCIcCdjcR9IOZy8vq-WgyO6DQUbyXaYhOT0k_QzxPOiMnr58phNRRqsXXz62bRDWqrSjusSO90M0LK-tZ1_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7Xfxray9ZJOPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEwAJP0FAxIDHQjn_OBE-waXHWgdm9cDx1gpdhaORFdoeTQvT7VAqzHi2bUZyRKhcZ2Q3hgiPyobMaLo-4rnHj4fqkOkfr78_GeVtYaqdrbdtI2FbgkAqz6iIrxQQzX8Uc_pHuOKZ0apei0yhNrh7uy0CumKKXeio7ZBeijXTn3RxjqHtQiIUC1Wmjlej6l3u_tL0UWLLuuivIA6Z_9TBVmnnS753vbelclmM3zsd-gAqCvhkEfc2A0Nd3TIb0IwK0KwpmQkcWFtglRKzyubSXl80UyB6iYHNhvNfZniCuaOrxW1BXpakphD8Dp59z1kSELQNCVjz4QzUr5dqY4fkTKxIVpyd9jdSEX5UDokOD1K0DjrDUkCDqD209OpffZ8W1KFMw3Lz6qTeEnq1kMJUuxdCFw40IlgTqcbeKKRhudKQjFoAGycf9-t347pIXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1GC3B3Kw-TOK45YC_aPQWf5tT8bw%26client%3Dca-pub-1618592205083780%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash 725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:53 GMT strict-transport-security max-age=31536000; preload; last-modified Thu, 28 Apr 2022 09:09:48 GMT server nginx cross-origin-embedder-policy require-corp etag "626a59dc-125" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 293 expires Wed, 17 Jul 2024 22:41:53 GMT
GET H2	200	lg.php cat.va.us.criteo.com/delivery/ Frame 9491	43 B 347 B	39ms 38ms	Image image/gif	74.119.119.147 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=OtM6vhPHr5zmT5vujDNQWadiDnkmDRifo8Z8FQGtdlzLzgt3jvGn3pBG6TQogdolKHLucIMLloUoNegdrFEGuPUHBjgyQQvvpYEnGyEpZWzhErd3eYPfARLYefRRnbo6iuadjy3sVlgOE9IKNdbrFkaunGEmV3pgGjly3gLzVTF0OcHAG2MOitxCws1tIC_jkmcAIY33YdGu_p44GmUjJXafWqw57l-j9iYcd66gf87nNbmfIImE6mkBTr96Qb0VOqKEGg5Y3ZDp75CCtf25NQZD93BJSmwEV6M7_Kvdl-kbrW4DHZUIFkZ-wK0OQXHQOPHqsAvKRy4gWN7901WI5pGeoqv8PN9WBx7QMB-AWwgB7iW3snyZ3oe2yt5gvjeRV7XQgpfoQDL9h6HlvZHyKfWRjpQCvD-P4ThFYhl39tro8nnl Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5MFKNxNAApLxecTK0pZheyfuCsMLA&u=%7CSjDzQLoKHiu4kmQHvxRrWwMUKlM6G4NxYLF2hNe%2BUPk%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78rklu3251mk0mb-RBzl6Q37qy_PLxz4NWIjSKjEB-Fx3Nu_gFFVO2d9LWvxlGa_DhrYjaZ_D82_b8Aa1j51kug1stgh2UZ_gWNCL5M_7hv5ju_cNRxqG79p6gpspd9qL_HVb-GRbHUwQKwvfqa52vnLW6gKDTHCpgssUK_Dsg0k9uMtB57Pqm1iSSU3G274xWToN3Sl9mPGDQV80lHr7QgiqdSHW_n8MfWenyNBRThsT4bi_gIesGNF3TS9cZbyeDc79EF5Gk03OP_w0q2zRRz9Tpt_WbySnJu_S_604-Ryj6QfuEtQgBsJOWJWaBTXkZap22GShSWQ-CyTyKZvHeBFafVMQmk-mRPrDi6-edMs72TMMJJLJFDSf9x4AmCT7fJk1Ykh6c7V9mVPbHfeK5GDD5nUtVfjLLhsEMq9GY2YwVV0BxkLf67Ypwlx9bsiyOxUgwD0wM3glJQLZqc0Edrr-wCIcCdjcR9IOZy8vq-WgyO6DQUbyXaYhOT0k_QzxPOiMnr58phNRRqsXXz62bRDWqrSjusSO90M0LK-tZ1_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7Xfxray9ZJOPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEwAJP0FAxIDHQjn_OBE-waXHWgdm9cDx1gpdhaORFdoeTQvT7VAqzHi2bUZyRKhcZ2Q3hgiPyobMaLo-4rnHj4fqkOkfr78_GeVtYaqdrbdtI2FbgkAqz6iIrxQQzX8Uc_pHuOKZ0apei0yhNrh7uy0CumKKXeio7ZBeijXTn3RxjqHtQiIUC1Wmjlej6l3u_tL0UWLLuuivIA6Z_9TBVmnnS753vbelclmM3zsd-gAqCvhkEfc2A0Nd3TIb0IwK0KwpmQkcWFtglRKzyubSXl80UyB6iYHNhvNfZniCuaOrxW1BXpakphD8Dp59z1kSELQNCVjz4QzUr5dqY4fkTKxIVpyd9jdSEX5UDokOD1K0DjrDUkCDqD209OpffZ8W1KFMw3Lz6qTeEnq1kMJUuxdCFw40IlgTqcbeKKRhudKQjFoAGycf9-t347pIXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1GC3B3Kw-TOK45YC_aPQWf5tT8bw%26client%3Dca-pub-1618592205083780%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.119.119.147 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers pragma no-cache date Sun, 23 Jul 2023 22:41:52 GMT strict-transport-security max-age=31536000; preload; server Kestrel p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" content-type image/gif cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 2142900 expires Mon, 26 Jul 1997 05:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame F188 Redirect Chain https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEEL-ilPYYEPll6MiHuJXurE&google_cver=1&google_push=AaAOQGFGrHi1E9YO99_DvKTXljn24IPcsuIeWhgSC48WYhOn6XvsHEclUREHVA-EtULlMKQl40x9F... https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AaAOQGFGrHi1E9YO99_DvKTXljn24IPcsuIeWhgSC48WYhOn6XvsHEclUREHVA-EtULlMKQl40x9FXw4FU4r4gPRyzzd0CXArCiN3w	170 B 188 B	94ms 73ms	Image image/png	142.250.176.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AaAOQGFGrHi1E9YO99_DvKTXljn24IPcsuIeWhgSC48WYhOn6XvsHEclUREHVA-EtULlMKQl40x9FXw4FU4r4gPRyzzd0CXArCiN3w Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Server 142.250.176.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s37-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers pragma no-cache date Sun, 23 Jul 2023 22:41:53 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Sun, 23 Jul 2023 22:41:52 GMT x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: D8E9CEA4A74D4EC88FDBF33D62F92493 Ref B: EWR311000102037 Ref C: 2023-07-23T22:41:53Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-lor1 location https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AaAOQGFGrHi1E9YO99_DvKTXljn24IPcsuIeWhgSC48WYhOn6XvsHEclUREHVA-EtULlMKQl40x9FXw4FU4r4gPRyzzd0CXArCiN3w x-li-proto http/2 content-length 0 x-li-uuid AAYBLzRVLpIO3tIXr/9pPQ==
GET H3	200	pixel cm.g.doubleclick.net/ Frame F188 Redirect Chain https://ads.travelaudience.com/google_pixel?google_gid=CAESECtep4f_dmBPcTywV19_faQ&google_cver=1&google_push=AaAOQGGVKKS4KKvHhOs2vvvkfo5ZiZRzKZVuVozyGj3eRBpeYr7gsTLgCIFby6gxCHGsq-XincKr4MfaHzC-c0fb... https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=uUbzPUYgRd-rvjX1LEBHhA2&google_push=AaAOQGGVKKS4KKvHhOs2vvvkfo5ZiZRzKZVuVozyGj3eRBpeYr7gsTLgCIFby6gxCHGsq-XincKr4MfaHzC-c0fbg9QQ8lxyUkO_tTg	170 B 188 B	99ms 85ms	Image image/png	142.250.176.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=uUbzPUYgRd-rvjX1LEBHhA2&google_push=AaAOQGGVKKS4KKvHhOs2vvvkfo5ZiZRzKZVuVozyGj3eRBpeYr7gsTLgCIFby6gxCHGsq-XincKr4MfaHzC-c0fbg9QQ8lxyUkO_tTg Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Server 142.250.176.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s37-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers pragma no-cache date Sun, 23 Jul 2023 22:41:53 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Sun, 23 Jul 2023 22:41:53 GMT via 1.1 google x-engine-version 0.0.0 server nginx/1.21.6 p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC" location https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=uUbzPUYgRd-rvjX1LEBHhA2&google_push=AaAOQGGVKKS4KKvHhOs2vvvkfo5ZiZRzKZVuVozyGj3eRBpeYr7gsTLgCIFby6gxCHGsq-XincKr4MfaHzC-c0fbg9QQ8lxyUkO_tTg x-host tde-deliveryengine-production-75c9d7b6d6-9vzgg alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame F188 Redirect Chain https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEOMEbAOUjO0a8farYEG7vLo&google_cver=... https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=Zjc4N2IzODEtYTBkNy00YmExLWE3NDItNTczYzU0YTA1ZmI2&google_gid=CAESEOMEbAOUjO0a8farYEG7vLo&google_cver=1&google_push=AaAOQGH4...	170 B 188 B	94ms 80ms	Image image/png	142.250.176.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=Zjc4N2IzODEtYTBkNy00YmExLWE3NDItNTczYzU0YTA1ZmI2&google_gid=CAESEOMEbAOUjO0a8farYEG7vLo&google_cver=1&google_push=AaAOQGH4jjv9Ao-J_M1cemJul7k9bcTEI5OfBWDhJoE3JyVw7TMdW7jT-r2fPT04FbLqmHJEN8g5Z9X8LVqqZ3dxdjbCvSgp9o2mNQ Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Server 142.250.176.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s37-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers pragma no-cache date Sun, 23 Jul 2023 22:41:53 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=Zjc4N2IzODEtYTBkNy00YmExLWE3NDItNTczYzU0YTA1ZmI2&google_gid=CAESEOMEbAOUjO0a8farYEG7vLo&google_cver=1&google_push=AaAOQGH4jjv9Ao-J_M1cemJul7k9bcTEI5OfBWDhJoE3JyVw7TMdW7jT-r2fPT04FbLqmHJEN8g5Z9X8LVqqZ3dxdjbCvSgp9o2mNQ date Sun, 23 Jul 2023 22:41:53 GMT strict-transport-security max-age=15724800; includeSubDomains content-length 0 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame F188 Redirect Chain https://ums.acuityplatform.com/tum?umid=4&uid=CAESEBbWhk_4CvvAC4GbeUXt5rU&google_cver=1&google_push=AaAOQGGS0Br68XvLyUGHc8RuXUU_7l84IfhkxYRQO8H0qI9fK-0SdwhqhQorx9GrCkbVWr5FFh_AKm2WRwkCpYA9uwk9rhUOP... https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=803754168391	170 B 188 B	44ms 41ms	Image image/png	142.250.176.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=803754168391 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Server 142.250.176.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s37-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers pragma no-cache date Sun, 23 Jul 2023 22:41:53 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Access-Control-Allow-Origin * Location https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=803754168391 Content-Length 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame F188 Redirect Chain https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEARadEqESJPL5GZ6Y5_J5CA&google_cver=1&google_push=AaAOQGEgY3ggBPKVy8W92if5hO7ZE80r4uMeDQRkP-6UPS0cofKMfXl4nTsrKs7JF9Z3mCkQYsVVqJM8e7dnDzkQDD7fnLp... https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGEgY3ggBPKVy8W92if5hO7ZE80r4uMeDQRkP-6UPS0cofKMfXl4nTsrKs7JF9Z3mCkQYsVVqJM8e7dnDzkQDD7fnLpKHVZdNoA&google_hm=eS0wQ0FHdEUxRTJwR0J...	170 B 188 B	107ms 77ms	Image image/png	142.250.176.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGEgY3ggBPKVy8W92if5hO7ZE80r4uMeDQRkP-6UPS0cofKMfXl4nTsrKs7JF9Z3mCkQYsVVqJM8e7dnDzkQDD7fnLpKHVZdNoA&google_hm=eS0wQ0FHdEUxRTJwR0JDR29nTk9qMmJtdThMQlc5Y1Y1eH5B Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Server 142.250.176.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s37-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers pragma no-cache date Sun, 23 Jul 2023 22:41:53 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Sun, 23 Jul 2023 22:41:53 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff referrer-policy strict-origin-when-cross-origin server ATS content-security-policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" x-frame-options DENY location https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGEgY3ggBPKVy8W92if5hO7ZE80r4uMeDQRkP-6UPS0cofKMfXl4nTsrKs7JF9Z3mCkQYsVVqJM8e7dnDzkQDD7fnLpKHVZdNoA&google_hm=eS0wQ0FHdEUxRTJwR0JDR29nTk9qMmJtdThMQlc5Y1Y1eH5B content-length 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame F188 Redirect Chain https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESEKD-Y2iQBhUghgqMERA2Dvo&google_cver=1&google_push=AaAOQGHg2Mswjc_jqGk1Z1LkjF2r8KQtLbvGyvS3tHpRj65mUyiE2UealSUzuF6w5EE1QTu9wt0A... https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=mEJ_QxQ6QQORmDvQsavBSA==&no_redirect=1&google_push=AaAOQGHg2Mswjc_jqGk1Z1LkjF2r8KQtLbvGyvS3tHpRj65mUyiE2U...	170 B 188 B	66ms 64ms	Image image/png	142.250.176.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=mEJ_QxQ6QQORmDvQsavBSA==&no_redirect=1&google_push=AaAOQGHg2Mswjc_jqGk1Z1LkjF2r8KQtLbvGyvS3tHpRj65mUyiE2UealSUzuF6w5EE1QTu9wt0Auio4AeopedDYV1jFLjvVHlmZuwv5 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Server 142.250.176.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s37-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers pragma no-cache date Sun, 23 Jul 2023 22:41:53 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location //cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=mEJ_QxQ6QQORmDvQsavBSA==&no_redirect=1&google_push=AaAOQGHg2Mswjc_jqGk1Z1LkjF2r8KQtLbvGyvS3tHpRj65mUyiE2UealSUzuF6w5EE1QTu9wt0Auio4AeopedDYV1jFLjvVHlmZuwv5 date Sun, 23 Jul 2023 22:41:53 GMT cache-control no-cache, no-store, must-revalidate via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame F188 Redirect Chain https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESEMmCFcFgWtVzsT-xscRuHq0&google_cver=1&google_push=AaAOQGFdPTt8HmCgsXKad3IyLXI5oF6LRoOzd99pcfdkeNl_4oaw7c7K0ZjlLrfkRTDFG_x_w9HcC1w6DdF1c-G... https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=h3r3HcumL0-cy2u62u4oGQ&google_push=AaAOQGFdPTt8HmCgsXKad3IyLXI5oF6LRoOzd99pcfdkeNl_4oaw7c7K0ZjlLrfkRTDFG_x_w9HcC1w6DdF1c-GoLpKDGTd6D...	170 B 188 B	104ms 84ms	Image image/png	142.250.176.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=h3r3HcumL0-cy2u62u4oGQ&google_push=AaAOQGFdPTt8HmCgsXKad3IyLXI5oF6LRoOzd99pcfdkeNl_4oaw7c7K0ZjlLrfkRTDFG_x_w9HcC1w6DdF1c-GoLpKDGTd6D1JHYr6M Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Server 142.250.176.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s37-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers pragma no-cache date Sun, 23 Jul 2023 22:41:53 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=h3r3HcumL0-cy2u62u4oGQ&google_push=AaAOQGFdPTt8HmCgsXKad3IyLXI5oF6LRoOzd99pcfdkeNl_4oaw7c7K0ZjlLrfkRTDFG_x_w9HcC1w6DdF1c-GoLpKDGTd6D1JHYr6M Date Sun, 23 Jul 2023 22:41:53 GMT Server Kestrel Connection keep-alive Content-Length 0
GET H3	204	attr cm.g.doubleclick.net/pixel/ Frame F188	0 12 B	54ms 44ms	Image text/html	142.250.176.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LlSy_kfhs0OT7HQ862f534IAiFAJUdcdOOydXUKXpJODpEYAL37NN1nlH3rX8f_psTItO7NoI Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.176.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s37-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:53 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H2	200	animejs.js Show response static.criteo.net/animejs/ Frame 9491	12 KB 6 KB	40ms 36ms	Script text/javascript	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/animejs/animejs.js Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5MFKNxNAApLxecTK0pZheyfuCsMLA&u=%7CSjDzQLoKHiu4kmQHvxRrWwMUKlM6G4NxYLF2hNe%2BUPk%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78rklu3251mk0mb-RBzl6Q37qy_PLxz4NWIjSKjEB-Fx3Nu_gFFVO2d9LWvxlGa_DhrYjaZ_D82_b8Aa1j51kug1stgh2UZ_gWNCL5M_7hv5ju_cNRxqG79p6gpspd9qL_HVb-GRbHUwQKwvfqa52vnLW6gKDTHCpgssUK_Dsg0k9uMtB57Pqm1iSSU3G274xWToN3Sl9mPGDQV80lHr7QgiqdSHW_n8MfWenyNBRThsT4bi_gIesGNF3TS9cZbyeDc79EF5Gk03OP_w0q2zRRz9Tpt_WbySnJu_S_604-Ryj6QfuEtQgBsJOWJWaBTXkZap22GShSWQ-CyTyKZvHeBFafVMQmk-mRPrDi6-edMs72TMMJJLJFDSf9x4AmCT7fJk1Ykh6c7V9mVPbHfeK5GDD5nUtVfjLLhsEMq9GY2YwVV0BxkLf67Ypwlx9bsiyOxUgwD0wM3glJQLZqc0Edrr-wCIcCdjcR9IOZy8vq-WgyO6DQUbyXaYhOT0k_QzxPOiMnr58phNRRqsXXz62bRDWqrSjusSO90M0LK-tZ1_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7Xfxray9ZJOPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEwAJP0FAxIDHQjn_OBE-waXHWgdm9cDx1gpdhaORFdoeTQvT7VAqzHi2bUZyRKhcZ2Q3hgiPyobMaLo-4rnHj4fqkOkfr78_GeVtYaqdrbdtI2FbgkAqz6iIrxQQzX8Uc_pHuOKZ0apei0yhNrh7uy0CumKKXeio7ZBeijXTn3RxjqHtQiIUC1Wmjlej6l3u_tL0UWLLuuivIA6Z_9TBVmnnS753vbelclmM3zsd-gAqCvhkEfc2A0Nd3TIb0IwK0KwpmQkcWFtglRKzyubSXl80UyB6iYHNhvNfZniCuaOrxW1BXpakphD8Dp59z1kSELQNCVjz4QzUr5dqY4fkTKxIVpyd9jdSEX5UDokOD1K0DjrDUkCDqD209OpffZ8W1KFMw3Lz6qTeEnq1kMJUuxdCFw40IlgTqcbeKKRhudKQjFoAGycf9-t347pIXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1GC3B3Kw-TOK45YC_aPQWf5tT8bw%26client%3Dca-pub-1618592205083780%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:53 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Tue, 26 Mar 2019 17:44:11 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5c9a64eb-3181" content-type text/javascript access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Wed, 17 Jul 2024 22:41:53 GMT
GET DATA	200 OK	truncated / Frame 81BD	216 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ee5038150826ee3d0d1698fe83e35680353b6620296108f41722b6c2e9adb5e7 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers Content-Type image/png
GET H2	200	img imageproxy.us.criteo.net/img/ Frame 9491	20 KB 20 KB	52ms 46ms	Image image/png	2620:100:a001::9 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.us.criteo.net/img/img?h=208&m=0&partner=52383&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F52383%2F4774029%2Fd776ec11ea57494ba0020202cc6e56d5_black_logo_600.png&v=3&w=416&s=7hqYw6-SPcI3ce8C0xja8ssP Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5MFKNxNAApLxecTK0pZheyfuCsMLA&u=%7CSjDzQLoKHiu4kmQHvxRrWwMUKlM6G4NxYLF2hNe%2BUPk%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78rklu3251mk0mb-RBzl6Q37qy_PLxz4NWIjSKjEB-Fx3Nu_gFFVO2d9LWvxlGa_DhrYjaZ_D82_b8Aa1j51kug1stgh2UZ_gWNCL5M_7hv5ju_cNRxqG79p6gpspd9qL_HVb-GRbHUwQKwvfqa52vnLW6gKDTHCpgssUK_Dsg0k9uMtB57Pqm1iSSU3G274xWToN3Sl9mPGDQV80lHr7QgiqdSHW_n8MfWenyNBRThsT4bi_gIesGNF3TS9cZbyeDc79EF5Gk03OP_w0q2zRRz9Tpt_WbySnJu_S_604-Ryj6QfuEtQgBsJOWJWaBTXkZap22GShSWQ-CyTyKZvHeBFafVMQmk-mRPrDi6-edMs72TMMJJLJFDSf9x4AmCT7fJk1Ykh6c7V9mVPbHfeK5GDD5nUtVfjLLhsEMq9GY2YwVV0BxkLf67Ypwlx9bsiyOxUgwD0wM3glJQLZqc0Edrr-wCIcCdjcR9IOZy8vq-WgyO6DQUbyXaYhOT0k_QzxPOiMnr58phNRRqsXXz62bRDWqrSjusSO90M0LK-tZ1_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7Xfxray9ZJOPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEwAJP0FAxIDHQjn_OBE-waXHWgdm9cDx1gpdhaORFdoeTQvT7VAqzHi2bUZyRKhcZ2Q3hgiPyobMaLo-4rnHj4fqkOkfr78_GeVtYaqdrbdtI2FbgkAqz6iIrxQQzX8Uc_pHuOKZ0apei0yhNrh7uy0CumKKXeio7ZBeijXTn3RxjqHtQiIUC1Wmjlej6l3u_tL0UWLLuuivIA6Z_9TBVmnnS753vbelclmM3zsd-gAqCvhkEfc2A0Nd3TIb0IwK0KwpmQkcWFtglRKzyubSXl80UyB6iYHNhvNfZniCuaOrxW1BXpakphD8Dp59z1kSELQNCVjz4QzUr5dqY4fkTKxIVpyd9jdSEX5UDokOD1K0DjrDUkCDqD209OpffZ8W1KFMw3Lz6qTeEnq1kMJUuxdCFw40IlgTqcbeKKRhudKQjFoAGycf9-t347pIXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1GC3B3Kw-TOK45YC_aPQWf5tT8bw%26client%3Dca-pub-1618592205083780%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash a957363cc35d3bea7ad224679b1ef7ebc099b5036b49ecb37b1cd3f5369c7875 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:52 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/png cache-control public, max-age=31104000 content-length 20112 expires Sat, 01 Jun 2024 17:02:46 GMT
GET H2	200	img imageproxy.us.criteo.net/img/ Frame 9491	45 KB 45 KB	49ms 42ms	Image image/webp	2620:100:a001::9 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.us.criteo.net/img/img?m=0&partner=52383&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F52383%2F4823245%2F55d02136f9374c4f9cc8c5b5423080bb_112.jpg&v=3&s=n_-4LSvjfyqeaUh15MgAHkpu Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5MFKNxNAApLxecTK0pZheyfuCsMLA&u=%7CSjDzQLoKHiu4kmQHvxRrWwMUKlM6G4NxYLF2hNe%2BUPk%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78rklu3251mk0mb-RBzl6Q37qy_PLxz4NWIjSKjEB-Fx3Nu_gFFVO2d9LWvxlGa_DhrYjaZ_D82_b8Aa1j51kug1stgh2UZ_gWNCL5M_7hv5ju_cNRxqG79p6gpspd9qL_HVb-GRbHUwQKwvfqa52vnLW6gKDTHCpgssUK_Dsg0k9uMtB57Pqm1iSSU3G274xWToN3Sl9mPGDQV80lHr7QgiqdSHW_n8MfWenyNBRThsT4bi_gIesGNF3TS9cZbyeDc79EF5Gk03OP_w0q2zRRz9Tpt_WbySnJu_S_604-Ryj6QfuEtQgBsJOWJWaBTXkZap22GShSWQ-CyTyKZvHeBFafVMQmk-mRPrDi6-edMs72TMMJJLJFDSf9x4AmCT7fJk1Ykh6c7V9mVPbHfeK5GDD5nUtVfjLLhsEMq9GY2YwVV0BxkLf67Ypwlx9bsiyOxUgwD0wM3glJQLZqc0Edrr-wCIcCdjcR9IOZy8vq-WgyO6DQUbyXaYhOT0k_QzxPOiMnr58phNRRqsXXz62bRDWqrSjusSO90M0LK-tZ1_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7Xfxray9ZJOPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEwAJP0FAxIDHQjn_OBE-waXHWgdm9cDx1gpdhaORFdoeTQvT7VAqzHi2bUZyRKhcZ2Q3hgiPyobMaLo-4rnHj4fqkOkfr78_GeVtYaqdrbdtI2FbgkAqz6iIrxQQzX8Uc_pHuOKZ0apei0yhNrh7uy0CumKKXeio7ZBeijXTn3RxjqHtQiIUC1Wmjlej6l3u_tL0UWLLuuivIA6Z_9TBVmnnS753vbelclmM3zsd-gAqCvhkEfc2A0Nd3TIb0IwK0KwpmQkcWFtglRKzyubSXl80UyB6iYHNhvNfZniCuaOrxW1BXpakphD8Dp59z1kSELQNCVjz4QzUr5dqY4fkTKxIVpyd9jdSEX5UDokOD1K0DjrDUkCDqD209OpffZ8W1KFMw3Lz6qTeEnq1kMJUuxdCFw40IlgTqcbeKKRhudKQjFoAGycf9-t347pIXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1GC3B3Kw-TOK45YC_aPQWf5tT8bw%26client%3Dca-pub-1618592205083780%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash 0ebe5f6953ec39f33065045f3c3657cbe0850288f1a4421b5fe0a12605cb9cc0 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:53 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/webp cache-control public, max-age=31104000 content-length 46110 expires Fri, 28 Jun 2024 20:09:18 GMT
POST H2	200	all csm.us.criteo.net/ Frame 9491	0 127 B	34ms 29ms	Ping text/plain	2620:100:a001::16 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://csm.us.criteo.net/all?cppv=3&cpp=HoAmOk5XRp0-3kmAyEdEJfldQe1I7gDBQ2iost85VJsmTqsd8on-ErQUXEE9ScSWMFc1gnnuFJIElaJbPYvhskG2mLJWkapV4UTseBUQa5uvACQD0BctwwJH8B7sk6c7iHwfmH_C311kcGTpU_aj97XaEWb5mqWkHfzgVHpJ5QawM4gon-kCPQs-UTc8Z7gxZgXgGMzEpUnGNYJQh-P06Vsy3Bn_BrDWiwzDyO4g-mgBANO4jo3HqlQ3j1ofh79aSjXW2g&sds=2&rev=87574&sendBeacon=true Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5MFKNxNAApLxecTK0pZheyfuCsMLA&u=%7CSjDzQLoKHiu4kmQHvxRrWwMUKlM6G4NxYLF2hNe%2BUPk%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78rklu3251mk0mb-RBzl6Q37qy_PLxz4NWIjSKjEB-Fx3Nu_gFFVO2d9LWvxlGa_DhrYjaZ_D82_b8Aa1j51kug1stgh2UZ_gWNCL5M_7hv5ju_cNRxqG79p6gpspd9qL_HVb-GRbHUwQKwvfqa52vnLW6gKDTHCpgssUK_Dsg0k9uMtB57Pqm1iSSU3G274xWToN3Sl9mPGDQV80lHr7QgiqdSHW_n8MfWenyNBRThsT4bi_gIesGNF3TS9cZbyeDc79EF5Gk03OP_w0q2zRRz9Tpt_WbySnJu_S_604-Ryj6QfuEtQgBsJOWJWaBTXkZap22GShSWQ-CyTyKZvHeBFafVMQmk-mRPrDi6-edMs72TMMJJLJFDSf9x4AmCT7fJk1Ykh6c7V9mVPbHfeK5GDD5nUtVfjLLhsEMq9GY2YwVV0BxkLf67Ypwlx9bsiyOxUgwD0wM3glJQLZqc0Edrr-wCIcCdjcR9IOZy8vq-WgyO6DQUbyXaYhOT0k_QzxPOiMnr58phNRRqsXXz62bRDWqrSjusSO90M0LK-tZ1_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7Xfxray9ZJOPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEwAJP0FAxIDHQjn_OBE-waXHWgdm9cDx1gpdhaORFdoeTQvT7VAqzHi2bUZyRKhcZ2Q3hgiPyobMaLo-4rnHj4fqkOkfr78_GeVtYaqdrbdtI2FbgkAqz6iIrxQQzX8Uc_pHuOKZ0apei0yhNrh7uy0CumKKXeio7ZBeijXTn3RxjqHtQiIUC1Wmjlej6l3u_tL0UWLLuuivIA6Z_9TBVmnnS753vbelclmM3zsd-gAqCvhkEfc2A0Nd3TIb0IwK0KwpmQkcWFtglRKzyubSXl80UyB6iYHNhvNfZniCuaOrxW1BXpakphD8Dp59z1kSELQNCVjz4QzUr5dqY4fkTKxIVpyd9jdSEX5UDokOD1K0DjrDUkCDqD209OpffZ8W1KFMw3Lz6qTeEnq1kMJUuxdCFw40IlgTqcbeKKRhudKQjFoAGycf9-t347pIXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1GC3B3Kw-TOK45YC_aPQWf5tT8bw%26client%3Dca-pub-1618592205083780%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://ads.us.criteo.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * date Sun, 23 Jul 2023 22:41:52 GMT strict-transport-security max-age=31536000; preload; cross-origin-resource-policy cross-origin server Finatra content-length 0
GET H2	200	criteo_logo_2021.svg static.criteo.net/flash/icon/ Frame 9491	2 KB 1 KB	34ms 33ms	Image image/svg+xml	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/criteo_logo_2021.svg Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5MFKNxNAApLxecTK0pZheyfuCsMLA&u=%7CSjDzQLoKHiu4kmQHvxRrWwMUKlM6G4NxYLF2hNe%2BUPk%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78rklu3251mk0mb-RBzl6Q37qy_PLxz4NWIjSKjEB-Fx3Nu_gFFVO2d9LWvxlGa_DhrYjaZ_D82_b8Aa1j51kug1stgh2UZ_gWNCL5M_7hv5ju_cNRxqG79p6gpspd9qL_HVb-GRbHUwQKwvfqa52vnLW6gKDTHCpgssUK_Dsg0k9uMtB57Pqm1iSSU3G274xWToN3Sl9mPGDQV80lHr7QgiqdSHW_n8MfWenyNBRThsT4bi_gIesGNF3TS9cZbyeDc79EF5Gk03OP_w0q2zRRz9Tpt_WbySnJu_S_604-Ryj6QfuEtQgBsJOWJWaBTXkZap22GShSWQ-CyTyKZvHeBFafVMQmk-mRPrDi6-edMs72TMMJJLJFDSf9x4AmCT7fJk1Ykh6c7V9mVPbHfeK5GDD5nUtVfjLLhsEMq9GY2YwVV0BxkLf67Ypwlx9bsiyOxUgwD0wM3glJQLZqc0Edrr-wCIcCdjcR9IOZy8vq-WgyO6DQUbyXaYhOT0k_QzxPOiMnr58phNRRqsXXz62bRDWqrSjusSO90M0LK-tZ1_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7Xfxray9ZJOPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEwAJP0FAxIDHQjn_OBE-waXHWgdm9cDx1gpdhaORFdoeTQvT7VAqzHi2bUZyRKhcZ2Q3hgiPyobMaLo-4rnHj4fqkOkfr78_GeVtYaqdrbdtI2FbgkAqz6iIrxQQzX8Uc_pHuOKZ0apei0yhNrh7uy0CumKKXeio7ZBeijXTn3RxjqHtQiIUC1Wmjlej6l3u_tL0UWLLuuivIA6Z_9TBVmnnS753vbelclmM3zsd-gAqCvhkEfc2A0Nd3TIb0IwK0KwpmQkcWFtglRKzyubSXl80UyB6iYHNhvNfZniCuaOrxW1BXpakphD8Dp59z1kSELQNCVjz4QzUr5dqY4fkTKxIVpyd9jdSEX5UDokOD1K0DjrDUkCDqD209OpffZ8W1KFMw3Lz6qTeEnq1kMJUuxdCFw40IlgTqcbeKKRhudKQjFoAGycf9-t347pIXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1GC3B3Kw-TOK45YC_aPQWf5tT8bw%26client%3Dca-pub-1618592205083780%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:53 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Thu, 27 May 2021 13:21:59 GMT server nginx cross-origin-embedder-policy require-corp etag W/"60af9cf7-891" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Wed, 17 Jul 2024 22:41:53 GMT
GET H2	200	privacy.svg static.criteo.net/flash/icon/ Frame 9491	2 KB 1 KB	35ms 34ms	Image image/svg+xml	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/privacy.svg Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5MFKNxNAApLxecTK0pZheyfuCsMLA&u=%7CSjDzQLoKHiu4kmQHvxRrWwMUKlM6G4NxYLF2hNe%2BUPk%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78rklu3251mk0mb-RBzl6Q37qy_PLxz4NWIjSKjEB-Fx3Nu_gFFVO2d9LWvxlGa_DhrYjaZ_D82_b8Aa1j51kug1stgh2UZ_gWNCL5M_7hv5ju_cNRxqG79p6gpspd9qL_HVb-GRbHUwQKwvfqa52vnLW6gKDTHCpgssUK_Dsg0k9uMtB57Pqm1iSSU3G274xWToN3Sl9mPGDQV80lHr7QgiqdSHW_n8MfWenyNBRThsT4bi_gIesGNF3TS9cZbyeDc79EF5Gk03OP_w0q2zRRz9Tpt_WbySnJu_S_604-Ryj6QfuEtQgBsJOWJWaBTXkZap22GShSWQ-CyTyKZvHeBFafVMQmk-mRPrDi6-edMs72TMMJJLJFDSf9x4AmCT7fJk1Ykh6c7V9mVPbHfeK5GDD5nUtVfjLLhsEMq9GY2YwVV0BxkLf67Ypwlx9bsiyOxUgwD0wM3glJQLZqc0Edrr-wCIcCdjcR9IOZy8vq-WgyO6DQUbyXaYhOT0k_QzxPOiMnr58phNRRqsXXz62bRDWqrSjusSO90M0LK-tZ1_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7Xfxray9ZJOPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEwAJP0FAxIDHQjn_OBE-waXHWgdm9cDx1gpdhaORFdoeTQvT7VAqzHi2bUZyRKhcZ2Q3hgiPyobMaLo-4rnHj4fqkOkfr78_GeVtYaqdrbdtI2FbgkAqz6iIrxQQzX8Uc_pHuOKZ0apei0yhNrh7uy0CumKKXeio7ZBeijXTn3RxjqHtQiIUC1Wmjlej6l3u_tL0UWLLuuivIA6Z_9TBVmnnS753vbelclmM3zsd-gAqCvhkEfc2A0Nd3TIb0IwK0KwpmQkcWFtglRKzyubSXl80UyB6iYHNhvNfZniCuaOrxW1BXpakphD8Dp59z1kSELQNCVjz4QzUr5dqY4fkTKxIVpyd9jdSEX5UDokOD1K0DjrDUkCDqD209OpffZ8W1KFMw3Lz6qTeEnq1kMJUuxdCFw40IlgTqcbeKKRhudKQjFoAGycf9-t347pIXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1GC3B3Kw-TOK45YC_aPQWf5tT8bw%26client%3Dca-pub-1618592205083780%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash 095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:53 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Wed, 19 Feb 2020 10:57:21 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5e4d1491-646" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Wed, 17 Jul 2024 22:41:53 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame F31E Redirect Chain https://px.owneriq.net/ecmg?google_gid=CAESENnBL5YoBEPnHVbWLVB99Fs&google_cver=1&google_push=AaAOQGHkTyrJ6tX4JdrX3_7gI2SWeYClIf0zskgMZlz1sXnkK8OZlpJnzc9GdFZ--rtwHzsJjd3GGD-NRwSCvI_H9tZ2W6rqlSrNoTM https://px.owneriq.net/ecc?redir=https%3a%2f%2fcm.g.doubleclick.net%2fpixel%3fgoogle_nid%3downeriq1%26google_sc%26google_push%3dAaAOQGHkTyrJ6tX4JdrX3_7gI2SWeYClIf0zskgMZlz1sXnkK8OZlpJnzc9GdFZ--rtwH... https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AaAOQGHkTyrJ6tX4JdrX3_7gI2SWeYClIf0zskgMZlz1sXnkK8OZlpJnzc9GdFZ--rtwHzsJjd3GGD-NRwSCvI_H9tZ2W6rqlSrNoTM&google_cver=1&go...	170 B 188 B	76ms 47ms	Image image/png	142.250.176.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AaAOQGHkTyrJ6tX4JdrX3_7gI2SWeYClIf0zskgMZlz1sXnkK8OZlpJnzc9GdFZ--rtwHzsJjd3GGD-NRwSCvI_H9tZ2W6rqlSrNoTM&google_cver=1&google_gid=CAESENnBL5YoBEPnHVbWLVB99Fs&google_hm=UTc0MzQzODUxMzEyMjU5NDU3NjU= Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Server 142.250.176.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s37-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers pragma no-cache date Sun, 23 Jul 2023 22:41:53 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Sun, 23 Jul 2023 22:41:53 GMT Server Apache/2.4.6 (CentOS) X-Powered-By PHP/7.3.33 Vary Accept-Encoding P3P policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Location https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AaAOQGHkTyrJ6tX4JdrX3_7gI2SWeYClIf0zskgMZlz1sXnkK8OZlpJnzc9GdFZ--rtwHzsJjd3GGD-NRwSCvI_H9tZ2W6rqlSrNoTM&google_cver=1&google_gid=CAESENnBL5YoBEPnHVbWLVB99Fs&google_hm=UTc0MzQzODUxMzEyMjU5NDU3NjU= Content-Type text/html Cache-Control max-age=44327 Connection keep-alive Content-Length 154
GET H3	200	pixel cm.g.doubleclick.net/ Frame F31E Redirect Chain https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE... https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=Wkwyc3JnQURGLTBrMlFCWQ==&google_gid=CAESEFfdBfTyh48TFp6Ww3WvC6o&google_cver=1&google_push=AaAOQGFBq7uZrhaAV_cAVnKpVmR2PBSWyf...	170 B 188 B	93ms 72ms	Image image/png	142.250.176.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=Wkwyc3JnQURGLTBrMlFCWQ==&google_gid=CAESEFfdBfTyh48TFp6Ww3WvC6o&google_cver=1&google_push=AaAOQGFBq7uZrhaAV_cAVnKpVmR2PBSWyfLIpUv1MjlliM7hq5IaGDosAYCy-pZIAHVNJsYV_oXXAT4BK068KKPpHy7qaNs4ihqG9KE Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Server 142.250.176.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s37-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers pragma no-cache date Sun, 23 Jul 2023 22:41:53 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers x-served-by cache-yyz4545-YYZ pragma no-cache date Sun, 23 Jul 2023 22:41:53 GMT via 1.1 varnish server Varnish x-timer S1690152113.367554,VS0,VE0 x-cache HIT location https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=Wkwyc3JnQURGLTBrMlFCWQ==&google_gid=CAESEFfdBfTyh48TFp6Ww3WvC6o&google_cver=1&google_push=AaAOQGFBq7uZrhaAV_cAVnKpVmR2PBSWyfLIpUv1MjlliM7hq5IaGDosAYCy-pZIAHVNJsYV_oXXAT4BK068KKPpHy7qaNs4ihqG9KE cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame F31E Redirect Chain https://match.adsrvr.org/track/cmf/google?google_gid=CAESENMrFMGzvYgWuLvrYcxfSSQ&google_cver=1&google_push=AaAOQGGq6dvuUVGtzKVzv8NtokY7IBQR-FpPprcZnfPlQQiTzBbluVCzm7oCCFoQKkK9GKqQ8JySjN4wYSf1SDIXKL... https://match.adsrvr.org/track/cmb/google?google_gid=CAESENMrFMGzvYgWuLvrYcxfSSQ&google_cver=1&google_push=AaAOQGGq6dvuUVGtzKVzv8NtokY7IBQR-FpPprcZnfPlQQiTzBbluVCzm7oCCFoQKkK9GKqQ8JySjN4wYSf1SDIXKL... https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZWNlOTM3MDYtZWM3YS00NGMzLTlhM2YtM2Y1M2YxODM1MjY1&google_push&gdpr=0&gdpr_consent=&ttd_tdid=ece93706-ec7a-44c3-9a3f-3f53f1835265	170 B 188 B	87ms 57ms	Image image/png	142.250.176.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZWNlOTM3MDYtZWM3YS00NGMzLTlhM2YtM2Y1M2YxODM1MjY1&google_push&gdpr=0&gdpr_consent=&ttd_tdid=ece93706-ec7a-44c3-9a3f-3f53f1835265 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Server 142.250.176.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s37-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers pragma no-cache date Sun, 23 Jul 2023 22:41:53 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sun, 23 Jul 2023 22:41:53 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZWNlOTM3MDYtZWM3YS00NGMzLTlhM2YtM2Y1M2YxODM1MjY1&google_push&gdpr=0&gdpr_consent=&ttd_tdid=ece93706-ec7a-44c3-9a3f-3f53f1835265 content-type text/html cache-control private,no-cache, must-revalidate content-length 423
GET H2	204	AdxPixel tr.blismedia.com/v1/api/sync/ Frame F31E	0 173 B	125ms 38ms	Image text/plain	34.96.105.8 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESECB0YtackytGkRlkk3YlPdY&google_cver=1&google_push=AaAOQGF5T5STbgU5bM4_EaELZt626zIhluk6XV8dvUKsZTrxPB6ybONBQNxDVdBSkgCwS_urThw4TY9eaJZtqq39FwhkSkjrsoWX7t4 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 8.105.96.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:53 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H3	200	pixel cm.g.doubleclick.net/ Frame F31E Redirect Chain https://fksnk.com/cs/google?google_gid=CAESEAGG2YdViTPEOvL-aTMRN3Q&google_cver=1&google_push=AaAOQGGQ7lxbfwv7gEkmm9ANnwFqmlCF4Wux0Vp8fXQc4DH6lFcvzTM3Wqpjyp-oFIr0PoRxk9KAnaiXgFoKK3IEtmAGDALJJGLCVz0 https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NjJGNzcwMjVGMjg5RTQ1MQ==	170 B 188 B	117ms 72ms	Image image/png	142.250.176.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NjJGNzcwMjVGMjg5RTQ1MQ== Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Server 142.250.176.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s37-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers pragma no-cache date Sun, 23 Jul 2023 22:41:53 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NjJGNzcwMjVGMjg5RTQ1MQ== date Sun, 23 Jul 2023 22:41:53 GMT content-language en-US content-type text/html;charset=ISO-8859-1
GET H/1.1	200 200	asr aid.send.microad.jp/g/ Frame F31E	43 B 641 B	532ms 172ms	Image image/gif	202.233.84.1 MICROAD MicroAd
General Check archive.org Show headers Download Go to Show image Full URL https://aid.send.microad.jp/g/asr?google_gid=CAESEFYOTeDGq9yXZvZnfRbA-Ls&google_cver=1&google_push=AaAOQGFBxuwBihfXkdr-pExZkC06C8qsSqCbHeRJc_YTbg7i0YXHQGWiBye7c5eaJMZFuaKguXlL8-snGcb2MsI_YvzgQdnZ8X8TtvI Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 202.233.84.1 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Security Headers Name Value Strict-Transport-Security max-age=3600 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers Date Sun, 23 Jul 2023 22:41:53 GMT Strict-Transport-Security max-age=3600 Server Apache P3P policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE" Access-Control-Allow-Origin * Content-Type image/gif Connection close Access-Control-Allow-Headers origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control Content-Length 43
GET H3	200	pixel cm.g.doubleclick.net/ Frame F31E Redirect Chain https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEFu_1kV4HM1-0LHymZ8EPFQ&google_cver=1&google_push=AaAOQGF5Cm4EXOVE7rszmDml2tZqNZc6sAe9FRtaVrwXwXLpDACY6XYbHLyrkFg-3iIwA2F_RJ-bT3I-f0A0agaUKd... https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTI2NjIxNzU2ODUxODE0ODQ3OTY&google_push=AaAOQGF5Cm4EXOVE7rszmDml2tZqNZc6sAe9FRtaVrwXwXLpDACY6XYbHLyrkFg-3iIwA2F_RJ-bT3I-f0A0agaUKdOX...	170 B 188 B	69ms 68ms	Image image/png	142.250.176.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTI2NjIxNzU2ODUxODE0ODQ3OTY&google_push=AaAOQGF5Cm4EXOVE7rszmDml2tZqNZc6sAe9FRtaVrwXwXLpDACY6XYbHLyrkFg-3iIwA2F_RJ-bT3I-f0A0agaUKdOXOCpZLNsV9Tk Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Server 142.250.176.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s37-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers pragma no-cache date Sun, 23 Jul 2023 22:41:53 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTI2NjIxNzU2ODUxODE0ODQ3OTY&google_push=AaAOQGF5Cm4EXOVE7rszmDml2tZqNZc6sAe9FRtaVrwXwXLpDACY6XYbHLyrkFg-3iIwA2F_RJ-bT3I-f0A0agaUKdOXOCpZLNsV9Tk Date Sun, 23 Jul 2023 22:41:53 GMT Server nginx Connection keep-alive Content-Length 0
GET H3	204	attr cm.g.doubleclick.net/pixel/ Frame F31E	0 12 B	46ms 40ms	Image text/html	142.250.176.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KTRzUHCIJF0L_LXQUZnzy8jJRlEHdC5D9CSj51qT_N3Aa_Q822zUbIZ6IQJ5_dMgqjJ9Wv Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.176.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s37-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:53 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H2	200	privacy_small.svg static.criteo.net/flash/icon/ Frame 593D	2 KB 1 KB	37ms 28ms	Image image/svg+xml	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/privacy_small.svg Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5QFKNxNAApLxcfAYaMUBXzK6NraFA&u=%7CSjDzQLoKHiuKzFT8OZYMKpD6EKoZ1VzCRIJX3j2d7Wc%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv2s2u2dplnKJtVkuzLzx_KV4fN7d1ufgtaTz-Ku7eGDRd5R4EKT3I_GMMLHiGjs_TodfHlURqc7LuTzRQ3slKmZ8DQsjiL3h8nvC3T8_zTZRKLvKkEdkqcXGwMnqvz2sVffV3WjPpV1OBSwIZsXQH_mMosLJ_qqzNf7Y2Nu5kXXCAvvVSBIlPk29qGnS03mwSFnVv5ZvqXWsJdm3P618DjbVnDITmANU-LplsDG30tWNuJtdi5wqmAKJIGSWluPZQ7MQQf-pKq4ymOx5DU1AtOlNXDmvT4i0gU2TZMCuMqRZE5LNMyWdyy0VCnvrcyMG_Msvv1rQu00Ei66O_JGo0N89btVJEU3zQSQ-QnD1rXVND9y6CDelEXPBU8Kgs2xgddtTqq_lmYouufidv_dF0CPFbwOVChR-g2OuNsWgFIuVGoz5qkEx2CwfYQXxwNolP-DadjGuIbRFtFIApZbcrhsU-ncXpTHeu6WPz4YuB5gt5E04owbleLtAF66UB4jJeT0VhlEFT_Xf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHBghray9ZJSPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0AiGg0LW9IZGpNTTCpmHAISEqvNmnc8TM3xu6WmZHgq1Qqquh2H71cg6mgmwOlYpzeOhssMf61DChKa3xtFTsrAbuZmdYtVi9k_PYYfoWCL0fSdogIjSGWcApsse1SkuyeF5erG5RsfHukps-Hs1tQH_QHNt8WvAzSd_-fBZ7nePAhoAx6Le1dGG2Bt4lPlQdnziGsNK8r69l3CVkWmMpXrKRw8BetKjCNxJp6BWrkYgk_aNdXeWaECyHRhz9E5wR71DMAhiMZn7m457UtQBrIsPtELAd34ioQQw57aF_pfN4ByU6rXhk0wUoNP3uRIGkWYD-h29WqzP5kR5o_JsUHQSi7Ne7geHvyXiNTJBQxSY_VMttLjBIgICrT4OlISyCwNYnvbMZUzVQ5m1ThvcC5G8eF48UIrepPu1lz4mgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3K-I8gnC4nlhQ0RUUUFC8dxv_unw%26client%3Dca-pub-1618592205083780%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:53 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Tue, 11 Feb 2020 14:30:28 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5e42ba84-6aa" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Wed, 17 Jul 2024 22:41:53 GMT
GET H2	200	adchoices_en.svg static.criteo.net/flash/icon/ Frame 593D	2 KB 1 KB	38ms 30ms	Image image/svg+xml	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/adchoices_en.svg Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5QFKNxNAApLxcfAYaMUBXzK6NraFA&u=%7CSjDzQLoKHiuKzFT8OZYMKpD6EKoZ1VzCRIJX3j2d7Wc%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv2s2u2dplnKJtVkuzLzx_KV4fN7d1ufgtaTz-Ku7eGDRd5R4EKT3I_GMMLHiGjs_TodfHlURqc7LuTzRQ3slKmZ8DQsjiL3h8nvC3T8_zTZRKLvKkEdkqcXGwMnqvz2sVffV3WjPpV1OBSwIZsXQH_mMosLJ_qqzNf7Y2Nu5kXXCAvvVSBIlPk29qGnS03mwSFnVv5ZvqXWsJdm3P618DjbVnDITmANU-LplsDG30tWNuJtdi5wqmAKJIGSWluPZQ7MQQf-pKq4ymOx5DU1AtOlNXDmvT4i0gU2TZMCuMqRZE5LNMyWdyy0VCnvrcyMG_Msvv1rQu00Ei66O_JGo0N89btVJEU3zQSQ-QnD1rXVND9y6CDelEXPBU8Kgs2xgddtTqq_lmYouufidv_dF0CPFbwOVChR-g2OuNsWgFIuVGoz5qkEx2CwfYQXxwNolP-DadjGuIbRFtFIApZbcrhsU-ncXpTHeu6WPz4YuB5gt5E04owbleLtAF66UB4jJeT0VhlEFT_Xf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHBghray9ZJSPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0AiGg0LW9IZGpNTTCpmHAISEqvNmnc8TM3xu6WmZHgq1Qqquh2H71cg6mgmwOlYpzeOhssMf61DChKa3xtFTsrAbuZmdYtVi9k_PYYfoWCL0fSdogIjSGWcApsse1SkuyeF5erG5RsfHukps-Hs1tQH_QHNt8WvAzSd_-fBZ7nePAhoAx6Le1dGG2Bt4lPlQdnziGsNK8r69l3CVkWmMpXrKRw8BetKjCNxJp6BWrkYgk_aNdXeWaECyHRhz9E5wR71DMAhiMZn7m457UtQBrIsPtELAd34ioQQw57aF_pfN4ByU6rXhk0wUoNP3uRIGkWYD-h29WqzP5kR5o_JsUHQSi7Ne7geHvyXiNTJBQxSY_VMttLjBIgICrT4OlISyCwNYnvbMZUzVQ5m1ThvcC5G8eF48UIrepPu1lz4mgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3K-I8gnC4nlhQ0RUUUFC8dxv_unw%26client%3Dca-pub-1618592205083780%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash 60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:53 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Tue, 11 Feb 2020 14:27:58 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5e42b9ee-759" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Wed, 17 Jul 2024 22:41:53 GMT
GET H2	200	close_button.svg static.criteo.net/flash/icon/ Frame 593D	308 B 636 B	73ms 25ms	Image image/svg+xml	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/close_button.svg Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5QFKNxNAApLxcfAYaMUBXzK6NraFA&u=%7CSjDzQLoKHiuKzFT8OZYMKpD6EKoZ1VzCRIJX3j2d7Wc%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv2s2u2dplnKJtVkuzLzx_KV4fN7d1ufgtaTz-Ku7eGDRd5R4EKT3I_GMMLHiGjs_TodfHlURqc7LuTzRQ3slKmZ8DQsjiL3h8nvC3T8_zTZRKLvKkEdkqcXGwMnqvz2sVffV3WjPpV1OBSwIZsXQH_mMosLJ_qqzNf7Y2Nu5kXXCAvvVSBIlPk29qGnS03mwSFnVv5ZvqXWsJdm3P618DjbVnDITmANU-LplsDG30tWNuJtdi5wqmAKJIGSWluPZQ7MQQf-pKq4ymOx5DU1AtOlNXDmvT4i0gU2TZMCuMqRZE5LNMyWdyy0VCnvrcyMG_Msvv1rQu00Ei66O_JGo0N89btVJEU3zQSQ-QnD1rXVND9y6CDelEXPBU8Kgs2xgddtTqq_lmYouufidv_dF0CPFbwOVChR-g2OuNsWgFIuVGoz5qkEx2CwfYQXxwNolP-DadjGuIbRFtFIApZbcrhsU-ncXpTHeu6WPz4YuB5gt5E04owbleLtAF66UB4jJeT0VhlEFT_Xf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHBghray9ZJSPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0AiGg0LW9IZGpNTTCpmHAISEqvNmnc8TM3xu6WmZHgq1Qqquh2H71cg6mgmwOlYpzeOhssMf61DChKa3xtFTsrAbuZmdYtVi9k_PYYfoWCL0fSdogIjSGWcApsse1SkuyeF5erG5RsfHukps-Hs1tQH_QHNt8WvAzSd_-fBZ7nePAhoAx6Le1dGG2Bt4lPlQdnziGsNK8r69l3CVkWmMpXrKRw8BetKjCNxJp6BWrkYgk_aNdXeWaECyHRhz9E5wR71DMAhiMZn7m457UtQBrIsPtELAd34ioQQw57aF_pfN4ByU6rXhk0wUoNP3uRIGkWYD-h29WqzP5kR5o_JsUHQSi7Ne7geHvyXiNTJBQxSY_VMttLjBIgICrT4OlISyCwNYnvbMZUzVQ5m1ThvcC5G8eF48UIrepPu1lz4mgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3K-I8gnC4nlhQ0RUUUFC8dxv_unw%26client%3Dca-pub-1618592205083780%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash 8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:53 GMT strict-transport-security max-age=31536000; preload; last-modified Fri, 14 Feb 2020 13:51:32 GMT server nginx cross-origin-embedder-policy require-corp etag "5e46a5e4-134" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 308 expires Wed, 17 Jul 2024 22:41:53 GMT
GET H2	200	back_button2.svg static.criteo.net/flash/icon/ Frame 593D	293 B 621 B	70ms 22ms	Image image/svg+xml	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/back_button2.svg Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5QFKNxNAApLxcfAYaMUBXzK6NraFA&u=%7CSjDzQLoKHiuKzFT8OZYMKpD6EKoZ1VzCRIJX3j2d7Wc%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv2s2u2dplnKJtVkuzLzx_KV4fN7d1ufgtaTz-Ku7eGDRd5R4EKT3I_GMMLHiGjs_TodfHlURqc7LuTzRQ3slKmZ8DQsjiL3h8nvC3T8_zTZRKLvKkEdkqcXGwMnqvz2sVffV3WjPpV1OBSwIZsXQH_mMosLJ_qqzNf7Y2Nu5kXXCAvvVSBIlPk29qGnS03mwSFnVv5ZvqXWsJdm3P618DjbVnDITmANU-LplsDG30tWNuJtdi5wqmAKJIGSWluPZQ7MQQf-pKq4ymOx5DU1AtOlNXDmvT4i0gU2TZMCuMqRZE5LNMyWdyy0VCnvrcyMG_Msvv1rQu00Ei66O_JGo0N89btVJEU3zQSQ-QnD1rXVND9y6CDelEXPBU8Kgs2xgddtTqq_lmYouufidv_dF0CPFbwOVChR-g2OuNsWgFIuVGoz5qkEx2CwfYQXxwNolP-DadjGuIbRFtFIApZbcrhsU-ncXpTHeu6WPz4YuB5gt5E04owbleLtAF66UB4jJeT0VhlEFT_Xf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHBghray9ZJSPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0AiGg0LW9IZGpNTTCpmHAISEqvNmnc8TM3xu6WmZHgq1Qqquh2H71cg6mgmwOlYpzeOhssMf61DChKa3xtFTsrAbuZmdYtVi9k_PYYfoWCL0fSdogIjSGWcApsse1SkuyeF5erG5RsfHukps-Hs1tQH_QHNt8WvAzSd_-fBZ7nePAhoAx6Le1dGG2Bt4lPlQdnziGsNK8r69l3CVkWmMpXrKRw8BetKjCNxJp6BWrkYgk_aNdXeWaECyHRhz9E5wR71DMAhiMZn7m457UtQBrIsPtELAd34ioQQw57aF_pfN4ByU6rXhk0wUoNP3uRIGkWYD-h29WqzP5kR5o_JsUHQSi7Ne7geHvyXiNTJBQxSY_VMttLjBIgICrT4OlISyCwNYnvbMZUzVQ5m1ThvcC5G8eF48UIrepPu1lz4mgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3K-I8gnC4nlhQ0RUUUFC8dxv_unw%26client%3Dca-pub-1618592205083780%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash 725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:53 GMT strict-transport-security max-age=31536000; preload; last-modified Thu, 28 Apr 2022 09:09:48 GMT server nginx cross-origin-embedder-policy require-corp etag "626a59dc-125" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 293 expires Wed, 17 Jul 2024 22:41:53 GMT
GET H/1.1	200 OK	dvbs_src.js Show response cdn.doubleverify.com/ Frame 593D	2 KB 1 KB	190ms 31ms	Script application/javascript	2600:141b:9000::1725:7bd1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.doubleverify.com/dvbs_src.js?ctx=13846930&cmp=29214310&plc=358196926&sid=1340728&dvregion=0&unit=200x600 Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5QFKNxNAApLxcfAYaMUBXzK6NraFA&u=%7CSjDzQLoKHiuKzFT8OZYMKpD6EKoZ1VzCRIJX3j2d7Wc%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv2s2u2dplnKJtVkuzLzx_KV4fN7d1ufgtaTz-Ku7eGDRd5R4EKT3I_GMMLHiGjs_TodfHlURqc7LuTzRQ3slKmZ8DQsjiL3h8nvC3T8_zTZRKLvKkEdkqcXGwMnqvz2sVffV3WjPpV1OBSwIZsXQH_mMosLJ_qqzNf7Y2Nu5kXXCAvvVSBIlPk29qGnS03mwSFnVv5ZvqXWsJdm3P618DjbVnDITmANU-LplsDG30tWNuJtdi5wqmAKJIGSWluPZQ7MQQf-pKq4ymOx5DU1AtOlNXDmvT4i0gU2TZMCuMqRZE5LNMyWdyy0VCnvrcyMG_Msvv1rQu00Ei66O_JGo0N89btVJEU3zQSQ-QnD1rXVND9y6CDelEXPBU8Kgs2xgddtTqq_lmYouufidv_dF0CPFbwOVChR-g2OuNsWgFIuVGoz5qkEx2CwfYQXxwNolP-DadjGuIbRFtFIApZbcrhsU-ncXpTHeu6WPz4YuB5gt5E04owbleLtAF66UB4jJeT0VhlEFT_Xf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHBghray9ZJSPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0AiGg0LW9IZGpNTTCpmHAISEqvNmnc8TM3xu6WmZHgq1Qqquh2H71cg6mgmwOlYpzeOhssMf61DChKa3xtFTsrAbuZmdYtVi9k_PYYfoWCL0fSdogIjSGWcApsse1SkuyeF5erG5RsfHukps-Hs1tQH_QHNt8WvAzSd_-fBZ7nePAhoAx6Le1dGG2Bt4lPlQdnziGsNK8r69l3CVkWmMpXrKRw8BetKjCNxJp6BWrkYgk_aNdXeWaECyHRhz9E5wR71DMAhiMZn7m457UtQBrIsPtELAd34ioQQw57aF_pfN4ByU6rXhk0wUoNP3uRIGkWYD-h29WqzP5kR5o_JsUHQSi7Ne7geHvyXiNTJBQxSY_VMttLjBIgICrT4OlISyCwNYnvbMZUzVQ5m1ThvcC5G8eF48UIrepPu1lz4mgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3K-I8gnC4nlhQ0RUUUFC8dxv_unw%26client%3Dca-pub-1618592205083780%26adurl%3D Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2600:141b:9000::1725:7bd1 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software UploadServer / Resource Hash db556c877765791cfa9dc4febd9a83ab0dfdd29245b4c0ca786911f4ada39bbf Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers Date Sun, 23 Jul 2023 22:41:53 GMT Content-Encoding gzip Last-Modified Tue, 11 Jul 2023 08:57:29 GMT Server UploadServer ETag "0a227e506cc4cb4f9940be0b4f6d5c1e" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Expose-Headers * Cache-Control max-age=86400,no-transform Connection keep-alive Accept-Ranges bytes Content-Length 925 Expires Wed, 12 Jul 2023 08:57:55 GMT
GET H/1.1	200 OK	dvtp_src.js Show response cdn.doubleverify.com/ Frame 593D	8 KB 4 KB	191ms 32ms	Script application/javascript	2600:141b:9000::1725:7bd1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.doubleverify.com/dvtp_src.js?ctx=13846930&cmp=29214310&plc=358196926&sid=1340728&adsrv=169&btreg=banner_content&btadsrv=banner_content&tagtype=&dvtagver=6.1.src Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5QFKNxNAApLxcfAYaMUBXzK6NraFA&u=%7CSjDzQLoKHiuKzFT8OZYMKpD6EKoZ1VzCRIJX3j2d7Wc%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv2s2u2dplnKJtVkuzLzx_KV4fN7d1ufgtaTz-Ku7eGDRd5R4EKT3I_GMMLHiGjs_TodfHlURqc7LuTzRQ3slKmZ8DQsjiL3h8nvC3T8_zTZRKLvKkEdkqcXGwMnqvz2sVffV3WjPpV1OBSwIZsXQH_mMosLJ_qqzNf7Y2Nu5kXXCAvvVSBIlPk29qGnS03mwSFnVv5ZvqXWsJdm3P618DjbVnDITmANU-LplsDG30tWNuJtdi5wqmAKJIGSWluPZQ7MQQf-pKq4ymOx5DU1AtOlNXDmvT4i0gU2TZMCuMqRZE5LNMyWdyy0VCnvrcyMG_Msvv1rQu00Ei66O_JGo0N89btVJEU3zQSQ-QnD1rXVND9y6CDelEXPBU8Kgs2xgddtTqq_lmYouufidv_dF0CPFbwOVChR-g2OuNsWgFIuVGoz5qkEx2CwfYQXxwNolP-DadjGuIbRFtFIApZbcrhsU-ncXpTHeu6WPz4YuB5gt5E04owbleLtAF66UB4jJeT0VhlEFT_Xf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHBghray9ZJSPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0AiGg0LW9IZGpNTTCpmHAISEqvNmnc8TM3xu6WmZHgq1Qqquh2H71cg6mgmwOlYpzeOhssMf61DChKa3xtFTsrAbuZmdYtVi9k_PYYfoWCL0fSdogIjSGWcApsse1SkuyeF5erG5RsfHukps-Hs1tQH_QHNt8WvAzSd_-fBZ7nePAhoAx6Le1dGG2Bt4lPlQdnziGsNK8r69l3CVkWmMpXrKRw8BetKjCNxJp6BWrkYgk_aNdXeWaECyHRhz9E5wR71DMAhiMZn7m457UtQBrIsPtELAd34ioQQw57aF_pfN4ByU6rXhk0wUoNP3uRIGkWYD-h29WqzP5kR5o_JsUHQSi7Ne7geHvyXiNTJBQxSY_VMttLjBIgICrT4OlISyCwNYnvbMZUzVQ5m1ThvcC5G8eF48UIrepPu1lz4mgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3K-I8gnC4nlhQ0RUUUFC8dxv_unw%26client%3Dca-pub-1618592205083780%26adurl%3D Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2600:141b:9000::1725:7bd1 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software UploadServer / Resource Hash 005b888fe4472e6243d74f7a7ffc92dc1ad096e9c804f77b061a1ea1fc57403a Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers Date Sun, 23 Jul 2023 22:41:53 GMT Content-Encoding gzip Last-Modified Thu, 20 Jul 2023 10:45:50 GMT Server UploadServer ETag "408da7fec113d9180ca8c3f8cc59bbea" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Expose-Headers * Cache-Control max-age=900,no-transform Connection keep-alive Accept-Ranges bytes Content-Length 3389 Expires Thu, 20 Jul 2023 11:01:12 GMT
GET H2	200	lg.php cat.va.us.criteo.com/delivery/ Frame 593D	43 B 347 B	74ms 26ms	Image image/gif	74.119.119.147 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=OjIld8al2szQIPBKfCmByVFNlJp-hdayw5p18h_nUxuCVhIUKQ5xQRvIjcsTFQs1HtmVHtEpTa51lQtSR26GKpJB01I4qnNMnzY4pWMKVIlMtVirBicE5EWmX2sb7iCR7-ZFQxSG_1k4xT38a8ATLf08XkfCQUTZBAxr8k_NwAu8aO3NrLYeoK3EjoGo25sLWlrIQ2woKQc-YtZnoglM3hsMqNZUpoGJGjo_lMcy0GVlBPJyi39LO3b3-HzqDBr3ToB1lakoeGdqoSe8mNd_m7O1ii22_0YbXZXIkqH1OL1_DhsIbGlcyvjlzsbqrkQAqrMr5bN_t-vSMF2I5sZlNsqvtOYQ--FWkDCUy7GyTI1__WLq2ahmQZPk1_YR87NQV2NXoeKynGkYRw0ApQIQTNFJAUI2OhNFeWPW48CiJrPz5yZx Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5QFKNxNAApLxcfAYaMUBXzK6NraFA&u=%7CSjDzQLoKHiuKzFT8OZYMKpD6EKoZ1VzCRIJX3j2d7Wc%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv2s2u2dplnKJtVkuzLzx_KV4fN7d1ufgtaTz-Ku7eGDRd5R4EKT3I_GMMLHiGjs_TodfHlURqc7LuTzRQ3slKmZ8DQsjiL3h8nvC3T8_zTZRKLvKkEdkqcXGwMnqvz2sVffV3WjPpV1OBSwIZsXQH_mMosLJ_qqzNf7Y2Nu5kXXCAvvVSBIlPk29qGnS03mwSFnVv5ZvqXWsJdm3P618DjbVnDITmANU-LplsDG30tWNuJtdi5wqmAKJIGSWluPZQ7MQQf-pKq4ymOx5DU1AtOlNXDmvT4i0gU2TZMCuMqRZE5LNMyWdyy0VCnvrcyMG_Msvv1rQu00Ei66O_JGo0N89btVJEU3zQSQ-QnD1rXVND9y6CDelEXPBU8Kgs2xgddtTqq_lmYouufidv_dF0CPFbwOVChR-g2OuNsWgFIuVGoz5qkEx2CwfYQXxwNolP-DadjGuIbRFtFIApZbcrhsU-ncXpTHeu6WPz4YuB5gt5E04owbleLtAF66UB4jJeT0VhlEFT_Xf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHBghray9ZJSPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0AiGg0LW9IZGpNTTCpmHAISEqvNmnc8TM3xu6WmZHgq1Qqquh2H71cg6mgmwOlYpzeOhssMf61DChKa3xtFTsrAbuZmdYtVi9k_PYYfoWCL0fSdogIjSGWcApsse1SkuyeF5erG5RsfHukps-Hs1tQH_QHNt8WvAzSd_-fBZ7nePAhoAx6Le1dGG2Bt4lPlQdnziGsNK8r69l3CVkWmMpXrKRw8BetKjCNxJp6BWrkYgk_aNdXeWaECyHRhz9E5wR71DMAhiMZn7m457UtQBrIsPtELAd34ioQQw57aF_pfN4ByU6rXhk0wUoNP3uRIGkWYD-h29WqzP5kR5o_JsUHQSi7Ne7geHvyXiNTJBQxSY_VMttLjBIgICrT4OlISyCwNYnvbMZUzVQ5m1ThvcC5G8eF48UIrepPu1lz4mgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3K-I8gnC4nlhQ0RUUUFC8dxv_unw%26client%3Dca-pub-1618592205083780%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.119.119.147 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers pragma no-cache date Sun, 23 Jul 2023 22:41:52 GMT strict-transport-security max-age=31536000; preload; server Kestrel p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" content-type image/gif cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 2678194 expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	/ d.agkn.com/pixel/8538/ Frame 593D	43 B 561 B	267ms 64ms	Image image/gif	2600:9000:21da:1400:19:fc2c:a140:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d.agkn.com/pixel/8538/?che=64bdacb02222ee95bfc9a6d04938f15b&col=308271,0,0,0,11120203,64bdacb02222ee95bfc9a6d04938f15b Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5QFKNxNAApLxcfAYaMUBXzK6NraFA&u=%7CSjDzQLoKHiuKzFT8OZYMKpD6EKoZ1VzCRIJX3j2d7Wc%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv2s2u2dplnKJtVkuzLzx_KV4fN7d1ufgtaTz-Ku7eGDRd5R4EKT3I_GMMLHiGjs_TodfHlURqc7LuTzRQ3slKmZ8DQsjiL3h8nvC3T8_zTZRKLvKkEdkqcXGwMnqvz2sVffV3WjPpV1OBSwIZsXQH_mMosLJ_qqzNf7Y2Nu5kXXCAvvVSBIlPk29qGnS03mwSFnVv5ZvqXWsJdm3P618DjbVnDITmANU-LplsDG30tWNuJtdi5wqmAKJIGSWluPZQ7MQQf-pKq4ymOx5DU1AtOlNXDmvT4i0gU2TZMCuMqRZE5LNMyWdyy0VCnvrcyMG_Msvv1rQu00Ei66O_JGo0N89btVJEU3zQSQ-QnD1rXVND9y6CDelEXPBU8Kgs2xgddtTqq_lmYouufidv_dF0CPFbwOVChR-g2OuNsWgFIuVGoz5qkEx2CwfYQXxwNolP-DadjGuIbRFtFIApZbcrhsU-ncXpTHeu6WPz4YuB5gt5E04owbleLtAF66UB4jJeT0VhlEFT_Xf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHBghray9ZJSPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0AiGg0LW9IZGpNTTCpmHAISEqvNmnc8TM3xu6WmZHgq1Qqquh2H71cg6mgmwOlYpzeOhssMf61DChKa3xtFTsrAbuZmdYtVi9k_PYYfoWCL0fSdogIjSGWcApsse1SkuyeF5erG5RsfHukps-Hs1tQH_QHNt8WvAzSd_-fBZ7nePAhoAx6Le1dGG2Bt4lPlQdnziGsNK8r69l3CVkWmMpXrKRw8BetKjCNxJp6BWrkYgk_aNdXeWaECyHRhz9E5wR71DMAhiMZn7m457UtQBrIsPtELAd34ioQQw57aF_pfN4ByU6rXhk0wUoNP3uRIGkWYD-h29WqzP5kR5o_JsUHQSi7Ne7geHvyXiNTJBQxSY_VMttLjBIgICrT4OlISyCwNYnvbMZUzVQ5m1ThvcC5G8eF48UIrepPu1lz4mgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3K-I8gnC4nlhQ0RUUUFC8dxv_unw%26client%3Dca-pub-1618592205083780%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21da:1400:19:fc2c:a140:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers pragma no-cache date Sun, 23 Jul 2023 22:41:53 GMT via 1.1 3425db2c749d144a96b60e99c2493db0.cloudfront.net (CloudFront) x-amz-cf-pop EWR53-C1 x-cache Miss from cloudfront p3p CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" content-type image/gif cache-control no-cache, must-revalidate content-length 43 x-amz-cf-id BTZ0SyaarFScINWiImAkB3s8VSMXR90biVViYsGkX1sLHY3vx5HUCA== expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	B29214310.358196926;dc_pre=COip6qLzpYADFXkWiAkdwN4EmA;dc_trk_aid=549043976;dc_trk_cid=186144873;dcopt=anid;ord=64bdacb02222ee95bfc9a6d04938f15b;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tf... ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/ Frame 593D Redirect Chain https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B29214310.358196926;dc_trk_aid=549043976;dc_trk_cid=186144873;dcopt=anid;ord=64bdacb02222ee95bfc9a6d04938f15b;dc_lat=;dc_rdid=;tag_for_ch... https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B29214310.358196926;dc_pre=COip6qLzpYADFXkWiAkdwN4EmA;dc_trk_aid=549043976;dc_trk_cid=186144873;dcopt=anid;ord=64bdacb02222ee95bfc9a6d049...	42 B 246 B	55ms 52ms	Image image/gif	142.251.40.134 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B29214310.358196926;dc_pre=COip6qLzpYADFXkWiAkdwN4EmA;dc_trk_aid=549043976;dc_trk_cid=186144873;dcopt=anid;ord=64bdacb02222ee95bfc9a6d04938f15b;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;;ltd=? Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5QFKNxNAApLxcfAYaMUBXzK6NraFA&u=%7CSjDzQLoKHiuKzFT8OZYMKpD6EKoZ1VzCRIJX3j2d7Wc%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv2s2u2dplnKJtVkuzLzx_KV4fN7d1ufgtaTz-Ku7eGDRd5R4EKT3I_GMMLHiGjs_TodfHlURqc7LuTzRQ3slKmZ8DQsjiL3h8nvC3T8_zTZRKLvKkEdkqcXGwMnqvz2sVffV3WjPpV1OBSwIZsXQH_mMosLJ_qqzNf7Y2Nu5kXXCAvvVSBIlPk29qGnS03mwSFnVv5ZvqXWsJdm3P618DjbVnDITmANU-LplsDG30tWNuJtdi5wqmAKJIGSWluPZQ7MQQf-pKq4ymOx5DU1AtOlNXDmvT4i0gU2TZMCuMqRZE5LNMyWdyy0VCnvrcyMG_Msvv1rQu00Ei66O_JGo0N89btVJEU3zQSQ-QnD1rXVND9y6CDelEXPBU8Kgs2xgddtTqq_lmYouufidv_dF0CPFbwOVChR-g2OuNsWgFIuVGoz5qkEx2CwfYQXxwNolP-DadjGuIbRFtFIApZbcrhsU-ncXpTHeu6WPz4YuB5gt5E04owbleLtAF66UB4jJeT0VhlEFT_Xf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHBghray9ZJSPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0AiGg0LW9IZGpNTTCpmHAISEqvNmnc8TM3xu6WmZHgq1Qqquh2H71cg6mgmwOlYpzeOhssMf61DChKa3xtFTsrAbuZmdYtVi9k_PYYfoWCL0fSdogIjSGWcApsse1SkuyeF5erG5RsfHukps-Hs1tQH_QHNt8WvAzSd_-fBZ7nePAhoAx6Le1dGG2Bt4lPlQdnziGsNK8r69l3CVkWmMpXrKRw8BetKjCNxJp6BWrkYgk_aNdXeWaECyHRhz9E5wR71DMAhiMZn7m457UtQBrIsPtELAd34ioQQw57aF_pfN4ByU6rXhk0wUoNP3uRIGkWYD-h29WqzP5kR5o_JsUHQSi7Ne7geHvyXiNTJBQxSY_VMttLjBIgICrT4OlISyCwNYnvbMZUzVQ5m1ThvcC5G8eF48UIrepPu1lz4mgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3K-I8gnC4nlhQ0RUUUFC8dxv_unw%26client%3Dca-pub-1618592205083780%26adurl%3D Protocol H2 Server 142.251.40.134 Newark, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s80-in-f6.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers pragma no-cache date Sun, 23 Jul 2023 22:41:53 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sun, 23 Jul 2023 22:41:53 GMT x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B29214310.358196926;dc_pre=COip6qLzpYADFXkWiAkdwN4EmA;dc_trk_aid=549043976;dc_trk_cid=186144873;dcopt=anid;ord=64bdacb02222ee95bfc9a6d04938f15b;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;;ltd=? content-type text/html; charset=UTF-8 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin follow-only-when-prerender-shown 1 timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	pixel.gif tracker.samplicio.us/tracker/135ae744-093c-4f69-8b53-a36ce6361ac1/ Frame 593D	35 B 390 B	243ms 39ms	Image image/gif	34.193.152.182 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://tracker.samplicio.us/tracker/135ae744-093c-4f69-8b53-a36ce6361ac1/pixel.gif?c1=11120203&pid=141491&sid=8873202347851648892&crid=308271&device_id=&cachebuster=64bdacb02222ee95bfc9a6d04938f15b&gdpr=0&gdpr_consent=&gdpr_pd= Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5QFKNxNAApLxcfAYaMUBXzK6NraFA&u=%7CSjDzQLoKHiuKzFT8OZYMKpD6EKoZ1VzCRIJX3j2d7Wc%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv2s2u2dplnKJtVkuzLzx_KV4fN7d1ufgtaTz-Ku7eGDRd5R4EKT3I_GMMLHiGjs_TodfHlURqc7LuTzRQ3slKmZ8DQsjiL3h8nvC3T8_zTZRKLvKkEdkqcXGwMnqvz2sVffV3WjPpV1OBSwIZsXQH_mMosLJ_qqzNf7Y2Nu5kXXCAvvVSBIlPk29qGnS03mwSFnVv5ZvqXWsJdm3P618DjbVnDITmANU-LplsDG30tWNuJtdi5wqmAKJIGSWluPZQ7MQQf-pKq4ymOx5DU1AtOlNXDmvT4i0gU2TZMCuMqRZE5LNMyWdyy0VCnvrcyMG_Msvv1rQu00Ei66O_JGo0N89btVJEU3zQSQ-QnD1rXVND9y6CDelEXPBU8Kgs2xgddtTqq_lmYouufidv_dF0CPFbwOVChR-g2OuNsWgFIuVGoz5qkEx2CwfYQXxwNolP-DadjGuIbRFtFIApZbcrhsU-ncXpTHeu6WPz4YuB5gt5E04owbleLtAF66UB4jJeT0VhlEFT_Xf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHBghray9ZJSPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0AiGg0LW9IZGpNTTCpmHAISEqvNmnc8TM3xu6WmZHgq1Qqquh2H71cg6mgmwOlYpzeOhssMf61DChKa3xtFTsrAbuZmdYtVi9k_PYYfoWCL0fSdogIjSGWcApsse1SkuyeF5erG5RsfHukps-Hs1tQH_QHNt8WvAzSd_-fBZ7nePAhoAx6Le1dGG2Bt4lPlQdnziGsNK8r69l3CVkWmMpXrKRw8BetKjCNxJp6BWrkYgk_aNdXeWaECyHRhz9E5wR71DMAhiMZn7m457UtQBrIsPtELAd34ioQQw57aF_pfN4ByU6rXhk0wUoNP3uRIGkWYD-h29WqzP5kR5o_JsUHQSi7Ne7geHvyXiNTJBQxSY_VMttLjBIgICrT4OlISyCwNYnvbMZUzVQ5m1ThvcC5G8eF48UIrepPu1lz4mgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3K-I8gnC4nlhQ0RUUUFC8dxv_unw%26client%3Dca-pub-1618592205083780%26adurl%3D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.193.152.182 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-193-152-182.compute-1.amazonaws.com Software nginx/1.20.0 / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers Date Sun, 23 Jul 2023 22:41:53 GMT Strict-Transport-Security max-age=604800 Server nginx/1.20.0 Connection keep-alive Content-Length 35 Content-Type image/gif
GET H3	200	adview googleads.g.doubleclick.net/pagead/ Frame 3A3C	0 19 B	61ms 55ms	Image text/html	2607:f8b0:4006:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=Cpmocray9ZMXfJ5emo9kPr4CNgAqcge-wXNKWqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEwgJP0GUzpYeEATZ465b5enwUkn9CZqrD9D3-kj7evH0GOnKaaytMEg-HfUZinFZ6kPN6jJxPJMx88c0sRPYiTkERNV1Xoe2gB00xPTa4y6a5SQTwAsMjpUMoIpfkyiasC4ibOaMIU5YDBm1v1gz8OG4LFb-JSKnF9bu_B3rwbHLCXQmDzB6atOKDfa08adj6wHnq_WkcZR7fjwMJmB3M0Ow9naY2W2xxoJEK_csXkeuViT_C0_zUhE0UzTVD4HxDTWby0N7CRc601z_6so5Px6vWH3PZTMRhoIwStl4PfnVmLsy6zZLijpG_u4LCCJsq6CnvXnmKStvlI9LrnobQzZBYX_L4d12LZzpbcwTUl3ak_x1VmsTXGGzFVwQOy7c51W0LWr3L8nhv7Rz8eUWxDYAAPE4-7NiVSqsK-0Si36365lfUgAbJx_363fjukhegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTE2MTg1OTIyMDUwODM3ODAYAA&sigh=W4SJ5p6apmo&uach_m=[UACH]&cid=CAQSKQBpAlJWn1WQNpqNVBmyu3cKx-lNBxGaK0Ht218pE1M9FSCWbCyOPj8oGAE&cbvp=2&vis=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1618592205083780&output=html&h=178&slotname=2609168587&adk=1374432671&adf=4036610663&pi=t.ma~as.2609168587&w=710&fwrn=4&lmt=1690152109&rafmt=11&format=710x178&url=https%3A%2F%2Fwww.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690152109199&bpp=10&bdt=2334&idt=277&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&correlator=4611190033106&frm=20&pv=2&ga_vid=1167766464.1690152109&ga_sid=1690152109&ga_hid=1961258191&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=295&ady=1617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31076087%2C42531706%2C44788441%2C44797784&oid=2&pvsid=4066533587057257&tmod=1604677241&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=5ut2MxHbOz&p=https%3A//www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru&dtd=391 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80f::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1618592205083780&output=html&h=178&slotname=2609168587&adk=1374432671&adf=4036610663&pi=t.ma~as.2609168587&w=710&fwrn=4&lmt=1690152109&rafmt=11&format=710x178&url=https%3A%2F%2Fwww.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690152109199&bpp=10&bdt=2334&idt=277&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&correlator=4611190033106&frm=20&pv=2&ga_vid=1167766464.1690152109&ga_sid=1690152109&ga_hid=1961258191&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=295&ady=1617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31076087%2C42531706%2C44788441%2C44797784&oid=2&pvsid=4066533587057257&tmod=1604677241&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=5ut2MxHbOz&p=https%3A//www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru&dtd=391 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Sun, 23 Jul 2023 22:41:53 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	notify rtb.va.us.criteo.com/google/auction/ Frame 3A3C	0 126 B	100ms 33ms	Image text/plain	2620:100:a001::3 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=kOSJF836RMYFsgHiIp0XAgAAAIHwBbb3yQw3EK2svWTO0gNriY0ZhP8_AAASAAAKCkFRVURDZ0VQQ2c&wp=ZL2srQAJ78UFKNMXAANAL1ZjmMz9_9MSmeQpdg&cbvp=2 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1618592205083780&output=html&h=178&slotname=2609168587&adk=1374432671&adf=4036610663&pi=t.ma~as.2609168587&w=710&fwrn=4&lmt=1690152109&rafmt=11&format=710x178&url=https%3A%2F%2Fwww.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690152109199&bpp=10&bdt=2334&idt=277&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&correlator=4611190033106&frm=20&pv=2&ga_vid=1167766464.1690152109&ga_sid=1690152109&ga_hid=1961258191&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=295&ady=1617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31076087%2C42531706%2C44788441%2C44797784&oid=2&pvsid=4066533587057257&tmod=1604677241&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=5ut2MxHbOz&p=https%3A//www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru&dtd=391 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:53 GMT strict-transport-security max-age=31536000; preload; server-processing-duration-in-ticks 161493 server Kestrel content-length 0
GET H2	200	privacy_small.svg static.criteo.net/flash/icon/ Frame BDEF	2 KB 1 KB	45ms 44ms	Image image/svg+xml	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/privacy_small.svg Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5UFKNxNAApLxfHDqOKPtAWOCWnI1A&u=%7CSjDzQLoKHiu%2FHvtcMH2GIp%2BUpmMJy17Qx3YskfURbe4%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv8woe_caJE_VUAicvkuo4T4WuabUPEUl3LeKzAq_pgTek-KblTtvdwbtUm5EnXa_EpKX7NBZFrgFRvbSDW4ZgPknzANXSqeQhVssTmp8HPODGB1YTUM_VRwYXAIRWcjPZOTJFCJALJpKAHkBLr0hJzP-B30IwWo5-uNkZIvIHSaSptMNoUlkrRgcLTwYixLsmHLvbQxaFohAZ9WbsD3ThQhk-R0I1TYADCvCl2Emijc6nzVZpR9zseC1MNkKBFCnrFZu6w2WLMssbU8yy1bjtK01D1BMNmZ-Gjvd-7S6T3kNU_kbOLEJ-kdFZ5tTbBqvKXiFDa5DJyZpo-PVwS7B2UtBpLiQwF6vm3UeV1EjZgEeGiecYADMA8ZleWdXtAPhnbakoTywcrtpzCeiKBKk1nLUoxfk3n7gejjSaHw9MmxuwszorHbqyoajrZeD_rpmeOxLKttZyS5Q1uaOuxC2wnGCwiOMdyYgPz21o3LqitUOQvKn1jfgVT4ZOEHVmXqRlAEq4TiIGM9IM_q774lwakA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRBCtray9ZJWPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0BTlMUhuBlZKl-3E-7xxCFSS3ePazj0-EdIxKbBm8DEMcJjoXroi8Wts3wSpE1XTNqlviiuDGx2SvmOfKCOuHOm17zhTptml28Ee_H5Voy4u4m1bKvUKkBtkZiAGysySEEzOi52z7tKzrpwIU349b1rJx2ZLREfgKtv8c_gnSnzmT76IbxuG_QrykK_fNVA_jrnxHRWbTB7wmOMeZmntIOT1w-3jyUJpYS8VNs85R0cYARVgiUkVA9B_Zg1ZgtgoWZy4ug94OTs6LxpBfOiEye4p66prgGH7WGa7xIthICvcFxEGxSD_cz-mhH0uQFPYVk2K_nY2p8l9vwHlL7CFwGk1402N3u38W22N0kEr39k-N2Bz6nb8fJI0hnLHRKoNjdTwmWirEgAM_Yt5rSUP5om8rPD2gje53BHzFctIgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3uvvs6CwprmmrFVVTiB1hl4mqEuA%26client%3Dca-pub-1618592205083780%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:53 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Tue, 11 Feb 2020 14:30:28 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5e42ba84-6aa" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Wed, 17 Jul 2024 22:41:53 GMT
GET H2	200	adchoices_en.svg static.criteo.net/flash/icon/ Frame BDEF	2 KB 1 KB	47ms 46ms	Image image/svg+xml	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/adchoices_en.svg Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5UFKNxNAApLxfHDqOKPtAWOCWnI1A&u=%7CSjDzQLoKHiu%2FHvtcMH2GIp%2BUpmMJy17Qx3YskfURbe4%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv8woe_caJE_VUAicvkuo4T4WuabUPEUl3LeKzAq_pgTek-KblTtvdwbtUm5EnXa_EpKX7NBZFrgFRvbSDW4ZgPknzANXSqeQhVssTmp8HPODGB1YTUM_VRwYXAIRWcjPZOTJFCJALJpKAHkBLr0hJzP-B30IwWo5-uNkZIvIHSaSptMNoUlkrRgcLTwYixLsmHLvbQxaFohAZ9WbsD3ThQhk-R0I1TYADCvCl2Emijc6nzVZpR9zseC1MNkKBFCnrFZu6w2WLMssbU8yy1bjtK01D1BMNmZ-Gjvd-7S6T3kNU_kbOLEJ-kdFZ5tTbBqvKXiFDa5DJyZpo-PVwS7B2UtBpLiQwF6vm3UeV1EjZgEeGiecYADMA8ZleWdXtAPhnbakoTywcrtpzCeiKBKk1nLUoxfk3n7gejjSaHw9MmxuwszorHbqyoajrZeD_rpmeOxLKttZyS5Q1uaOuxC2wnGCwiOMdyYgPz21o3LqitUOQvKn1jfgVT4ZOEHVmXqRlAEq4TiIGM9IM_q774lwakA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRBCtray9ZJWPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0BTlMUhuBlZKl-3E-7xxCFSS3ePazj0-EdIxKbBm8DEMcJjoXroi8Wts3wSpE1XTNqlviiuDGx2SvmOfKCOuHOm17zhTptml28Ee_H5Voy4u4m1bKvUKkBtkZiAGysySEEzOi52z7tKzrpwIU349b1rJx2ZLREfgKtv8c_gnSnzmT76IbxuG_QrykK_fNVA_jrnxHRWbTB7wmOMeZmntIOT1w-3jyUJpYS8VNs85R0cYARVgiUkVA9B_Zg1ZgtgoWZy4ug94OTs6LxpBfOiEye4p66prgGH7WGa7xIthICvcFxEGxSD_cz-mhH0uQFPYVk2K_nY2p8l9vwHlL7CFwGk1402N3u38W22N0kEr39k-N2Bz6nb8fJI0hnLHRKoNjdTwmWirEgAM_Yt5rSUP5om8rPD2gje53BHzFctIgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3uvvs6CwprmmrFVVTiB1hl4mqEuA%26client%3Dca-pub-1618592205083780%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash 60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:53 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Tue, 11 Feb 2020 14:27:58 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5e42b9ee-759" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Wed, 17 Jul 2024 22:41:53 GMT
GET H2	200	close_button.svg static.criteo.net/flash/icon/ Frame BDEF	308 B 636 B	60ms 29ms	Image image/svg+xml	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/close_button.svg Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5UFKNxNAApLxfHDqOKPtAWOCWnI1A&u=%7CSjDzQLoKHiu%2FHvtcMH2GIp%2BUpmMJy17Qx3YskfURbe4%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv8woe_caJE_VUAicvkuo4T4WuabUPEUl3LeKzAq_pgTek-KblTtvdwbtUm5EnXa_EpKX7NBZFrgFRvbSDW4ZgPknzANXSqeQhVssTmp8HPODGB1YTUM_VRwYXAIRWcjPZOTJFCJALJpKAHkBLr0hJzP-B30IwWo5-uNkZIvIHSaSptMNoUlkrRgcLTwYixLsmHLvbQxaFohAZ9WbsD3ThQhk-R0I1TYADCvCl2Emijc6nzVZpR9zseC1MNkKBFCnrFZu6w2WLMssbU8yy1bjtK01D1BMNmZ-Gjvd-7S6T3kNU_kbOLEJ-kdFZ5tTbBqvKXiFDa5DJyZpo-PVwS7B2UtBpLiQwF6vm3UeV1EjZgEeGiecYADMA8ZleWdXtAPhnbakoTywcrtpzCeiKBKk1nLUoxfk3n7gejjSaHw9MmxuwszorHbqyoajrZeD_rpmeOxLKttZyS5Q1uaOuxC2wnGCwiOMdyYgPz21o3LqitUOQvKn1jfgVT4ZOEHVmXqRlAEq4TiIGM9IM_q774lwakA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRBCtray9ZJWPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0BTlMUhuBlZKl-3E-7xxCFSS3ePazj0-EdIxKbBm8DEMcJjoXroi8Wts3wSpE1XTNqlviiuDGx2SvmOfKCOuHOm17zhTptml28Ee_H5Voy4u4m1bKvUKkBtkZiAGysySEEzOi52z7tKzrpwIU349b1rJx2ZLREfgKtv8c_gnSnzmT76IbxuG_QrykK_fNVA_jrnxHRWbTB7wmOMeZmntIOT1w-3jyUJpYS8VNs85R0cYARVgiUkVA9B_Zg1ZgtgoWZy4ug94OTs6LxpBfOiEye4p66prgGH7WGa7xIthICvcFxEGxSD_cz-mhH0uQFPYVk2K_nY2p8l9vwHlL7CFwGk1402N3u38W22N0kEr39k-N2Bz6nb8fJI0hnLHRKoNjdTwmWirEgAM_Yt5rSUP5om8rPD2gje53BHzFctIgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3uvvs6CwprmmrFVVTiB1hl4mqEuA%26client%3Dca-pub-1618592205083780%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash 8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:53 GMT strict-transport-security max-age=31536000; preload; last-modified Fri, 14 Feb 2020 13:51:32 GMT server nginx cross-origin-embedder-policy require-corp etag "5e46a5e4-134" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 308 expires Wed, 17 Jul 2024 22:41:53 GMT
GET H2	200	back_button2.svg static.criteo.net/flash/icon/ Frame BDEF	293 B 621 B	63ms 32ms	Image image/svg+xml	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/back_button2.svg Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5UFKNxNAApLxfHDqOKPtAWOCWnI1A&u=%7CSjDzQLoKHiu%2FHvtcMH2GIp%2BUpmMJy17Qx3YskfURbe4%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv8woe_caJE_VUAicvkuo4T4WuabUPEUl3LeKzAq_pgTek-KblTtvdwbtUm5EnXa_EpKX7NBZFrgFRvbSDW4ZgPknzANXSqeQhVssTmp8HPODGB1YTUM_VRwYXAIRWcjPZOTJFCJALJpKAHkBLr0hJzP-B30IwWo5-uNkZIvIHSaSptMNoUlkrRgcLTwYixLsmHLvbQxaFohAZ9WbsD3ThQhk-R0I1TYADCvCl2Emijc6nzVZpR9zseC1MNkKBFCnrFZu6w2WLMssbU8yy1bjtK01D1BMNmZ-Gjvd-7S6T3kNU_kbOLEJ-kdFZ5tTbBqvKXiFDa5DJyZpo-PVwS7B2UtBpLiQwF6vm3UeV1EjZgEeGiecYADMA8ZleWdXtAPhnbakoTywcrtpzCeiKBKk1nLUoxfk3n7gejjSaHw9MmxuwszorHbqyoajrZeD_rpmeOxLKttZyS5Q1uaOuxC2wnGCwiOMdyYgPz21o3LqitUOQvKn1jfgVT4ZOEHVmXqRlAEq4TiIGM9IM_q774lwakA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRBCtray9ZJWPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0BTlMUhuBlZKl-3E-7xxCFSS3ePazj0-EdIxKbBm8DEMcJjoXroi8Wts3wSpE1XTNqlviiuDGx2SvmOfKCOuHOm17zhTptml28Ee_H5Voy4u4m1bKvUKkBtkZiAGysySEEzOi52z7tKzrpwIU349b1rJx2ZLREfgKtv8c_gnSnzmT76IbxuG_QrykK_fNVA_jrnxHRWbTB7wmOMeZmntIOT1w-3jyUJpYS8VNs85R0cYARVgiUkVA9B_Zg1ZgtgoWZy4ug94OTs6LxpBfOiEye4p66prgGH7WGa7xIthICvcFxEGxSD_cz-mhH0uQFPYVk2K_nY2p8l9vwHlL7CFwGk1402N3u38W22N0kEr39k-N2Bz6nb8fJI0hnLHRKoNjdTwmWirEgAM_Yt5rSUP5om8rPD2gje53BHzFctIgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3uvvs6CwprmmrFVVTiB1hl4mqEuA%26client%3Dca-pub-1618592205083780%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash 725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:53 GMT strict-transport-security max-age=31536000; preload; last-modified Thu, 28 Apr 2022 09:09:48 GMT server nginx cross-origin-embedder-policy require-corp etag "626a59dc-125" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 293 expires Wed, 17 Jul 2024 22:41:53 GMT
GET H/1.1	200 OK	dvbs_src.js Show response cdn.doubleverify.com/ Frame BDEF	2 KB 1 KB	173ms 33ms	Script application/javascript	2600:141b:9000::1725:7bd1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.doubleverify.com/dvbs_src.js?ctx=13846930&cmp=29214310&plc=358196926&sid=1340728&dvregion=0&unit=200x600 Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5UFKNxNAApLxfHDqOKPtAWOCWnI1A&u=%7CSjDzQLoKHiu%2FHvtcMH2GIp%2BUpmMJy17Qx3YskfURbe4%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv8woe_caJE_VUAicvkuo4T4WuabUPEUl3LeKzAq_pgTek-KblTtvdwbtUm5EnXa_EpKX7NBZFrgFRvbSDW4ZgPknzANXSqeQhVssTmp8HPODGB1YTUM_VRwYXAIRWcjPZOTJFCJALJpKAHkBLr0hJzP-B30IwWo5-uNkZIvIHSaSptMNoUlkrRgcLTwYixLsmHLvbQxaFohAZ9WbsD3ThQhk-R0I1TYADCvCl2Emijc6nzVZpR9zseC1MNkKBFCnrFZu6w2WLMssbU8yy1bjtK01D1BMNmZ-Gjvd-7S6T3kNU_kbOLEJ-kdFZ5tTbBqvKXiFDa5DJyZpo-PVwS7B2UtBpLiQwF6vm3UeV1EjZgEeGiecYADMA8ZleWdXtAPhnbakoTywcrtpzCeiKBKk1nLUoxfk3n7gejjSaHw9MmxuwszorHbqyoajrZeD_rpmeOxLKttZyS5Q1uaOuxC2wnGCwiOMdyYgPz21o3LqitUOQvKn1jfgVT4ZOEHVmXqRlAEq4TiIGM9IM_q774lwakA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRBCtray9ZJWPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0BTlMUhuBlZKl-3E-7xxCFSS3ePazj0-EdIxKbBm8DEMcJjoXroi8Wts3wSpE1XTNqlviiuDGx2SvmOfKCOuHOm17zhTptml28Ee_H5Voy4u4m1bKvUKkBtkZiAGysySEEzOi52z7tKzrpwIU349b1rJx2ZLREfgKtv8c_gnSnzmT76IbxuG_QrykK_fNVA_jrnxHRWbTB7wmOMeZmntIOT1w-3jyUJpYS8VNs85R0cYARVgiUkVA9B_Zg1ZgtgoWZy4ug94OTs6LxpBfOiEye4p66prgGH7WGa7xIthICvcFxEGxSD_cz-mhH0uQFPYVk2K_nY2p8l9vwHlL7CFwGk1402N3u38W22N0kEr39k-N2Bz6nb8fJI0hnLHRKoNjdTwmWirEgAM_Yt5rSUP5om8rPD2gje53BHzFctIgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3uvvs6CwprmmrFVVTiB1hl4mqEuA%26client%3Dca-pub-1618592205083780%26adurl%3D Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2600:141b:9000::1725:7bd1 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software UploadServer / Resource Hash db556c877765791cfa9dc4febd9a83ab0dfdd29245b4c0ca786911f4ada39bbf Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers Date Sun, 23 Jul 2023 22:41:53 GMT Content-Encoding gzip Last-Modified Tue, 11 Jul 2023 08:57:29 GMT Server UploadServer ETag "0a227e506cc4cb4f9940be0b4f6d5c1e" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Expose-Headers * Cache-Control max-age=86400,no-transform Connection keep-alive Accept-Ranges bytes Content-Length 925 Expires Wed, 12 Jul 2023 08:57:55 GMT
GET H/1.1	200 OK	dvtp_src.js Show response cdn.doubleverify.com/ Frame BDEF	8 KB 4 KB	174ms 33ms	Script application/javascript	2600:141b:9000::1725:7bd1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.doubleverify.com/dvtp_src.js?ctx=13846930&cmp=29214310&plc=358196926&sid=1340728&adsrv=169&btreg=banner_content&btadsrv=banner_content&tagtype=&dvtagver=6.1.src Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5UFKNxNAApLxfHDqOKPtAWOCWnI1A&u=%7CSjDzQLoKHiu%2FHvtcMH2GIp%2BUpmMJy17Qx3YskfURbe4%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv8woe_caJE_VUAicvkuo4T4WuabUPEUl3LeKzAq_pgTek-KblTtvdwbtUm5EnXa_EpKX7NBZFrgFRvbSDW4ZgPknzANXSqeQhVssTmp8HPODGB1YTUM_VRwYXAIRWcjPZOTJFCJALJpKAHkBLr0hJzP-B30IwWo5-uNkZIvIHSaSptMNoUlkrRgcLTwYixLsmHLvbQxaFohAZ9WbsD3ThQhk-R0I1TYADCvCl2Emijc6nzVZpR9zseC1MNkKBFCnrFZu6w2WLMssbU8yy1bjtK01D1BMNmZ-Gjvd-7S6T3kNU_kbOLEJ-kdFZ5tTbBqvKXiFDa5DJyZpo-PVwS7B2UtBpLiQwF6vm3UeV1EjZgEeGiecYADMA8ZleWdXtAPhnbakoTywcrtpzCeiKBKk1nLUoxfk3n7gejjSaHw9MmxuwszorHbqyoajrZeD_rpmeOxLKttZyS5Q1uaOuxC2wnGCwiOMdyYgPz21o3LqitUOQvKn1jfgVT4ZOEHVmXqRlAEq4TiIGM9IM_q774lwakA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRBCtray9ZJWPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0BTlMUhuBlZKl-3E-7xxCFSS3ePazj0-EdIxKbBm8DEMcJjoXroi8Wts3wSpE1XTNqlviiuDGx2SvmOfKCOuHOm17zhTptml28Ee_H5Voy4u4m1bKvUKkBtkZiAGysySEEzOi52z7tKzrpwIU349b1rJx2ZLREfgKtv8c_gnSnzmT76IbxuG_QrykK_fNVA_jrnxHRWbTB7wmOMeZmntIOT1w-3jyUJpYS8VNs85R0cYARVgiUkVA9B_Zg1ZgtgoWZy4ug94OTs6LxpBfOiEye4p66prgGH7WGa7xIthICvcFxEGxSD_cz-mhH0uQFPYVk2K_nY2p8l9vwHlL7CFwGk1402N3u38W22N0kEr39k-N2Bz6nb8fJI0hnLHRKoNjdTwmWirEgAM_Yt5rSUP5om8rPD2gje53BHzFctIgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3uvvs6CwprmmrFVVTiB1hl4mqEuA%26client%3Dca-pub-1618592205083780%26adurl%3D Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2600:141b:9000::1725:7bd1 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software UploadServer / Resource Hash 005b888fe4472e6243d74f7a7ffc92dc1ad096e9c804f77b061a1ea1fc57403a Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers Date Sun, 23 Jul 2023 22:41:53 GMT Content-Encoding gzip Last-Modified Thu, 20 Jul 2023 10:45:50 GMT Server UploadServer ETag "408da7fec113d9180ca8c3f8cc59bbea" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Expose-Headers * Cache-Control max-age=900,no-transform Connection keep-alive Accept-Ranges bytes Content-Length 3389 Expires Thu, 20 Jul 2023 11:01:12 GMT
GET H2	200	lg.php cat.va.us.criteo.com/delivery/ Frame BDEF	43 B 347 B	69ms 40ms	Image image/gif	74.119.119.147 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=Eouxx8al2szQIPBKfCmByVFNlJoF8lxG0MJncS3g0K37bgJJLx-AdhYVsWxZTw8Pkh_B-JpWqDdXl4VBSrrpMw8Dfg06d8fEO7dSISyB_QMm8Bedd08Cw5hMVU2Z8ySSpif_BQG2gv_a-Ln8zapk8R-P7tE_ZSIhRW5IBR_u3xB7kucYITFZBfAdOORdC5KfTc2ZtBQT-Z_2-QEg2FgoQEGjNHnu6i9B9MtvCLeXLvx-Wv_0qibbN8Ds4XSMJNeJdmmZgriASZbHihM_m480pFDnFbCsAchdAmzZs3wp_GDGtSijTe2SS-7RJLyiRebPydL6cQeXoopBx89oreM0CKzxzvZ_i3A15F-qhevmPv4HkJwOoCvQvLwCm-5DBgL5QDPne0fBX4rS-sm8kwMuMyWRU2XCvNxHE9C99nH-M6yezmZAXLjahkeYFK2RRgiA5F-4-w Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5UFKNxNAApLxfHDqOKPtAWOCWnI1A&u=%7CSjDzQLoKHiu%2FHvtcMH2GIp%2BUpmMJy17Qx3YskfURbe4%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv8woe_caJE_VUAicvkuo4T4WuabUPEUl3LeKzAq_pgTek-KblTtvdwbtUm5EnXa_EpKX7NBZFrgFRvbSDW4ZgPknzANXSqeQhVssTmp8HPODGB1YTUM_VRwYXAIRWcjPZOTJFCJALJpKAHkBLr0hJzP-B30IwWo5-uNkZIvIHSaSptMNoUlkrRgcLTwYixLsmHLvbQxaFohAZ9WbsD3ThQhk-R0I1TYADCvCl2Emijc6nzVZpR9zseC1MNkKBFCnrFZu6w2WLMssbU8yy1bjtK01D1BMNmZ-Gjvd-7S6T3kNU_kbOLEJ-kdFZ5tTbBqvKXiFDa5DJyZpo-PVwS7B2UtBpLiQwF6vm3UeV1EjZgEeGiecYADMA8ZleWdXtAPhnbakoTywcrtpzCeiKBKk1nLUoxfk3n7gejjSaHw9MmxuwszorHbqyoajrZeD_rpmeOxLKttZyS5Q1uaOuxC2wnGCwiOMdyYgPz21o3LqitUOQvKn1jfgVT4ZOEHVmXqRlAEq4TiIGM9IM_q774lwakA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRBCtray9ZJWPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0BTlMUhuBlZKl-3E-7xxCFSS3ePazj0-EdIxKbBm8DEMcJjoXroi8Wts3wSpE1XTNqlviiuDGx2SvmOfKCOuHOm17zhTptml28Ee_H5Voy4u4m1bKvUKkBtkZiAGysySEEzOi52z7tKzrpwIU349b1rJx2ZLREfgKtv8c_gnSnzmT76IbxuG_QrykK_fNVA_jrnxHRWbTB7wmOMeZmntIOT1w-3jyUJpYS8VNs85R0cYARVgiUkVA9B_Zg1ZgtgoWZy4ug94OTs6LxpBfOiEye4p66prgGH7WGa7xIthICvcFxEGxSD_cz-mhH0uQFPYVk2K_nY2p8l9vwHlL7CFwGk1402N3u38W22N0kEr39k-N2Bz6nb8fJI0hnLHRKoNjdTwmWirEgAM_Yt5rSUP5om8rPD2gje53BHzFctIgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3uvvs6CwprmmrFVVTiB1hl4mqEuA%26client%3Dca-pub-1618592205083780%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.119.119.147 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers pragma no-cache date Sun, 23 Jul 2023 22:41:53 GMT strict-transport-security max-age=31536000; preload; server Kestrel p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" content-type image/gif cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 2733674 expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	/ d.agkn.com/pixel/8538/ Frame BDEF	43 B 562 B	248ms 63ms	Image image/gif	2600:9000:21da:1400:19:fc2c:a140:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d.agkn.com/pixel/8538/?che=64bdacb0b57359311642e59c2f8c83af&col=308271,0,0,0,11120203,64bdacb0b57359311642e59c2f8c83af Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5UFKNxNAApLxfHDqOKPtAWOCWnI1A&u=%7CSjDzQLoKHiu%2FHvtcMH2GIp%2BUpmMJy17Qx3YskfURbe4%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv8woe_caJE_VUAicvkuo4T4WuabUPEUl3LeKzAq_pgTek-KblTtvdwbtUm5EnXa_EpKX7NBZFrgFRvbSDW4ZgPknzANXSqeQhVssTmp8HPODGB1YTUM_VRwYXAIRWcjPZOTJFCJALJpKAHkBLr0hJzP-B30IwWo5-uNkZIvIHSaSptMNoUlkrRgcLTwYixLsmHLvbQxaFohAZ9WbsD3ThQhk-R0I1TYADCvCl2Emijc6nzVZpR9zseC1MNkKBFCnrFZu6w2WLMssbU8yy1bjtK01D1BMNmZ-Gjvd-7S6T3kNU_kbOLEJ-kdFZ5tTbBqvKXiFDa5DJyZpo-PVwS7B2UtBpLiQwF6vm3UeV1EjZgEeGiecYADMA8ZleWdXtAPhnbakoTywcrtpzCeiKBKk1nLUoxfk3n7gejjSaHw9MmxuwszorHbqyoajrZeD_rpmeOxLKttZyS5Q1uaOuxC2wnGCwiOMdyYgPz21o3LqitUOQvKn1jfgVT4ZOEHVmXqRlAEq4TiIGM9IM_q774lwakA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRBCtray9ZJWPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0BTlMUhuBlZKl-3E-7xxCFSS3ePazj0-EdIxKbBm8DEMcJjoXroi8Wts3wSpE1XTNqlviiuDGx2SvmOfKCOuHOm17zhTptml28Ee_H5Voy4u4m1bKvUKkBtkZiAGysySEEzOi52z7tKzrpwIU349b1rJx2ZLREfgKtv8c_gnSnzmT76IbxuG_QrykK_fNVA_jrnxHRWbTB7wmOMeZmntIOT1w-3jyUJpYS8VNs85R0cYARVgiUkVA9B_Zg1ZgtgoWZy4ug94OTs6LxpBfOiEye4p66prgGH7WGa7xIthICvcFxEGxSD_cz-mhH0uQFPYVk2K_nY2p8l9vwHlL7CFwGk1402N3u38W22N0kEr39k-N2Bz6nb8fJI0hnLHRKoNjdTwmWirEgAM_Yt5rSUP5om8rPD2gje53BHzFctIgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3uvvs6CwprmmrFVVTiB1hl4mqEuA%26client%3Dca-pub-1618592205083780%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21da:1400:19:fc2c:a140:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers pragma no-cache date Sun, 23 Jul 2023 22:41:53 GMT via 1.1 3425db2c749d144a96b60e99c2493db0.cloudfront.net (CloudFront) x-amz-cf-pop EWR53-C1 x-cache Miss from cloudfront p3p CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" content-type image/gif cache-control no-cache, must-revalidate content-length 43 x-amz-cf-id HejCT-_XwtcABjMhDxggF6WpjzJ_wKSTq4b4qBsS1BgzmuTn4glmGA== expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	B29214310.358196926;dc_pre=CN-v6qLzpYADFXoXiAkdorYMAg;dc_trk_aid=549043976;dc_trk_cid=186144873;dcopt=anid;ord=64bdacb0b57359311642e59c2f8c83af;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tf... ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/ Frame BDEF Redirect Chain https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B29214310.358196926;dc_trk_aid=549043976;dc_trk_cid=186144873;dcopt=anid;ord=64bdacb0b57359311642e59c2f8c83af;dc_lat=;dc_rdid=;tag_for_ch... https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B29214310.358196926;dc_pre=CN-v6qLzpYADFXoXiAkdorYMAg;dc_trk_aid=549043976;dc_trk_cid=186144873;dcopt=anid;ord=64bdacb0b57359311642e59c2f...	42 B 235 B	57ms 55ms	Image image/gif	142.251.40.134 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B29214310.358196926;dc_pre=CN-v6qLzpYADFXoXiAkdorYMAg;dc_trk_aid=549043976;dc_trk_cid=186144873;dcopt=anid;ord=64bdacb0b57359311642e59c2f8c83af;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;;ltd=? Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5UFKNxNAApLxfHDqOKPtAWOCWnI1A&u=%7CSjDzQLoKHiu%2FHvtcMH2GIp%2BUpmMJy17Qx3YskfURbe4%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv8woe_caJE_VUAicvkuo4T4WuabUPEUl3LeKzAq_pgTek-KblTtvdwbtUm5EnXa_EpKX7NBZFrgFRvbSDW4ZgPknzANXSqeQhVssTmp8HPODGB1YTUM_VRwYXAIRWcjPZOTJFCJALJpKAHkBLr0hJzP-B30IwWo5-uNkZIvIHSaSptMNoUlkrRgcLTwYixLsmHLvbQxaFohAZ9WbsD3ThQhk-R0I1TYADCvCl2Emijc6nzVZpR9zseC1MNkKBFCnrFZu6w2WLMssbU8yy1bjtK01D1BMNmZ-Gjvd-7S6T3kNU_kbOLEJ-kdFZ5tTbBqvKXiFDa5DJyZpo-PVwS7B2UtBpLiQwF6vm3UeV1EjZgEeGiecYADMA8ZleWdXtAPhnbakoTywcrtpzCeiKBKk1nLUoxfk3n7gejjSaHw9MmxuwszorHbqyoajrZeD_rpmeOxLKttZyS5Q1uaOuxC2wnGCwiOMdyYgPz21o3LqitUOQvKn1jfgVT4ZOEHVmXqRlAEq4TiIGM9IM_q774lwakA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRBCtray9ZJWPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0BTlMUhuBlZKl-3E-7xxCFSS3ePazj0-EdIxKbBm8DEMcJjoXroi8Wts3wSpE1XTNqlviiuDGx2SvmOfKCOuHOm17zhTptml28Ee_H5Voy4u4m1bKvUKkBtkZiAGysySEEzOi52z7tKzrpwIU349b1rJx2ZLREfgKtv8c_gnSnzmT76IbxuG_QrykK_fNVA_jrnxHRWbTB7wmOMeZmntIOT1w-3jyUJpYS8VNs85R0cYARVgiUkVA9B_Zg1ZgtgoWZy4ug94OTs6LxpBfOiEye4p66prgGH7WGa7xIthICvcFxEGxSD_cz-mhH0uQFPYVk2K_nY2p8l9vwHlL7CFwGk1402N3u38W22N0kEr39k-N2Bz6nb8fJI0hnLHRKoNjdTwmWirEgAM_Yt5rSUP5om8rPD2gje53BHzFctIgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3uvvs6CwprmmrFVVTiB1hl4mqEuA%26client%3Dca-pub-1618592205083780%26adurl%3D Protocol H2 Server 142.251.40.134 Newark, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s80-in-f6.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers pragma no-cache date Sun, 23 Jul 2023 22:41:53 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sun, 23 Jul 2023 22:41:53 GMT x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B29214310.358196926;dc_pre=CN-v6qLzpYADFXoXiAkdorYMAg;dc_trk_aid=549043976;dc_trk_cid=186144873;dcopt=anid;ord=64bdacb0b57359311642e59c2f8c83af;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;;ltd=? content-type text/html; charset=UTF-8 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin follow-only-when-prerender-shown 1 timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	pixel.gif tracker.samplicio.us/tracker/135ae744-093c-4f69-8b53-a36ce6361ac1/ Frame BDEF	35 B 390 B	221ms 41ms	Image image/gif	34.193.152.182 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://tracker.samplicio.us/tracker/135ae744-093c-4f69-8b53-a36ce6361ac1/pixel.gif?c1=11120203&pid=141491&sid=8873202347851648892&crid=308271&device_id=&cachebuster=64bdacb0b57359311642e59c2f8c83af&gdpr=0&gdpr_consent=&gdpr_pd= Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5UFKNxNAApLxfHDqOKPtAWOCWnI1A&u=%7CSjDzQLoKHiu%2FHvtcMH2GIp%2BUpmMJy17Qx3YskfURbe4%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv8woe_caJE_VUAicvkuo4T4WuabUPEUl3LeKzAq_pgTek-KblTtvdwbtUm5EnXa_EpKX7NBZFrgFRvbSDW4ZgPknzANXSqeQhVssTmp8HPODGB1YTUM_VRwYXAIRWcjPZOTJFCJALJpKAHkBLr0hJzP-B30IwWo5-uNkZIvIHSaSptMNoUlkrRgcLTwYixLsmHLvbQxaFohAZ9WbsD3ThQhk-R0I1TYADCvCl2Emijc6nzVZpR9zseC1MNkKBFCnrFZu6w2WLMssbU8yy1bjtK01D1BMNmZ-Gjvd-7S6T3kNU_kbOLEJ-kdFZ5tTbBqvKXiFDa5DJyZpo-PVwS7B2UtBpLiQwF6vm3UeV1EjZgEeGiecYADMA8ZleWdXtAPhnbakoTywcrtpzCeiKBKk1nLUoxfk3n7gejjSaHw9MmxuwszorHbqyoajrZeD_rpmeOxLKttZyS5Q1uaOuxC2wnGCwiOMdyYgPz21o3LqitUOQvKn1jfgVT4ZOEHVmXqRlAEq4TiIGM9IM_q774lwakA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRBCtray9ZJWPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0BTlMUhuBlZKl-3E-7xxCFSS3ePazj0-EdIxKbBm8DEMcJjoXroi8Wts3wSpE1XTNqlviiuDGx2SvmOfKCOuHOm17zhTptml28Ee_H5Voy4u4m1bKvUKkBtkZiAGysySEEzOi52z7tKzrpwIU349b1rJx2ZLREfgKtv8c_gnSnzmT76IbxuG_QrykK_fNVA_jrnxHRWbTB7wmOMeZmntIOT1w-3jyUJpYS8VNs85R0cYARVgiUkVA9B_Zg1ZgtgoWZy4ug94OTs6LxpBfOiEye4p66prgGH7WGa7xIthICvcFxEGxSD_cz-mhH0uQFPYVk2K_nY2p8l9vwHlL7CFwGk1402N3u38W22N0kEr39k-N2Bz6nb8fJI0hnLHRKoNjdTwmWirEgAM_Yt5rSUP5om8rPD2gje53BHzFctIgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3uvvs6CwprmmrFVVTiB1hl4mqEuA%26client%3Dca-pub-1618592205083780%26adurl%3D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.193.152.182 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-193-152-182.compute-1.amazonaws.com Software nginx/1.20.0 / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers Date Sun, 23 Jul 2023 22:41:53 GMT Strict-Transport-Security max-age=604800 Server nginx/1.20.0 Connection keep-alive Content-Length 35 Content-Type image/gif
GET H3	200	pixel cm.g.doubleclick.net/ Frame D8C0 Redirect Chain https://px.owneriq.net/ecmg?google_gid=CAESENnBL5YoBEPnHVbWLVB99Fs&google_cver=1&google_push=AaAOQGFwy9j7xrH5McFuNKcffadGMgQYLGh39ddOgBkCHlTHGRdabb4kzNPfJkmpn3M5AYLB5JauZlrLfk0k95QWnJ_fPx8Fk4NBnuc https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AaAOQGFwy9j7xrH5McFuNKcffadGMgQYLGh39ddOgBkCHlTHGRdabb4kzNPfJkmpn3M5AYLB5JauZlrLfk0k95QWnJ_fPx8Fk4NBnuc&google_cver=1&go...	170 B 188 B	80ms 71ms	Image image/png	142.250.176.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AaAOQGFwy9j7xrH5McFuNKcffadGMgQYLGh39ddOgBkCHlTHGRdabb4kzNPfJkmpn3M5AYLB5JauZlrLfk0k95QWnJ_fPx8Fk4NBnuc&google_cver=1&google_gid=CAESENnBL5YoBEPnHVbWLVB99Fs&google_hm=UTc0MzQzODUxMzEyMjU5NDU3NjVQ Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Server 142.250.176.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s37-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers pragma no-cache date Sun, 23 Jul 2023 22:41:53 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Sun, 23 Jul 2023 22:41:53 GMT Server Apache/2.4.6 (CentOS) X-Powered-By PHP/7.3.33 Vary Accept-Encoding P3P policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Location https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AaAOQGFwy9j7xrH5McFuNKcffadGMgQYLGh39ddOgBkCHlTHGRdabb4kzNPfJkmpn3M5AYLB5JauZlrLfk0k95QWnJ_fPx8Fk4NBnuc&google_cver=1&google_gid=CAESENnBL5YoBEPnHVbWLVB99Fs&google_hm=UTc0MzQzODUxMzEyMjU5NDU3NjVQ Content-Type text/html Cache-Control max-age=29616 Connection keep-alive Content-Length 154
GET H3	200	pixel cm.g.doubleclick.net/ Frame D8C0 Redirect Chain https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEEL-ilPYYEPll6MiHuJXurE&google_cver=1&google_push=AaAOQGFKa82a2ngg8Pf1Z2Iow-nPglWv0gJjWTSxzt5wjN-Sy86iB2qoB6Cj0iaWnjsGABY2nlFrQ... https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AaAOQGFKa82a2ngg8Pf1Z2Iow-nPglWv0gJjWTSxzt5wjN-Sy86iB2qoB6Cj0iaWnjsGABY2nlFrQ67-zB8OQdDMSAN8aCCrPsjkTY4	170 B 188 B	79ms 70ms	Image image/png	142.250.176.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AaAOQGFKa82a2ngg8Pf1Z2Iow-nPglWv0gJjWTSxzt5wjN-Sy86iB2qoB6Cj0iaWnjsGABY2nlFrQ67-zB8OQdDMSAN8aCCrPsjkTY4 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Server 142.250.176.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s37-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers pragma no-cache date Sun, 23 Jul 2023 22:41:53 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Sun, 23 Jul 2023 22:41:53 GMT x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: 306B8BBC28CC4CCDBC8961DF9AA1832F Ref B: EWR311000102037 Ref C: 2023-07-23T22:41:53Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-lor1 location https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AaAOQGFKa82a2ngg8Pf1Z2Iow-nPglWv0gJjWTSxzt5wjN-Sy86iB2qoB6Cj0iaWnjsGABY2nlFrQ67-zB8OQdDMSAN8aCCrPsjkTY4 x-li-proto http/2 content-length 0 x-li-uuid AAYBLzRY1V5kUzgB90uTjA==
GET H3	200	pixel cm.g.doubleclick.net/ Frame D8C0 Redirect Chain https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEOMEbAOUjO0a8farYEG7vLo&google_cver=... https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=Zjc4N2IzODEtYTBkNy00YmExLWE3NDItNTczYzU0YTA1ZmI2&google_gid=CAESEOMEbAOUjO0a8farYEG7vLo&google_cver=1&google_push=AaAOQGHv...	170 B 188 B	116ms 72ms	Image image/png	142.250.176.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=Zjc4N2IzODEtYTBkNy00YmExLWE3NDItNTczYzU0YTA1ZmI2&google_gid=CAESEOMEbAOUjO0a8farYEG7vLo&google_cver=1&google_push=AaAOQGHv_4CYUOioe83mu-RwvRIrcDskjBZ5jWkjFR0v80wOK3jEAouJluKxb67OHAB4taK16PVT1KOF40szrOPf9E7l2Tao5VcxxVQ Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Server 142.250.176.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s37-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers pragma no-cache date Sun, 23 Jul 2023 22:41:53 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=Zjc4N2IzODEtYTBkNy00YmExLWE3NDItNTczYzU0YTA1ZmI2&google_gid=CAESEOMEbAOUjO0a8farYEG7vLo&google_cver=1&google_push=AaAOQGHv_4CYUOioe83mu-RwvRIrcDskjBZ5jWkjFR0v80wOK3jEAouJluKxb67OHAB4taK16PVT1KOF40szrOPf9E7l2Tao5VcxxVQ date Sun, 23 Jul 2023 22:41:53 GMT strict-transport-security max-age=15724800; includeSubDomains content-length 0 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H/1.1	200 200	asr aid.send.microad.jp/g/ Frame D8C0	43 B 641 B	542ms 177ms	Image image/gif	202.233.84.1 MICROAD MicroAd
General Check archive.org Show headers Download Go to Show image Full URL https://aid.send.microad.jp/g/asr?google_gid=CAESEFYOTeDGq9yXZvZnfRbA-Ls&google_cver=1&google_push=AaAOQGE35QDJ6gubNNxI1o1owcZjI5KahAF1Rls7Ej-3azD9XHkjMMWrh8MxdnNRhwG6MY1GWTgirS6IbJ6gKSz6e3mWpquDRqz4sA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 202.233.84.1 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Security Headers Name Value Strict-Transport-Security max-age=3600 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers Date Sun, 23 Jul 2023 22:41:53 GMT Strict-Transport-Security max-age=3600 Server Apache P3P policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE" Access-Control-Allow-Origin * Content-Type image/gif Connection close Access-Control-Allow-Headers origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control Content-Length 43
GET H3	200	pixel cm.g.doubleclick.net/ Frame D8C0 Redirect Chain https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHm9KJVjBFwwd1cDqMilngI&google_cver=1&google_push=AaAOQGEegt4wRflgR4RcEcCJ4DdXiKR-f-lo4fVBByK5pTHzqfr5vbg5mWy5EUIZDVhzpEV6ai4VaGDC... https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHm9KJVjBFwwd1cDqMilngI&google_cver=1&google_push=AaAOQGEegt4wRflgR4RcEcCJ4DdXiKR-f-lo4fVBByK5pTHzqfr5vbg5mWy5EUIZDVhzpEV6ai4... https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njg0NzcwNTQ2NzU3OTQ1NTA0Mw&google_push=AaAOQGEegt4wRflgR4RcEcCJ4DdXiKR-f-lo4fVBByK5pTHzqfr5vbg5mWy5EUIZDVhzpEV6ai4VaG...	170 B 188 B	51ms 49ms	Image image/png	142.250.176.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njg0NzcwNTQ2NzU3OTQ1NTA0Mw&google_push=AaAOQGEegt4wRflgR4RcEcCJ4DdXiKR-f-lo4fVBByK5pTHzqfr5vbg5mWy5EUIZDVhzpEV6ai4VaGDCQbdcDJkH_cTapvK6d8gy_J4 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Server 142.250.176.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s37-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers pragma no-cache date Sun, 23 Jul 2023 22:41:53 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sun, 23 Jul 2023 22:41:53 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-max-age 86400 access-control-allow-methods GET location https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njg0NzcwNTQ2NzU3OTQ1NTA0Mw&google_push=AaAOQGEegt4wRflgR4RcEcCJ4DdXiKR-f-lo4fVBByK5pTHzqfr5vbg5mWy5EUIZDVhzpEV6ai4VaGDCQbdcDJkH_cTapvK6d8gy_J4 access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With content-length 0 expires -1
GET H3	200	pixel cm.g.doubleclick.net/ Frame D8C0 Redirect Chain https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESEMmCFcFgWtVzsT-xscRuHq0&google_cver=1&google_push=AaAOQGGEuPjsG2vXCRp7b5855e4Lr355RIpAY87uXl1sfuDd4V_T75kwlXm1VD_7mrL_Z0YlKjIPJpoKnYFb1yj... https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=h3r3HcumL0-cy2u62u4oGQ&google_push=AaAOQGGEuPjsG2vXCRp7b5855e4Lr355RIpAY87uXl1sfuDd4V_T75kwlXm1VD_7mrL_Z0YlKjIPJpoKnYFb1yjUz48HT0JoH...	170 B 188 B	118ms 73ms	Image image/png	142.250.176.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=h3r3HcumL0-cy2u62u4oGQ&google_push=AaAOQGGEuPjsG2vXCRp7b5855e4Lr355RIpAY87uXl1sfuDd4V_T75kwlXm1VD_7mrL_Z0YlKjIPJpoKnYFb1yjUz48HT0JoHyr1K7wf Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Server 142.250.176.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s37-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers pragma no-cache date Sun, 23 Jul 2023 22:41:53 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=h3r3HcumL0-cy2u62u4oGQ&google_push=AaAOQGGEuPjsG2vXCRp7b5855e4Lr355RIpAY87uXl1sfuDd4V_T75kwlXm1VD_7mrL_Z0YlKjIPJpoKnYFb1yjUz48HT0JoHyr1K7wf Date Sun, 23 Jul 2023 22:41:53 GMT Server Kestrel Connection keep-alive Content-Length 0
GET H2	200	spacer.gif an.yandex.ru/resource/ Frame D8C0 Redirect Chain https://an.yandex.ru/mapuid/google/CAESEAZ4L9UawxFOju4NZcxYa84?ext-param=AaAOQGEe-utf3PiT-_dtWYjR-UwDKpLKWdatlB2CNICfNwM7FXqj6npXEoMbTeNZm3_dzO1STnLjKEIN_2_uw-7mU2hXOlUXWe8Zj_aq&partner-tag=yandex_... https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEAZ4L9UawxFOju4NZcxYa84&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif https://an.yandex.ru/resource/spacer.gif	43 B 144 B	547ms 546ms	Image image/gif	2a02:6b8::90 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/resource/spacer.gif Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:53 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Wed, 18 Apr 2001 10:28:03 GMT content-type image/gif p3p CP="NOI DEVa TAIa OUR BUS UNI STA" timing-allow-origin * x-xss-protection 1; mode=block expires Sun, 07 Jul 2024 22:41:53 GMT Redirect headers pragma no-cache date Sun, 23 Jul 2023 22:41:53 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://an.yandex.ru/resource/spacer.gif p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 237 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	attr cm.g.doubleclick.net/pixel/ Frame D8C0	0 12 B	95ms 84ms	Image text/html	142.250.176.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LSJNAW1iiRd_JPfrqiEhqtAZfDu9Io8OwzGR7ygc-_darBWiW4m7-j5RRnauMFehYtSh77PhM Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.176.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s37-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:53 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H2	200	e2c08cd2728154352bf5.js Show response yastatic.net/partner-code-bundles/811264/	9 KB 4 KB	177ms 91ms	Script text/javascript	2a02:6b8:20::215 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/partner-code-bundles/811264/e2c08cd2728154352bf5.js Requested by Host: yastatic.net URL: https://yastatic.net/pcode/adfox/loader.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software nginx/1.17.9 / Resource Hash 0d460489737c3312aa807a8d4b33a94be0cb741636f03c4f412ee51cdbb36710 Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Referer https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Origin https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:53 GMT content-encoding br strict-transport-security max-age=43200000; includeSubDomains; nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} content-length 3556 last-modified Fri, 21 Jul 2023 12:54:35 GMT server nginx/1.17.9 etag "2dc0dfc284af1b6b8160d07387c705aa" vary Accept-Encoding report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=946708560 accept-ranges bytes timing-allow-origin * x-robots-tag noindex, noarchive, nofollow expires Wed, 23 Jul 2053 05:13:48 GMT
GET H3	200	adview googleads.g.doubleclick.net/pagead/ Frame 81BD	0 19 B	87ms 57ms	Image text/html	2607:f8b0:4006:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=C-UzQray9ZJOPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvQJP0FAxIDHQjn_OBE-waXHWgdm9cDx1gpdhaORFdoeTQvT7VAqzHi2bUZyRKhcZ2Q3hgiPyobMaLo-4rnHj4fqkOkfr78_GeVtYaqdrbdtI2FbgkAqz6iIrxQQzX8Uc_pHuOKZ0apei0yhNrh7uy0CumKKXeio7ZBeijXTn3RxjqHtQiIUC1Wmjlej6l3u_tL0UWLLuuivIA6Z_9TBVmnnS753vbelclmM3zsd-gAqCvhkEfc2A0Nd3TIb0IwK0KwpmQkcWFtglRKzyubSXl80UyB6iYHNhvNfZniCuaOrxW1BXpakphD8Dp59z1kSELQNCVjz4QzUr5dqY4fkTKxIVpyd9jdSEX5UDokOD1K0DjrDUkCDqD209eJX_9W5HoVPzVdF2Qk0NXRpYGJwA3RQeMPeBX7r0Xa8j_4lut4AGycf9-t347pIXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0xNjE4NTkyMjA1MDgzNzgwGAA&sigh=JOyb6traGYE&uach_m=[UACH]&cid=CAQSKQBpAlJWMthJeT9JtQ5pU0QMu1TEkrru-a8Z3Moq8nTyiAFPHOo9zzU1GAE&cbvp=2&vis=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80f::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Sun, 23 Jul 2023 22:41:53 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	notify rtb.va.us.criteo.com/google/auction/ Frame 81BD	0 125 B	69ms 35ms	Image text/plain	2620:100:a001::3 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=kOSJF836RO0HfOIinRcCAAAA7heiWihsFucQray9ZFMleoOoPjB1bb4AABIAAAoKQVFVQkNnRUJDZw&wp=ZL2srQAMh5MFKNxNAApLxecTK0pZheyfuCsMLA&cbvp=2 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:53 GMT strict-transport-security max-age=31536000; preload; server-processing-duration-in-ticks 238109 server Kestrel content-length 0
GET H/1.1	200 OK	dvbs_src_internal119.js Show response cdn.doubleverify.com/ Frame 593D	57 KB 19 KB	40ms 34ms	Script application/javascript	2600:141b:9000::1725:7bd1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.doubleverify.com/dvbs_src_internal119.js Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=13846930&cmp=29214310&plc=358196926&sid=1340728&dvregion=0&unit=200x600 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2600:141b:9000::1725:7bd1 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software UploadServer / Resource Hash 97570defe15fe0a83b49642f0ecf2dcc9c7400d21272372d3b140beb372bd08e Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers Date Sun, 23 Jul 2023 22:41:53 GMT Content-Encoding gzip Last-Modified Tue, 11 Jul 2023 08:57:31 GMT Server UploadServer ETag "4455786dc20506b8e54048c7119b5c5f" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Expose-Headers * Cache-Control max-age=946080000,no-transform Connection keep-alive Accept-Ranges bytes Content-Length 18798 Expires Thu, 11 Jul 2024 06:00:11 GMT
GET H/1.1	200 OK	dvbs_src_internal119.js Show response cdn.doubleverify.com/ Frame BDEF	57 KB 19 KB	39ms 31ms	Script application/javascript	2600:141b:9000::1725:7bd1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.doubleverify.com/dvbs_src_internal119.js Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=13846930&cmp=29214310&plc=358196926&sid=1340728&dvregion=0&unit=200x600 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2600:141b:9000::1725:7bd1 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software UploadServer / Resource Hash 97570defe15fe0a83b49642f0ecf2dcc9c7400d21272372d3b140beb372bd08e Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers Date Sun, 23 Jul 2023 22:41:53 GMT Content-Encoding gzip Last-Modified Tue, 11 Jul 2023 08:57:31 GMT Server UploadServer ETag "4455786dc20506b8e54048c7119b5c5f" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Expose-Headers * Cache-Control max-age=946080000,no-transform Connection keep-alive Accept-Ranges bytes Content-Length 18798 Expires Thu, 11 Jul 2024 06:00:11 GMT
GET H/1.1	200 OK	verify.js Show response rtb0.doubleverify.com/ Frame 593D	8 KB 4 KB	206ms 53ms	Script text/javascript	34.117.228.201 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_293066219937&jsTagObjCallback=__tagObject_callback_293066219937&num=6&ctx=13846930&cmp=29214310&plc=358196926&sid=1340728&advid=&adsrv=&unit=200x600&isdvvid=&uid=293066219937&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.30&dvpx_strhd=0.30&brid=3&brver=115&bridua=3&dup=null&srcurlD=1&ssl=1&refD=2&tagpb=1&htmlmsging=1&tstype=128&aUrlD=1&m1=13&noc=4&fcifrms=7&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=166&eparams=DC4FC%3Dl9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DA2J%5DD36C%5DA2J%5DB35%3CK%3D8%3FC%3A5fAh9%5D%3D%3BF5%3A%5C%3A%5C%3F6%3D%3BF5%3A%5C%60%5D3%40%40%3C%3EAb%5DCFTar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau25D%5DFD%5D4C%3AE6%40%5D4%40%3EU2%26C%3Dl9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETau&dvp_exetime=7.90&callbackName=__verify_callback_293066219937 Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dvbs_src_internal119.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 201.228.117.34.bc.googleusercontent.com Software / Resource Hash e69153479efcb5c4e0e558ea23d131762e0782384204a98f6c2dcb2bd085606b Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers Pragma no-cache Date Sun, 23 Jul 2023 22:41:53 GMT Content-Encoding br X-DV-Response 1 Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/javascript Cache-Control max-age=0 Connection keep-alive Timing-Allow-Origin * Expires 07/22/2023 22:41:53
GET H/1.1	200 OK	verify.js Show response rtb0.doubleverify.com/ Frame BDEF	8 KB 4 KB	207ms 54ms	Script text/javascript	34.117.228.201 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_649613569838&jsTagObjCallback=__tagObject_callback_649613569838&num=6&ctx=13846930&cmp=29214310&plc=358196926&sid=1340728&advid=&adsrv=&unit=200x600&isdvvid=&uid=649613569838&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.20&dvpx_strhd=0.20&brid=3&brver=115&bridua=3&dup=null&srcurlD=1&ssl=1&refD=2&tagpb=1&htmlmsging=1&tstype=128&aUrlD=1&m1=13&noc=4&fcifrms=7&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=166&eparams=DC4FC%3Dl9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DA2J%5DD36C%5DA2J%5DB35%3CK%3D8%3FC%3A5fAh9%5D%3D%3BF5%3A%5C%3A%5C%3F6%3D%3BF5%3A%5C%60%5D3%40%40%3C%3EAb%5DCFTar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau25D%5DFD%5D4C%3AE6%40%5D4%40%3EU2%26C%3Dl9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETau&dvp_exetime=3.60&callbackName=__verify_callback_649613569838 Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dvbs_src_internal119.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 201.228.117.34.bc.googleusercontent.com Software / Resource Hash 10bafb96087874e079e842e18c8e6d53a31e08254386f6c9f69cc2b9946e075f Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers Pragma no-cache Date Sun, 23 Jul 2023 22:41:53 GMT Content-Encoding br X-DV-Response 1 Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/javascript Cache-Control max-age=0 Connection keep-alive Timing-Allow-Origin * Expires 07/22/2023 22:41:53
POST H/1.1	204 No Content	bsevent.gif rtbc-ue1.doubleverify.com/ Frame BDEF	0 234 B	331ms 271ms	Ping text/plain	34.117.228.201 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://rtbc-ue1.doubleverify.com/bsevent.gif?flvr=0&impid=da0488bd3a5544f7949a05999869c5c8&vfdur=209&cbust=1690152113988839 Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dvbs_src_internal119.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 201.228.117.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers Access-Control-Allow-Origin * Pragma no-cache Date Sun, 23 Jul 2023 22:41:54 GMT Cache-Control max-age=0 Access-Control-Allow-Credentials true Connection keep-alive Expires 07/22/2023 22:41:54
POST H/1.1	204 No Content	bsevent.gif rtbc-ue1.doubleverify.com/ Frame BDEF	0 234 B	112ms 51ms	Ping text/plain	34.117.228.201 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://rtbc-ue1.doubleverify.com/bsevent.gif?flvr=0&impid=da0488bd3a5544f7949a05999869c5c8&dvp_ac_version=0810&dvp_acibv=&bsigr=19860153565696&cbust=1690152113997844 Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dvbs_src_internal119.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 201.228.117.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers Access-Control-Allow-Origin * Pragma no-cache Date Sun, 23 Jul 2023 22:41:54 GMT Cache-Control max-age=0 Access-Control-Allow-Credentials true Connection keep-alive Expires 07/22/2023 22:41:54
POST H/1.1	204 No Content	bsevent.gif rtbc-ue1.doubleverify.com/ Frame 593D	0 234 B	127ms 43ms	Ping text/plain	34.117.228.201 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://rtbc-ue1.doubleverify.com/bsevent.gif?flvr=0&impid=bb36a87f70b94d7baba3b0619bf803fe&vfdur=213&cbust=1690152114000796 Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dvbs_src_internal119.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 201.228.117.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers Access-Control-Allow-Origin * Pragma no-cache Date Sun, 23 Jul 2023 22:41:54 GMT Cache-Control max-age=0 Access-Control-Allow-Credentials true Connection keep-alive Expires 07/22/2023 22:41:54
POST H/1.1	204 No Content	bsevent.gif rtbc-ue1.doubleverify.com/ Frame 593D	0 234 B	124ms 42ms	Ping text/plain	34.117.228.201 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://rtbc-ue1.doubleverify.com/bsevent.gif?flvr=0&impid=bb36a87f70b94d7baba3b0619bf803fe&dvp_ac_version=0810&dvp_acibv=&bsigr=19860153565696&cbust=1690152114005538 Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dvbs_src_internal119.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 201.228.117.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers Access-Control-Allow-Origin * Pragma no-cache Date Sun, 23 Jul 2023 22:41:54 GMT Cache-Control max-age=0 Access-Control-Allow-Credentials true Connection keep-alive Expires 07/22/2023 22:41:54
GET H/1.1	200 OK	dv-measurements4309.js Show response cdn.doubleverify.com/ Frame FD3E	408 KB 96 KB	31ms 30ms	Script application/javascript	2600:141b:9000::1725:7bd1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.doubleverify.com/dv-measurements4309.js Requested by Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2600:141b:9000::1725:7bd1 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software UploadServer / Resource Hash 25d1cde624df137918b7861bc972b4358f954b5b4eb8674e6b2f946cc8e05085 Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers Date Sun, 23 Jul 2023 22:41:54 GMT Content-Encoding gzip Last-Modified Thu, 20 Jul 2023 07:20:43 GMT Server UploadServer ETag "b189cf48f6797685f85ca25711b373f6" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Expose-Headers * Cache-Control max-age=946080900,no-transform Connection keep-alive Accept-Ranges bytes Content-Length 97578 Expires Fri, 19 Jul 2024 07:21:52 GMT
GET H/1.1	200 OK	dv-measurements4309.js Show response cdn.doubleverify.com/ Frame DE2D	408 KB 96 KB	32ms 31ms	Script application/javascript	2600:141b:9000::1725:7bd1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.doubleverify.com/dv-measurements4309.js Requested by Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2600:141b:9000::1725:7bd1 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software UploadServer / Resource Hash 25d1cde624df137918b7861bc972b4358f954b5b4eb8674e6b2f946cc8e05085 Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers Date Sun, 23 Jul 2023 22:41:54 GMT Content-Encoding gzip Last-Modified Thu, 20 Jul 2023 07:20:43 GMT Server UploadServer ETag "b189cf48f6797685f85ca25711b373f6" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Expose-Headers * Cache-Control max-age=946080900,no-transform Connection keep-alive Accept-Ranges bytes Content-Length 97578 Expires Fri, 19 Jul 2024 07:21:52 GMT
GET H2	200	webfontloader.js Show response cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame BDEF	12 KB 5 KB	100ms 35ms	Script application/javascript	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5UFKNxNAApLxfHDqOKPtAWOCWnI1A&u=%7CSjDzQLoKHiu%2FHvtcMH2GIp%2BUpmMJy17Qx3YskfURbe4%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv8woe_caJE_VUAicvkuo4T4WuabUPEUl3LeKzAq_pgTek-KblTtvdwbtUm5EnXa_EpKX7NBZFrgFRvbSDW4ZgPknzANXSqeQhVssTmp8HPODGB1YTUM_VRwYXAIRWcjPZOTJFCJALJpKAHkBLr0hJzP-B30IwWo5-uNkZIvIHSaSptMNoUlkrRgcLTwYixLsmHLvbQxaFohAZ9WbsD3ThQhk-R0I1TYADCvCl2Emijc6nzVZpR9zseC1MNkKBFCnrFZu6w2WLMssbU8yy1bjtK01D1BMNmZ-Gjvd-7S6T3kNU_kbOLEJ-kdFZ5tTbBqvKXiFDa5DJyZpo-PVwS7B2UtBpLiQwF6vm3UeV1EjZgEeGiecYADMA8ZleWdXtAPhnbakoTywcrtpzCeiKBKk1nLUoxfk3n7gejjSaHw9MmxuwszorHbqyoajrZeD_rpmeOxLKttZyS5Q1uaOuxC2wnGCwiOMdyYgPz21o3LqitUOQvKn1jfgVT4ZOEHVmXqRlAEq4TiIGM9IM_q774lwakA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRBCtray9ZJWPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0BTlMUhuBlZKl-3E-7xxCFSS3ePazj0-EdIxKbBm8DEMcJjoXroi8Wts3wSpE1XTNqlviiuDGx2SvmOfKCOuHOm17zhTptml28Ee_H5Voy4u4m1bKvUKkBtkZiAGysySEEzOi52z7tKzrpwIU349b1rJx2ZLREfgKtv8c_gnSnzmT76IbxuG_QrykK_fNVA_jrnxHRWbTB7wmOMeZmntIOT1w-3jyUJpYS8VNs85R0cYARVgiUkVA9B_Zg1ZgtgoWZy4ug94OTs6LxpBfOiEye4p66prgGH7WGa7xIthICvcFxEGxSD_cz-mhH0uQFPYVk2K_nY2p8l9vwHlL7CFwGk1402N3u38W22N0kEr39k-N2Bz6nb8fJI0hnLHRKoNjdTwmWirEgAM_Yt5rSUP5om8rPD2gje53BHzFctIgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3uvvs6CwprmmrFVVTiB1hl4mqEuA%26client%3Dca-pub-1618592205083780%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:54 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 1404656 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 4420 last-modified Mon, 04 May 2020 16:17:52 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb04030-30d9" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CzCwYcM%2B8GbfUNfv0E9%2Fp0KovNB6cjsIoAisWDsJ5XLPzn%2F%2BpJVWbPS1w6RSJkZ%2B0Wb5542gq5lRHfgOS7lWs6INPC0vuXNpk%2BoVeS3HfNzKIvWOF38tJSCgRtQDlpEx0xm0iwRm9UMviRn8N0TolveJ"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 7eb76ef9beb04bbd-BUF expires Fri, 12 Jul 2024 22:41:54 GMT
GET H2	200	animejs.js Show response static.criteo.net/animejs/ Frame BDEF	12 KB 6 KB	35ms 34ms	Script text/javascript	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/animejs/animejs.js Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5UFKNxNAApLxfHDqOKPtAWOCWnI1A&u=%7CSjDzQLoKHiu%2FHvtcMH2GIp%2BUpmMJy17Qx3YskfURbe4%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv8woe_caJE_VUAicvkuo4T4WuabUPEUl3LeKzAq_pgTek-KblTtvdwbtUm5EnXa_EpKX7NBZFrgFRvbSDW4ZgPknzANXSqeQhVssTmp8HPODGB1YTUM_VRwYXAIRWcjPZOTJFCJALJpKAHkBLr0hJzP-B30IwWo5-uNkZIvIHSaSptMNoUlkrRgcLTwYixLsmHLvbQxaFohAZ9WbsD3ThQhk-R0I1TYADCvCl2Emijc6nzVZpR9zseC1MNkKBFCnrFZu6w2WLMssbU8yy1bjtK01D1BMNmZ-Gjvd-7S6T3kNU_kbOLEJ-kdFZ5tTbBqvKXiFDa5DJyZpo-PVwS7B2UtBpLiQwF6vm3UeV1EjZgEeGiecYADMA8ZleWdXtAPhnbakoTywcrtpzCeiKBKk1nLUoxfk3n7gejjSaHw9MmxuwszorHbqyoajrZeD_rpmeOxLKttZyS5Q1uaOuxC2wnGCwiOMdyYgPz21o3LqitUOQvKn1jfgVT4ZOEHVmXqRlAEq4TiIGM9IM_q774lwakA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRBCtray9ZJWPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0BTlMUhuBlZKl-3E-7xxCFSS3ePazj0-EdIxKbBm8DEMcJjoXroi8Wts3wSpE1XTNqlviiuDGx2SvmOfKCOuHOm17zhTptml28Ee_H5Voy4u4m1bKvUKkBtkZiAGysySEEzOi52z7tKzrpwIU349b1rJx2ZLREfgKtv8c_gnSnzmT76IbxuG_QrykK_fNVA_jrnxHRWbTB7wmOMeZmntIOT1w-3jyUJpYS8VNs85R0cYARVgiUkVA9B_Zg1ZgtgoWZy4ug94OTs6LxpBfOiEye4p66prgGH7WGa7xIthICvcFxEGxSD_cz-mhH0uQFPYVk2K_nY2p8l9vwHlL7CFwGk1402N3u38W22N0kEr39k-N2Bz6nb8fJI0hnLHRKoNjdTwmWirEgAM_Yt5rSUP5om8rPD2gje53BHzFctIgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3uvvs6CwprmmrFVVTiB1hl4mqEuA%26client%3Dca-pub-1618592205083780%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:54 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Tue, 26 Mar 2019 17:44:11 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5c9a64eb-3181" content-type text/javascript access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Wed, 17 Jul 2024 22:41:54 GMT
GET H2	200	webfontloader.js Show response cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 593D	12 KB 5 KB	69ms 37ms	Script application/javascript	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5QFKNxNAApLxcfAYaMUBXzK6NraFA&u=%7CSjDzQLoKHiuKzFT8OZYMKpD6EKoZ1VzCRIJX3j2d7Wc%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv2s2u2dplnKJtVkuzLzx_KV4fN7d1ufgtaTz-Ku7eGDRd5R4EKT3I_GMMLHiGjs_TodfHlURqc7LuTzRQ3slKmZ8DQsjiL3h8nvC3T8_zTZRKLvKkEdkqcXGwMnqvz2sVffV3WjPpV1OBSwIZsXQH_mMosLJ_qqzNf7Y2Nu5kXXCAvvVSBIlPk29qGnS03mwSFnVv5ZvqXWsJdm3P618DjbVnDITmANU-LplsDG30tWNuJtdi5wqmAKJIGSWluPZQ7MQQf-pKq4ymOx5DU1AtOlNXDmvT4i0gU2TZMCuMqRZE5LNMyWdyy0VCnvrcyMG_Msvv1rQu00Ei66O_JGo0N89btVJEU3zQSQ-QnD1rXVND9y6CDelEXPBU8Kgs2xgddtTqq_lmYouufidv_dF0CPFbwOVChR-g2OuNsWgFIuVGoz5qkEx2CwfYQXxwNolP-DadjGuIbRFtFIApZbcrhsU-ncXpTHeu6WPz4YuB5gt5E04owbleLtAF66UB4jJeT0VhlEFT_Xf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHBghray9ZJSPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0AiGg0LW9IZGpNTTCpmHAISEqvNmnc8TM3xu6WmZHgq1Qqquh2H71cg6mgmwOlYpzeOhssMf61DChKa3xtFTsrAbuZmdYtVi9k_PYYfoWCL0fSdogIjSGWcApsse1SkuyeF5erG5RsfHukps-Hs1tQH_QHNt8WvAzSd_-fBZ7nePAhoAx6Le1dGG2Bt4lPlQdnziGsNK8r69l3CVkWmMpXrKRw8BetKjCNxJp6BWrkYgk_aNdXeWaECyHRhz9E5wR71DMAhiMZn7m457UtQBrIsPtELAd34ioQQw57aF_pfN4ByU6rXhk0wUoNP3uRIGkWYD-h29WqzP5kR5o_JsUHQSi7Ne7geHvyXiNTJBQxSY_VMttLjBIgICrT4OlISyCwNYnvbMZUzVQ5m1ThvcC5G8eF48UIrepPu1lz4mgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3K-I8gnC4nlhQ0RUUUFC8dxv_unw%26client%3Dca-pub-1618592205083780%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:54 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 1404656 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 4420 last-modified Mon, 04 May 2020 16:17:52 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb04030-30d9" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LU1VgP5v8dRfjPHscKD%2Fd%2FMx%2BPlJ8zpkM6uv3qQpTasIQTIuGjET7F1sA0mq%2Fg0q8ya0Jv1Rcy%2FzFMYoz%2BVqN8pqRnc9lrzNf7sV1oZGI524eIOBteFh971MHSi1h9Abzso2CuHJQqriINPZ%2FRDLB83K"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 7eb76ef9beb14bbd-BUF expires Fri, 12 Jul 2024 22:41:54 GMT
GET H2	200	animejs.js Show response static.criteo.net/animejs/ Frame 593D	12 KB 6 KB	34ms 33ms	Script text/javascript	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/animejs/animejs.js Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5QFKNxNAApLxcfAYaMUBXzK6NraFA&u=%7CSjDzQLoKHiuKzFT8OZYMKpD6EKoZ1VzCRIJX3j2d7Wc%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv2s2u2dplnKJtVkuzLzx_KV4fN7d1ufgtaTz-Ku7eGDRd5R4EKT3I_GMMLHiGjs_TodfHlURqc7LuTzRQ3slKmZ8DQsjiL3h8nvC3T8_zTZRKLvKkEdkqcXGwMnqvz2sVffV3WjPpV1OBSwIZsXQH_mMosLJ_qqzNf7Y2Nu5kXXCAvvVSBIlPk29qGnS03mwSFnVv5ZvqXWsJdm3P618DjbVnDITmANU-LplsDG30tWNuJtdi5wqmAKJIGSWluPZQ7MQQf-pKq4ymOx5DU1AtOlNXDmvT4i0gU2TZMCuMqRZE5LNMyWdyy0VCnvrcyMG_Msvv1rQu00Ei66O_JGo0N89btVJEU3zQSQ-QnD1rXVND9y6CDelEXPBU8Kgs2xgddtTqq_lmYouufidv_dF0CPFbwOVChR-g2OuNsWgFIuVGoz5qkEx2CwfYQXxwNolP-DadjGuIbRFtFIApZbcrhsU-ncXpTHeu6WPz4YuB5gt5E04owbleLtAF66UB4jJeT0VhlEFT_Xf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHBghray9ZJSPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0AiGg0LW9IZGpNTTCpmHAISEqvNmnc8TM3xu6WmZHgq1Qqquh2H71cg6mgmwOlYpzeOhssMf61DChKa3xtFTsrAbuZmdYtVi9k_PYYfoWCL0fSdogIjSGWcApsse1SkuyeF5erG5RsfHukps-Hs1tQH_QHNt8WvAzSd_-fBZ7nePAhoAx6Le1dGG2Bt4lPlQdnziGsNK8r69l3CVkWmMpXrKRw8BetKjCNxJp6BWrkYgk_aNdXeWaECyHRhz9E5wR71DMAhiMZn7m457UtQBrIsPtELAd34ioQQw57aF_pfN4ByU6rXhk0wUoNP3uRIGkWYD-h29WqzP5kR5o_JsUHQSi7Ne7geHvyXiNTJBQxSY_VMttLjBIgICrT4OlISyCwNYnvbMZUzVQ5m1ThvcC5G8eF48UIrepPu1lz4mgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3K-I8gnC4nlhQ0RUUUFC8dxv_unw%26client%3Dca-pub-1618592205083780%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:54 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Tue, 26 Mar 2019 17:44:11 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5c9a64eb-3181" content-type text/javascript access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Wed, 17 Jul 2024 22:41:54 GMT
POST H2	200	all csm.us.criteo.net/ Frame BDEF	0 127 B	30ms 29ms	Ping text/plain	2620:100:a001::16 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://csm.us.criteo.net/all?cppv=3&cpp=AGQ5Ik5XRp0-3kmAmD1hOfkZarC76cmtbcIu6bIuJR8BRGoBjKBsUph6a5IVcyZesgQrtm-XVwrbTq_EVEa8n8F0dYQu4I4lTZe70M0Nsu6bwBjVh3JI6w2RePkJ9cpMjHSXaNQwslP9wD7n941OpW1jERnuFY30gOFBsUQ1L2P5IM0qSCyLBWTfYdLTPmT_2wjSMrv6DRRmsRABvCWW44do7FEGLTZ5yyoxBTUOtR5efycvkr86jXTxMcZ5c9N1o9MgAw&sds=2&rev=87574&sendBeacon=true Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5UFKNxNAApLxfHDqOKPtAWOCWnI1A&u=%7CSjDzQLoKHiu%2FHvtcMH2GIp%2BUpmMJy17Qx3YskfURbe4%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv8woe_caJE_VUAicvkuo4T4WuabUPEUl3LeKzAq_pgTek-KblTtvdwbtUm5EnXa_EpKX7NBZFrgFRvbSDW4ZgPknzANXSqeQhVssTmp8HPODGB1YTUM_VRwYXAIRWcjPZOTJFCJALJpKAHkBLr0hJzP-B30IwWo5-uNkZIvIHSaSptMNoUlkrRgcLTwYixLsmHLvbQxaFohAZ9WbsD3ThQhk-R0I1TYADCvCl2Emijc6nzVZpR9zseC1MNkKBFCnrFZu6w2WLMssbU8yy1bjtK01D1BMNmZ-Gjvd-7S6T3kNU_kbOLEJ-kdFZ5tTbBqvKXiFDa5DJyZpo-PVwS7B2UtBpLiQwF6vm3UeV1EjZgEeGiecYADMA8ZleWdXtAPhnbakoTywcrtpzCeiKBKk1nLUoxfk3n7gejjSaHw9MmxuwszorHbqyoajrZeD_rpmeOxLKttZyS5Q1uaOuxC2wnGCwiOMdyYgPz21o3LqitUOQvKn1jfgVT4ZOEHVmXqRlAEq4TiIGM9IM_q774lwakA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRBCtray9ZJWPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0BTlMUhuBlZKl-3E-7xxCFSS3ePazj0-EdIxKbBm8DEMcJjoXroi8Wts3wSpE1XTNqlviiuDGx2SvmOfKCOuHOm17zhTptml28Ee_H5Voy4u4m1bKvUKkBtkZiAGysySEEzOi52z7tKzrpwIU349b1rJx2ZLREfgKtv8c_gnSnzmT76IbxuG_QrykK_fNVA_jrnxHRWbTB7wmOMeZmntIOT1w-3jyUJpYS8VNs85R0cYARVgiUkVA9B_Zg1ZgtgoWZy4ug94OTs6LxpBfOiEye4p66prgGH7WGa7xIthICvcFxEGxSD_cz-mhH0uQFPYVk2K_nY2p8l9vwHlL7CFwGk1402N3u38W22N0kEr39k-N2Bz6nb8fJI0hnLHRKoNjdTwmWirEgAM_Yt5rSUP5om8rPD2gje53BHzFctIgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3uvvs6CwprmmrFVVTiB1hl4mqEuA%26client%3Dca-pub-1618592205083780%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://ads.us.criteo.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * date Sun, 23 Jul 2023 22:41:54 GMT strict-transport-security max-age=31536000; preload; cross-origin-resource-policy cross-origin server Finatra content-length 0
GET H2	200	criteo_logo_2021.svg static.criteo.net/flash/icon/ Frame BDEF	2 KB 1 KB	31ms 31ms	Image image/svg+xml	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/criteo_logo_2021.svg Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5UFKNxNAApLxfHDqOKPtAWOCWnI1A&u=%7CSjDzQLoKHiu%2FHvtcMH2GIp%2BUpmMJy17Qx3YskfURbe4%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv8woe_caJE_VUAicvkuo4T4WuabUPEUl3LeKzAq_pgTek-KblTtvdwbtUm5EnXa_EpKX7NBZFrgFRvbSDW4ZgPknzANXSqeQhVssTmp8HPODGB1YTUM_VRwYXAIRWcjPZOTJFCJALJpKAHkBLr0hJzP-B30IwWo5-uNkZIvIHSaSptMNoUlkrRgcLTwYixLsmHLvbQxaFohAZ9WbsD3ThQhk-R0I1TYADCvCl2Emijc6nzVZpR9zseC1MNkKBFCnrFZu6w2WLMssbU8yy1bjtK01D1BMNmZ-Gjvd-7S6T3kNU_kbOLEJ-kdFZ5tTbBqvKXiFDa5DJyZpo-PVwS7B2UtBpLiQwF6vm3UeV1EjZgEeGiecYADMA8ZleWdXtAPhnbakoTywcrtpzCeiKBKk1nLUoxfk3n7gejjSaHw9MmxuwszorHbqyoajrZeD_rpmeOxLKttZyS5Q1uaOuxC2wnGCwiOMdyYgPz21o3LqitUOQvKn1jfgVT4ZOEHVmXqRlAEq4TiIGM9IM_q774lwakA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRBCtray9ZJWPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0BTlMUhuBlZKl-3E-7xxCFSS3ePazj0-EdIxKbBm8DEMcJjoXroi8Wts3wSpE1XTNqlviiuDGx2SvmOfKCOuHOm17zhTptml28Ee_H5Voy4u4m1bKvUKkBtkZiAGysySEEzOi52z7tKzrpwIU349b1rJx2ZLREfgKtv8c_gnSnzmT76IbxuG_QrykK_fNVA_jrnxHRWbTB7wmOMeZmntIOT1w-3jyUJpYS8VNs85R0cYARVgiUkVA9B_Zg1ZgtgoWZy4ug94OTs6LxpBfOiEye4p66prgGH7WGa7xIthICvcFxEGxSD_cz-mhH0uQFPYVk2K_nY2p8l9vwHlL7CFwGk1402N3u38W22N0kEr39k-N2Bz6nb8fJI0hnLHRKoNjdTwmWirEgAM_Yt5rSUP5om8rPD2gje53BHzFctIgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3uvvs6CwprmmrFVVTiB1hl4mqEuA%26client%3Dca-pub-1618592205083780%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:54 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Thu, 27 May 2021 13:21:59 GMT server nginx cross-origin-embedder-policy require-corp etag W/"60af9cf7-891" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Wed, 17 Jul 2024 22:41:54 GMT
GET H2	200	privacy.svg static.criteo.net/flash/icon/ Frame BDEF	2 KB 1 KB	31ms 31ms	Image image/svg+xml	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/privacy.svg Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5UFKNxNAApLxfHDqOKPtAWOCWnI1A&u=%7CSjDzQLoKHiu%2FHvtcMH2GIp%2BUpmMJy17Qx3YskfURbe4%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv8woe_caJE_VUAicvkuo4T4WuabUPEUl3LeKzAq_pgTek-KblTtvdwbtUm5EnXa_EpKX7NBZFrgFRvbSDW4ZgPknzANXSqeQhVssTmp8HPODGB1YTUM_VRwYXAIRWcjPZOTJFCJALJpKAHkBLr0hJzP-B30IwWo5-uNkZIvIHSaSptMNoUlkrRgcLTwYixLsmHLvbQxaFohAZ9WbsD3ThQhk-R0I1TYADCvCl2Emijc6nzVZpR9zseC1MNkKBFCnrFZu6w2WLMssbU8yy1bjtK01D1BMNmZ-Gjvd-7S6T3kNU_kbOLEJ-kdFZ5tTbBqvKXiFDa5DJyZpo-PVwS7B2UtBpLiQwF6vm3UeV1EjZgEeGiecYADMA8ZleWdXtAPhnbakoTywcrtpzCeiKBKk1nLUoxfk3n7gejjSaHw9MmxuwszorHbqyoajrZeD_rpmeOxLKttZyS5Q1uaOuxC2wnGCwiOMdyYgPz21o3LqitUOQvKn1jfgVT4ZOEHVmXqRlAEq4TiIGM9IM_q774lwakA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRBCtray9ZJWPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0BTlMUhuBlZKl-3E-7xxCFSS3ePazj0-EdIxKbBm8DEMcJjoXroi8Wts3wSpE1XTNqlviiuDGx2SvmOfKCOuHOm17zhTptml28Ee_H5Voy4u4m1bKvUKkBtkZiAGysySEEzOi52z7tKzrpwIU349b1rJx2ZLREfgKtv8c_gnSnzmT76IbxuG_QrykK_fNVA_jrnxHRWbTB7wmOMeZmntIOT1w-3jyUJpYS8VNs85R0cYARVgiUkVA9B_Zg1ZgtgoWZy4ug94OTs6LxpBfOiEye4p66prgGH7WGa7xIthICvcFxEGxSD_cz-mhH0uQFPYVk2K_nY2p8l9vwHlL7CFwGk1402N3u38W22N0kEr39k-N2Bz6nb8fJI0hnLHRKoNjdTwmWirEgAM_Yt5rSUP5om8rPD2gje53BHzFctIgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3uvvs6CwprmmrFVVTiB1hl4mqEuA%26client%3Dca-pub-1618592205083780%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash 095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:54 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Wed, 19 Feb 2020 10:57:21 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5e4d1491-646" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Wed, 17 Jul 2024 22:41:54 GMT
GET H/1.1	200 OK	visit.js Show response tps.doubleverify.com/ Frame FD3E	8 KB 4 KB	190ms 54ms	Script text/javascript	34.117.228.201 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=189&ttfrms=31&brid=3&brver=115.0.5790.102&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DA2J%5DD36C%5DA2J%5DB35%3CK%3D8%3FC%3A5fAh9%5D%3D%3BF5%3A%5C%3A%5C%3F6%3D%3BF5%3A%5C%60%5D3%40%40%3C%3EAb%5DCFTar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau25D%5DFD%5D4C%3AE6%40%5D4%40%3E&srcurlD=1&aUrlD=0&ssl=https:&dfs=287&ddur=243&uid=1690152114232925&jsCallback=dvCallback_1690152114232307&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.102%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=0&winw=0&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=4309&tgjsver=4309&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fads.us.criteo.com%2Fdelivery%2Fr%2Fafr.php%3Fz%3DZL2srQAMh5UFKNxNAApLxfHDqOKPtAWOCWnI1A%26u%3D%257CSjDzQLoKHiu%252FHvtcMH2GIp%252BUpmMJy17Qx3YskfURbe4%253D%257C%26c1%3Dm7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv8woe_caJE_VUAicvkuo4T4WuabUPEUl3LeKzAq_pgTek-KblTtvdwbtUm5EnXa_EpKX7NBZFrgFRvbSDW4ZgPknzANXSqeQhVssTmp8HPODGB1YTUM_VRwYXAIRWcjPZOTJFCJALJpKAHkBLr0hJzP-B30IwWo5-uNkZIvIHSaSptMNoUlkrRgcLTwYixLsmHLvbQxaFohAZ9WbsD3ThQhk-R0I1TYADCvCl2Emijc6nzVZpR9zseC1MNkKBFCnrFZu6w2WLMssbU8yy1bjtK01D1BMNmZ-Gjvd-7S6T3kNU_kbOLEJ-kdFZ5tTbBqvKXiFDa5DJyZpo-PVwS7B2UtBpLiQwF6vm3UeV1EjZgEeGiecYADMA8ZleWdXtAPhnbakoTywcrtpzCeiKBKk1nLUoxfk3n7gejjSaHw9MmxuwszorHbqyoajrZeD_rpmeOxLKttZyS5Q1uaOuxC2wnGCwiOMdyYgPz21o3LqitUOQvKn1jfgVT4ZOEHVmXqRlAEq4TiIGM9IM_q774lwakA%26ct0%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCRBCtray9ZJWPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0BTlMUhuBlZKl-3E-7xxCFSS3ePazj0-EdIxKbBm8DEMcJjoXroi8Wts3wSpE1XTNqlviiuDGx2SvmOfKCOuHOm17zhTptml28Ee_H5Voy4u4m1bKvUKkBtkZiAGysySEEzOi52z7tKzrpwIU349b1rJx2ZLREfgKtv8c_gnSnzmT76IbxuG_QrykK_fNVA_jrnxHRWbTB7wmOMeZmntIOT1w-3jyUJpYS8VNs85R0cYARVgiUkVA9B_Zg1ZgtgoWZy4ug94OTs6LxpBfOiEye4p66prgGH7WGa7xIthICvcFxEGxSD_cz-mhH0uQFPYVk2K_nY2p8l9vwHlL7CFwGk1402N3u38W22N0kEr39k-N2Bz6nb8fJI0hnLHRKoNjdTwmWirEgAM_Yt5rSUP5om8rPD2gje53BHzFctIgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3uvvs6CwprmmrFVVTiB1hl4mqEuA%2526client%253Dca-pub-1618592205083780%2526adurl%253D&fcifrms=7&brh=2&sdf=2&dvp_epl=338&noc=4&nav_pltfrm=Win32&ctx=13846930&cmp=29214310&sid=1340728&plc=358196926&btreg=banner_content&btadsrv=banner_content&adsrv=169&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=31086952815.440697&dvp_tukv=811411757143.6578&dvp_strhd=0.6999969482421875&dvpx_strhd=0.6999969482421875&dvp_tuid=1101485266467&jurtd=756585710 Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dv-measurements4309.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 201.228.117.34.bc.googleusercontent.com Software / Resource Hash a83dc47ccbe8f2760dff8f6c479a1f2e96aae96a95b1b4bf84420b7667f7fc51 Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers Pragma no-cache Date Sun, 23 Jul 2023 22:41:54 GMT Content-Encoding br Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/javascript Cache-Control max-age=0 Connection keep-alive Timing-Allow-Origin * Expires 07/22/2023 22:41:54
POST H2	200	all csm.us.criteo.net/ Frame 593D	0 127 B	30ms 29ms	Ping text/plain	2620:100:a001::16 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://csm.us.criteo.net/all?cppv=3&cpp=KpzLkU5XRp0-3kmA9spnG-_H7VScIidpARH0Rte5zRtKdh3oeGV6KF2MoUjaAULAdSuzgPy37GxMjKCiIXCNKZJ9gf_-cpf8a8jhKsmTYAdwzD6kGIiOg9vESKWxAZkK8ygSghpyFUerU4RrZcY56f2CBYPivqvA1wQFhd50gbyIpy71j7RBa1bw3c2mmOiAHwDRFvGbIE1f862typX9JVg6k3LFJQLzAl-h7ddC9FU_1a5al5bs92z7PueqSXogS9OKUxfT6qEEuTpG&sds=2&rev=87574&sendBeacon=true Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5QFKNxNAApLxcfAYaMUBXzK6NraFA&u=%7CSjDzQLoKHiuKzFT8OZYMKpD6EKoZ1VzCRIJX3j2d7Wc%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv2s2u2dplnKJtVkuzLzx_KV4fN7d1ufgtaTz-Ku7eGDRd5R4EKT3I_GMMLHiGjs_TodfHlURqc7LuTzRQ3slKmZ8DQsjiL3h8nvC3T8_zTZRKLvKkEdkqcXGwMnqvz2sVffV3WjPpV1OBSwIZsXQH_mMosLJ_qqzNf7Y2Nu5kXXCAvvVSBIlPk29qGnS03mwSFnVv5ZvqXWsJdm3P618DjbVnDITmANU-LplsDG30tWNuJtdi5wqmAKJIGSWluPZQ7MQQf-pKq4ymOx5DU1AtOlNXDmvT4i0gU2TZMCuMqRZE5LNMyWdyy0VCnvrcyMG_Msvv1rQu00Ei66O_JGo0N89btVJEU3zQSQ-QnD1rXVND9y6CDelEXPBU8Kgs2xgddtTqq_lmYouufidv_dF0CPFbwOVChR-g2OuNsWgFIuVGoz5qkEx2CwfYQXxwNolP-DadjGuIbRFtFIApZbcrhsU-ncXpTHeu6WPz4YuB5gt5E04owbleLtAF66UB4jJeT0VhlEFT_Xf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHBghray9ZJSPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0AiGg0LW9IZGpNTTCpmHAISEqvNmnc8TM3xu6WmZHgq1Qqquh2H71cg6mgmwOlYpzeOhssMf61DChKa3xtFTsrAbuZmdYtVi9k_PYYfoWCL0fSdogIjSGWcApsse1SkuyeF5erG5RsfHukps-Hs1tQH_QHNt8WvAzSd_-fBZ7nePAhoAx6Le1dGG2Bt4lPlQdnziGsNK8r69l3CVkWmMpXrKRw8BetKjCNxJp6BWrkYgk_aNdXeWaECyHRhz9E5wR71DMAhiMZn7m457UtQBrIsPtELAd34ioQQw57aF_pfN4ByU6rXhk0wUoNP3uRIGkWYD-h29WqzP5kR5o_JsUHQSi7Ne7geHvyXiNTJBQxSY_VMttLjBIgICrT4OlISyCwNYnvbMZUzVQ5m1ThvcC5G8eF48UIrepPu1lz4mgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3K-I8gnC4nlhQ0RUUUFC8dxv_unw%26client%3Dca-pub-1618592205083780%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://ads.us.criteo.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * date Sun, 23 Jul 2023 22:41:53 GMT strict-transport-security max-age=31536000; preload; cross-origin-resource-policy cross-origin server Finatra content-length 0
GET H2	200	criteo_logo_2021.svg static.criteo.net/flash/icon/ Frame 593D	2 KB 1 KB	31ms 31ms	Image image/svg+xml	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/criteo_logo_2021.svg Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5QFKNxNAApLxcfAYaMUBXzK6NraFA&u=%7CSjDzQLoKHiuKzFT8OZYMKpD6EKoZ1VzCRIJX3j2d7Wc%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv2s2u2dplnKJtVkuzLzx_KV4fN7d1ufgtaTz-Ku7eGDRd5R4EKT3I_GMMLHiGjs_TodfHlURqc7LuTzRQ3slKmZ8DQsjiL3h8nvC3T8_zTZRKLvKkEdkqcXGwMnqvz2sVffV3WjPpV1OBSwIZsXQH_mMosLJ_qqzNf7Y2Nu5kXXCAvvVSBIlPk29qGnS03mwSFnVv5ZvqXWsJdm3P618DjbVnDITmANU-LplsDG30tWNuJtdi5wqmAKJIGSWluPZQ7MQQf-pKq4ymOx5DU1AtOlNXDmvT4i0gU2TZMCuMqRZE5LNMyWdyy0VCnvrcyMG_Msvv1rQu00Ei66O_JGo0N89btVJEU3zQSQ-QnD1rXVND9y6CDelEXPBU8Kgs2xgddtTqq_lmYouufidv_dF0CPFbwOVChR-g2OuNsWgFIuVGoz5qkEx2CwfYQXxwNolP-DadjGuIbRFtFIApZbcrhsU-ncXpTHeu6WPz4YuB5gt5E04owbleLtAF66UB4jJeT0VhlEFT_Xf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHBghray9ZJSPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0AiGg0LW9IZGpNTTCpmHAISEqvNmnc8TM3xu6WmZHgq1Qqquh2H71cg6mgmwOlYpzeOhssMf61DChKa3xtFTsrAbuZmdYtVi9k_PYYfoWCL0fSdogIjSGWcApsse1SkuyeF5erG5RsfHukps-Hs1tQH_QHNt8WvAzSd_-fBZ7nePAhoAx6Le1dGG2Bt4lPlQdnziGsNK8r69l3CVkWmMpXrKRw8BetKjCNxJp6BWrkYgk_aNdXeWaECyHRhz9E5wR71DMAhiMZn7m457UtQBrIsPtELAd34ioQQw57aF_pfN4ByU6rXhk0wUoNP3uRIGkWYD-h29WqzP5kR5o_JsUHQSi7Ne7geHvyXiNTJBQxSY_VMttLjBIgICrT4OlISyCwNYnvbMZUzVQ5m1ThvcC5G8eF48UIrepPu1lz4mgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3K-I8gnC4nlhQ0RUUUFC8dxv_unw%26client%3Dca-pub-1618592205083780%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:54 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Thu, 27 May 2021 13:21:59 GMT server nginx cross-origin-embedder-policy require-corp etag W/"60af9cf7-891" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Wed, 17 Jul 2024 22:41:54 GMT
GET H2	200	privacy.svg static.criteo.net/flash/icon/ Frame 593D	2 KB 1 KB	33ms 32ms	Image image/svg+xml	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/privacy.svg Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5QFKNxNAApLxcfAYaMUBXzK6NraFA&u=%7CSjDzQLoKHiuKzFT8OZYMKpD6EKoZ1VzCRIJX3j2d7Wc%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv2s2u2dplnKJtVkuzLzx_KV4fN7d1ufgtaTz-Ku7eGDRd5R4EKT3I_GMMLHiGjs_TodfHlURqc7LuTzRQ3slKmZ8DQsjiL3h8nvC3T8_zTZRKLvKkEdkqcXGwMnqvz2sVffV3WjPpV1OBSwIZsXQH_mMosLJ_qqzNf7Y2Nu5kXXCAvvVSBIlPk29qGnS03mwSFnVv5ZvqXWsJdm3P618DjbVnDITmANU-LplsDG30tWNuJtdi5wqmAKJIGSWluPZQ7MQQf-pKq4ymOx5DU1AtOlNXDmvT4i0gU2TZMCuMqRZE5LNMyWdyy0VCnvrcyMG_Msvv1rQu00Ei66O_JGo0N89btVJEU3zQSQ-QnD1rXVND9y6CDelEXPBU8Kgs2xgddtTqq_lmYouufidv_dF0CPFbwOVChR-g2OuNsWgFIuVGoz5qkEx2CwfYQXxwNolP-DadjGuIbRFtFIApZbcrhsU-ncXpTHeu6WPz4YuB5gt5E04owbleLtAF66UB4jJeT0VhlEFT_Xf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHBghray9ZJSPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0AiGg0LW9IZGpNTTCpmHAISEqvNmnc8TM3xu6WmZHgq1Qqquh2H71cg6mgmwOlYpzeOhssMf61DChKa3xtFTsrAbuZmdYtVi9k_PYYfoWCL0fSdogIjSGWcApsse1SkuyeF5erG5RsfHukps-Hs1tQH_QHNt8WvAzSd_-fBZ7nePAhoAx6Le1dGG2Bt4lPlQdnziGsNK8r69l3CVkWmMpXrKRw8BetKjCNxJp6BWrkYgk_aNdXeWaECyHRhz9E5wR71DMAhiMZn7m457UtQBrIsPtELAd34ioQQw57aF_pfN4ByU6rXhk0wUoNP3uRIGkWYD-h29WqzP5kR5o_JsUHQSi7Ne7geHvyXiNTJBQxSY_VMttLjBIgICrT4OlISyCwNYnvbMZUzVQ5m1ThvcC5G8eF48UIrepPu1lz4mgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3K-I8gnC4nlhQ0RUUUFC8dxv_unw%26client%3Dca-pub-1618592205083780%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash 095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:54 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Wed, 19 Feb 2020 10:57:21 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5e4d1491-646" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Wed, 17 Jul 2024 22:41:54 GMT
GET H/1.1	200 OK	visit.js Show response tps.doubleverify.com/ Frame DE2D	8 KB 4 KB	60ms 59ms	Script text/javascript	34.117.228.201 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=381&ttfrms=7&brid=3&brver=115.0.5790.102&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DA2J%5DD36C%5DA2J%5DB35%3CK%3D8%3FC%3A5fAh9%5D%3D%3BF5%3A%5C%3A%5C%3F6%3D%3BF5%3A%5C%60%5D3%40%40%3C%3EAb%5DCFTar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau25D%5DFD%5D4C%3AE6%40%5D4%40%3E&srcurlD=1&aUrlD=0&ssl=https:&dfs=230&ddur=324&uid=1690152114450813&jsCallback=dvCallback_1690152114450680&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.102%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=0&winw=0&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=4309&tgjsver=4309&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fads.us.criteo.com%2Fdelivery%2Fr%2Fafr.php%3Fz%3DZL2srQAMh5QFKNxNAApLxcfAYaMUBXzK6NraFA%26u%3D%257CSjDzQLoKHiuKzFT8OZYMKpD6EKoZ1VzCRIJX3j2d7Wc%253D%257C%26c1%3Dm7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv2s2u2dplnKJtVkuzLzx_KV4fN7d1ufgtaTz-Ku7eGDRd5R4EKT3I_GMMLHiGjs_TodfHlURqc7LuTzRQ3slKmZ8DQsjiL3h8nvC3T8_zTZRKLvKkEdkqcXGwMnqvz2sVffV3WjPpV1OBSwIZsXQH_mMosLJ_qqzNf7Y2Nu5kXXCAvvVSBIlPk29qGnS03mwSFnVv5ZvqXWsJdm3P618DjbVnDITmANU-LplsDG30tWNuJtdi5wqmAKJIGSWluPZQ7MQQf-pKq4ymOx5DU1AtOlNXDmvT4i0gU2TZMCuMqRZE5LNMyWdyy0VCnvrcyMG_Msvv1rQu00Ei66O_JGo0N89btVJEU3zQSQ-QnD1rXVND9y6CDelEXPBU8Kgs2xgddtTqq_lmYouufidv_dF0CPFbwOVChR-g2OuNsWgFIuVGoz5qkEx2CwfYQXxwNolP-DadjGuIbRFtFIApZbcrhsU-ncXpTHeu6WPz4YuB5gt5E04owbleLtAF66UB4jJeT0VhlEFT_Xf%26ct0%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCHBghray9ZJSPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0AiGg0LW9IZGpNTTCpmHAISEqvNmnc8TM3xu6WmZHgq1Qqquh2H71cg6mgmwOlYpzeOhssMf61DChKa3xtFTsrAbuZmdYtVi9k_PYYfoWCL0fSdogIjSGWcApsse1SkuyeF5erG5RsfHukps-Hs1tQH_QHNt8WvAzSd_-fBZ7nePAhoAx6Le1dGG2Bt4lPlQdnziGsNK8r69l3CVkWmMpXrKRw8BetKjCNxJp6BWrkYgk_aNdXeWaECyHRhz9E5wR71DMAhiMZn7m457UtQBrIsPtELAd34ioQQw57aF_pfN4ByU6rXhk0wUoNP3uRIGkWYD-h29WqzP5kR5o_JsUHQSi7Ne7geHvyXiNTJBQxSY_VMttLjBIgICrT4OlISyCwNYnvbMZUzVQ5m1ThvcC5G8eF48UIrepPu1lz4mgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3K-I8gnC4nlhQ0RUUUFC8dxv_unw%2526client%253Dca-pub-1618592205083780%2526adurl%253D&fcifrms=7&brh=2&sdf=2&dvp_epl=338&noc=4&nav_pltfrm=Win32&ctx=13846930&cmp=29214310&sid=1340728&plc=358196926&btreg=banner_content&btadsrv=banner_content&adsrv=169&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=175886643736.8782&dvp_tukv=787431891631.3666&dvp_strhd=0.2999992370605469&dvpx_strhd=0.2999992370605469&dvp_tuid=365363788004&jurtd=480677147 Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dv-measurements4309.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 201.228.117.34.bc.googleusercontent.com Software / Resource Hash 18e922d5e65c37773c39bf8fe2b7241a0ee8cb9ae2c1b891cbb7363940912c9a Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers Pragma no-cache Date Sun, 23 Jul 2023 22:41:54 GMT Content-Encoding br Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/javascript Cache-Control max-age=0 Connection keep-alive Timing-Allow-Origin * Expires 07/22/2023 22:41:54
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 81BD	42 B 64 B	94ms 40ms	Fetch image/gif	2607:f8b0:4006:823::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssNYvksJmiXZoSPEVaeBOYD69NoWE8ZOYrSe6TPu9dA0oRiz8R7LPYS9JszseDVr_ZYsOO6L-O1U9WKwy838YL_-tI&sig=Cg0ArKJSzIzqXFz3DuNvEAE&id=lidar2&mcvt=1028&p=0,0,124,1005&mtos=1028,1028,1028,1028,1028&tos=1028,0,0,0,0&v=20230719&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690152110758&rpt=2581&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:823::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers pragma no-cache date Sun, 23 Jul 2023 22:41:54 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	roboto-400.css static.criteo.net/design/googlefont/roboto/ Frame BDEF	2 KB 842 B	35ms 34ms	Stylesheet text/css	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/design/googlefont/roboto/roboto-400.css Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash f3bd93baf2d7ea7fe404497a78897e9300a56e1ef8e452cdd29c0156b2ff3aa5 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:54 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Thu, 08 Dec 2022 14:14:19 GMT server nginx cross-origin-embedder-policy require-corp etag W/"6391f13b-807" content-type text/css access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Wed, 17 Jul 2024 22:41:54 GMT
GET H2	200	roboto-700.css static.criteo.net/design/googlefont/roboto/ Frame BDEF	2 KB 841 B	31ms 31ms	Stylesheet text/css	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/design/googlefont/roboto/roboto-700.css Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash 49330dbdf50dc3440d871a2408c7ec4fec185d62e419fd9960000cd8eed78950 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:54 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Thu, 08 Dec 2022 14:14:21 GMT server nginx cross-origin-embedder-policy require-corp etag W/"6391f13d-807" content-type text/css access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Wed, 17 Jul 2024 22:41:54 GMT
GET H2	200	roboto-400.css static.criteo.net/design/googlefont/roboto/ Frame 593D	2 KB 842 B	32ms 32ms	Stylesheet text/css	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/design/googlefont/roboto/roboto-400.css Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash f3bd93baf2d7ea7fe404497a78897e9300a56e1ef8e452cdd29c0156b2ff3aa5 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:54 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Thu, 08 Dec 2022 14:14:19 GMT server nginx cross-origin-embedder-policy require-corp etag W/"6391f13b-807" content-type text/css access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Wed, 17 Jul 2024 22:41:54 GMT
GET H2	200	roboto-700.css static.criteo.net/design/googlefont/roboto/ Frame 593D	2 KB 841 B	31ms 30ms	Stylesheet text/css	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/design/googlefont/roboto/roboto-700.css Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash 49330dbdf50dc3440d871a2408c7ec4fec185d62e419fd9960000cd8eed78950 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:54 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Thu, 08 Dec 2022 14:14:21 GMT server nginx cross-origin-embedder-policy require-corp etag W/"6391f13d-807" content-type text/css access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Wed, 17 Jul 2024 22:41:54 GMT
POST H2	200	all csm.us.criteo.net/ Frame 9491	0 127 B	30ms 29ms	Ping text/plain	2620:100:a001::16 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://csm.us.criteo.net/all?cppv=3&cpp=HoAmOk5XRp0-3kmAyEdEJfldQe1I7gDBQ2iost85VJsmTqsd8on-ErQUXEE9ScSWMFc1gnnuFJIElaJbPYvhskG2mLJWkapV4UTseBUQa5uvACQD0BctwwJH8B7sk6c7iHwfmH_C311kcGTpU_aj97XaEWb5mqWkHfzgVHpJ5QawM4gon-kCPQs-UTc8Z7gxZgXgGMzEpUnGNYJQh-P06Vsy3Bn_BrDWiwzDyO4g-mgBANO4jo3HqlQ3j1ofh79aSjXW2g&sds=2&rev=87574&sendBeacon=true Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5MFKNxNAApLxecTK0pZheyfuCsMLA&u=%7CSjDzQLoKHiu4kmQHvxRrWwMUKlM6G4NxYLF2hNe%2BUPk%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78rklu3251mk0mb-RBzl6Q37qy_PLxz4NWIjSKjEB-Fx3Nu_gFFVO2d9LWvxlGa_DhrYjaZ_D82_b8Aa1j51kug1stgh2UZ_gWNCL5M_7hv5ju_cNRxqG79p6gpspd9qL_HVb-GRbHUwQKwvfqa52vnLW6gKDTHCpgssUK_Dsg0k9uMtB57Pqm1iSSU3G274xWToN3Sl9mPGDQV80lHr7QgiqdSHW_n8MfWenyNBRThsT4bi_gIesGNF3TS9cZbyeDc79EF5Gk03OP_w0q2zRRz9Tpt_WbySnJu_S_604-Ryj6QfuEtQgBsJOWJWaBTXkZap22GShSWQ-CyTyKZvHeBFafVMQmk-mRPrDi6-edMs72TMMJJLJFDSf9x4AmCT7fJk1Ykh6c7V9mVPbHfeK5GDD5nUtVfjLLhsEMq9GY2YwVV0BxkLf67Ypwlx9bsiyOxUgwD0wM3glJQLZqc0Edrr-wCIcCdjcR9IOZy8vq-WgyO6DQUbyXaYhOT0k_QzxPOiMnr58phNRRqsXXz62bRDWqrSjusSO90M0LK-tZ1_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7Xfxray9ZJOPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEwAJP0FAxIDHQjn_OBE-waXHWgdm9cDx1gpdhaORFdoeTQvT7VAqzHi2bUZyRKhcZ2Q3hgiPyobMaLo-4rnHj4fqkOkfr78_GeVtYaqdrbdtI2FbgkAqz6iIrxQQzX8Uc_pHuOKZ0apei0yhNrh7uy0CumKKXeio7ZBeijXTn3RxjqHtQiIUC1Wmjlej6l3u_tL0UWLLuuivIA6Z_9TBVmnnS753vbelclmM3zsd-gAqCvhkEfc2A0Nd3TIb0IwK0KwpmQkcWFtglRKzyubSXl80UyB6iYHNhvNfZniCuaOrxW1BXpakphD8Dp59z1kSELQNCVjz4QzUr5dqY4fkTKxIVpyd9jdSEX5UDokOD1K0DjrDUkCDqD209OpffZ8W1KFMw3Lz6qTeEnq1kMJUuxdCFw40IlgTqcbeKKRhudKQjFoAGycf9-t347pIXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1GC3B3Kw-TOK45YC_aPQWf5tT8bw%26client%3Dca-pub-1618592205083780%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://ads.us.criteo.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * date Sun, 23 Jul 2023 22:41:53 GMT strict-transport-security max-age=31536000; preload; cross-origin-resource-policy cross-origin server Finatra content-length 0
GET DATA	200 OK	truncated / Frame 0D73	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash bbe351679bb1214f0a905b6917307f4b904c878fcfb3f616a45b6ea4f780e542 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 0AA1	216 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 148306c7440d0c88235d2a36e06d26e108706c73c5180ffc5c27767c0ecff9bc Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers Content-Type image/png
GET H2	200	roboto-400-latin.woff2 static.criteo.net/design/googlefont/roboto/ Frame 593D	15 KB 16 KB	173ms 87ms	Font application/octet-stream	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/design/googlefont/roboto/roboto-400-latin.woff2 Requested by Host: static.criteo.net URL: https://static.criteo.net/design/googlefont/roboto/roboto-400.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash c6bdd002d23dcb0adbd87e3518bdd994de73818a0f0f502707986301b9fbc404 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://static.criteo.net/design/googlefont/roboto/roboto-400.css Origin https://ads.us.criteo.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:54 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Thu, 08 Dec 2022 14:14:19 GMT server nginx cross-origin-embedder-policy require-corp etag W/"6391f13b-3d80" content-type text/plain; charset=UTF-8 access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Wed, 17 Jul 2024 22:41:54 GMT
GET H2	200	roboto-700-latin.woff2 static.criteo.net/design/googlefont/roboto/ Frame 593D	15 KB 16 KB	138ms 57ms	Font application/octet-stream	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/design/googlefont/roboto/roboto-700-latin.woff2 Requested by Host: static.criteo.net URL: https://static.criteo.net/design/googlefont/roboto/roboto-700.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash ba9f43fbd9c0782c72ff6eddd221abdcfd9642cd4625227ad693347e4d6989db Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://static.criteo.net/design/googlefont/roboto/roboto-700.css Origin https://ads.us.criteo.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:54 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Thu, 08 Dec 2022 14:14:21 GMT server nginx cross-origin-embedder-policy require-corp etag W/"6391f13d-3df4" content-type text/plain; charset=UTF-8 access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Wed, 17 Jul 2024 22:41:54 GMT
GET H2	200	roboto-400-latin.woff2 static.criteo.net/design/googlefont/roboto/ Frame BDEF	15 KB 16 KB	171ms 100ms	Font application/octet-stream	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/design/googlefont/roboto/roboto-400-latin.woff2 Requested by Host: static.criteo.net URL: https://static.criteo.net/design/googlefont/roboto/roboto-400.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash c6bdd002d23dcb0adbd87e3518bdd994de73818a0f0f502707986301b9fbc404 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://static.criteo.net/design/googlefont/roboto/roboto-400.css Origin https://ads.us.criteo.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:54 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Thu, 08 Dec 2022 14:14:19 GMT server nginx cross-origin-embedder-policy require-corp etag W/"6391f13b-3d80" content-type text/plain; charset=UTF-8 access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Wed, 17 Jul 2024 22:41:54 GMT
GET H3	200	adview googleads.g.doubleclick.net/pagead/ Frame 0D73	0 19 B	60ms 58ms	Image text/html	2607:f8b0:4006:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=CG4Owray9ZJSPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvAJP0AiGg0LW9IZGpNTTCpmHAISEqvNmnc8TM3xu6WmZHgq1Qqquh2H71cg6mgmwOlYpzeOhssMf61DChKa3xtFTsrAbuZmdYtVi9k_PYYfoWCL0fSdogIjSGWcApsse1SkuyeF5erG5RsfHukps-Hs1tQH_QHNt8WvAzSd_-fBZ7nePAhoAx6Le1dGG2Bt4lPlQdnziGsNK8r69l3CVkWmMpXrKRw8BetKjCNxJp6BWrkYgk_aNdXeWaECyHRhz9E5wR71DMAhiMZn7m457UtQBrIsPtELAd34ioQQw57aF_pfN4ByU6rXhk0wUoNP3uRIGkWYD-h29WqzP5kR5o_JsUHQSi7Ne7geHvyXiNTJBQxSY_VMttLiDICKQBsyHlEc7Zo-z5H8P0nD9SretioAvcRh1xkAQSCMINft2gAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTE2MTg1OTIyMDUwODM3ODAYAA&sigh=pqv7KEeC02w&uach_m=[UACH]&cid=CAQSKQBpAlJWMthJeT9JtQ5pU0QMu1TEkrru-a8Z3Moq8nTyiAFPHOo9zzU1GAE&cbvp=2&vis=1 Requested by Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80f::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Sun, 23 Jul 2023 22:41:54 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	notify rtb.va.us.criteo.com/google/auction/ Frame 0D73	0 125 B	44ms 43ms	Image text/plain	2620:100:a001::3 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=kK_oEs36RMgB2ATiIp0XAgAAAO4XoloobBbnEK2svWTahHa29dnqLmiYAAASAAAKCkFRVUJDZ0VCQ2c&wp=ZL2srQAMh5QFKNxNAApLxcfAYaMUBXzK6NraFA&cbvp=2 Requested by Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:54 GMT strict-transport-security max-age=31536000; preload; server-processing-duration-in-ticks 201040 server Kestrel content-length 0
GET H3	200	adview googleads.g.doubleclick.net/pagead/ Frame 0AA1	0 19 B	54ms 53ms	Image text/html	2607:f8b0:4006:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=C5hKMray9ZJWPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvAJP0BTlMUhuBlZKl-3E-7xxCFSS3ePazj0-EdIxKbBm8DEMcJjoXroi8Wts3wSpE1XTNqlviiuDGx2SvmOfKCOuHOm17zhTptml28Ee_H5Voy4u4m1bKvUKkBtkZiAGysySEEzOi52z7tKzrpwIU349b1rJx2ZLREfgKtv8c_gnSnzmT76IbxuG_QrykK_fNVA_jrnxHRWbTB7wmOMeZmntIOT1w-3jyUJpYS8VNs85R0cYARVgiUkVA9B_Zg1ZgtgoWZy4ug94OTs6LxpBfOiEye4p66prgGH7WGa7xIthICvcFxEGxSD_cz-mhH0uQFPYVk2K_nY2p8l9vwHlL7CFwGk1402N3u38W22N0kEr39k-N2Bz6na-frKmLYBORGmE4Fgb4-FopTwk9KVhab78nAB1Eu7amp5vTREwgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTE2MTg1OTIyMDUwODM3ODAYAA&sigh=b8TXrZz6CHo&uach_m=[UACH]&cid=CAQSKQBpAlJWMthJeT9JtQ5pU0QMu1TEkrru-a8Z3Moq8nTyiAFPHOo9zzU1GAE&cbvp=2&vis=1 Requested by Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80f::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Sun, 23 Jul 2023 22:41:54 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	notify rtb.va.us.criteo.com/google/auction/ Frame 0AA1	0 125 B	39ms 38ms	Image text/plain	2620:100:a001::3 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=kK_oEs36RMgB2ATiIp0XAgAAAO4XoloobBbnEK2svWSM1eo18x8vB_jrAAASAAAKCkFRVUJDZ0VCQ2c&wp=ZL2srQAMh5UFKNxNAApLxfHDqOKPtAWOCWnI1A&cbvp=2 Requested by Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:54 GMT strict-transport-security max-age=31536000; preload; server-processing-duration-in-ticks 148260 server Kestrel content-length 0
GET H2	200	img imageproxy.us.criteo.net/img/ Frame 593D	14 KB 14 KB	42ms 37ms	Image image/png	2620:100:a001::9 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.us.criteo.net/img/img?h=116&m=0&partner=5535&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F5535%2F190813%2F8c1dc954a40b4ba6bf9d28818e0b82cc_logo_lightbg_horizontal.png&v=3&w=396&s=X8_VG4rw2TlgF1In33pt0rZY Requested by Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash 6ea37145f65756859d6a4d4f351fce85677e43074c96f84e3ccb93b5335ca7ea Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:54 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/png cache-control public, max-age=31104000 content-length 13926 expires Fri, 14 Jun 2024 10:31:40 GMT
GET H2	200	img imageproxy.us.criteo.net/img/ Frame 593D	7 KB 7 KB	34ms 29ms	Image image/webp	2620:100:a001::9 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F0%2Foptimized%2F22836110_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=5FNyZAG1mauptswHoMi4RdK_&b=400 Requested by Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash 2e87a65f56694808d00b76fc8d3be759f8d64845ceac88782b9e6d4acdcf19b4 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:53 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/webp cache-control public, max-age=2592000 content-length 6906 expires Thu, 17 Aug 2023 12:40:31 GMT
GET H2	200	img imageproxy.us.criteo.net/img/ Frame 593D	10 KB 10 KB	40ms 35ms	Image image/webp	2620:100:a001::9 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F8%2Foptimized%2F21482528_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=qhvrsrHnuFGlQe38RRMRlAsa&b=400 Requested by Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash bd044d5d04e34d2efb6be2be6e845985b11ce3303367bf3d79ed975e32272aae Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:54 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/webp cache-control public, max-age=2592000 content-length 10288 expires Sun, 20 Aug 2023 22:16:53 GMT
GET H2	200	img imageproxy.us.criteo.net/img/ Frame 593D	11 KB 11 KB	38ms 34ms	Image image/webp	2620:100:a001::9 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F2%2Foptimized%2F23841260_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=UrjBVunAM56WmCCCgxSqQMda&b=400 Requested by Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash feecc2e61ad7153f4a43d4b2c461310a4ac9571727721e9899807a013ca8049d Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:54 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/webp cache-control public, max-age=2592000 content-length 11224 expires Tue, 22 Aug 2023 22:05:46 GMT
GET H2	200	img imageproxy.us.criteo.net/img/ Frame 593D	4 KB 4 KB	42ms 38ms	Image image/webp	2620:100:a001::9 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F5%2Foptimized%2F21740825_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=WdY35Cz7rMdMu5doyU-nwSo5&b=400 Requested by Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash 4c57dd44d9c4a654356760f7b811aaa632397e6f99e4045745b1b057333a1764 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:54 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/webp cache-control public, max-age=2592000 content-length 4226 expires Sun, 30 Jul 2023 21:30:43 GMT
GET H2	200	roboto-700-latin.woff2 static.criteo.net/design/googlefont/roboto/ Frame BDEF	15 KB 16 KB	83ms 80ms	Font application/octet-stream	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/design/googlefont/roboto/roboto-700-latin.woff2 Requested by Host: static.criteo.net URL: https://static.criteo.net/design/googlefont/roboto/roboto-700.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash ba9f43fbd9c0782c72ff6eddd221abdcfd9642cd4625227ad693347e4d6989db Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://static.criteo.net/design/googlefont/roboto/roboto-700.css Origin https://ads.us.criteo.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:54 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Thu, 08 Dec 2022 14:14:21 GMT server nginx cross-origin-embedder-policy require-corp etag W/"6391f13d-3df4" content-type text/plain; charset=UTF-8 access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Wed, 17 Jul 2024 22:41:54 GMT
GET H2	200	img imageproxy.us.criteo.net/img/ Frame BDEF	14 KB 14 KB	35ms 34ms	Image image/png	2620:100:a001::9 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.us.criteo.net/img/img?h=116&m=0&partner=5535&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F5535%2F190813%2F8c1dc954a40b4ba6bf9d28818e0b82cc_logo_lightbg_horizontal.png&v=3&w=396&s=X8_VG4rw2TlgF1In33pt0rZY Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5UFKNxNAApLxfHDqOKPtAWOCWnI1A&u=%7CSjDzQLoKHiu%2FHvtcMH2GIp%2BUpmMJy17Qx3YskfURbe4%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv8woe_caJE_VUAicvkuo4T4WuabUPEUl3LeKzAq_pgTek-KblTtvdwbtUm5EnXa_EpKX7NBZFrgFRvbSDW4ZgPknzANXSqeQhVssTmp8HPODGB1YTUM_VRwYXAIRWcjPZOTJFCJALJpKAHkBLr0hJzP-B30IwWo5-uNkZIvIHSaSptMNoUlkrRgcLTwYixLsmHLvbQxaFohAZ9WbsD3ThQhk-R0I1TYADCvCl2Emijc6nzVZpR9zseC1MNkKBFCnrFZu6w2WLMssbU8yy1bjtK01D1BMNmZ-Gjvd-7S6T3kNU_kbOLEJ-kdFZ5tTbBqvKXiFDa5DJyZpo-PVwS7B2UtBpLiQwF6vm3UeV1EjZgEeGiecYADMA8ZleWdXtAPhnbakoTywcrtpzCeiKBKk1nLUoxfk3n7gejjSaHw9MmxuwszorHbqyoajrZeD_rpmeOxLKttZyS5Q1uaOuxC2wnGCwiOMdyYgPz21o3LqitUOQvKn1jfgVT4ZOEHVmXqRlAEq4TiIGM9IM_q774lwakA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRBCtray9ZJWPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0BTlMUhuBlZKl-3E-7xxCFSS3ePazj0-EdIxKbBm8DEMcJjoXroi8Wts3wSpE1XTNqlviiuDGx2SvmOfKCOuHOm17zhTptml28Ee_H5Voy4u4m1bKvUKkBtkZiAGysySEEzOi52z7tKzrpwIU349b1rJx2ZLREfgKtv8c_gnSnzmT76IbxuG_QrykK_fNVA_jrnxHRWbTB7wmOMeZmntIOT1w-3jyUJpYS8VNs85R0cYARVgiUkVA9B_Zg1ZgtgoWZy4ug94OTs6LxpBfOiEye4p66prgGH7WGa7xIthICvcFxEGxSD_cz-mhH0uQFPYVk2K_nY2p8l9vwHlL7CFwGk1402N3u38W22N0kEr39k-N2Bz6nb8fJI0hnLHRKoNjdTwmWirEgAM_Yt5rSUP5om8rPD2gje53BHzFctIgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3uvvs6CwprmmrFVVTiB1hl4mqEuA%26client%3Dca-pub-1618592205083780%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash 6ea37145f65756859d6a4d4f351fce85677e43074c96f84e3ccb93b5335ca7ea Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:54 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/png cache-control public, max-age=31104000 content-length 13926 expires Fri, 14 Jun 2024 10:31:40 GMT
GET H2	200	img imageproxy.us.criteo.net/img/ Frame BDEF	11 KB 11 KB	39ms 38ms	Image image/webp	2620:100:a001::9 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F2%2Foptimized%2F23841260_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=UrjBVunAM56WmCCCgxSqQMda&b=400 Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5UFKNxNAApLxfHDqOKPtAWOCWnI1A&u=%7CSjDzQLoKHiu%2FHvtcMH2GIp%2BUpmMJy17Qx3YskfURbe4%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv8woe_caJE_VUAicvkuo4T4WuabUPEUl3LeKzAq_pgTek-KblTtvdwbtUm5EnXa_EpKX7NBZFrgFRvbSDW4ZgPknzANXSqeQhVssTmp8HPODGB1YTUM_VRwYXAIRWcjPZOTJFCJALJpKAHkBLr0hJzP-B30IwWo5-uNkZIvIHSaSptMNoUlkrRgcLTwYixLsmHLvbQxaFohAZ9WbsD3ThQhk-R0I1TYADCvCl2Emijc6nzVZpR9zseC1MNkKBFCnrFZu6w2WLMssbU8yy1bjtK01D1BMNmZ-Gjvd-7S6T3kNU_kbOLEJ-kdFZ5tTbBqvKXiFDa5DJyZpo-PVwS7B2UtBpLiQwF6vm3UeV1EjZgEeGiecYADMA8ZleWdXtAPhnbakoTywcrtpzCeiKBKk1nLUoxfk3n7gejjSaHw9MmxuwszorHbqyoajrZeD_rpmeOxLKttZyS5Q1uaOuxC2wnGCwiOMdyYgPz21o3LqitUOQvKn1jfgVT4ZOEHVmXqRlAEq4TiIGM9IM_q774lwakA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRBCtray9ZJWPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0BTlMUhuBlZKl-3E-7xxCFSS3ePazj0-EdIxKbBm8DEMcJjoXroi8Wts3wSpE1XTNqlviiuDGx2SvmOfKCOuHOm17zhTptml28Ee_H5Voy4u4m1bKvUKkBtkZiAGysySEEzOi52z7tKzrpwIU349b1rJx2ZLREfgKtv8c_gnSnzmT76IbxuG_QrykK_fNVA_jrnxHRWbTB7wmOMeZmntIOT1w-3jyUJpYS8VNs85R0cYARVgiUkVA9B_Zg1ZgtgoWZy4ug94OTs6LxpBfOiEye4p66prgGH7WGa7xIthICvcFxEGxSD_cz-mhH0uQFPYVk2K_nY2p8l9vwHlL7CFwGk1402N3u38W22N0kEr39k-N2Bz6nb8fJI0hnLHRKoNjdTwmWirEgAM_Yt5rSUP5om8rPD2gje53BHzFctIgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3uvvs6CwprmmrFVVTiB1hl4mqEuA%26client%3Dca-pub-1618592205083780%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash feecc2e61ad7153f4a43d4b2c461310a4ac9571727721e9899807a013ca8049d Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:54 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/webp cache-control public, max-age=2592000 content-length 11224 expires Tue, 22 Aug 2023 22:05:46 GMT
GET H2	200	img imageproxy.us.criteo.net/img/ Frame BDEF	7 KB 7 KB	36ms 35ms	Image image/webp	2620:100:a001::9 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F0%2Foptimized%2F22836110_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=5FNyZAG1mauptswHoMi4RdK_&b=400 Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5UFKNxNAApLxfHDqOKPtAWOCWnI1A&u=%7CSjDzQLoKHiu%2FHvtcMH2GIp%2BUpmMJy17Qx3YskfURbe4%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv8woe_caJE_VUAicvkuo4T4WuabUPEUl3LeKzAq_pgTek-KblTtvdwbtUm5EnXa_EpKX7NBZFrgFRvbSDW4ZgPknzANXSqeQhVssTmp8HPODGB1YTUM_VRwYXAIRWcjPZOTJFCJALJpKAHkBLr0hJzP-B30IwWo5-uNkZIvIHSaSptMNoUlkrRgcLTwYixLsmHLvbQxaFohAZ9WbsD3ThQhk-R0I1TYADCvCl2Emijc6nzVZpR9zseC1MNkKBFCnrFZu6w2WLMssbU8yy1bjtK01D1BMNmZ-Gjvd-7S6T3kNU_kbOLEJ-kdFZ5tTbBqvKXiFDa5DJyZpo-PVwS7B2UtBpLiQwF6vm3UeV1EjZgEeGiecYADMA8ZleWdXtAPhnbakoTywcrtpzCeiKBKk1nLUoxfk3n7gejjSaHw9MmxuwszorHbqyoajrZeD_rpmeOxLKttZyS5Q1uaOuxC2wnGCwiOMdyYgPz21o3LqitUOQvKn1jfgVT4ZOEHVmXqRlAEq4TiIGM9IM_q774lwakA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRBCtray9ZJWPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0BTlMUhuBlZKl-3E-7xxCFSS3ePazj0-EdIxKbBm8DEMcJjoXroi8Wts3wSpE1XTNqlviiuDGx2SvmOfKCOuHOm17zhTptml28Ee_H5Voy4u4m1bKvUKkBtkZiAGysySEEzOi52z7tKzrpwIU349b1rJx2ZLREfgKtv8c_gnSnzmT76IbxuG_QrykK_fNVA_jrnxHRWbTB7wmOMeZmntIOT1w-3jyUJpYS8VNs85R0cYARVgiUkVA9B_Zg1ZgtgoWZy4ug94OTs6LxpBfOiEye4p66prgGH7WGa7xIthICvcFxEGxSD_cz-mhH0uQFPYVk2K_nY2p8l9vwHlL7CFwGk1402N3u38W22N0kEr39k-N2Bz6nb8fJI0hnLHRKoNjdTwmWirEgAM_Yt5rSUP5om8rPD2gje53BHzFctIgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3uvvs6CwprmmrFVVTiB1hl4mqEuA%26client%3Dca-pub-1618592205083780%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash 2e87a65f56694808d00b76fc8d3be759f8d64845ceac88782b9e6d4acdcf19b4 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:54 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/webp cache-control public, max-age=2592000 content-length 6906 expires Thu, 17 Aug 2023 12:40:31 GMT
GET H2	200	img imageproxy.us.criteo.net/img/ Frame BDEF	4 KB 4 KB	38ms 37ms	Image image/webp	2620:100:a001::9 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F5%2Foptimized%2F21740825_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=WdY35Cz7rMdMu5doyU-nwSo5&b=400 Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5UFKNxNAApLxfHDqOKPtAWOCWnI1A&u=%7CSjDzQLoKHiu%2FHvtcMH2GIp%2BUpmMJy17Qx3YskfURbe4%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv8woe_caJE_VUAicvkuo4T4WuabUPEUl3LeKzAq_pgTek-KblTtvdwbtUm5EnXa_EpKX7NBZFrgFRvbSDW4ZgPknzANXSqeQhVssTmp8HPODGB1YTUM_VRwYXAIRWcjPZOTJFCJALJpKAHkBLr0hJzP-B30IwWo5-uNkZIvIHSaSptMNoUlkrRgcLTwYixLsmHLvbQxaFohAZ9WbsD3ThQhk-R0I1TYADCvCl2Emijc6nzVZpR9zseC1MNkKBFCnrFZu6w2WLMssbU8yy1bjtK01D1BMNmZ-Gjvd-7S6T3kNU_kbOLEJ-kdFZ5tTbBqvKXiFDa5DJyZpo-PVwS7B2UtBpLiQwF6vm3UeV1EjZgEeGiecYADMA8ZleWdXtAPhnbakoTywcrtpzCeiKBKk1nLUoxfk3n7gejjSaHw9MmxuwszorHbqyoajrZeD_rpmeOxLKttZyS5Q1uaOuxC2wnGCwiOMdyYgPz21o3LqitUOQvKn1jfgVT4ZOEHVmXqRlAEq4TiIGM9IM_q774lwakA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRBCtray9ZJWPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0BTlMUhuBlZKl-3E-7xxCFSS3ePazj0-EdIxKbBm8DEMcJjoXroi8Wts3wSpE1XTNqlviiuDGx2SvmOfKCOuHOm17zhTptml28Ee_H5Voy4u4m1bKvUKkBtkZiAGysySEEzOi52z7tKzrpwIU349b1rJx2ZLREfgKtv8c_gnSnzmT76IbxuG_QrykK_fNVA_jrnxHRWbTB7wmOMeZmntIOT1w-3jyUJpYS8VNs85R0cYARVgiUkVA9B_Zg1ZgtgoWZy4ug94OTs6LxpBfOiEye4p66prgGH7WGa7xIthICvcFxEGxSD_cz-mhH0uQFPYVk2K_nY2p8l9vwHlL7CFwGk1402N3u38W22N0kEr39k-N2Bz6nb8fJI0hnLHRKoNjdTwmWirEgAM_Yt5rSUP5om8rPD2gje53BHzFctIgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3uvvs6CwprmmrFVVTiB1hl4mqEuA%26client%3Dca-pub-1618592205083780%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash 4c57dd44d9c4a654356760f7b811aaa632397e6f99e4045745b1b057333a1764 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:54 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/webp cache-control public, max-age=2592000 content-length 4226 expires Sun, 30 Jul 2023 21:30:43 GMT
GET H2	200	img imageproxy.us.criteo.net/img/ Frame BDEF	7 KB 7 KB	37ms 35ms	Image image/webp	2620:100:a001::9 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F7%2Foptimized%2F23841487_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=OTgLzT0Jl-blShNP6aFjnxbG&b=400 Requested by Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash 9438ca134237017af2c8f2d0dbec0b4356f91a132012e4e84b90af46c06e40eb Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:54 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/webp cache-control public, max-age=2592000 content-length 7238 expires Fri, 28 Jul 2023 15:55:38 GMT
GET H2	200	img imageproxy.us.criteo.net/img/ Frame BDEF	10 KB 11 KB	52ms 50ms	Image image/webp	2620:100:a001::9 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F4%2Foptimized%2F23262174_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=ZCM4sOz0yGThQL1BiNao-4SM&b=400 Requested by Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash 3febb8c27ef11a929cb1c9b415b7f2925b51df7928586ec43d7a159aab79d1ce Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:54 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/webp cache-control public, max-age=2592000 content-length 10624 expires Mon, 21 Aug 2023 15:32:26 GMT
GET H2	200	img imageproxy.us.criteo.net/img/ Frame BDEF	7 KB 7 KB	43ms 41ms	Image image/webp	2620:100:a001::9 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F0%2Foptimized%2F21482503_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=AXcMBr8P4-6ou7P3yVa-9Q4D&b=400 Requested by Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash 77b6ad8c0fbf8c433d3c9e5cb823a80090aabd47e193a7e4418bc451c7609625 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:54 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/webp cache-control public, max-age=2592000 content-length 7154 expires Mon, 21 Aug 2023 22:08:13 GMT
GET H2	200	img imageproxy.us.criteo.net/img/ Frame BDEF	11 KB 11 KB	53ms 51ms	Image image/webp	2620:100:a001::9 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F6%2Foptimized%2F21260604_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=90ZPFloAdevTwEgc0Ym9i1M2&b=400 Requested by Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash 7adec4c1dd4500fa546f0f471ee5fcbfb7f49482960c869b71bf37ec73ba2af4 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:53 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/webp cache-control public, max-age=2592000 content-length 10904 expires Sat, 05 Aug 2023 14:56:32 GMT
GET H2	200	img imageproxy.us.criteo.net/img/ Frame BDEF	7 KB 7 KB	53ms 52ms	Image image/webp	2620:100:a001::9 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F4%2Foptimized%2F16312711_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=FUtOhn31Lu6WLgf6vHWsu7a3&b=400 Requested by Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash 71ad818ca37820c1f65289f53d9f1828a3a642c6c5978eb369ee060e9f96dd37 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:53 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/webp cache-control public, max-age=2592000 content-length 6704 expires Sun, 06 Aug 2023 17:35:53 GMT
GET H2	200	img imageproxy.us.criteo.net/img/ Frame BDEF	13 KB 13 KB	53ms 52ms	Image image/webp	2620:100:a001::9 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F8%2Foptimized%2F24264088_fpx.tif&v=3&w=400&s=3KOeklVjo-Wtfnbbm7nv5Jth&b=400 Requested by Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash 3badbe5c7308e83a5f747369448a8efeed8ffd56060aabf6ab2abbd0eeb31874 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:53 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/webp cache-control public, max-age=2592000 content-length 13142 expires Sat, 05 Aug 2023 01:05:28 GMT
GET H2	200	img imageproxy.us.criteo.net/img/ Frame 593D	7 KB 7 KB	34ms 31ms	Image image/webp	2620:100:a001::9 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F0%2Foptimized%2F22836110_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=5FNyZAG1mauptswHoMi4RdK_&b=400 Requested by Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash 2e87a65f56694808d00b76fc8d3be759f8d64845ceac88782b9e6d4acdcf19b4 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:54 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/webp cache-control public, max-age=2592000 content-length 6906 expires Thu, 17 Aug 2023 12:40:31 GMT
GET H2	200	img imageproxy.us.criteo.net/img/ Frame 593D	11 KB 11 KB	37ms 34ms	Image image/webp	2620:100:a001::9 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F2%2Foptimized%2F23841260_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=UrjBVunAM56WmCCCgxSqQMda&b=400 Requested by Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash feecc2e61ad7153f4a43d4b2c461310a4ac9571727721e9899807a013ca8049d Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:54 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/webp cache-control public, max-age=2592000 content-length 11224 expires Tue, 22 Aug 2023 22:05:46 GMT
GET H2	200	img imageproxy.us.criteo.net/img/ Frame 593D	10 KB 10 KB	53ms 51ms	Image image/webp	2620:100:a001::9 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F8%2Foptimized%2F21482528_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=qhvrsrHnuFGlQe38RRMRlAsa&b=400 Requested by Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash bd044d5d04e34d2efb6be2be6e845985b11ce3303367bf3d79ed975e32272aae Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:53 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/webp cache-control public, max-age=2592000 content-length 10288 expires Sun, 20 Aug 2023 22:16:53 GMT
GET H2	200	img imageproxy.us.criteo.net/img/ Frame 593D	14 KB 14 KB	42ms 40ms	Image image/png	2620:100:a001::9 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.us.criteo.net/img/img?h=116&m=0&partner=5535&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F5535%2F190813%2F8c1dc954a40b4ba6bf9d28818e0b82cc_logo_lightbg_horizontal.png&v=3&w=396&s=X8_VG4rw2TlgF1In33pt0rZY Requested by Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash 6ea37145f65756859d6a4d4f351fce85677e43074c96f84e3ccb93b5335ca7ea Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:54 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/png cache-control public, max-age=31104000 content-length 13926 expires Fri, 14 Jun 2024 10:31:40 GMT
GET H2	200	img imageproxy.us.criteo.net/img/ Frame 593D	4 KB 4 KB	40ms 38ms	Image image/webp	2620:100:a001::9 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F5%2Foptimized%2F21740825_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=WdY35Cz7rMdMu5doyU-nwSo5&b=400 Requested by Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash 4c57dd44d9c4a654356760f7b811aaa632397e6f99e4045745b1b057333a1764 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:54 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/webp cache-control public, max-age=2592000 content-length 4226 expires Sun, 30 Jul 2023 21:30:43 GMT
GET H2	200	img imageproxy.us.criteo.net/img/ Frame BDEF	14 KB 14 KB	108ms 38ms	Image image/png	2620:100:a001::9 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.us.criteo.net/img/img?h=116&m=0&partner=5535&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F5535%2F190813%2F8c1dc954a40b4ba6bf9d28818e0b82cc_logo_lightbg_horizontal.png&v=3&w=396&s=X8_VG4rw2TlgF1In33pt0rZY Requested by Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash 6ea37145f65756859d6a4d4f351fce85677e43074c96f84e3ccb93b5335ca7ea Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:54 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/png cache-control public, max-age=31104000 content-length 13926 expires Fri, 14 Jun 2024 10:31:40 GMT
GET H2	200	img imageproxy.us.criteo.net/img/ Frame BDEF	7 KB 7 KB	99ms 32ms	Image image/webp	2620:100:a001::9 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F0%2Foptimized%2F22836110_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=5FNyZAG1mauptswHoMi4RdK_&b=400 Requested by Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash 2e87a65f56694808d00b76fc8d3be759f8d64845ceac88782b9e6d4acdcf19b4 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:54 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/webp cache-control public, max-age=2592000 content-length 6906 expires Thu, 17 Aug 2023 12:40:31 GMT
GET H2	200	img imageproxy.us.criteo.net/img/ Frame BDEF	4 KB 4 KB	108ms 42ms	Image image/webp	2620:100:a001::9 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F5%2Foptimized%2F21740825_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=WdY35Cz7rMdMu5doyU-nwSo5&b=400 Requested by Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash 4c57dd44d9c4a654356760f7b811aaa632397e6f99e4045745b1b057333a1764 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:54 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/webp cache-control public, max-age=2592000 content-length 4226 expires Sun, 30 Jul 2023 21:30:43 GMT
GET H2	200	img imageproxy.us.criteo.net/img/ Frame BDEF	11 KB 11 KB	91ms 25ms	Image image/webp	2620:100:a001::9 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F2%2Foptimized%2F23841260_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=UrjBVunAM56WmCCCgxSqQMda&b=400 Requested by Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash feecc2e61ad7153f4a43d4b2c461310a4ac9571727721e9899807a013ca8049d Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:54 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/webp cache-control public, max-age=2592000 content-length 11224 expires Tue, 22 Aug 2023 22:05:46 GMT
GET H2	200	img imageproxy.us.criteo.net/img/ Frame BDEF	7 KB 7 KB	110ms 45ms	Image image/webp	2620:100:a001::9 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F7%2Foptimized%2F23841487_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=OTgLzT0Jl-blShNP6aFjnxbG&b=400 Requested by Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash 9438ca134237017af2c8f2d0dbec0b4356f91a132012e4e84b90af46c06e40eb Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:54 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/webp cache-control public, max-age=2592000 content-length 7238 expires Fri, 28 Jul 2023 15:55:38 GMT
GET H2	200	img imageproxy.us.criteo.net/img/ Frame BDEF	7 KB 7 KB	105ms 41ms	Image image/webp	2620:100:a001::9 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F0%2Foptimized%2F21482503_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=AXcMBr8P4-6ou7P3yVa-9Q4D&b=400 Requested by Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash 77b6ad8c0fbf8c433d3c9e5cb823a80090aabd47e193a7e4418bc451c7609625 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:54 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/webp cache-control public, max-age=2592000 content-length 7154 expires Mon, 21 Aug 2023 22:08:13 GMT
GET H2	200	img imageproxy.us.criteo.net/img/ Frame BDEF	10 KB 11 KB	99ms 35ms	Image image/webp	2620:100:a001::9 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F4%2Foptimized%2F23262174_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=ZCM4sOz0yGThQL1BiNao-4SM&b=400 Requested by Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash 3febb8c27ef11a929cb1c9b415b7f2925b51df7928586ec43d7a159aab79d1ce Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:54 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/webp cache-control public, max-age=2592000 content-length 10624 expires Mon, 21 Aug 2023 15:32:26 GMT
GET H2	200	img imageproxy.us.criteo.net/img/ Frame BDEF	11 KB 11 KB	90ms 32ms	Image image/webp	2620:100:a001::9 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F6%2Foptimized%2F21260604_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=90ZPFloAdevTwEgc0Ym9i1M2&b=400 Requested by Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash 7adec4c1dd4500fa546f0f471ee5fcbfb7f49482960c869b71bf37ec73ba2af4 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:54 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/webp cache-control public, max-age=2592000 content-length 10904 expires Sat, 05 Aug 2023 14:56:32 GMT
GET H2	200	img imageproxy.us.criteo.net/img/ Frame BDEF	7 KB 7 KB	101ms 43ms	Image image/webp	2620:100:a001::9 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F4%2Foptimized%2F16312711_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=FUtOhn31Lu6WLgf6vHWsu7a3&b=400 Requested by Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash 71ad818ca37820c1f65289f53d9f1828a3a642c6c5978eb369ee060e9f96dd37 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:54 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/webp cache-control public, max-age=2592000 content-length 6704 expires Sun, 06 Aug 2023 17:35:53 GMT
GET H2	200	img imageproxy.us.criteo.net/img/ Frame BDEF	13 KB 13 KB	72ms 43ms	Image image/webp	2620:100:a001::9 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F8%2Foptimized%2F24264088_fpx.tif&v=3&w=400&s=3KOeklVjo-Wtfnbbm7nv5Jth&b=400 Requested by Host: www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru URL: https://www.pay.sber.pay.qbdkzlgnrid7p9h.ljudi-i-neljudi-1.bookmp3.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash 3badbe5c7308e83a5f747369448a8efeed8ffd56060aabf6ab2abbd0eeb31874 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 23 Jul 2023 22:41:54 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/webp cache-control public, max-age=2592000 content-length 13142 expires Sat, 05 Aug 2023 01:05:28 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 0AA1	42 B 64 B	40ms 39ms	Fetch image/gif	2607:f8b0:4006:823::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssa_wn1ltmUnj-jL0xYRQJfB682ixUXMEwafIsrXrANUld5LHF8aX-8UB9ZtNcQUhdDAo9mZ2vLm6s0LPHv7TwMnGU&sig=Cg0ArKJSzIJjo269ajqZEAE&id=lidar2&mcvt=1002&p=0,0,600,200&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230719&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690152110788&rpt=2762&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:823::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers pragma no-cache date Sun, 23 Jul 2023 22:41:55 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 0D73	42 B 64 B	42ms 41ms	Fetch image/gif	2607:f8b0:4006:823::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu5LAuBgA9uhkdMeCdkQ8oLdebhTKg8kowHgoOvWO4h8q994K9Q8NoqLT4_L17UOx_2DxDIGQ--qJ_yEavBdp3Vr1Q&sig=Cg0ArKJSzB4IjnWSAWU5EAE&id=lidar2&mcvt=1005&p=0,0,600,200&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20230719&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690152110781&rpt=2628&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:823::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers pragma no-cache date Sun, 23 Jul 2023 22:41:55 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	all csm.us.criteo.net/ Frame 593D	0 127 B	31ms 30ms	Ping text/plain	2620:100:a001::16 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://csm.us.criteo.net/all?cppv=3&cpp=KpzLkU5XRp0-3kmA9spnG-_H7VScIidpARH0Rte5zRtKdh3oeGV6KF2MoUjaAULAdSuzgPy37GxMjKCiIXCNKZJ9gf_-cpf8a8jhKsmTYAdwzD6kGIiOg9vESKWxAZkK8ygSghpyFUerU4RrZcY56f2CBYPivqvA1wQFhd50gbyIpy71j7RBa1bw3c2mmOiAHwDRFvGbIE1f862typX9JVg6k3LFJQLzAl-h7ddC9FU_1a5al5bs92z7PueqSXogS9OKUxfT6qEEuTpG&sds=2&rev=87574&sendBeacon=true Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5QFKNxNAApLxcfAYaMUBXzK6NraFA&u=%7CSjDzQLoKHiuKzFT8OZYMKpD6EKoZ1VzCRIJX3j2d7Wc%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv2s2u2dplnKJtVkuzLzx_KV4fN7d1ufgtaTz-Ku7eGDRd5R4EKT3I_GMMLHiGjs_TodfHlURqc7LuTzRQ3slKmZ8DQsjiL3h8nvC3T8_zTZRKLvKkEdkqcXGwMnqvz2sVffV3WjPpV1OBSwIZsXQH_mMosLJ_qqzNf7Y2Nu5kXXCAvvVSBIlPk29qGnS03mwSFnVv5ZvqXWsJdm3P618DjbVnDITmANU-LplsDG30tWNuJtdi5wqmAKJIGSWluPZQ7MQQf-pKq4ymOx5DU1AtOlNXDmvT4i0gU2TZMCuMqRZE5LNMyWdyy0VCnvrcyMG_Msvv1rQu00Ei66O_JGo0N89btVJEU3zQSQ-QnD1rXVND9y6CDelEXPBU8Kgs2xgddtTqq_lmYouufidv_dF0CPFbwOVChR-g2OuNsWgFIuVGoz5qkEx2CwfYQXxwNolP-DadjGuIbRFtFIApZbcrhsU-ncXpTHeu6WPz4YuB5gt5E04owbleLtAF66UB4jJeT0VhlEFT_Xf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHBghray9ZJSPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0AiGg0LW9IZGpNTTCpmHAISEqvNmnc8TM3xu6WmZHgq1Qqquh2H71cg6mgmwOlYpzeOhssMf61DChKa3xtFTsrAbuZmdYtVi9k_PYYfoWCL0fSdogIjSGWcApsse1SkuyeF5erG5RsfHukps-Hs1tQH_QHNt8WvAzSd_-fBZ7nePAhoAx6Le1dGG2Bt4lPlQdnziGsNK8r69l3CVkWmMpXrKRw8BetKjCNxJp6BWrkYgk_aNdXeWaECyHRhz9E5wR71DMAhiMZn7m457UtQBrIsPtELAd34ioQQw57aF_pfN4ByU6rXhk0wUoNP3uRIGkWYD-h29WqzP5kR5o_JsUHQSi7Ne7geHvyXiNTJBQxSY_VMttLjBIgICrT4OlISyCwNYnvbMZUzVQ5m1ThvcC5G8eF48UIrepPu1lz4mgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3K-I8gnC4nlhQ0RUUUFC8dxv_unw%26client%3Dca-pub-1618592205083780%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://ads.us.criteo.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * date Sun, 23 Jul 2023 22:41:55 GMT strict-transport-security max-age=31536000; preload; cross-origin-resource-policy cross-origin server Finatra content-length 0
POST H2	200	all csm.us.criteo.net/ Frame BDEF	0 127 B	29ms 29ms	Ping text/plain	2620:100:a001::16 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://csm.us.criteo.net/all?cppv=3&cpp=AGQ5Ik5XRp0-3kmAmD1hOfkZarC76cmtbcIu6bIuJR8BRGoBjKBsUph6a5IVcyZesgQrtm-XVwrbTq_EVEa8n8F0dYQu4I4lTZe70M0Nsu6bwBjVh3JI6w2RePkJ9cpMjHSXaNQwslP9wD7n941OpW1jERnuFY30gOFBsUQ1L2P5IM0qSCyLBWTfYdLTPmT_2wjSMrv6DRRmsRABvCWW44do7FEGLTZ5yyoxBTUOtR5efycvkr86jXTxMcZ5c9N1o9MgAw&sds=2&rev=87574&sendBeacon=true Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5UFKNxNAApLxfHDqOKPtAWOCWnI1A&u=%7CSjDzQLoKHiu%2FHvtcMH2GIp%2BUpmMJy17Qx3YskfURbe4%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv8woe_caJE_VUAicvkuo4T4WuabUPEUl3LeKzAq_pgTek-KblTtvdwbtUm5EnXa_EpKX7NBZFrgFRvbSDW4ZgPknzANXSqeQhVssTmp8HPODGB1YTUM_VRwYXAIRWcjPZOTJFCJALJpKAHkBLr0hJzP-B30IwWo5-uNkZIvIHSaSptMNoUlkrRgcLTwYixLsmHLvbQxaFohAZ9WbsD3ThQhk-R0I1TYADCvCl2Emijc6nzVZpR9zseC1MNkKBFCnrFZu6w2WLMssbU8yy1bjtK01D1BMNmZ-Gjvd-7S6T3kNU_kbOLEJ-kdFZ5tTbBqvKXiFDa5DJyZpo-PVwS7B2UtBpLiQwF6vm3UeV1EjZgEeGiecYADMA8ZleWdXtAPhnbakoTywcrtpzCeiKBKk1nLUoxfk3n7gejjSaHw9MmxuwszorHbqyoajrZeD_rpmeOxLKttZyS5Q1uaOuxC2wnGCwiOMdyYgPz21o3LqitUOQvKn1jfgVT4ZOEHVmXqRlAEq4TiIGM9IM_q774lwakA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRBCtray9ZJWPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0BTlMUhuBlZKl-3E-7xxCFSS3ePazj0-EdIxKbBm8DEMcJjoXroi8Wts3wSpE1XTNqlviiuDGx2SvmOfKCOuHOm17zhTptml28Ee_H5Voy4u4m1bKvUKkBtkZiAGysySEEzOi52z7tKzrpwIU349b1rJx2ZLREfgKtv8c_gnSnzmT76IbxuG_QrykK_fNVA_jrnxHRWbTB7wmOMeZmntIOT1w-3jyUJpYS8VNs85R0cYARVgiUkVA9B_Zg1ZgtgoWZy4ug94OTs6LxpBfOiEye4p66prgGH7WGa7xIthICvcFxEGxSD_cz-mhH0uQFPYVk2K_nY2p8l9vwHlL7CFwGk1402N3u38W22N0kEr39k-N2Bz6nb8fJI0hnLHRKoNjdTwmWirEgAM_Yt5rSUP5om8rPD2gje53BHzFctIgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3uvvs6CwprmmrFVVTiB1hl4mqEuA%26client%3Dca-pub-1618592205083780%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://ads.us.criteo.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * date Sun, 23 Jul 2023 22:41:55 GMT strict-transport-security max-age=31536000; preload; cross-origin-resource-policy cross-origin server Finatra content-length 0
POST H/1.1	204 No Content	event.png tpsc-ue1.doubleverify.com/ Frame FD3E	0 234 B	129ms 43ms	Ping text/plain	34.117.228.201 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://tpsc-ue1.doubleverify.com/event.png?impid=6cba8030bba246789e4aa1d9b76c8d78&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&ee_dp_lngtks=1&vdur=192&eoid=16&te_exec=0&msrjs=4309&dvp_ac_version=0810&dvp_acibv=&bsigr=19860147274240&tagsrv=1&sdf=67108870&vit=2&isvelg=1&rmi=16&tltms=243&tetms=22&msltms=61&vltms=192&sei=289&vetms=210&tuviims=221&tuviems=624&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=262408&msrcannum=3&ee_dp_tmads=2536&ismms=1051&isumms=1050&nvr=6&elmtp=3&isbxdms=2455&b0=100&b11=1428&adhgt=600&adwdth=200&vsos=6&dvp_vsosnmr=16&lftb=1528&sftb=1528&msrdp=2&naral=262144&vct=512&vphgt=1200&vpwdth=1600&chgt=600&cwdth=200&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=2050&isuiabvms=2050&ispmxpms=2050&engalms=1049&dvp_dpr=1&vstsz=4440&ee_dp_cvcmeeid=1&metp=1&meeid=1&ttfurm=3431&cbust=1690152117636247 Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dv-measurements4309.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 201.228.117.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers Access-Control-Allow-Origin * Pragma no-cache Date Sun, 23 Jul 2023 22:41:57 GMT Cache-Control max-age=0 Access-Control-Allow-Credentials true Connection keep-alive Expires 07/22/2023 22:41:57
POST H/1.1	204 No Content	event.png tpsc-ue1.doubleverify.com/ Frame DE2D	0 234 B	135ms 45ms	Ping text/plain	34.117.228.201 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://tpsc-ue1.doubleverify.com/event.png?impid=4ee2f4277b0440d79b61e85af618dd75&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&ee_dp_lngtks=1&ee_dp_adlst=2&vdur=61&eoid=16&te_exec=0&msrjs=4309&dvp_ac_version=0810&dvp_acibv=&bsigr=19860147274240&tagsrv=1&sdf=67108870&vit=2&isvelg=1&rmi=16&tltms=324&tetms=23&msltms=64&vltms=61&sei=289&vetms=140&tuviims=388&tuviems=589&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=328&msrcannum=3&ee_dp_tmads=2319&ismms=1027&isumms=1026&nvr=6&elmtp=3&isbxdms=2230&b0=100&b11=1210&adhgt=600&adwdth=200&vsos=6&dvp_vsosnmr=16&lftb=1310&sftb=1310&msrdp=1&naral=64&vct=512&vphgt=1200&vpwdth=1600&chgt=600&cwdth=200&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=2032&isuiabvms=2032&ispmxpms=2032&engalms=1025&dvp_dpr=1&vstsz=4440&ee_dp_cvcmeeid=1&metp=1&meeid=1&ttfurm=3206&cbust=1690152117650926 Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dv-measurements4309.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 201.228.117.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers Access-Control-Allow-Origin * Pragma no-cache Date Sun, 23 Jul 2023 22:41:57 GMT Cache-Control max-age=0 Access-Control-Allow-Credentials true Connection keep-alive Expires 07/22/2023 22:41:57
POST H2	200	all csm.us.criteo.net/ Frame 9491	0 127 B	33ms 32ms	Ping text/plain	2620:100:a001::16 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://csm.us.criteo.net/all?cppv=3&cpp=HoAmOk5XRp0-3kmAyEdEJfldQe1I7gDBQ2iost85VJsmTqsd8on-ErQUXEE9ScSWMFc1gnnuFJIElaJbPYvhskG2mLJWkapV4UTseBUQa5uvACQD0BctwwJH8B7sk6c7iHwfmH_C311kcGTpU_aj97XaEWb5mqWkHfzgVHpJ5QawM4gon-kCPQs-UTc8Z7gxZgXgGMzEpUnGNYJQh-P06Vsy3Bn_BrDWiwzDyO4g-mgBANO4jo3HqlQ3j1ofh79aSjXW2g&sds=2&rev=87574&sendBeacon=true Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5MFKNxNAApLxecTK0pZheyfuCsMLA&u=%7CSjDzQLoKHiu4kmQHvxRrWwMUKlM6G4NxYLF2hNe%2BUPk%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78rklu3251mk0mb-RBzl6Q37qy_PLxz4NWIjSKjEB-Fx3Nu_gFFVO2d9LWvxlGa_DhrYjaZ_D82_b8Aa1j51kug1stgh2UZ_gWNCL5M_7hv5ju_cNRxqG79p6gpspd9qL_HVb-GRbHUwQKwvfqa52vnLW6gKDTHCpgssUK_Dsg0k9uMtB57Pqm1iSSU3G274xWToN3Sl9mPGDQV80lHr7QgiqdSHW_n8MfWenyNBRThsT4bi_gIesGNF3TS9cZbyeDc79EF5Gk03OP_w0q2zRRz9Tpt_WbySnJu_S_604-Ryj6QfuEtQgBsJOWJWaBTXkZap22GShSWQ-CyTyKZvHeBFafVMQmk-mRPrDi6-edMs72TMMJJLJFDSf9x4AmCT7fJk1Ykh6c7V9mVPbHfeK5GDD5nUtVfjLLhsEMq9GY2YwVV0BxkLf67Ypwlx9bsiyOxUgwD0wM3glJQLZqc0Edrr-wCIcCdjcR9IOZy8vq-WgyO6DQUbyXaYhOT0k_QzxPOiMnr58phNRRqsXXz62bRDWqrSjusSO90M0LK-tZ1_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7Xfxray9ZJOPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEwAJP0FAxIDHQjn_OBE-waXHWgdm9cDx1gpdhaORFdoeTQvT7VAqzHi2bUZyRKhcZ2Q3hgiPyobMaLo-4rnHj4fqkOkfr78_GeVtYaqdrbdtI2FbgkAqz6iIrxQQzX8Uc_pHuOKZ0apei0yhNrh7uy0CumKKXeio7ZBeijXTn3RxjqHtQiIUC1Wmjlej6l3u_tL0UWLLuuivIA6Z_9TBVmnnS753vbelclmM3zsd-gAqCvhkEfc2A0Nd3TIb0IwK0KwpmQkcWFtglRKzyubSXl80UyB6iYHNhvNfZniCuaOrxW1BXpakphD8Dp59z1kSELQNCVjz4QzUr5dqY4fkTKxIVpyd9jdSEX5UDokOD1K0DjrDUkCDqD209OpffZ8W1KFMw3Lz6qTeEnq1kMJUuxdCFw40IlgTqcbeKKRhudKQjFoAGycf9-t347pIXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1GC3B3Kw-TOK45YC_aPQWf5tT8bw%26client%3Dca-pub-1618592205083780%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://ads.us.criteo.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * date Sun, 23 Jul 2023 22:41:59 GMT strict-transport-security max-age=31536000; preload; cross-origin-resource-policy cross-origin server Finatra content-length 0
POST H2	200	all csm.us.criteo.net/ Frame 593D	0 127 B	37ms 36ms	Ping text/plain	2620:100:a001::16 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://csm.us.criteo.net/all?cppv=3&cpp=KpzLkU5XRp0-3kmA9spnG-_H7VScIidpARH0Rte5zRtKdh3oeGV6KF2MoUjaAULAdSuzgPy37GxMjKCiIXCNKZJ9gf_-cpf8a8jhKsmTYAdwzD6kGIiOg9vESKWxAZkK8ygSghpyFUerU4RrZcY56f2CBYPivqvA1wQFhd50gbyIpy71j7RBa1bw3c2mmOiAHwDRFvGbIE1f862typX9JVg6k3LFJQLzAl-h7ddC9FU_1a5al5bs92z7PueqSXogS9OKUxfT6qEEuTpG&sds=2&rev=87574&sendBeacon=true Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZL2srQAMh5QFKNxNAApLxcfAYaMUBXzK6NraFA&u=%7CSjDzQLoKHiuKzFT8OZYMKpD6EKoZ1VzCRIJX3j2d7Wc%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1HMzS-TeU714S-nq1rRL_p8_BO_I_jNv2s2u2dplnKJtVkuzLzx_KV4fN7d1ufgtaTz-Ku7eGDRd5R4EKT3I_GMMLHiGjs_TodfHlURqc7LuTzRQ3slKmZ8DQsjiL3h8nvC3T8_zTZRKLvKkEdkqcXGwMnqvz2sVffV3WjPpV1OBSwIZsXQH_mMosLJ_qqzNf7Y2Nu5kXXCAvvVSBIlPk29qGnS03mwSFnVv5ZvqXWsJdm3P618DjbVnDITmANU-LplsDG30tWNuJtdi5wqmAKJIGSWluPZQ7MQQf-pKq4ymOx5DU1AtOlNXDmvT4i0gU2TZMCuMqRZE5LNMyWdyy0VCnvrcyMG_Msvv1rQu00Ei66O_JGo0N89btVJEU3zQSQ-QnD1rXVND9y6CDelEXPBU8Kgs2xgddtTqq_lmYouufidv_dF0CPFbwOVChR-g2OuNsWgFIuVGoz5qkEx2CwfYQXxwNolP-DadjGuIbRFtFIApZbcrhsU-ncXpTHeu6WPz4YuB5gt5E04owbleLtAF66UB4jJeT0VhlEFT_Xf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHBghray9ZJSPMs24o9kPxZep-Aacge-wXKqbqap0wI23ARABIABgoQKCARdjYS1wdWItMTYxODU5MjIwNTA4Mzc4MMgBCagDAcgDAqoEvwJP0AiGg0LW9IZGpNTTCpmHAISEqvNmnc8TM3xu6WmZHgq1Qqquh2H71cg6mgmwOlYpzeOhssMf61DChKa3xtFTsrAbuZmdYtVi9k_PYYfoWCL0fSdogIjSGWcApsse1SkuyeF5erG5RsfHukps-Hs1tQH_QHNt8WvAzSd_-fBZ7nePAhoAx6Le1dGG2Bt4lPlQdnziGsNK8r69l3CVkWmMpXrKRw8BetKjCNxJp6BWrkYgk_aNdXeWaECyHRhz9E5wR71DMAhiMZn7m457UtQBrIsPtELAd34ioQQw57aF_pfN4ByU6rXhk0wUoNP3uRIGkWYD-h29WqzP5kR5o_JsUHQSi7Ne7geHvyXiNTJBQxSY_VMttLjBIgICrT4OlISyCwNYnvbMZUzVQ5m1ThvcC5G8eF48UIrepPu1lz4mgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3K-I8gnC4nlhQ0RUUUFC8dxv_unw%26client%3Dca-pub-1618592205083780%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://ads.us.criteo.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * date Sun, 23 Jul 2023 22:42:01 GMT strict-transport-security max-age=31536000; preload; cross-origin-resource-policy cross-origin server Finatra content-length 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

mc.yandex.ru

URL

https://mc.yandex.ru/metrika/watch.js

Domain

ads.betweendigital.com

URL

https://ads.betweendigital.com/adjson?t=adfox

Domain

ad.mail.ru

URL

https://ad.mail.ru/hbid_yandex/